Bonum Certa Men Certa

More Details Revealed About How the NSA Infiltrates Windows and Other Proprietary Software, Governments Should Now Ban Microsoft

RSA Conference



Summary: RSA is the latest (known) entity to have received bribes from the NSA in exchange for back doors; Germany may move towards banning software from companies that share data with the NSA

A COUPLE of nights ago Reuters published an explosive report about RSA, basically showing that Windows does not have back doors, it is a back door and so is a lot of the software that's proprietary. Free/libre software does not suffer from the trap [1]. This is a serious wakeup call to any government that still relies on proprietary software and US companies that collect data.



Munich moved to GNU/Linux owing to political determination to do so [2], but what about other cities? Their politicians are in serious trouble and a constant threat of espionage.

"This is a serious wakeup call to any government that still relies on proprietary software and US companies that collect data."As the Reuters report revealed [3] (and there was a lot of journalism linking to it [4,5]), "RSA Weakened Encryption For $10M From NSA," to quote Slashdot, which consequently also published the item "Microsoft Security Essentials Misses 39% of Malware" (especially NSA malware that enables system compromise). Remember that Windows XP will soon receive no patches, so not just the NSA will get easy access through back doors. IDG's advice on this matter is misguided as it basically offers continued use of Windows XP rather than runaway to a secure platform like GNU/Linux. As the author put it, "Microsoft's support for Windows XP ends in less than four months, and the company has warned users repeatedly that it's time to move on. But a lot of them are sticking with the aged OS. And for Microsoft, that's a problem."

Security is not really a problem here because there was never really any security to begin with. As we showed in our articles about the NSA, Windows is just a Trojan horse. It is obviously not secure and the only variable is, how many people can seize control of it?

The latest news makes almost all proprietary software suspect, even fake 'open source' like TrueCrypt (it is proprietary). As one tweet put it, "Check all on this list who use Dual_EC_DRBG as possible recipients of NSA bribes [...] Note Blackberry, Cisco, Juniper [...] Blast from the past: Call tracking Dual_EC_DRBG "Bribe Finder": Any use by default post 2007 required either an implicit or explicit bribe."

This is another good reason to avoid all proprietary software, including widely-used GNU/Linux programs like Skype. One tweet said that "Dual EC_DRBG was suspiciously absent from Wednesday's report by President Obama's NSA advisory panel."

Going back to Microsoft's flawed detection of malware, MinceR wrote that "their alleged "anti-malware" efforts started with stopping detecting claria as malware just as they were about to buy it, so i don't know why anyone trusts them with such ... [it] manages to out-sleaze even the other "antivirus" companies."

" With Microsoft, NSA gets video/audio surveillance, not just through Skype but also through people's webcams on computers that have Windows installed (and are idle)."Sosumi said that "they don't detect NSA backdoors as malware, so why trust them?"

Nobody can trust Microsoft. The above report says that "latest tests from Dennis Publishing's security labs saw Microsoft Security Essentials fail to detect 39% of the real-world malware thrown at it."

It's not just a case of access to one's files by the way. See the new post titled "Windows users: Your webcam lights aren't safe from the FBI either" (we wrote about CIPAV almost 5 years ago).

"In recent news," says the post, "it was revealed the FBI has a "virus" that will record a suspect through the webcam secretly, without turning on the LED light. Some researchers showed this working on an older Macbook. In this post, we do it on Windows."

"The more you know about how the NSA gets along with RSA & Microsoft," writes one Twitter user, "the more perspective you have on their handling of Lavabit." With Microsoft, NSA gets video/audio surveillance, not just through Skype but also through people's webcams on computers that have Windows installed (and are idle). This is a good enough reason to immediately abandon Microsoft and some politicians in Germany already think about moving in this direction. See [6,7] below for details of the latest news and pay attention to the explosive new article "Snowden ally Appelbaum claims his Berlin apartment was invaded" [8]; clearly it's not about terrorism but about cracking down on activists [9].

Following the revelations above there is some new effort [10] -- including from GNU/Linux developers [11] -- to sack with prejudice potential NSA moles.

Related/contextual items from the news:

  1. Worried OpenSSL uses NSA-tainted crypto? This BUG has got your back
    As fears grow that US and UK spies have deliberately hamstrung key components in today's encryption systems, users of OpenSSL can certainly relax about one thing.

    It has been revealed that the cryptography toolkit – used by reams of software from web browsers for HTTPS to SSH for secure terminals – is not using the discredited random number generator Dual EC DRBG.

    And that's due to a bug that's now firmly a WONTFIX.

    A coding flaw uncovered in the library prevents "all use" of the dual elliptic curve (Dual EC) deterministic random bit generator (DRBG) algorithm, a cryptographically weak algorithm championed by none other than the NSA.

    No other DRBGs used by OpenSSL are affected, we're told.


  2. Moving a city to Linux needs political backing, says Munich project leader
    This year saw the completion of the city of Munich’s switch to Linux, a move that began about ten years ago. “One of the biggest lessons learned was that you can’t do such a project without continued political backing,” said Peter Hofmann, the leader of the LiMux project, summing up the experience.

    The Munich city authority migrated around 14,800 of the 15,000 or so PCs on its network to LiMux, its own Linux distribution based on Ubuntu, exceeding its initial goal of migrating 12,000 desktops.


  3. Exclusive: Secret contract tied NSA and security industry pioneer
    As a key part of a campaign to embed encryption software that it could crack into widely used computer products, the U.S. National Security Agency arranged a secret $10 million contract with RSA, one of the most influential firms in the computer security industry, Reuters has learned.


  4. NSA Gave RSA $10 Million To Promote Crypto It Had Purposely Weakened
    Earlier this year, the Snowden leaks revealed how the NSA was effectively infiltrating crypto standards efforts to take control of them and make sure that backdoors or other weaknesses were installed. Many in the crypto community reacted angrily to this, and began to rethink how they interact with the feds. However, Reuters has just dropped a bombshell into all of this, as it has revealed that not only did the NSA purposefully weaken crypto, it then paid famed crypto provider RSA $10 million to push the weakened crypto, making it a de facto standard.


  5. How much did NSA pay to put a backdoor in RSA crypto? Try $10m – report
    Latest Snowden claims: Flawed encryption tech switched on by default in exchange for cash


  6. Germany should ban U.S. contracting companies passing data to NSA - report
    U.S. contracting companies such as Cisco, which manages much of the German armed forces' data, should be contractually barred from passing sensitive information to the U.S. security services, a spokesman for Chancellor Angela Merkel's conservatives was quoted saying.


  7. German government buildings and charities were targets of GCHQ and NSA, says Edward Snowden


    Humanitarian organisations and German government buildings are among the targets of UK and US surveillance agencies, documents leaked by Edward Snowden are said to show.

    The latest disclosures from the Snowden archive also highlight the key role in national security played by the small Cornish holiday resort town of Bude.

    A government listening facility on the Cornish coast had a unit that was used to analyse samples of electronic date to assess whether surveillance targets were worth the effort of listening in on their communications more frequently.

    A significant amount of the Bude listening post’s funding comes from the National Security Agency (NSA), the US surveillance body, because of shared operational projects.


  8. Snowden ally Appelbaum claims his Berlin apartment was invaded
    Jacob Appelbaum, a US Internet activist and one of the people with access to Edward Snowden's documents, has told a Berlin paper that his apartment was broken into, saying he suspected US involvement.


  9. The Real Purpose of Oakland's Surveillance Center
    City leaders have argued that Oakland needs a massive surveillance system to combat violent crime, but internal documents reveal that city staffers are also focused on tracking political protesters.
  10. Critics: NSA agent co-chairing key crypto standards body should be removed (updated)
    Security experts are calling for the removal of a National Security Agency employee who co-chairs an influential cryptography panel, which advises a host of groups that forge widely used standards for the Internet Engineering Task Force (IETF).

    Kevin Igoe, who in a 2011 e-mail announcing his appointment was listed as a senior cryptographer with the NSA's Commercial Solutions Center, is one of two co-chairs of the IETF's Crypto Forum Research Group (CFRG). The CFRG provides cryptographic guidance to IETF working groups that develop standards for a variety of crucial technologies that run and help secure the Internet. The transport layer security (TLS) protocol that underpins Web encryption and standards for secure shell connections used to securely access servers are two examples. Igoe has been CFRG co-chair for about two years, along with David A. McGrew of Cisco Systems.


  11. Kevin M. Igoe should step down from CFRG Co-chair
    I've said recently that pervasive surveillance is wrong. I don't think anyone from the NSA should have a leadership position in the development or deployment of Internet communications, because their interests are at odds with the interest of the rest of the Internet. But someone at the NSA is in exactly such a position. They ought to step down.


Recent Techrights' Posts

Brett Wilson LLP Has Just Lost a Case of Its Biggest Client "IN THE COURT OF APPEAL (CIVIL DIVISION)"
Is Brett Wilson LLP proud of such clientele?
Gary Smith Says Brett Wilson LLP Engages in SLAPP Against Him Over LinkedIn Post, "This is the Streisand Effect in Real Time"
"Lawyers who front SLAPP‑style threats on behalf of powerful institutions are not “defending reputation”; they are abusing legal process to intimidate and silence legitimate public‑interest scrutiny."
 
Links 01/07/2026: Apple and Microsoft Price Hikes, Political Catchup
Links for the day
Parroting the Script of RAs and PIPs, "Buyouts" and Layoffs by Any Other Name
Over time people will find out just how many people "leave" IBM
Slop Gives No Real Edge, It's Just Falsely Marketed That Way (FOMO)
Plagiarism in some measurable form is always bad, irrespective of what we call it
The Microsoft-Owned Media Shows What Spin Microsoft Will Use Amid Mass Layoffs
Microsoft says goodbye to over 10,000 workers this month
The Media is Shooting Its Own Foot by Peddling Slop and Spam
Nobody wishes to read slop; as soon as people realise "the news" (or "news site") is LLM trash, they will walk away
Gemini Links 01/07/2026: Wild Flowers, Slop, and Waystone Tools
Links for the day
Links 01/07/2026: Bending Spoons Makes an 'Exit' ("Going Public"), US Supreme Court Rules on Many Issues
Links for the day
Misattributing Blame, the Core Issue is Slop
that issue has nothing to do with Bash
Microsoft: Layoffs Are an Investment
Sales of the console will take another plunge and debt will skyrocket
Links 01/07/2026: MElon (Elon Musk) "Confronted With List of People He Has Killed", Microsoft Ignores Union, Chooses "Bloodbath"
Links for the day
The Register MS: Paid-For SPAM Advocating Chinese Colonialism in Africa, Not Even a Disclosure (as Before)
Does The Register MS recognise what this piece is promoting and who for?
Techrights Never Defended Rapists
In the past, I and others got falsely accused of "defend[ing] a rapist"
"Regular Silent Layoffs and PIPs" at Microsoft, According to Microsoft Insider
Many people leave without a fuss, only a signed NDA
Gaming Companies Help Promote Rootkits ('Anticheat') and Help Microsoft Take Control of People's PCs
The industry in its current form acts a bit more like a cabal of power-hungry companies that actively try to back-door everything and smear people who oppose that
IRC (Internet Relay Chat) Turns 38 Next Month
IRC did well because over 300k users are on significant networks (simultaneous, also counting bots and cross-network overlaps)
opensourceforu.com is a Slopfarm, It's Not "Open Source" and It's Not "For U"
Slop "For U"
DRM and Ownership
We now even have PCs that "expire"
GNU/Linux Reaches 6% in North America
Tomorrow around 10AM we'll see what preliminary data they get for July
IBM Layoffs Still Happening in 2026, They're Just Not Being Reported
The demise of IBM accompanies the demise of the media
SLAPP Censorship - Part 124 Out of 200: The Court Deems My Wife Connected to the Case of the Serial Strangler From Microsoft, Invites Her to the Hearing Last Week
Brett Wilson LLP does not play by the rules
Paying Severance to Staff Laid Off by Microsoft Too Expensive for Microsoft Now?
When companies earn such a bad reputation (not paying severance to people they discard) it lowers morale even further
Microsoft Mass Layoffs Due to Money Problems (Debt, Lack of Money to Complete Payroll), Not "Hey Hi"
If Microsoft later comes up with some "Hey Hi" narrative, then immediately reject it
Stop Conflating Free Software With Slop Plagiarism and Time-wasting
Even decades ago people could use "compute" for lots of fuzzing, then file away false or unaudited reports using bots
What Security Means
Security does not mean asking Microsoft for permission
Microsoft May be Losing 10,000+ Workers This Month
Here's the quick math
BSN Senior School Leidschenveen is Shutting Down and What That Means to the European Patent Office (EPO)
Follow-up meeting with Site Manager VP1 on school matters
Gemini Links 01/07/2026: Keeping (Relatively) Cool plus Adventures in Solar, Camp Snap Cameras and XTEINK X4 Ereader Reviews
Links for the day
European Patent Office (EPO) Series: Different Strokes For Different Folks
Organisation operating in two parallel universes
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, June 30, 2026
IRC logs for Tuesday, June 30, 2026
GNU/Linux Measured at 4.4% by statCounter, Even More by analytics.usa.gov
GNU/Linux has fared well
Getting Skyped: Closure of Studios Microsoft Bought
wait till July and the mass layoffs outside XBox
Several Waves of Red Hat Layoffs This Year, Is This Still Going on Under IBM?
The PIPs and NDAs hard to get a clear picture
Sabine Hossenfelder Versus IBM Scamming Shareholders
IBM has become a garage of BS
Some XBox Layoffs Underway, At Least Five Studios to be Shut Down
Insiders are in a state of panic
Gemini Links 30/06/2026: Music Theory, Addiction, Clown Computing
Links for the day
Links 30/06/2026: France Recorded 1,000 Excess Deaths During Heat Wave, Slop Replaced by Human Staff
Links for the day
WordPress Becoming What We Feared It Would Become
WordPress and other such bloatware (WordPress used to be fast and light) are moving in the same trajectory that GAFAM leads
People Given the Totally Wrong Idea That "Secure Boot" is About Security (It's the Opposite, It's About Handing Control Over to NSA/Microsoft)
"Secure Boot" with capital "B" is conflating compromise with security.
Today The Register MS is Publishing Fake Articles About "AI", 100% of All "Content"
Maybe the media is dying because it is selling its soul [...] The Register MS has no standard
America Has Cost Europe Too Much
Countries ought to be controlling all their own systems
GAFAM Debt Will Surge, in July We'll Know by How Much
Do not fall for slop or sloppy narratives
Call for European Patent Office (EPO) Whistleblowers
The European Patent Organisation (EPO) might not reform the Office
400-Page US Federal Court Against Abuses by Google, Microsoft and Front Groups That Abuse Volunteers for American Corporations
There are 386 pages in total (in the US claim)
Projection Tactics - Part IV: SLAPP by Americans Against Techrights (UK) to Hide Serious Abuses Against American Women
"PRs need to stop being complicit in suppression of information via SLAPPs"
Five Years Ago, After We Broke the Story About Richard Stallman Rejoining the FSF's Board, All Hell Broke Loose (for Me and My Family)
They generally seem to target anyone who thinks Richard Stallman (RMS) should be in charge or thinks alike about computing
Projection Tactics - Part II: Causing "Serious Harm" to Many People (Even Animals)
Narcissists and sociopaths are like that
Too Many "Marketers on the Payroll" at IBM, Selling Impossible Products That Cannot be Delivered or Will Never Deliver
IBM is rotting away
Media Says Microsoft's (XBox) Layoffs May be Record-Breaking
think somewhere in the range of ~5000 for gaming/XBox alone
Sirius Open Source's Latest Report: Fake (False) Number of Staff, Almost No Money in the Bank, Overdraft, and Growing Debt (About £100,000 More Borrowed)
massive (and still growing) debt
Links 30/06/2026: What's Wrong With EU Age Verification, RSA Keys with Many Zeros
Links for the day
This is Not a Security, This is a Circus
Security does not mean "asked Microsoft for permission"
Communities Need Strong Leadership, Not Dictators Like IBM
Leadership in Free software is not ownership [...] Fedora will only last as long as IBM can somehow make some money out of it or leverage it to attract sharecropping
Patents Are Not "Cash Cows"
People who deliberately don't understand patents (or believe lies about them) will fail to understand how the world works (or does not work)
Sad Lives of People Who Think Women Are Just Sexual Toys (All They Have is Money)
money is still a man-made concept and life is finite
SLAPP Censorship - Part 123 Out of 200: Why Violence Against Animals Matters
Starting tomorrow (Wednesday) we'll begin telling stories about what happened last week
EPO Staff Union's (SUEPO) The Hague Committee, With Help of Lawyer, Challenges Lack of Rewards for Hard Work
The EPO is not about granting valid patents anymore. The horse-trading corrupt officials just see the EPO as some thing that "prints money"
Massive EPO Demonstration Today
It'll start in about 6 hours
More Layoffs in Microsoft's PR Department, Even Ahead of 'D-Day'
Notice they are not even waiting for the official date (nor week)
European Patent Office (EPO) Series: Photo-Ops Galore and Suspicions of Influence-Peddling
coverage of the EPO's Croatian junket
Gemini Links 30/06/2026: Music and Broken Hearts
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, June 29, 2026
IRC logs for Monday, June 29, 2026
Gemini Links 29/06/2026: Using More of GPLv3+ and Merits of Security by TOFU
Links for the day
Links 29/06/2026: Lemote Yeeloong Laptop With OpenBSD, Slop Ruins Code/Development
Links for the day
Antisocial People With No Computer Science Background Are Ruining the Technology Space (Like Officials With No Experience in Patents Destroyed the EPO)
This is a real issue; it needs to be widely recognised and tackled
DDoS Attacks Are a Crime and They Only Increase Interest (Intrigue) in Their Target
Information cannot be DDoSed out of reach/existence, except temporarily
Pushing to the Top
Publishing is about exposing corruption
Whistleblowing and Retaliation by Microsoft Workers Against Microsoft Seems Increasingly Likely
some will go to the press, looking to expose some shenanigans
How Long Can a Company Delay Its Financial Report That Likely Confirms Exodus of Staff, Growing Debt, and Other Problems?
Brett Wilson LLP was meant to release its annual report some time early this month
SLAPP Censorship - Part 122 Out of 200: Garrett's Solicitors Confirm That Garrett is Ban-Evading and Spying on Our IRC Network
his solicitors basically acknowledge this
European Patent Office (EPO) Series: Networking With the National Delegates
António Campinos with a prime opportunity to network with the Administrative Council delegates and lobby for his reappointment
PIPs and "Retirements": IBM Layoffs in Anything But Name
That former Red Hat (now IBM) staff threatens to put my wife and I in prison is worse than cruel
Contact Members of the EPO Administrative Council, Tell Them the EPO (Office) Became a Disgrace and an Enemy of Europe's Citizens
If you live in Europe (not just the EU, even Turkey is included), please contact your delegates
The World Needs GNU/Linux for Security, Turn Off "Secure Boot" (It's the Opposite of Security)
They call it "Secure Boot", but what does it mean to say "Secure" when you actively opt for back doors controlled by Microsoft, the FBI, and many more parties?
In Signal of Weakness or Phasing Out XBox (Not Sustainable, According to the CEO) Microsoft "Pauses New Third-Party Game Pass Deals"
Moments ago
Two Pieces About "AI" This Morning Were Paid-For SPAM at The Register MS
The Register MS is the "Tech News" publisher you can pay to promote your company and even key-word-stuff pages for SEO purposes
Week of Microsoft Layoffs, Maybe Record-Breaking Scale
They will mislead about the scale
Links 28/06/2026: More Om Malik Eulogies, Cloudflare Promotes Web Browser Monocultures
Links for the day
IBM's Alderon as "Silent Layoffs", Not Just Bailout From Taxpayers
Seeing through the noise
'Modern' Web: "Stop! You Are Browsing Too Fast!"
Can the Web ever recover from this?
Pensions Tied to Ponzi Schemes Are Themselves Ponzi Schemes
Pensions are becoming more like that as well
Laptop Bricked After Microsoft Certificates Expiry
Is "Jim" dead?
Monoculture in Europe as National (or Continental) Security Threat
We need more browser diversity
Canada 5-0: GNU/Linux Rises to 5.0%, Windows Rapidly Falls to New Lows
Will we be seeing 6-0 (6%) by year's end and will Microsoft be shown two red cards?
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, June 28, 2026
IRC logs for Sunday, June 28, 2026
Gemini Links 29/06/2026: Sansieviera, HiFi, and Self-Signed Certificates
Links for the day