No Backdoor in Vista

mytrip wrote to mention a C|Net article stating that Vista will not have a security backdoor after all. From the article: "'The suggestion is that we are working with governments to create a back door so that they can always access BitLocker-encrypted data,' Niels Ferguson, a developer and cryptographer at Microsoft, wrote Thursday on a corporate blog. 'Over my dead body,' he wrote in his post titled Back-door nonsense."

is Niels Ferguson..

[Pavel Stratil]

going to die soon? (nothing personal)

Re:is Niels Ferguson..

[bj8rn]

Let's see. Your comment was modded redundant. This could mean that there's no point in asking this question, as Ferguson is going to die soon. At the same time, however, it could also mean "He's not going to die! Stop asking these stupid questions!" So I really don't know whether he is going to die soon or not. The information you (and the mods) have provided me with is insufficient to determine the this. Sorry.

Re:is Niels Ferguson..

[tomhudson]

People didn't get it ... he said it would happen ...

"Over my dead body"

We're talking Bush administration here. Talk about painting a target on your back! They'd WANT to get rid of anyone who can point a finger. Disposing of the body is no big deal.

Heck, they don't even have to "terminate with extreme sanction" any more. Just drop a hint to Balmer that he's going to work for google, and let a random chair take him out.

Speaking of which, if google wanted to throw up a few roadblocks, they could "hint/spread rumours/FUD" that a few critical microsoft developers have accepted/will accept/are in secret talks to accept to jump switch, and watch the body count in Redmond rise like the kill score in Alien 2, from the "pre-emptive kills".

Re:is Niels Ferguson..

[LilGuy]

LOL... that would be so dirty though...

Re:is Niels Ferguson..

[SpaceLifeForm]

That depends upon what your definition of 'soon' is.

Re:is Niels Ferguson..

[gnarlin]

Steve Balmer, in the converence room, with the chair!

Balmer Says...

[aragod]

I believe that can be arranged...

He'll give him 'The Chair'...

[Shark]

... as it is common Microsoft lore that Balmer can be deadly with furniture.

Right.

[Fantastic Lad]

Over my dead body,' he wrote in his post titled Back-door nonsense."

I suspect the NSA, (who I seem to recall left a few stray tags lying around in a previous version of Windows' code), would look at you dead-pan and agree.

-FL

Re:Right.

[hey!]

I'd be disappointed if NSA ever resorted to anything so crude. NSA is an agency of savants not a mob of freebooting bucaneers. Assasination is so CIA.

NSA surely is well aware of the way that trust can, unintentionally, propagate. Everybody trusts something; if somebody doesn't want to cooperate, you obtain his unwitting cooperating by coopting something he trusts. Does he personally supervise the building of every release and patch? Certainly not. He trusts the release process to carry out his intentions. Even if the individuals involved are not cooptable, they trust their compilers to generate object code that is perfectly isomorphic to their source code. Those who do not trust compilers trust their debuggers, disassemblers and operating system utilities.

Those who do not trust their operating system utilities, and live-boot from randomly chosen operating systems or remove their hard disks and examine them using a hand coded manchine language program on a custom built computer lacking a bios or operating system to be subverted, still trust the network to transfer their object code to the mastering facility, or their optical disk burning software to burn the image accurately. Or they trust the facility to read that data correctly, and to press it as they intended to the distribution media.

Those who trusted none of this and checked the hard disks by hand coded machine code on a hand wired computer without BIOS or operating system probably deserve assasination, but even so this is hardly necessary, since everyone gets patches over the Internet. A simple black bag job to retrieve the signing keys, and nobody can trust anything anymore.

Re:Right.

[roman_mir]

So much of what you said is true, however you don't need to go to such lengths, as to code your own BIOS by hand, or worry about hard drives. You just need a separate computer for the stuff that really needs to be secure and not connect that machine to the net. If you need data on it, manage with disks.

Re:Right.

[hey!]

You just need a separate computer

What you left out is you need a separate computer that you trust. But how do you know you can trust it?

Until we evolve to be able to read magnetic domains directly off the platter, everything boils down to believing what your software tells you to be so.

Re:Right.

[Reziac]

Somehow this reminds me of the old joke,

"REAL programmers use COPY CON PROGRAM.ZIP"

Re:Right.

[roman_mir]

My point is that this notion 'trust' cannot be relied upon, thus you must eliminate the need for trust.

Disconnecting a computer from the net, makes it possible to elliminate this need.

Re:Right.

[ArsonSmith]

As long as you trust that your computer has no remote wireless access of any knid within it.

Re:Right.

[roman_mir]

ha ha ha :) Ok, you can always use a large roll of tinfoil for that :) hahahahaha :)

You can also just take it apart and look for the wireless transmitter. You can also detect wireless transmission with this [tscmtech.com].

Re:Right.

[Haeleth]

I suspect the NSA, (who I seem to recall left a few stray tags lying around in a previous version of Windows' code)

Yes and no.

True, there was a tag in one version of Windows NT 4 that had the name "_NSAKEY". However, it has never been linked to the NSA in any way whatsoever, except by conspiracy theorists.

You might as well claim that USER32.DLL is proof of a conspiracy to turn American back into a British colony (U.S. obviously stands for United States, and E.R. = Elizabeth Regina = the queen of England! OMG BILL GATES HATES AMERICA!)

Here [schneier.com] is Bruce Schneier's take on the matter.

Details

[truthsearch]

Here are more details on the NSA keys in Windows [msversus.org]:

For at least Windows 95 OSR2, 98, NT, and 2000 Microsoft has included a secret cryptographic key owned by the U.S. National Security Agency (NSA). It's most likely that the NSA's key exists within Windows so U.S. government users of Windows can run classified cryptosystems on their computers. But it has been kept secret and it does provide the potential for abuse. "According to Fernandez of Cryptonym, the result of having the secret key inside your Windows operating system 'is that it is tremendously easier for the NSA to load unauthorized security services on all copies of Microsoft Windows, and once these security services are loaded, they can effectively compromise your entire operating system.'" Users of Windows outside the U.S. should be especially concerned that the U.S. government can possibly gain security control over their computers. Users within the U.S. should also be concerned that Microsoft has provided the government with a secret back door that they can exploit. (Campbell, Duncan. "How NSA access was built into Windows [heise.de]." Heise Online 4 Sept 1999)

Re:Right.

[rohan972]

So that's how he got the honorary knighthood from the Queen.

Re:Right.

[chiph]

When I've seen situations like this in the past, the corporation will simply go to another employee and tell them to do what they want.

If the original employee is valuable to the company (other than their obstanancy on this particular issue), they get to keep their job. Otherwise it's "Joe, you're not being a team player" time.

Chip H.

Re:Right.

[Zeinfeld]

I think it's much easier for MS to sack him and then change the code.

I know Niels, he certainly would not have any difficulty getting another job. He was pretty well known before he went to Microsoft. He was the cryptographer who worked on Two-Fish with Bruce Schneier. Microsoft has been hiring pretty much all the top security talent they can over the past five years.

Cryptography and data security is pretty much a guild craft. If Niels made such a categoric statement and it turned out to be untrue his personal reputation would be severely damaged. Microsoft can't force him to lie for them and since he works in the Netherlands trying to would be most inadvisable.

Re:Right.

[stinky wizzleteats]

Microsoft can't force him to lie for them and since he works in the Netherlands trying to would be most inadvisable.

Microsoft is large enough and the codebase complicated enough that such a back door could be added without Niels being aware of it.

Why do you think the Netherlands are going to affect Microsoft's behavior? They're convicted criminals in the most powerful nation on Earth. I very much doubt that the Netherlands are going to make them clean up their act. Most of the news I see about European software patents seems to support the idea that MS is operating "business as usual" in Europe.

Re:Right.

[Planesdragon]

Why do you think the Netherlands are going to affect Microsoft's behavior? They're convicted criminals in the most powerful nation on Earth.

Ah, no.

Being a monopoly is not a crime. And having a monopoly and continuing to act as if you weren't is a violation of commerce rules, not a "crime" in the way that "criminal" implies.

Yes, MS is a greedy corporate behemoth -- but being a GCB is not a crime in the USA, and it probably will never, in and of itself, be a crime.

Re:Right.

[Tough Love]

Being a monopoly is not a crime. And having a monopoly and continuing to act as if you weren't is a violation of commerce rules, not a "crime" in the way that "criminal" implies.

You're full of it. Monopoly abuse is a felony. [usdoj.gov]

Re:Right.

[Reziac]

Thanks for the info. I don't know Niels, but I do know Bruce, and will take their previous association as sufficient to assure me of Niels' honest intent.

Re:Right.

[uradu]

Well, I don't know either Niels or Bruce, but I trained Bruce's dog to fetch when it was still a puppy, and I will take this association as sufficient to assure me of Bruce's dog's owner's ex-associate's honest intent.

Re:So trusting, so naive.

[0racle]

Your proof for this is what exactly? Or are you basing this on your personal beliefs that MS is evil and therefore must do evil things.

You'll forgive me that I take the word of a respected professional over that of some random Slashdotter.

Re:So trusting, so naive.

[Zeinfeld]

So that's it then. He wouldn't lie, and Microsoft wouldn't make him. An MS security employee says "over my dead body" on a blog. There's still a backdoor in there. Bet on it. Or do you think we were greeted as liberators in Iraq as well?

Ah George W. Bush is a liar and a fool therefore everyone must be a liar and a fool.

The fact that there are so many anti-Bush partisans about makes it even less likely that this type of conspiracy could be sustained. If Bush can't stop the NSA from leaking, he sure as he

What else would he say?

[mangus_angus]

"The suggestion is that we are working with governments to create a back door so that they can always access BitLocker-encrypted data,' Niels Ferguson, a developer and cryptographer at Microsoft, wrote Thursday on a corporate blog. 'Over my dead body,' he wrote in his post titled Back-door nonsense."


I think we would be reading about his dead body if he came out and admitted that there were backdoors being put into Vista.

Re:What else would he say?

[protomala]

I would be really funny:
"Yes, we are placing some backdoors, so all your private life will be avaible to your government to do what they want".

Next frame: a firous horde invading Redmond.
No one is insane enought to admit it, everbody knows about Echelon, but USA still lies it dosen't exists ;)

Re:What else would he say?

[LO0G]

Why am I replying to an AC? I have no idea, but...

Do you even know what BitLocker is? It's full drive encryption - basically they encrypt all the data on the hard disk using a key in the TPM.

It's not about DRM, and can't be used for DRM.

DRM's about ensuring that you can't INTENTIONALLY give your data to someone else. BitLocker is about ensuring that you can't ACCIDENTALLY give your data to someone else.

On a BitLocker encrypted system, if you can boot the system, you can access your hard disk without any

Re:What else would he say?

[LO0G]

Ok, I looked up how to use BitLocker:

http://www.microsoft.com/technet/windowsvista/libr ary/c61f2a12-8ae6-4957-b031-97b4d762cf31.mspx [microsoft.com]

First off, it doesn't need a TPM, it can work off a flash drive.

There's nothing in the documentation that says it has anything to do with DRM.

It's possible that the TPM can be used for DRM, but BitLocker isn't about DRM, and can't be used for DRM.

"Trust me," he said

[replicant108]

'Over my dead body,' he wrote

The problem with closed software is that we have to take his word for it.

Re:"Trust me," he said

[ezzzD55J]

Also, how are we (not that I'd use this stuff) to know he would know if it were (going to be) the case?

Credibility

[Elixon]

One man does not represent the whole company. I think that saying "over my dead body" is just a hyperbole. I dought that one Microsoft's employee can influence the whole company. I don't understand what makes that man to put his own words in the risk if he must know that he is not the only one that decides... He should not do that if he honours his words, it makes me be in doubt about his words and his credibility.

Right words should be: "I will resign if...", "I'll put all my influence behind...", ...

Re:Credibility

[Paradise Pete]

I don't understand what makes that man to put his own words in the risk if he must know that he is not the only one that decides...

Here's what he actually wrote:

"Over my dead body.
Well, maybe not literally---I'm not ready to be a martyr quite yet---but certainly not in any product I work on."

Re:Credibility

[Elixon]

Thanks for clarifying. This looks better to me. CNet took only the first part and I'm sure that it is in the best Microsoft's interest to have it published on other blogs and blogs about blogs and news about news without the other sentence."

It is clear message and I cannot imagine better marketing message for customers... But if I know that this is not question of life :-) then the impact is lesser on me ;-) But it is good to know that there are people employed by Microsoft who are not insane to (literally

Re:Credibility

[Crizp]

It's probably just an attempt to put the public at ease, making them not think about it. "Hey, someone from MS said there'll be no backdoors. And he bet his life on it!"

Of course, some hacker will discover th[is|ese] backdoor[s] sooner or later if they exist. Which they will do. I'm certain.

However

[mcbridematt]

there are heaps of people with access to the source code (ok, maybe not full), such as academic institutions, and infamous examples such as MainSoft, who could prove 'em wrong.

But then we'd have to take the word of some un1337 student haxer at some institution, who just locked down access to their precious copied jewels because some un1337 student haxer at some instituion proved some M$ guy wrong.

Anyway, aren't there multiple reports of backdoors in PGP from various stages of its life? Of course, since its

Re:However

[cortana]

there are heaps of people with access to the source code (ok, maybe not full), such as academic institutions, and infamous examples such as MainSoft, who could prove 'em wrong.

How do they know that the code they are provided with matches the code that we all run?

But then we'd have to take the word of some un1337 student haxer at some institution, who just locked down access to their precious copied jewels because some un1337 student haxer at some instituion proved some M$ guy wrong.

I can't parse this. But if someone did discover a back door in the code that MS provided them with then surely others would be able to reproduce the flaw?

Anyway, aren't there multiple reports of backdoors in PGP from various stages of its life?

Cite please.

Re:However

[killjoe]

Anybody who has access to the MS code is not allowed to reveal anything about it. Even if Mainsoft or a university discovered something in windows they would not tell anybody about it because they could be destroyed financially.

Skunk team?

[Stephen Samuel]

"Besides, they wouldn't find anybody on this team willing to implement and test the back door."

(emphasis mine)

Re:You're right!

[Peaker]

One of many developers.
Without a conflict of interests.

Re:You're right!

[replicant108]

At least with OSS... oh wait... I still have to take a developer's word for it.

Are you trolling?

Obviously, if you had the necessary skills you could audit the code yourself.

Alternatively you could pay someone to audit it for you; or just wait for someone else to blow the whistle.

The point is that it is much harder to hide malicious code when the source is available.

Re:You're right!

[DogDude]

The point is that it is much harder to hide malicious code when the source is available.

My point is that it's beyond unrealistic to think that an average person has any way of auditing code, whether it's going through millions of lines themselves, or hiring an extremely expensive hacker to do the same thing. The end result is the same: it's impossible to know what's in either closed or open source code for 99.999% of the population. So, it comes down to a question of who do you trust: college kids who

Re:You're right!

[iminplaya]

But with OSS it's legal [slashdot.org] to check...for those who care.

So, it comes down to a question of who do you trust: college kids who have nothing at stake, or companies that have everything at stake?

I find those with nothing at stake to be a little less biased and easier to trust. The company with everything at stake will do what it takes to protect their interests.

Re:You're right!

[timeOday]

So, it comes down to a question of who do you trust: college kids who have nothing at stake, or companies that have everything at stake?

1) the point isn't for every user to check the code, just for a few people or companies to do it and distribute the checksums. It's not that the open source world trusts anybody in particular, but it's impossible to keep a secret once several people with different interests know it.

2) You're wrong to state that open source is just about college students and not companies. There are many many companies with an interest in Linux being secure.

3) Why do you assume a company would be trustworthy? Having something to lose makes them vulnerable to government pressure. Look how fast all the search engines caved in to China.

Re:You're right!

[nahdude812]

Well, you can take this one guy's word for it in the case of Windows.

Or in the case of OSS you can take the word of the hundreds of developers who want to audit the code themselves (and for something this important, there'll be hundreds of them), where it only takes one person to throw a red flag on bugtraq, and suddenly there's thousands if not tens of thousands of them looking over this code.

Also you could, if you had an especially vested interest, hire some developers to look over it. Say, perhaps, seve

Re:You're right!

[Trelane]

At least with OSS... oh wait... I still have to take a developer's word for it. Hmmm

"a developer", as opposed to "the developer." In the minute difference between these two phrases lies a vast gulf of difference.

Re:FUSE?

[cortana]

They'll do that right after the unsolveable races/deadlocks in FUSE are solved.

Ballmer to his secretary:

[Anonymous Coward]

- Get me Ferguson... tell him we're going hunting. Yes, hunting. With Cheney.

Re:Ballmer to his secretary:

[iphayd]

Ballmer's going hunting with Cheney? That's the best news of the year.

Dead Body?

[OverflowingBitBucket]

'Over my dead body,' he wrote

"Your terms are acceptable" reply the NSA.

AHA!

[der_joachim]

So it's a secret backdoor. :-)

and in other news...

[penguin-collective]

Bill Gates did invent the Internet after all, says Microsoft. No, really.

Dear Niels I hate to break it to you but...

[badzilla]

... you won't be in the loop if/when it gets compromised.

A quick look at the "Crypto AG" fiasco makes it plain how very much governments want backdoors. "For decades, the US has routinely intercepted and deciphered top secret encrypted messages of 120 countries." Imagine the power some entity would have if it could peek into any Windows system at will - the temptation must be making their toes curl.

Whether or not there is a top-level agreement with top-level spooks it is still unlikely that local lawmen will be allowed to know about it. So what exactly IS Microsoft planning to do when they inevitably get a request to "help" with an encrypted drive?

And remember:

[ettlz]

There Is also No Cabal.

(Minor detail: shouldn't the article title read "No Deliberate Backdoor in Vista"?)

Damn straight!

[Linegod]

Let the government wait a week for someone to find a backdoor, just like the rest of us....

Re:Damn straight!

[edunbar93]

Only a week? We'll probably have it a week before the release date...

No backdoor in Vista

[vandelais]

strangely silent on the topic of Internet Hearts.

Well it least Vista isn't

[dgb2n]

Gay. Tell me I'm not the only one who thought that ....

The whole story should be posted as flamebait. (pun intended)

Would they admit it?

[nxsty]

If there actually where a backdoor in vista, would MS admit it? Probably not.

... that he knows of.

[dprovine]

Aside from the obvious "what about buffer overruns?" questions, aimed at the usually poor competence Microsoft shows in writing code, there's also "what about cryptographic strength?" question -- maybe the NSA already has a simple and fast way to break whatever encryption BitLocker will end up using.

And, of course, there may well be several people working at Microsoft who actually work for the NSA or MI-6 or the FSB. (I'd be astonished if there weren't at least a few such people on the Microsoft payroll.) Those people may well do things as described in Reflections on Trusting Trust [acm.org], without letting their superiors know.

Re:... that he knows of.

[Schwarzchild]

And, of course, there may well be several people working at Microsoft who actually work for the NSA

That's a really interesting line of thought. What are the ethical ramifications of that? Is it ok to pretend that you're for Microsoft when in reality you may be a cryptographer for the NSA? What about modifying Microsoft's products for the good of some other entity? Could the person who does this be sued by Microsoft if they were discovered or would the NSA tell them that they can't because of national secu

Re:... that he knows of.

[dprovine]

There's no reason you couldn't be for Microsoft and also be for some other entity too. The deception would pretending to be for Microsoft alone. But if you work for the NSA, and you get a job at Microsoft, you may well write good code, and fix security holes, and otherwise help them succeed even while ensuring NSA access to things secured using Microsoft products. Very few things in life are completely either/or.

If Microsoft caught you and you got sued, the last thing that would happen is the NSA saying a word. I suspect the following, in decreasing order of probability:

• You make it look like a huge mistake.
• You tell them you wrote your password down and put it in your wallet, and your wallet was lost and later returned, and you didn't think to update the password.
• Some heretofore unknown rich uncle dies and leaves you enough money to cover the lawsuit.
• You die in an auto accident.

In any case, before placing an asset in such a position, the NSA would probably train such a person with the right lies to tell if something goes wrong. If I were going to do something like that, I'd make up a fake history for the person before Microsoft hired him, and if he got caught then the FBI could investigate and tell Microsoft he was actually a spy for the Mossad. It wasn't even his real name or anything! But for sure the NSA would keep their name out of it. There's a reason they're known as the "No Such Agency".

I love the backdoor in MacOS X - it has its use

[dirkx]

MacOS X, with filefault*, creates a backdoor by means of a certificate. If you then safe the RSA key pair from your Keychain on a separate machine - you yourself or corperate IT can then be easily ensured access in case of some-one beeing hit by a bus; or in case of a total OS crash.
Dw.

Ad *) Or manually

# on a safe machine
openssl req -new -x509 -out backup.cer -outform DER -nodes
cp privkey.pem backup.cer /safeplace
srm privkey.pem
# copy public cert to laptop or wherever..
hdiutil create -encryption -type SPARSE -fs HFS+ -volname secure -size 5G -certificate backup.cer sec

Re:I love the backdoor in MacOS X - it has its use

[Reziac]

That's a good point. In case of death or disaster, SOMEONE has to be able to get at encrypted data that wasn't the sole property of the party who just met up with a bus. Not having such a method is just begging to lose said data, because sooner or later, accidents and disasters happen.

The only question is, WHO has access to said backdoor. If it's only accessable to other people in your company, who are next in line to handle said data, great, that's as it should be. If it's 1337 Hacker or Secret Agent Man,

Re:I love the backdoor in MacOS X - it has its use

[sootman]

Or, you could just use the Master Password.

http://www.apple.com/macosx/features/filevault/ [apple.com]

No Backdoor in Vista

[Anonymous Coward]

microsoft operating systems begining with windows 95 have never really needed a backdoor, especially since the front door is left wide open.

Neils Ferguson - seems to know his stuff

[PoconoPCDoctor]

I sent Neils an invitation to respond to this thread. Don't know if he'll get it, but I found his website on Google (put down that chair Steve....take deep breaths) [macfergus.com]

Anyhow - he seems quite smart enough to do what the BBC article mentions, but after reading his site a bit, I think the guy would have a real problem if asked to code a backdoor. He seems to be ethical.

Tin hat conspiracy weavers would say that unbeknownst to Neils, who is a front, that there is yet another team coding the backdoor.

And yet

Part of the quote is missing!

[TPS Report]

The suggestion is that we are working with governments to create a back door so that they can always access BitLocker-encrypted data,' Niels Ferguson, a developer and cryptographer at Microsoft, wrote Thursday on a corporate blog. 'Over my dead body,' he wrote in his post titled Back-door nonsense.

But they left out the rest of his quote.

Niels then put his feet up on the desk and went on to say, "Off the record, you should note my careful use of the word 'always' in the above sentence", he said, with a slight grin on his face. "Context is everything. If I allow them occasional or intermittent access, I'm still being honest, right?" Niels then laughed and pointed to his "Honorary member of the DoD" plaque on his office wall.

Been in his shoes

[Anonymous Coward]

I have been in Mr. Ferguson shoes, left with the choice of putting in a back door demanded by the NSA or quit. To my knowledge, NSA always gets there way. If he won't do it, the next guy will.

Re:Been in his shoes

[slavemowgli]

Ah, the Nuremberg defense [wikipedia.org]... always a great way of rationalising one's spinelessness and getting rid of those pesky moral qualms.

Get Your Deflector Benie Here

[the eric conspiracy]

So you are trusting these reporters to convey what Mr. Ferguson actually said? More likely he just flat out admitted that they are installing a set of keys for the NSA and are being more careful about choosing registry names for the keys this time.

It will have a lot of security portals though

[smartin]

After all they don't call it windows for nothing.

How NSA access was built into Windows

[Fantastic Lad]

This article makes for interesting reading. . .

NSA and secret keys added to windows. [heise.de]

Thanks for the link, truthsearch.

-FL

"Over my dead body"

[ScrewMaster]

"Your proposal is acceptable."

Correction

[Opportunist]

There won't be a backdoor in Vista that they KNOW about. I bet they'll manage to build some in unintentionally.

I mean, why should it be different in Vista than it was 'til now?

does his statement even matter?

[v1]

Anyone paranoid about security would not believe a word the man says. If they were making a back door, would they tell you? Of course not, that would greatly lower the value of the back door. Anyone with sensitive information on their computer would be insane to trust bitlocker if he says there's a back door.

So we will have to rely on independent auditors - those people like DVD John that will ignore all the silly "no reverse engineering allowed" rules and tear it apart anyway. Then we will know for sur

Read carefully!

[Guppy06]

Before we start celebrating Microsoft, read carefully exactly what was said:

The suggestion is that we are working with governments to create a back door so that they can always access BitLocker-encrypted data,

He didn't say he wasn't making a back door, he said he wasn't making a back door in cooperation with governments. That still leaves plenty of options like "on our own" or "working with advertisers."

The backdoor may be in the hardware

[Animats]

Intel, HP, Dell, and Toshiba are including the Intelligent Platform Management Interface (IPMI) [intel.com] in many of their machines. IPMI is a "remote administration" tool embedded in the LAN hardware. It looks at UDP packets (on ports 663 and 664) and performs various commands on the target machine, completely independently of the operating system. Here's the IPMI 2.0 rev 1 specification [intel.com], a rather long PDF.

IPMI is very powerful. An IPMI session starts with a Presence ping Any machine with IPMI hardware should answer a "presence ping" on UDP port 663. This identifies an IPMI-capable machine, and returns some vendor info. Anyone can send this. This should work even if the machine is "turned off", as long as it has standby power and is on a LAN.

Then, there's a challenge-response authentication sequence. More on this later.

Once you're in, here are some of the things you can do:

• Power up the system. Power it down. Force a hard reset. Force a power cycle. Force a phony overtemperature condition (in hopes of getting a clean OS shutdown.).
• Disable front panel controls (power off, reset, and standby buttons.) Yes, that's really in the protocol. See section 28.6 of the specification. Remote control can also lock out the keyboard and blank the screen.
• Set system boot options Or, what OS do we want to run today? These include useful tools like "bypass user password".

There's more. Much more. Basically, you can remotely take over the machine, turn it on, inventory the hardware, load an operating system, boot it up, and talk to it.

IPMI's back channel can do more than this. With some help from the operating system (and yes, it's supported in Windows) you can do more remote administration functions. This is great for administering your data center remotely. But it has darker implications.

Supposedly, most machines are shipped with IPMI mostly turned off, unavailable until a program is run on the machine to load in the keys that enable it. Supposedly.

Thus, all it takes for IPMI to be a "backdoor" is for a set of secret challenge/response keys to be preloaded into the IPMI chip. There's no way to read those keys. Short of taking the chip apart, gate by gate, there's no way to tell if there's a backdoor in there. Or a set of keys might be loaded by the system integrator before shipping the system. You can't tell. So that's where to put a backdoor, where no one can find it.

There's an open source, OpenIPMI [sourceforge.net], for sending IPMI commands on Sourceforge. Send "Presence pings" to the machines you have and see if they answer.

Vista will ALWAYS have a backdoor.

[Simonetta]

Vista will ALWAYS have a backdoor. This the showcase product of the richest man in the world. His and his companie's continued prosperity depends on the good graces of governments. And the governments will always demand a back door to spy on their people.

    This is the way that the world works. MS will always deny that there is a backdoor. But it will always be there. If you don't believe it, go to China or any other crypto-fascist dictatorship with advanced technology. Start sending e-mails to foreign websites about subjects like democracy and freedom in general. Request information about local massacres of protesters in freedom demonstrations. Be sure to use encoded with Microsoft's bundled encryption. See how long it takes for the local secret police to arrest you. A week, a month?

    Don't gamble your life and freedom on a sucker's bet. Microsoft will always cooperate with local authorities to ensure that Vista will not shield political dissidents. The only people who can be assured that their correspondence actually is private will be Microsoft employees. This is a trade-off that giant monopolistic global corporations always make with the totaltarian governments in the countries that they operate. Regardless of how much they deny it, Microsoft will act no differently.

  Count on it.

Re:Vista will ALWAYS have a backdoor.

[AlphaSys]

Mod down, reactionary sputum, long on accusations and completely empty of facts. I'm not saying it isn't possible; I'm saying there has never been presented any evidence to support the claim that MS has bundled a backdoor in any product or for sure that there is anything more breakable about MS-Crypto in regards to email, SSL, etc. than anything else. Substitute money for mouth and maybe I'll recant.

Re:Prove it.

[Loconut1389]

ability to view the supposed source and ability to put said source to use are required. If you can't verify that the source you're looking at is the source used in the binaries you're using, there's zero point. Chances of MS releasing enough source to be able to rebuild aspects of windows- most likely a few steps shy of zero, at least for now.

Re:Prove it.

[ROOK*CA]

We have no reason to believe this claim -- doubly so given that Microsoft has lied repeatedly in the past.

I'd be willing to bet that even Microsoft would not be willing to go so far as to create intentional "backdoors" in their encryption to facilitate government (Law Enforcement) access. First off I don't think the government (at least those in the UK and the US) have the power to legally force them into doing it, and secondly if they did it voluntarily one would think the public outcry would be deafening and severly damaging to Microsoft (and it seems that "keeping it quiet" would be nearly impossible).

I generally don't trust the government as far as I can throw them, and I don't trust Microsoft much farther than that, but I think the suggestion that they are colluding in something as nefarious as this is a bit in the Tin Foil Hat realm.

Besides how would they "prove" they aren't doing it? release the source? as if ..... :)

They've done it before

[truthsearch]

For many years the NSA had keys embedded in Microsoft Windows [msversus.org]. Remember that the US government is the single biggest Microsoft customer. Also realize if they do it voluntarily they wouldn't expect any public outcry. With closed source code it's tough to find. Plus the government wouldn't do anything about it anyway since it's in their favor.

Re:Prove it.

[sqlrob]

First off I don't think the government (at least those in the UK and the US) have the power to legally force them into doing it

Nice government contract you have there. Shame if anything were to happen to it.

Main problem still remains,the lack of transpareny

[chris_7d0h]

The problem is transparency.
Would you stake your business or for that matter, you life (as is the case in some regions of the world) on this assumption? Since there is no transparency in Microsoft products, you simply have to take their word for it.

I thought the golden rule of security was that any viable security mechanism should tolerate public scrutiny. Knowing how the software works should not work against the devised scheme itself.

Source Code

[ad0gg]

But they do release the source code to universites and their partners.

Re:Prove it.

[oliverthered]

Your assuming he voted for the Government in power, or even voted at all. He may have purchased a copy of Windows and that's as good as a vote in my books.

So, who would you trust more.
Someone in an electoral system that you cannot even bring yourself to take part in.
A company whos product you purchased and used/use.

Re:Prove it.

[kimvette]

I hate Microsoft but I trust them with managing my fair use and my privacy rights in a more responsible manner than I trust, say, George Duhbya Bush, Senator John Kerry or Senator Edward "I did not drown her and I am not a drunk" Kennedy to protect my "inalienable" Constitutional rights.

Re:Prove it.

[Anonymous Coward]

I demand that you give me ONE MILLION DOLLARS.

Failure to give me one million dollars will be considered
an explicit admission by you that you rape babies.

Re:is it possible to have no backdoors?

[DarkIye]

Well, according to Webopedia [webopedia.com] (not a resource I normally use but it's the only one I could really get a nice succinct definition for, Wikipedia being too long), a backdoor is:

...written by the programmer who creates the code for the program.

Wikipedia agrees, apparently. http://en.wikipedia.org/wiki/Backdoor [wikipedia.org]

Re:Famous last words

[PhxBlue]

He's crazy if thinks big corporations would even think twice of doing something over the dead body of one of their workers.

Corporations might think twice, but governments wouldn't.

Re:The Unofficial Back Doors into Vista

[bheer]

I'd even be willing to bet that the new RSS feed being built into the OS at a low level will provide lots of ways into the Bitlocker.

*rolls on the floor, laughing and scaring the cat*

Jeez, thanks for a good laugh on a Saturday morning. This really ought to be nominated for a Slashdot stupidity hall of fame award.

Re:Why would they wait?

[ChrisMaple]

It shouldn't be too difficult to detect or defeat a keylogger. While off-line, pipe huge amounts of random data through the software that handles the keyboard. Look for a file that grows. Even if the file is of fixed length, flooding it with random data makes monitoring too labor-intensive to be practical.

The success of a keylogger depends upon the user being clueless. Of course, if he's running Microsoft...

Re:Why would they wait?

[MSZ]

So, you never heard of the likes of KeyGhost [keyghost.com]...

How often do you check that keyboard cable of yours, by the way?

Re:asdf

[JamesTRexx]

Does nobody ever have anything to say in here?

You're new here, aren't you?

Re:honesty, from a legal standpoint

[ScrewMaster]

Battered, hell. They got a free pass on some of their worst behavior even after being convicted of illegal monopolism. And they've pretty much continued with business-as-usual since then. So far as being battered on all sides ... the only battering going seems to be from the open source crowd. The EU can huff-and-puff and posture all it wants, but neither the United States nor the European Union has had the balls to truly penalize Microsoft for its illegal activities. At this point, I'm not sure anyone can.

Source code is no panacea here

[cpghost]

Gnupg is open source, so you can verify there are no backdoors

Yes, absolutely. If you're going to use encryption semi-seriously or even professionally, you have no choice but to use open source crypto libraries and apps!

But source code alone is no panacea here: you (or anyone skilled enough -- a.k.a. the community) could discover obvious backdoors, but what about backdoors in some crypto algorithms themselves? Having the source code for this won't help you much. Nothing could really prevent the NSA [nsa.gov] fr