Windows working with the NSA?

Forum Moderators: bakedjake

Message Too Old, No Replies

Windows working with the NSA?

Conspiracy theory

swizz

6:34 pm on Jun 26, 2003 (gmt 0)

Hello Guys,

I was reading a post at ntbugtraq.com, it was really scaring, someone has found a cryptoapi call in the windows subsystem called "NSA_Key"... Imagine what you can do if you have the private key, you could get on almost any windows pc in the world.

Microsoft said the NSA told them there should be a "backup" key, but MS it's not giving any explanation as to why... really weird stuf.

For those who are lovers of conspiracy theories, this one is a good one... for those who have a powered by the pengiun machine, another reason to stay open source...

[ntbugtraq.ntadvice.com...]
Happy Reading

Cheers
/SwiZZ

bcolflesh

6:43 pm on Jun 26, 2003 (gmt 0)

Only 4 years too late -!

The NSA can do anything they want at any time - they don't need no stinkin' keys!

Regards,
Brent

swizz

6:47 pm on Jun 26, 2003 (gmt 0)

bealive me, I didn't know about it... :( scary anyway...
I work 80% of the time on linux now, so I don't really care :)

dingman

6:50 pm on Jun 26, 2003 (gmt 0)

More interesting and current is the fact that in the last report from the FISA court, if I remember right, there were several wiretaps where encryption had been encountered but none in which the encryption kept the law enforcement officers from obtaining the plaintext. (Anyone have a link? I assume it's mentioned on the EFF site somewhere.)

Either that means nobody is using encryption right anyway, or the government can break it much more easily than we think they can.

mack

6:51 pm on Jun 26, 2003 (gmt 0)

well if the NSA know enough about you to want access to your pc then you probably have more to worry about than your operating system.

Mack.

bcolflesh

6:55 pm on Jun 26, 2003 (gmt 0)

...there were several wiretaps where encryption had been encountered but none in which the encryption kept the law enforcement officers from obtaining the plaintext

There is an old thread where someone was arguing w/me about the ability of various gov't agencies to decrypt various "unbreakable" encryption algos - they were wrong ;)

Regards,
Brent

swizz

6:58 pm on Jun 26, 2003 (gmt 0)

hello mack,

if the NSA know enough about you to want access to your pc then you probably have more to worry about than your operating system.

Yes, you are right... I'm just worried about "privacy", is that impossible to have?

Hi dingman,

Either that means nobody is using encryption right anyway, or the government can break it much more easily than we think they can.

I Hope PGP is working....
If you find that link, please let me know...

/SwiZZ

dingman

7:29 pm on Jun 26, 2003 (gmt 0)

I Hope PGP is working....

Who cares if PGP works unless I'm also sure that nobody has access to my key? Crack my box when the disk with my key on it is in the drive, and you've got it. Walk into my house and make a copy of the disk, you've also got it. Or just take the disk, and suddenly I can't even read what people are sending me, but you can.

For that matter, PGP working depends on RSA/Diffie-Helman (depending on which your key uses) being secure, as well as whichever symetric cypher you use. How many of them does the NSA know how to break?

dingman

7:42 pm on Jun 26, 2003 (gmt 0)

Encryption was reported to have been encountered in 16 wiretaps terminated in 2002 and in 18 wiretaps terminated in calendar year 2001 or earlier but reported for the first time in 2002; however, in none of these cases was encryption reported to have prevented law enforcement officials from obtaining the plain text of communications intercepted.

ht tp://www.uscourts.gov/wiretap02/2002wttxt.pdf

That's from page 3