Microsoft Denies It Built Backdoor Into Windows 7 450
CWmike writes "Microsoft has denied that it has built a backdoor into Windows 7, a concern that surfaced yesterday after a senior National Security Agency (NSA) official testified before Congress that the agency had worked on the operating system. 'Microsoft has not and will not put "backdoors" into Windows,' a company spokeswoman said, reacting to a Computerworld story Wednesday. On Monday, Richard Schaeffer, the NSA's information assurance director, told the Senate's Subcommittee on Terrorism and Homeland Security that the agency had partnered with the developer during the creation of Windows 7 'to enhance Microsoft's operating system security guide.' Thursday's categorical denial by Microsoft was accompanied by further explanation of exactly how the NSA participated in the making of Windows 7. 'The work being discussed here is purely in conjunction with our Security Compliance Management Toolkit,' said the spokeswoman. The company rolled out the Windows 7 version of the toolkit late last month, shortly after it officially launched the operating system."
Well (Score:1, Interesting)
At least people can no longer find it interesting that Microsoft haven't denied building a back door into Windows 7.
Re:The main point (Score:3, Interesting)
Probably easier to back door Linux. (Score:5, Interesting)
You know, its funny, but if the NSA ever got its hooks into a repository, it could do all sorts of fun stuff that way in Linux. We only "trust" Linux because Linux is a huge trust circle. WE trust it because its open, and assume that someone else must have looked at it. But I have about as much idea of what's going on inside of my Ubuntu as I did my Windows, from a backdoor perspective.
Re:Not really necessary (Score:4, Interesting)
Re:NSA helped on Linux as well (Score:5, Interesting)
where all eyes in the world are watching what they do
I have never looked at the SELinux code.... have you?
NSA is into many OS' (Score:3, Interesting)
Re:denial = admission (Score:3, Interesting)
That's a comforting belief, but you underestimate the ability of law enforcement to gather evidence that's either illegal or would reveal sources and methods (or in this case, likely both), use that knowledge to "stumble" on some information, and use that information which can be held out as having been legally obtained to bootstrap a warrant.
For an analogy outside computer technology, consider the cop driving up and down the street illegally spying with a FLIR camera; when s/he gets a hit, he just "happens upon" some suspicious persons or "hears an anonymous tip." With that, Jane/Johnny Law obtains a warrant, busts down the door, and seizes the grow operation--that s/he wouldn't have known about but for illegal surveillance. Of course, this approach has backfired [youtube.com] at least once.
Re:Not really necessary (Score:5, Interesting)
I'd say a more likely NSA "backdoor" would be some sort of subtle flaw in the implementation of an encryption, hash or some other algorithm critical to Windows. NSA spends alot of time and money on cryptanalysis.
Real question: So what, even if they did? (Score:1, Interesting)
Why do people think that the back door is in Win7?
I think that the real question is... Why would you care?
I mean, this is the NSA we are talking about. If they put a secrept backdoor to some software, they keep it secret. They won't tell RIAA or your local cops about it. I'd bet quite a lot that even when it comes to suspected terrorists, CIA won't constantly send NSA requests "Hey could you guys check if you can break onto his windows machine? Thx. :)". Actually, I doubt it would even be used for constant breaking into foreign systems. Certainly not over network (too high risks and you don't really want to risk getting caught unless you know exactly what you are looking for and where to find it) and probably not with physical access either (If you carry a laptop with something so important that NSA really wants to retrieve it, you have probably secured it more throughly).
I don't know why would NSA put backdoors to Windows but if they did, it would probably be for wartime, *serious* terrorist suspects (IE: investigating assassination of a president or such) or similar cases. I don't know why should anyone care about such except if you are in charge of cybersecurity of a country potentially hostile to USA (In which case you probably shouldn't trust that much on USA based companies anyways) or if you fear that some non-NSA hackers might find it.
In the latter case... NSA certainly knows that Windows has security flaws. If they want to add their own backport(s), their goal is to use something that *isn't* just discovered by others and I think that their experts are probably good enough to make that happen: Yeah, there is always a risk that those backdoors are found by others but that risk is smaller than with other security flaws anyways.
Re:Probably easier to back door Linux. (Score:3, Interesting)
> But I have about as much idea of what's going on inside of my Ubuntu as I did
> my Windows, from a backdoor perspective.
However, hundreds of highly skilled Debian Developers know exactly what is going on inside Debian. And many of them live outside the USA and don't particularly like or trust the US government. Many of those same people are also Ubuntu developers. While it is not inconceivable that some agency (not necessarily of the US government) might slip a trojan in, it is highly unlikely.
If it was something that was frequently attempted some would have been spotted. You can bet such a thing would get as much embarrassing attention as possible (and that's a lot). Why risk it when almost everyone runs Windows and most Linux servers run buggy Php apps? Just choose one of the zillions of existing exploits and be happy. No one will ever know you aren't just another cracker.
Re:of-course not (Score:3, Interesting)
Hum. What's your machine like and what are these games? I haven't seen a VM that runs with the same performance as the native OS. For some games, that doesn't matter. For others, it definitely does.
Re:I have no problem believing MS this time... (Score:1, Interesting)
Shakrai, I have to ask you this: Are you and "commodore_64love" the same guy? I've noticed that the only time I see your post is immediately before or after one of his.
Plus, you've got a similarly retarded worldview. Not that there's anything wrong with that. I mean, if it works for a former governor of Alaska and former Miss California, who am I to criticize? You also seem like the type to use a sock puppet.
Just wondering...
Re:Probably easier to back door Linux. (Score:3, Interesting)
Nust choose one of the zillions of existing exploits and be happy.
This could just as easily be used as an argument for Windows according to Slashdot, which would argue against NSA trying to put a backdoor into Windows.
OP is still right, though, isn't he? Hundreds of highly skilled Windows developers know exactly what is going on inside Windows just as much as the hundreds of Debian developers know about Debian. Except there are probably more Windows developers. Not all of them "like or trust the US government" and certainly not all of them have been paid off, like it seems people think (on Slashdot, somehow Windows is this evil corporate blob of non-personal entities... I am fairly certain that many, many, many decent people work for Microsoft - in fact, I'm fairly certain that there are Microsoft employees that are just as decent as aforementioned Debian developers...).
Also, if the NSA is interested in buying off Microsoft... wouldn't it be cheaper to buy off an open source group/app? Like, as you mentioned, php ... or maybe RedHat, etc... and introduce a backdoor thing from a very high-up developer who can argue it away? It's not like there aren't ever any disputes amongst the open source community about whether or not something is a good idea.
That's it this confirms it! (Score:3, Interesting)
The NSA has not put a backdoor in Windows. When the intelligence agencies comment on these matters, the answer is always "We will neither confirm or deny...." which always implies that they had some role in the matter. Now that both MS and the NSA have publicly stated that no backdoor was installed in Windows, and is such a departure from the usual PR stance that it is impossible to conclude otherwise that such a backdoor was not and would never have been installed.
Barring my sarcasm, I would think that there is more at stake in securing Windows than putting a backdoor in it. Chances are, if there is a backdoor, than others will find it which makes it a futile effort. I think of it this way. It would be one thing to backdoor Windows, if you wanted to spy on Joe citizen or a terrorist. But, Windows is used throughout businesses within the US: Banks, Utilities, major industry, government, law enforcement, etc. Such a Trojan whether on desktop PCs or on Servers could cause major economic and security repercussions. As others have pointed out, the NSA has released other products to help in security like SE Linux and various encryption algorithms which AFAIK have stood up to independent audits by experts.
They were probably tasked with only looking at certain portions of the Windows code anyways much like they had likely done with previous versions of Windows and maybe other major OSes. There's been plenty of bugs found since in Windows that no matter how much auditing of code in any OS, being found out of planting a Trojan has many more consequences that exploiting holes that are already there anyways.
Re:I have no problem believing MS this time... (Score:5, Interesting)
"Microsoft has not and will not put "backdoors" into Windows"
No, no, that's "will not put 'backdoors' into Windows 7"!
The "7" is important, because chances are high that the backdoors added to WinNT3.5 are still working just fine; no need to add any new ones! :)
(A lot of people picked up on the "MS didn't add it" vs. "NSA worked on it", but I haven't seen any other comments about possible pre-existing backdoors.)
A test? (Score:5, Interesting)
This should keep the developers on their toes and give us some confidence that the code IS being audited properly.
Re:I have no problem believing MS this time... (Score:1, Interesting)
Exactly. If you've ever visited the NSA site for securing systems, you'd know exactly what this is about: the NSA made suggestions for things Microsoft needs to change in Windows to make it more securable, and they collaborated on a secure computing guideline. The NSA is not stupid; they know that a back door they can use, someone else can find.
Comment removed (Score:3, Interesting)
There's more than one way (Score:5, Interesting)
Like any other intelligence agency, spying on people who use Windows would be a prime goal, but there's plenty of malware out there to do that, with Microsoft and the security industry formed to fix the holes left by Microsoft's technical incompetence can only fix so much. There's no reason why the NSA couldn't develop their own malware with VB and run it like any other criminals, without any collusion with Microsoft at all.
Given the fact that Windows is as secure as a paper tank at the best of times, and the governments of the world seem to want to insist that people use Windows, it's mot hard to imagine Microsoft suits using the "hey if you force your people to use our software, you can spy on what they do with them much easier" as a reason NOT to support calls for a FOSS / Linux switch.
Given how many crimes Microsoft get away with in more jurisdictions it's also not hard to imagine a meeting where Microsoft agree to turn a blind eye to malware from certain sources in return for cases being dropped, or friendly judges put on the case who will promptly find in favour of Microsoft, and dismiss any logical evidence that they've done anything wrong.
As far as "it's in our interests to make Windows secure as we use it", how much of the US defense network still use Windows? I've noticed some have switched to Linux, while Microsoft had to create a special "secure XP" for them because the regular one wasn't up to the task. How easy would it be for the entire network to switch to Linux to protect itself while endorsing Windows for everyone else as it gives them and easy target to hit if they need to? They could even get Linux to pretend it's Windows when queried so nobody outside would know.
Remember most govt departments are VERY partisan, they don't like to co-operate as much as they should. They don't like sharing stuff that would help everyone because if only they do it and look good, they look even better in comparison to other departments who didn't do it. The contrast is even wider.
NOBODY is mentioning FIPS? (Score:5, Interesting)
My limited understanding of FIPS compliance is such that I thing the likelihood is much higher that the involvement of the NSA is to work with Microsoft (as they have others) to make sure the right libraries are used and so on for FIPS compliance. If you want to sell software to the US Government, it must be FIPS compliant.
The following is my understanding (which is likely flawed in some ways, but I think is fairly close to accurate) of how FIPS works (Taken from a response I wrote to someone else about this).
In all likelihood, this is all about their encryption being FIPS compliant and has nothing to do with backdoors.
The way I understand FIPS (because I got a mini-lesson on it during an SDR as they were doing it for [another software product I work with alot]) you have to use very specific encryption protocols that not only meet the standard for the encryption routine (e.g. RSA, or whatever) and the bit-size, but you have to use one of a specific set of approved implementation libraries.
That means you can use the exact same encrypting schema and key size as FIPS specifies, but if you don't do the encryption with an approved library, you're not compliant.
The rules get weirder from there. If you are required to be FIPS compliant at work, and must send something encrypted, you have to send it to someone who is also FIPS compliant. -- follow this logic now -- if you have to send it to someone who is NOT compliant, even though they use compatible encryption/decryption code and have exchanged keys with you, you CANNOT send them the encrypted file because their libraries are not FIPS compliant. You can, however, send them the file IN THE CLEAR if you decide it's safe to do so.
In other words, FIPS says it is better to send something in the clear if you cannot be sure the other end is FIPS compliant, even if they can decrypt what you're sending.
That's your government at work.
BTW: The routines which ARE certified have been fully vetted by many government and non-government people, and do not contain any special code in them that would lead to making decryption by the NSA any easier than it would otherwise be. Since the routines are by nature just implementation of well know encryption standards, the only way to do that would be to interrupt the key pair creation process and use "less random" seeds. I don't believe FIPS specifies the random number generation routine used.
Hope this helps.
Why does the NSA work on Windows? (Score:3, Interesting)
The code they produced belongs to the public, because the public paid for it! If Microsoft doesn't open that code, they're stealing from the tax-payer!
In particular (Score:3, Interesting)
They could do something evil like the famous C compiler backdoor. You infect only binary components. So no matter how carefully the code is audited, there is nothing in there. However, when said code is compiled on an infected system, it produces infected binaries. So people have the illusion of security with it. They build from source because they want to make sure what they have hasn't been changed, but they tools they use are compromised so the final system is compromised, though no trace is in the code.
However, that has the same ultimate problem that a backdoor in Windows, or anything else does: It is susceptible to detection by looking at a running system.
You discover that most security research isn't code auditing. They instead attack a working system in various ways to see if they can cause it to malfunction. After all, a code audit only goes so far. In almost any large project there were a lot of people that looked over the code and tried to find and fix bugs. So if they didn't see it, what makes you think you will? You are not the best programmer in the universe. Also these bugs can often be very tricky, complex interactions that aren't easy to see. The source looks fine and indeed the final code works fine except for a very specific set of circumstances.
Well guess what? Testing like that would have the possibility of picking up the backdoor. This idea that it could be hidden in such a way that security testing would never find it, but that looking at the source would make it immediately obvious is stupid. It just reeks of programmers who have Smartest Motherfucker in the Universe syndrome. You find that syndrome in many areas, but I seem to see it in programmers a whole lot. Basically, they seem to think they are just gods of code. Any bugs in a program they didn't write are because the person was "stupid". THEIR code would never have holes, and if they just saw that "Other Guy's" code they could immediately find and fix the problems. As such they are sure that if code is open it is safe because they are sure they could look at it and determine that in mere minutes if they wanted to.
To me, that says in fact the person is not a good programmer. It tends to be the lowest performers who cannot identify their own limitations and thus believe they are the highest performers.
If the NSA wants to know what you're thinking. . . (Score:3, Interesting)
If the NSA wants to know EVERYTHING about you, they have far better ways than installing active spyware on your system to do it.
There is a record somewhere of everything you've ever downloaded or uploaded. Every Google search you've ever performed. Encryption breaking is pointless because they have the ability to know what you type as you type it. Heck, they probably have the ability to know what you think as you think it.
Did you know that you can read an RFID tag from orbit? --People know about the max distance a tag can be charged from, and it is indeed a few feet, but the distance from which it can be read is much greater. If the detector is good enough. . .
Did you know you can use a light bulb as an active antenna? Any bit of circuitry, for that matter, even powered down, still processes EM wave forms and can be used to snoop. The idea of the NSA messing around with malware in order to spy on computer users is like comparing Donkey Kong to today's modern game systems.
The only reason the NSA might encourage the belief that they have proprietary code built into a Microsoft product would be to mislead people into thinking that they work within the same baby-fences as the rest of us free range serfs.
-FL
Re:I have no problem believing MS this time... (Score:3, Interesting)
Here's how...
Lotus Notes had 64bit crypto back when 40bit was the most you could export from the land of the free. Most companies introduced an export version of their product. Lotus did not.
How did they manage this and be compatible with the reulations? Every time Notes generated a 64bit key it copied 24 of those bits and encrypted them with a key owned by the NSA and sent that with the encrypted text. Then the NSA only had 40bit crypto to crack when they intercepted the message.
http://en.wikipedia.org/wiki/Lotus_notes#Security