[Am-info] NSA keys in Windows
Paul Rickard
pr@ms-bc.com
Sun, 21 Apr 2002 16:13:51 -0400
========== On 2002.04.21 11:29 AM, John Poltorak typed: ============
>Does anyone have a link to any useful articles involving the NSA keys in
>Windows Registry?
>
>AIUI NSA refers the the US National Security Agency.
>
>There was some discussion about this in the press some time ago, but I
>don't remember the gist of it.
Here are all my references to NSA:
The Boycott Bulletin, 1999.09.13:
*During an investigation of the Windows NT security subsystem,
Cryptonym scientist Andrew Fernanded discovered something scary buried
deep inside Windows. Microsoft includes a feature called the 'CryptoAPI'
in Windows 95, 98, NT4 and 2000 so individual programs won't have to do
the heavy calculations involved in encrypting data. But as Fernanded
discovered, Microsoft forgot to remove the identifying components from
one of CryptoAPI's two decryption keys in NT Service Pack 5. The first
one that was already identified is used by Microsoft to verify that
CryptoAPI system updates are genuine. The second key, called NSAKEY, is
apparently there for the US National Security Agency. If the NSA actually
had access to it, the key would allow faulty CryptoAPI services to be
loaded on a computer without permission, thus making encrypted
information decodable.
Following several critical news reports, Microsoft issued a
statement confirming the existance of NSAKEY, but said it is only there
to "ensure compliance with U.S. export laws," and has not been shared
with any government agency or outside company. Whichever way Microsoft
intended the key to be used, its existance has actually made those
excessively strict encryption laws easier to break; NSAKEY is simple to
remove, meaning anyone can replace it with an illegal-strength cryptology
service without the approval of Microsoft or the NSA. -|
Gates, Gerstner helped NSA snoop - US Congressman
http://theregister.co.uk/000412-000020.html
The Boycott Bulletin, 2000.01.24:
When Windows 2000 finally ships next month, it will include a
built-in feature that was against US law until last week - 128-bit
encryption. According to Microsoft's Brian Valentine, that took a special
arrangement with the government, so we can naturally assume that they
included a backdoor for the NSA just like the one discovered back in
September [see NewsSource, Sep. 13 '98 -
http://msboycott.com/news/99_09_13.shtml ]. -|
The Boycott Bulletin, 2001.03.26:
*According to German newsmag 'Der Spiegel', the German military
and some of its diplomatic departments are abandoning Microsoft products
in droves because of concerns over their security and the lack thereof.
The report claims that the German government is extremely concerned over
recently discovered vulnerabilities in Microsoft's software and the
infamous Windows NT 'NSAKEY' that apparently gives the US government
backdoor access to Windows' built in encryption. If the 'Spiegel' report
holds true, software from Microsoft and a few other US companies will be
replaced by secure systems developed by native German groups.
A German Defense Ministry official has denied the report and says
the government will continue using Microsoft products. But at the same
time, he didn't deny that they are still concerned about security trouble
with Microsoft, and commented that the problem is currently being handled
with firewalls and customized NSAKEY-free encryption software. That
statement notwithstanding, a move away from Microsoft products would
certainly be a popular move in the country where Linux is becoming more
widely used than Windows. -|
ALSO SEE:
http://www.theregister.co.uk/content/4/17679.html
http://www.wired.com/news/politics/0,1283,42502,00.html
======== Paul Rickard, Editor of The Microsoft Boycott Campaign =======
--------------------------------[ Http://www.msboycott.com ]-----------
Your mouse has moved. You must restart Windows for these changes
to take effect.