08.22.13

Gemini version available ♊︎

NSA Back Doors Get Microsoft Windows Excluded From Procurement in Germany

Posted in Europe, Microsoft, Vista 8, Windows at 10:04 am by Dr. Roy Schestowitz

Blowback time

Angela Merkel
Angela Merkel, by Αντώνης Σαμαράς Πρωθυπουργός της Ελλάδας

Summary: The NSA is getting US corporations (subsidised by US taxpayers to an extent) banned for security reasons, showing in the process how proprietary paradigm helps conceal back doors and reduce trust

Angela Merkel has been working with the NSA, Microsoft’s close ally, for quite some time. But right now this relationship is exploding right in her face and jeopardises her election campaign in Germany (voting is imminent). She needs to rethink her policies in light of the NSA abuses which everyone now knows about.

The NSA has been involved in Vista 8 development (as usual, the same was done with previous versions of Windows) and it gets notified of back doors in the operating system (while they are universally unaddressed). Add UEFI to the equation and the NSA can now remotely brick some motherboards as long as they run Windows. The British military does not seem to mind this. It gave the US control of all PCs. National Security in the UK assumes that by “national” we mean the US. We already have some NSA bases in the UK.

Nations are finally grasping the threat of the NSA. First China and Russia took action, with China launching a large probe and Russia abandoning some computers. Well, now Germany joins the pack. As David Sugar said it to me,‏ “Windows 8 banned by German govt for integrating forced hardware surveillance & backdoors”

They also warned against UEFI (for secure boot) less than a year ago. Here is the a summary of a report written in German:

According to leaked internal documents from the German Federal Office for Information Security (BSI) that Die Zeit obtained, IT experts figured out that Windows 8, the touch-screen enabled, super-duper, but sales-challenged Microsoft operating system is outright dangerous for data security. It allows Microsoft to control the computer remotely through a built-in backdoor. Keys to that backdoor are likely accessible to the NSA – and in an unintended ironic twist, perhaps even to the Chinese.

The backdoor is called “Trusted Computing,” developed and promoted by the Trusted Computing Group, founded a decade ago by the all-American tech companies AMD, Cisco, Hewlett-Packard, IBM, Intel, Microsoft, and Wave Systems. Its core element is a chip, the Trusted Platform Module (TPM), and an operating system designed for it, such as Windows 8. Trusted Computing Group has developed the specifications of how the chip and operating systems work together.

The other day, unofficial Microsoft spokeswoman Mary Jo Foley (her criticisms of Microsoft are rare and weak) was pushing people to buy new software from Microsoft, citing security reasons. [via]

Microsoft’s latest tack in trying to wean users off Windows XP is to warn them of a possible ‘zero day forever’ scenario in the post-April 2014 support cut-off world.

This is nonsense because after the NSA leaks we know that this threat is perpetual. As Pogson put it:

Well, I don’t think those numbers are very accurate but it’s the trend that matters. There are still hundreds of millions of PCs out there using XP and after 234 days there will still be ~200 million clinging to what they know. According to M$, XP will be revealed as the garbage OS that it is after that because it will be a huge unprotected target for malware artists. They shipped it with ~50K bugs and added more over the years. Malware artists have been discovering hundreds of ways of penetrating the OS every day for more than a decade. XP inspired whole industies of “anti-malware” and malware, spending the resources of IT defending IT from the carelessness of M$ for security, integrity and performance. M$ has used hundreds of millions of users and owners of PCs as slaves all these years and many have accepted that slavery as a way of life.

Pogson’s point is valid. But he does not address the fact that flaws are being spread to partners (like Microsoft does with the NSA). An article from the British press says that “Microsoft warns it’ll hand out zero days for Windows XP” (like it has done for a dozen years with the NSA). To quote:

Microsoft has a Windows XP problem: people still like it and aren’t willing to upgrade just yet. So it’s warning users that if they don’t upgrade soon, each new Patch Tuesday will gift a new series of vulnerabilities to the hacking community.

Windows XP is already Swiss cheese. Microsoft is trying to exploit its rubbish security as a marketing tool right now. It wants to upsell.

Woody Leonhard, an author of IDG, wrote about 17 epic Microsoft Windows Auto Update meltdowns [via], preceding it with:

These legendary clunkers made Patch Tuesday a living hell for Windows users the world over

A lot of the press has been overlooking an important point. The Windows toggle button which tells Microsoft not to automatically update (modify) the system has no effect. We know this empirically, at least when it comes to XP; about 5 years ago it was shown to have no effect. Automatic update is a back door, so Microsoft would let the NSA take over PCs with this back door, too. Staying “up to date” with patches can thus have the opposite effect.

The bottom line is, any company that comes in contact with the Department of Espionage (the NSA) should be suspect and should be avoided where possible. Germany should do nationally what it already did in Munich and a few smaller places,

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

A Single Comment

  1. salparadise said,

    August 22, 2013 at 3:11 pm

    Gravatar

    It was reported, some years ago now, that there were “audible gasps” from a bunch of Euro MP’s, when it was revealed that the NSA had put backdoors into XP.

    Now they’re all running round pretending that “this is news to us”.
    It seems more likely that now that it has made the news, via Mr Snowden’s actions, that they must act like “they’re doing something about it”. Ms Merkel is, after all, facing an election in the not too distant future.

DecorWhat Else is New


  1. Links 18/1/2022: GNOME 42 Alpha and KStars 3.5.7

    Links for the day



  2. IRC Proceedings: Monday, January 17, 2022

    IRC logs for Monday, January 17, 2022



  3. Links 17/1/2022: More Microsoft-Connected FUD Against Linux as Its Share Continues to Fall

    Links for the day



  4. The GUI Challenge

    The latest article from Andy concerns the Command Line Challenge



  5. Links 17/1/2022: digiKam 7.5.0 and GhostBSD 22.01.12 Released

    Links for the day



  6. IRC Proceedings: Sunday, January 16, 2022

    IRC logs for Sunday, January 16, 2022



  7. Links 17/1/2022: postmarketOS 21.12 Service Pack 1 and Mumble 1.4 Released

    Links for the day



  8. [Meme] Gemini Space (or Geminispace): From 441 Working Capsules to 1,600 Working Capsules in Just 12 Months

    Gemini space now boasts 1,600 working capsules, a massive growth compared to last January, as we noted the other day (1,600 is now official)



  9. [Meme] European Patent Office Space

    The EPO maintains a culture of illegal surveillance, inherited from Benoît Battistelli and taken to a whole new level by António Campinos



  10. Gemini Rings (Like Webrings) and Shared Spaces in Geminspace

    Much like the Web of 20+ years ago, Gemini lets online communities — real communities (not abused tenants, groomed to be ‘monetised’ like in Facebook or Flickr) — form networks, guilds, and rings



  11. Links 16/1/2022: Latte Dock 0.11 and librest 0.9.0

    Links for the day



  12. The Corporate Cabal (and Spy Agencies-Enabled Monopolies) Engages in Raiding of the Free Software Community and Hacker Culture

    In an overt attack on the people who actually did all the work — the geeks who built excellent software to be gradually privatised through the Linux Foundation (a sort of price-fixing and openwashing cartel for shared interests of proprietary software firms) — is receiving more widespread condemnation; even the OSI has been bribed to become a part-time Microsoft outsourcer as organisations are easier to corrupt than communities



  13. EPO's Web Site Constantly Spammed by Lies About Privacy While EPO Breaks the Law and Outsources Data to the United States

    The António Campinos-led EPO works for imperialism, it not only protects the rich; sadly, António’s father isn’t alive anymore and surely he would blast his son for doing what he does to progress his career while lying to staff and European citizens



  14. Links 16/1/2022: Tsunami and Patents

    Links for the day



  15. IRC Proceedings: Saturday, January 15, 2022

    IRC logs for Saturday, January 15, 2022



  16. Links 16/1/2022: Year of the GNU/Linux Desktop and Catch-up With Patent Misinformation

    Links for the day



  17. Patrick Breyer, Unlike Most German Politicians, Highlights the Fact That Unified Patent Court (UPC) and Unitary Patent Are Incompatible With EU Law

    A longtime critic of EPO abuses (under both Benoît Battistelli and António Campinos leadership), as well as a vocal critic of software patents, steps in to point out the very obvious



  18. Links 15/1/2022: Flameshot 11.0 and Libvirt 8.0

    Links for the day



  19. Blogging and Microblogging in Geminispace With Gemini Protocol

    Writing one’s thoughts and other things in Geminispace — even without setting up a Gemini server — is totally possible; gateways and services do exist for this purpose



  20. Links 15/1/2022: Raspberry Pi in Business

    Links for the day



  21. IRC Proceedings: Friday, January 14, 2022

    IRC logs for Friday, January 14, 2022



  22. Gemini Clients: Comparing Moonlander, Telescope, Amfora, Kristall, and Lagrange (Newer and Older)

    There are many independent implementations of clients (similar to Web browsers) that deal with Gemini protocol and today we compare them visually, using Techrights as a test case/capsule



  23. 2022 Starts With Censorship of Christmas and Other Greetings at the EPO

    The nihilists who run the EPO want a monopoly on holiday greetings; to make matters worse, they’re censoring staff representatives in their intranet whilst inconsistently applying said policies



  24. Links 14/1/2022: FFmpeg 5.0 and Wine 7.0 RC6

    Links for the day



  25. White House Asking Proprietary Software Companies That Add NSA Back Doors About Their Views on 'Open Source' Security

    The US government wants us to think that in order to tackle security issues we need to reach out to the collective 'wisdom' of the very culprits who created the security mess in the first place (even by intention, for imperialistic objectives)



  26. Links 14/1/2022: EasyOS 3.2.1 and Qt 6.3 Alpha

    Links for the day



  27. Scientific Excellence and the Debian Social Contract

    The Debian Project turns 30 next year; in spite of it being so ubiquitous (most of the important distros of GNU/Linux are based on Debian) it is suffering growing pains and some of that boils down to corporate cash and toxic, deeply divisive politics



  28. Links 14/1/2022: openSUSE Leap 15.2 EoL, VFX Designers Are Using GNU/Linux

    Links for the day



  29. IRC Proceedings: Thursday, January 13, 2022

    IRC logs for Thursday, January 13, 2022



  30. 2022 Commences With Microsoft-Themed (and Microsoft-Connected) FUD Against GNU/Linux

    A psychopathic Microsoft, aided by operatives inside the mainstream and so-called 'tech' media, keeps spreading old and invalid stigma about "Linux" and Free software; few people still bother responding to these fact-free FUD campaigns, which boil down to ‘perception management’ PR/propaganda


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts