No Backdoor in Vista 269
mytrip wrote to mention a C|Net article stating that Vista will not have a security backdoor after all. From the article: "'The suggestion is that we are working with governments to create a back door so that they can always access BitLocker-encrypted data,' Niels Ferguson, a developer and cryptographer at Microsoft, wrote Thursday on a corporate blog. 'Over my dead body,' he wrote in his post titled Back-door nonsense."
Right. (Score:5, Insightful)
I suspect the NSA, (who I seem to recall left a few stray tags lying around in a previous version of Windows' code), would look at you dead-pan and agree.
-FL
Prove it. (Score:0, Insightful)
so given that Microsoft has lied repeatedly in the past.
So back it up. Prove it. PUBLISH THE SOURCE.
Failure to publish the source will be considered
an explicit admission by Microsoft that this claim
is exactly what it appears to be: just another lie.
What else would he say? (Score:5, Insightful)
I think we would be reading about his dead body if he came out and admitted that there were backdoors being put into Vista.
Re:Prove it. (Score:3, Insightful)
"Trust me," he said (Score:5, Insightful)
The problem with closed software is that we have to take his word for it.
Re:"Trust me," he said (Score:3, Insightful)
Re:Prove it. (Score:4, Insightful)
I'd be willing to bet that even Microsoft would not be willing to go so far as to create intentional "backdoors" in their encryption to facilitate government (Law Enforcement) access. First off I don't think the government (at least those in the UK and the US) have the power to legally force them into doing it, and secondly if they did it voluntarily one would think the public outcry would be deafening and severly damaging to Microsoft (and it seems that "keeping it quiet" would be nearly impossible).
I generally don't trust the government as far as I can throw them, and I don't trust Microsoft much farther than that, but I think the suggestion that they are colluding in something as nefarious as this is a bit in the Tin Foil Hat realm.
Besides how would they "prove" they aren't doing it? release the source? as if
AHA! (Score:5, Insightful)
Re:Famous last words (Score:3, Insightful)
He's crazy if thinks big corporations would even think twice of doing something over the dead body of one of their workers.
Corporations might think twice, but governments wouldn't.
Re:Right. (Score:5, Insightful)
NSA surely is well aware of the way that trust can, unintentionally, propagate. Everybody trusts something; if somebody doesn't want to cooperate, you obtain his unwitting cooperating by coopting something he trusts. Does he personally supervise the building of every release and patch? Certainly not. He trusts the release process to carry out his intentions. Even if the individuals involved are not cooptable, they trust their compilers to generate object code that is perfectly isomorphic to their source code. Those who do not trust compilers trust their debuggers, disassemblers and operating system utilities.
Those who do not trust their operating system utilities, and live-boot from randomly chosen operating systems or remove their hard disks and examine them using a hand coded manchine language program on a custom built computer lacking a bios or operating system to be subverted, still trust the network to transfer their object code to the mastering facility, or their optical disk burning software to burn the image accurately. Or they trust the facility to read that data correctly, and to press it as they intended to the distribution media.
Those who trusted none of this and checked the hard disks by hand coded machine code on a hand wired computer without BIOS or operating system probably deserve assasination, but even so this is hardly necessary, since everyone gets patches over the Internet. A simple black bag job to retrieve the signing keys, and nobody can trust anything anymore.
Re:The Unofficial Back Doors into Vista (Score:2, Insightful)
*rolls on the floor, laughing and scaring the cat*
Jeez, thanks for a good laugh on a Saturday morning. This really ought to be nominated for a Slashdot stupidity hall of fame award.
Would they admit it? (Score:3, Insightful)
... that he knows of. (Score:5, Insightful)
Aside from the obvious "what about buffer overruns?" questions, aimed at the usually poor competence Microsoft shows in writing code, there's also "what about cryptographic strength?" question -- maybe the NSA already has a simple and fast way to break whatever encryption BitLocker will end up using.
And, of course, there may well be several people working at Microsoft who actually work for the NSA or MI-6 or the FSB. (I'd be astonished if there weren't at least a few such people on the Microsoft payroll.) Those people may well do things as described in Reflections on Trusting Trust [acm.org], without letting their superiors know.
Re:Right. (Score:5, Insightful)
I know Niels, he certainly would not have any difficulty getting another job. He was pretty well known before he went to Microsoft. He was the cryptographer who worked on Two-Fish with Bruce Schneier. Microsoft has been hiring pretty much all the top security talent they can over the past five years.
Cryptography and data security is pretty much a guild craft. If Niels made such a categoric statement and it turned out to be untrue his personal reputation would be severely damaged. Microsoft can't force him to lie for them and since he works in the Netherlands trying to would be most inadvisable.
Re:You're right! (Score:4, Insightful)
Are you trolling?
Obviously, if you had the necessary skills you could audit the code yourself.
Alternatively you could pay someone to audit it for you; or just wait for someone else to blow the whistle.
The point is that it is much harder to hide malicious code when the source is available.
Re:You're right! (Score:2, Insightful)
My point is that it's beyond unrealistic to think that an average person has any way of auditing code, whether it's going through millions of lines themselves, or hiring an extremely expensive hacker to do the same thing. The end result is the same: it's impossible to know what's in either closed or open source code for 99.999% of the population. So, it comes down to a question of who do you trust: college kids who have nothing at stake, or companies that have everything at stake?
Re:However (Score:4, Insightful)
Re:Prove it. (Score:4, Insightful)
Nice government contract you have there. Shame if anything were to happen to it.
Re:You're right! (Score:2, Insightful)
So, it comes down to a question of who do you trust: college kids who have nothing at stake, or companies that have everything at stake?
I find those with nothing at stake to be a little less biased and easier to trust. The company with everything at stake will do what it takes to protect their interests.
Re:You're right! (Score:1, Insightful)
1)microsoft risking its 'good reputation in security' that accounts for a big percentage in why people buy microsoft (lol).
2)Open source risking its reputation but at the same time showing everybody through source code exactly how the system works. Even letting them alter the code if it does not work the way they want it to.
IMHO even if some asshat put a backdoor in OOS:
1)someone knowledgable enough would find it.
2)this same person could distribute a patch or a seperate version without the intended security risk so people can carry on without further drawbacks
3)a fork of the orginal project will take place and new 'trustworthy' developments would 'take over'/continue where the previous ones left off. And the previous developers would be stigmatized for life.
While OSS isn't a silver bullet (you can find the backdoor relatively quick, but the damage would still be done short term), I'm guessing OSS is more 'trustworthy' than closed source. You would have a point though if we where talking about a closed source company without the marketing power of microsoft though... But even then...
Re:Right. (Score:4, Insightful)
Microsoft is large enough and the codebase complicated enough that such a back door could be added without Niels being aware of it.
Why do you think the Netherlands are going to affect Microsoft's behavior? They're convicted criminals in the most powerful nation on Earth. I very much doubt that the Netherlands are going to make them clean up their act. Most of the news I see about European software patents seems to support the idea that MS is operating "business as usual" in Europe.
Main problem still remains,the lack of transpareny (Score:4, Insightful)
Would you stake your business or for that matter, you life (as is the case in some regions of the world) on this assumption? Since there is no transparency in Microsoft products, you simply have to take their word for it.
I thought the golden rule of security was that any viable security mechanism should tolerate public scrutiny. Knowing how the software works should not work against the devised scheme itself.
Re:Right. (Score:3, Insightful)
What you left out is you need a separate computer that you trust. But how do you know you can trust it?
Until we evolve to be able to read magnetic domains directly off the platter, everything boils down to believing what your software tells you to be so.
Re:You're right! (Score:5, Insightful)
2) You're wrong to state that open source is just about college students and not companies. There are many many companies with an interest in Linux being secure.
3) Why do you assume a company would be trustworthy? Having something to lose makes them vulnerable to government pressure. Look how fast all the search engines caved in to China.
The backdoor may be in the hardware (Score:5, Insightful)
IPMI is very powerful. An IPMI session starts with a Presence ping Any machine with IPMI hardware should answer a "presence ping" on UDP port 663. This identifies an IPMI-capable machine, and returns some vendor info. Anyone can send this. This should work even if the machine is "turned off", as long as it has standby power and is on a LAN.
Then, there's a challenge-response authentication sequence. More on this later.
Once you're in, here are some of the things you can do:
There's more. Much more. Basically, you can remotely take over the machine, turn it on, inventory the hardware, load an operating system, boot it up, and talk to it.
IPMI's back channel can do more than this. With some help from the operating system (and yes, it's supported in Windows) you can do more remote administration functions. This is great for administering your data center remotely. But it has darker implications.
Supposedly, most machines are shipped with IPMI mostly turned off, unavailable until a program is run on the machine to load in the keys that enable it. Supposedly.
Thus, all it takes for IPMI to be a "backdoor" is for a set of secret challenge/response keys to be preloaded into the IPMI chip. There's no way to read those keys. Short of taking the chip apart, gate by gate, there's no way to tell if there's a backdoor in there. Or a set of keys might be loaded by the system integrator before shipping the system. You can't tell. So that's where to put a backdoor, where no one can find it.
There's an open source, OpenIPMI [sourceforge.net], for sending IPMI commands on Sourceforge. Send "Presence pings" to the machines you have and see if they answer.
Vista will ALWAYS have a backdoor. (Score:3, Insightful)
This is the way that the world works. MS will always deny that there is a backdoor. But it will always be there. If you don't believe it, go to China or any other crypto-fascist dictatorship with advanced technology. Start sending e-mails to foreign websites about subjects like democracy and freedom in general. Request information about local massacres of protesters in freedom demonstrations. Be sure to use encoded with Microsoft's bundled encryption. See how long it takes for the local secret police to arrest you. A week, a month?
Don't gamble your life and freedom on a sucker's bet. Microsoft will always cooperate with local authorities to ensure that Vista will not shield political dissidents. The only people who can be assured that their correspondence actually is private will be Microsoft employees. This is a trade-off that giant monopolistic global corporations always make with the totaltarian governments in the countries that they operate. Regardless of how much they deny it, Microsoft will act no differently.
Count on it.
Re:The backdoor may be in the hardware (Score:2, Insightful)
Stunned, I called Telesyn, they told me to flash the system (which I actually did, well knowing it wouldn't better the situation). I then proceeded to call Dell, which was, of course, a waste of time. They told me to upgrade the Bios from the actual version to the same version. Which I did (I feel like an idiot now). They then told me if I didn't use a Dell switch along with their PCs there'd be no support, guarantee, etc., yadda, yadda.
You may have opened my eyes, thanks