EditorsAbout the SiteComes vs. MicrosoftUsing This Web SiteSite ArchivesCredibility IndexOOXMLOpenDocumentPatentsNovellNews DigestSite NewsRSS

11.04.14

Cryptome Reveals How Microsoft Gives the FBI and the NSA Back Doors to Crack Encryption

Posted in Microsoft, Security at 3:06 pm by Dr. Roy Schestowitz

Cryptome

Summary: Cryptome has an article, comprised/composed of hard evidence, revealing ways in which Microsoft enables aggressive spies to break encryption

The FBI does not even pretend not to be pursuing back doors; quite the contrary! It demands them and now insists on legislation that would make them mandatory. The same goes for the NSA, Microsoft’s very special partner. Anyone who still thinks that back doors in encryption are within the realm of “conspiracy theory” must not have paid attention. We wrote about such issues more than half a decade ago. At this stage, judging by thousands of articles on the topic, these factual observations are very commonplace in the press, even in the corporate media.

“Anyone who still thinks that back doors in encryption are within the realm of “conspiracy theory” must not have paid attention.”“Microsoft backdoor bitlocker key escrow for the FBI & NSA,” writes to us David Sugar ‏from GNU Telephony. “From the OS that loves to spy on you,” he added.

Some months ago we showed that a former Microsoft engineer working on Windows BitLocker confirmed that the US government asks Microsoft for back doors and now we have more details on how this is done, courtesy of cryptology enthusiasts in Cryptome:

Microsoft OneDrive in NSA PRISM

A sends:

1) Bitlocker keys are uploaded to OneDrive by ‘device encryption’.

“Unlike a standard BitLocker implementation, device encryption is enabled automatically so that the device is always protected.

If the device is not domain-joined a Microsoft Account that has been granted administrative privileges on the device is required. When the administrator uses a Microsoft account to sign in, the clear key is removed, a recovery key is uploaded to online Microsoft account and TPM protector is created.”

http://technet.microsoft.com/en-us/library/dn306081.aspx

2) Device encryption is supported by Bitlocker for all SKUs that support connected standby. This would include Windows phones.

“BitLocker provides support for device encryption on x86 and x64-based computers with a TPM that supports connected stand-by. Previously this form of encryption was only available on Windows RT devices.”

http://technet.microsoft.com/en-us/library/dn306081.aspx#BKM…

3) The tech media and feature articles recognise this.

“… because the recovery key is automatically stored in SkyDrive for you.”

http://www.zdnet.com/surface-bitlocker-and-the-future-of-encryption-7000024613/

4) Here’s how to recover your key from Sky/OneDrive.

“Your Microsoft account online. This option is only available on non-domain-joined PCs. To get your recovery key, go to …onedrive.com…”

http://windows.microsoft.com/en-us/windows-8/bitlocker-recovery-keys-faq

5) SkyDrive (now named OneDrive) is onboarded to PRISM. (pg 26/27)

http://hbpub.vo.llnwd.net/o16/video/olmk/holt/greenwald/NoPlaceToHide-

Documents-Uncompressed.pdf

When Microsoft speaks about security it usually means “national security”, i.e. the ability of the state to break security of software. It’s about interception, not security. When Microsoft speaks about ‘secure boot’ it speaks about an antifeature in UEFI that enables the state to remotely brick computers, too.

The sad thing is that amid many BSD milestones as of recently (FreeBSD, OpenBSD, PC-BSD and others) there are those who fall for the false promise of UEFI, which does more harm than good to security. OpenBSD, which takes security very seriously, has already blasted UEFI 'secure boot' and blasted those who support it (including Red Hat), whereas FreeBSD got bamboozled into UEFI 'secure boot' and with it, the FreeBSD-derived PC-BSD gets bamboozled too:

Marking the twenty-first birthday of FreeBSD was the release of FreeBSD 10.1-RC4 and separately was the FreeBSD-derived PC-BSD 10.1 RC2 release.

FreeBSD 10.1-RC4 is expected to be the final RC build of FreeBSD 10.1 and brought fixes for ATA CF ERASE breakage and a race fix that could cause an EPT misconfiguration VM-exit.

More details on FreeBSD 10.1-RC4 can be found via its Sunday release announcement. The official release of FreeBSD 10.1 is now hopefully a few days out with its many new features and changes.

This is not a good idea at all. PC-BSD needs to follow the example set by OpenBSD, not FreeBSD (with its codebase). It sure starts looking like not only Microsoft but Red Hat too is bending over to its lucrative clients and contracts with the Deep State. Based on established observations from one decade ago, including more recent developments that Red Hat refuses to comment on, it seems possible that back doors in encryption (by default) is the de facto standard among large corporations. When they speak about “security” there must be fine prints and they’re omitted from the advertising. At risk of breaking the silence about systemd (because we don’t want to inflame ‘civil wars’), systemd replaces/obviates so much highly mature software that it certainly increases the likelihood of bug doors being introduced in RHEL/Red Hat (systemd‘s patron) and by extension/inheritance many other distributions of GNU/Linux.

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • Reddit
  • co.mments
  • DZone
  • email
  • Google Bookmarks
  • LinkedIn
  • NewsVine
  • Print
  • Technorati
  • TwitThis
  • Facebook

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. The EPO is Doing Great, Says EPO-Connected 'News' Site

    IAM 'magazine', a longtime ally of the EPO, gives people the impression that all is fine and dandy at the EPO even though that's clearly not the case



  2. Microsoft Has Killed Nokia (and Its Own Mobile Ambitions), But Watch What it Does With Patents

    Microsoft announces many more layoffs, having already caused tremendous damage to the Finnish economy, and patents are left astray for Microsoft's favourite patent trolls to pick



  3. EPO Management Under Growing Stress From Croatian Law Enforcement Authorities, German Politicians, Italian Media

    Things are not as rosy as the relative calm may suggest, and in the coming weeks we expect some major events other than the protest at all EPO sites across Europe



  4. Microsoft, a Dead Company Walking, Resorts to Malware Tactics, Now Truly Indistinguishable From Crackers

    Microsoft is essentially taking over people's PCs and installing on them a large piece of malware, complete with keyloggers, against the will of these PCs' owners



  5. Links 26/5/2016: CentOS Linux 6.8, Ansible 2.1

    Links for the day



  6. The Latest EPO Victim Card (Played by Željko Topić) Should be Treated as Seriously as Those Bogus Claims of Violence by a Judge (Updatedx3)

    In its desperate pursuit of a narrative wherein the staff of the EPO is violent and aggressive the management of the EPO, renowned for institutional aggression, finds (or claims to have found) a little tampering with a bicycle



  7. Links 25/5/2016: Nginx 1.11, F1 2015 Coming to GNU/Linux Tomorrow

    Links for the day



  8. The Media Starts Informing the European Public About the Downsides of UPC While EPO Accelerates Its Lobbying for Ratification

    The EPO's shameless UPC promotion takes another step forward as the European press outlets (even television channels) begin to explore the secret deal that's negotiated by patent lawyers (with corporate clients) and patent offices, not the public or any public interest groups



  9. Some Details About How the EPO's President is Rumoured to be 'Buying' Votes and Why It's Grounds/Basis for “Immediate Dismissal”

    Some background information and a detailed explanation of the systemic financial dependency, created by Battistelli at the cost of €13 million or more, which prevents effective oversight of Battistelli



  10. How the Patent Lawyers' Microcosm Continues to Boost Software Patents Filth by Misdirecting Readers, Relying on Highly Selective Coverage

    Under the guise of reporting/analysis/advice the community of patent lawyers is effectively lobbying to make software patents popular and widely-accepted again, based on one single case which they wish to make 'the' precedent



  11. Documents Show Zagreb Police Department in Investigation of Vice-President of the European Patent Office

    Željko Topić's troubles in Croatia, where he faces many criminal charges, may soon become an extraordinary burden for the EPO, which distances itself from it all mostly by attacking staff that 'dares' to bring up the subject



  12. [ES] Interrumpiendo la Propagánda Distractante de Battistelli: los Empleados de la EPO Protestará de Nuevo en una Quincena

    La exágerada extravagancia (desperdicio de dinero) en la Ceremonia de Premiación al Inventor Europeo de la EPO tendrá que competir por atención de los medios con miles de empleados de la EPO (en todaslas sedes de la EPO) marchándo en las calles para protestar por los abusos de la EPO



  13. Windows and Microsoft's Other 'Burning Platforms'

    It's not just Windows for phones that's reaching minuscule market share levels but also Windows, but Microsoft is skilled at hiding this (cannibalising Windows using something people do not even want, then counting that cannibal, Vista 10)



  14. Links 24/5/2016: CRYENGINE Source Code is Out on GitHub, Jono Bacon Leaves GitHub

    Links for the day



  15. Links 23/5/2016: GNOME 3.22, Calculate Linux 15.17

    Links for the day



  16. 'Celebrity' Patent Trolls and the Elusive Battle Against Patent Trolls (or Eastern District of Texas Courts) Rather Than Software Patents

    Some of last week's more important reports, which serve to demonstrate how the system is attempting to tackle a side-effect of software patents rather than the patents themselves (their irrational scope)



  17. The Circus of Patent 'Reporting' (by Omission) on the Subject of Software Patents in the US and USPTO Bias

    look at some of the latest oddities in the US patent system and much of the reporting about software patenting (more or less monopolised by those who profit from it, not harmed by it)



  18. IP3 Demonstrates That Today's Patent Systems Devolve Into a Conglomerates' Game, Won't Protect the Mythical Small Inventor

    Multinational corporations bring together their shared interests and steer the increasingly-inseparable patent systems according to their needs and goals, but has anyone even noticed?



  19. Disrupting Battistelli's Distracting Propaganda: EPO Staff to Protest Again in About a Fortnight

    The overly extravagant (waste of money) EPO European Inventor Award will have to compete for media attention with thousands of EPO staff (in all EPO sites) marching in the streets to protest against the EPO's abuses



  20. Corrupting Democracy? Growing Frequency of Rumours That the EPO's President Battistelli is 'Buying' Votes of Small Member States

    Several sources suggest that rather than appease the Administrative Council by taking corrective action Battistelli and his notorious 'circle' now work hard to remove opposition from the Administrative Council, especially where this is easier a task to accomplish (politically or economically)



  21. [ES] Los Mitos de la EPO ‘Calidad’ de Patentes y de ‘Creación’ de Patentes: Basados en Ventas de Cafe y Trauma

    La carrera hacia el fondo, o la ridícula asumpción de Battistelli de que otorgar más y más patentenes más rápidamente (e.g. usando PACE) sería beneficióso a largo término, puede guíar al final colapse del valor de la EPO y la pérdida de su lárgamente ganada reputación a nivel mundial



  22. Links 22/5/2016: Systemd 230, Debian Installer Alpha 6

    Links for the day



  23. EPO Patent 'Quality' and 'Patent Creation' Myth: Capsule-Based Coffee Sales and Trauma

    The race to the bottom, or Battistelli's ludicrous assumption that granting more and more patents faster (e.g. using PACE) would be beneficial in the long run, may lead to the ultimate collapse of the EPO's value and demise of its long-earned reputation worldwide



  24. Guest Post: How Vista 10 Imposes Itself on Users of Windows

    A reader's experience being nagged by Microsoft, as documented and explained by this reader



  25. [ES] El Notorio Tirano de la EPO, Benoît Battistelli, Se Reune Con Otros Tiranos, Reportes de Que ‘Limpia’ el Consejo Administrativo

    El régimen de Battistelli, talvez la fuente de verguénza más grande, alegadamente está “cortejándo países pequeños/corruptos para asegurárse de que los delegados que votarón contra él serán remplazados”



  26. [ES] Comentadores Anónimos Debaten Si la EPO de Battistelli Puede Revocar las Pensiones de Empleados Que Se Atreveen — GASP — a Buscar Empleo Alternativo

    Una mirada a las causas de desesperación e imensa presión en la EPO, donde las pensiónes pueden ser cortadas como medio de represália y la gente puede ser negada empleo aún después de dejar la Oficina Europea de Patentes (EPO)



  27. [ES] Otra Casi Vacía Presentación de la EPO en La Hague

    El propagandístico “estudio social” de Battistelli (básicamente un montón de engañosas afirmacionesdisfrazadas como ‘investigación’) ayuda a demostrar que los empleados de la EPO no tiene absolutamente fe en la gerencia



  28. Links 21/5/2016: Manjaro Linux RC, Flock 2016 Schedule

    Links for the day



  29. USPTO Ignores a Lot of Cases Against Software Patents to Justify Resumption of More Software Patenting

    The US patent system (USPTO) is so obsessed with granting as many patents as possible -- even bogus patents in areas that are no longer patent-eligible -- that its guidelines are further perturbed and whose appeals board is massively overwhelmed/overworked/understaffed



  30. Notorious EPO Tyrant, Benoît Battistelli, Meets Other Tyrants, Reportedly 'Cleanses' the Administrative Council

    The Battistelli regime, perhaps the biggest embarrassment of Europe right now, is allegedly "courting smaller countries to make sure the delegates who voted against him will be replaced"


CoPilotCo

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

CoPilotCo

Recent Posts