Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsFrom 1999: How NSA access was built into Windows
http://www.heise.de/tp/artikel/5/5263/1.htmlA CARELESS mistake by Microsoft programmers has revealed that special access codes prepared by the US National Security Agency have been secretly built into Windows. The NSA access system is built into every version of the Windows operating system now in use, except early releases of Windows 95 (and its predecessors). The discovery comes close on the heels of the revelations earlier this year that another US software giant, Lotus, had built an NSA "help information" trapdoor into its Notes system, and that security functions on other software systems had been deliberately crippled.
snip
ADVAPI.DLL works closely with Microsoft Internet Explorer, but will only run cryptographic functions that the US governments allows Microsoft to export. That information is bad enough news, from a European point of view. Now, it turns out that ADVAPI will run special programmes inserted and controlled by NSA. As yet, no-one knows what these programmes are, or what they do.
Dr Nicko van Someren reported at last year's Crypto 98 conference that he had disassembled the ADVADPI driver. He found it contained two different keys. One was used by Microsoft to control the cryptographic functions enabled in Windows, in compliance with US export regulations. But the reason for building in a second key, or who owned it, remained a mystery.
Two weeks ago, a US security company came up with conclusive evidence that the second key belongs to NSA. Like Dr van Someren, Andrew Fernandez, chief scientist with Cryptonym of Morrisville, North Carolina, had been probing the presence and significance of the two keys. Then he checked the latest Service Pack release for Windows NT4, Service Pack 5. He found that Microsoft's developers had failed to remove or "strip" the debugging symbols used to test this software before they released it. Inside the code were the labels for the two keys. One was called "KEY". The other was called "NSAKEY".
InfoView thread info, including edit history
TrashPut this thread in your Trash Can (My DU » Trash Can)
BookmarkAdd this thread to your Bookmarks (My DU » Bookmarks)
6 replies, 950 views
ShareGet links to this post and/or share on social media
AlertAlert this post for a rule violation
PowersThere are no powers you can use on this post
EditCannot edit other people's posts
ReplyReply to this post
EditCannot edit other people's posts
Rec (9)
ReplyReply to this post
6 replies
= new reply since forum marked as read
Highlight:
NoneDon't highlight anything
5 newestHighlight 5 most recent replies
From 1999: How NSA access was built into Windows (Original Post)
TalkingDog
Jun 2013
OP
TalkingDog
(9,001 posts)1. From Electronic Frontier Foundation
http://w2.eff.org/Privacy/Key_escrow/
Key Escrow, Key Recovery, Trusted Third Parties & Govt. Access to Keys
A geeks treasure trove of articles.
The first one being: decrypting_puzzle_palace.article
John Perry Barlow's July 1992 article "Decrypting the Puzzle Palace," describing how the NSA seeks to dominate cyberspace. A wealth of early background material on FBI and NSA surveillance, political moves to oppose general public possession and use of strong encryption, and erection of export controls against encryption.
Key Escrow, Key Recovery, Trusted Third Parties & Govt. Access to Keys
A geeks treasure trove of articles.
The first one being: decrypting_puzzle_palace.article
John Perry Barlow's July 1992 article "Decrypting the Puzzle Palace," describing how the NSA seeks to dominate cyberspace. A wealth of early background material on FBI and NSA surveillance, political moves to oppose general public possession and use of strong encryption, and erection of export controls against encryption.
reformist2
(9,841 posts)2. NSAKEY... oops!
reformist2
(9,841 posts)3. Bump - this discovery is huge, imo.
Catherina
(35,568 posts)4. Rec'd. This can't be talked about enough
but just FYI, there's a three day old thread, A trip down memory lane - How NSA access was built into Windows (1999), that I'd like to link to your thread, if you don't mind, to help anyone searching later.
TalkingDog
(9,001 posts)5. The more the merrier. Link away!
n/T
Major Hogwash
(17,656 posts)6. Is this from CNET?
Gawd help us, because the Geek squad at Best Buy can't.