In researching the stunning pervasiveness of spying by the government (it’s much more wide spread than you’ve heard even now), we ran across the fact that the FBI wants software programmers to install a backdoor in all software.

Digging a little further, we found a 1999 article by leading European computer publication Heise which noted that the NSA had already built a backdoor into all Windows software:

A careless mistake by Microsoft programmers has revealed that special access codes prepared by the US National Security Agency have been secretly built into Windows. The NSA access system is built into every version of the Windows operating system now in use, except early releases of Windows 95 (and its predecessors). The discovery comes close on the heels of the revelations earlier this year that another US software giant, Lotus, had built an NSA “help information” trapdoor into its Notes system, and that security functions on other software systems had been deliberately crippled.

The first discovery of the new NSA access system was made two years ago by British researcher Dr Nicko van Someren [an expert in computer security]. But it was only a few weeks ago when a second researcher rediscovered the access system. With it, he found the evidence linking it to NSA.

***

Two weeks ago, a US security company came up with conclusive evidence that the second key belongs to NSA. Like Dr van Someren, Andrew Fernandez, chief scientist with Cryptonym of Morrisville, North Carolina, had been probing the presence and significance of the two keys. Then he checked the latest Service Pack release for Windows NT4, Service Pack 5. He found that Microsoft’s developers had failed to remove or “strip” the debugging symbols used to test this software before they released it. Inside the code were the labels for the two keys. One was called “KEY”. The other was called “NSAKEY”.

Fernandes reported his re-discovery of the two CAPI keys, and their secret meaning, to “Advances in Cryptology, Crypto’99″ conference held in Santa Barbara. According to those present at the conference, Windows developers attending the conference did not deny that the “NSA” key was built into their software. But they refused to talk about what the key did, or why it had been put there without users’ knowledge.

A third key?!

But according to two witnesses attending the conference, even Microsoft’s top crypto programmers were astonished to learn that the version of ADVAPI.DLL shipping with Windows 2000 contains not two, but three keys. Brian LaMachia, head of CAPI development at Microsoft was “stunned” to learn of these discoveries, by outsiders. The latest discovery by Dr van Someren is based on advanced search methods which test and report on the “entropy” of programming code.

Within the Microsoft organisation, access to Windows source code is said to be highly compartmentalized, making it easy for modifications to be inserted without the knowledge of even the respective product managers.

Researchers are divided about whether the NSA key could be intended to let US government users of Windows run classified cryptosystems on their machines or whether it is intended to open up anyone’s and everyone’s Windows computer to intelligence gathering techniques deployed by NSA’s burgeoning corps of “information warriors”.

According to Fernandez of Cryptonym, the result of having the secret key inside your Windows operating system “is that it is tremendously easier for the NSA to load unauthorized security services on all copies of Microsoft Windows, and once these security services are loaded, they can effectively compromise your entire operating system“. The NSA key is contained inside all versions of Windows from Windows 95 OSR2 onwards.

***

“How is an IT manager to feel when they learn that in every copy of Windows sold, Microsoft has a ‘back door’ for NSA – making it orders of magnitude easier for the US government to access your computer?” he asked.

We have repeatedly pointed out that widespread spying on Americans began prior to 9/11.

http://www.washingtonsblog.com/

Washington’s Blog strives to provide real-time, well-researched and actionable information.

We at Washington’s Blog have an insatiable curiosity for new discoveries, new information and new insights.

Despite our passion for what’s new, there are themes that we keep reporting on year after year, as they reflect a bigger picture which remains fairly constant, or the root causes of our problems which have still not been addressed, or potentially powerful solutions which have still never been tried.

© 2013 Copyright washingtonsblog - All Rights Reserved Disclaimer: The above is a matter of opinion provided for general information purposes only and is not intended as investment advice. Information and analysis above are derived from sources and utilising methods believed to be reliable, but we cannot accept responsibility for any losses you may incur as a result of this analysis. Individuals should consult with their personal financial advisors.

Only logged in users are allowed to post comments. Register/ Log in

The Market Oracle is a FREE Financial Markets Forecasting & Analysis web-site.
(c) 2005-2024 MarketOracle.co.uk (Market Oracle Ltd) - Market Oracle Ltd asserts copyright on all articles authored by our editorial team and all comments posted. Any and all information provided within the web-site, is for general information purposes only and Market Oracle Ltd do not warrant the accuracy, timeliness or suitability of any information provided on this site. nor is or shall be deemed to constitute, financial or any other advice or recommendation by us. and are also not meant to be investment advice or solicitation or recommendation to establish market positions. We do not give investment advice and our comments are an expression of opinion only and should not be construed in any manner whatsoever as recommendations to enter into a market position either stock, option, futures contract, bonds, commodity or any other financial instrument at any time. We recommend that independent professional advice is obtained before you make any investment or trading decisions. By using this site you agree to this sites Terms of Use. From time to time we promote or endorse certain products / services that we believe are worthy of your time and attention. In return for that endorsement and only in the cases where you purchase directly though us may we be compensated by the producers of those products.