Bonum Certa Men Certa

Cablegate Reveals Government Requesting Access to Microsoft Data, Kill Switches

White House



Summary: Despite the fact that only a fraction of Cablegate has yet been released, new evidence already surfaces about the US government's concern (and role) in the seemingly-private computer industry

"Cablegate" is one of the reasons we have not posted so much this month. Personally I have posted over a thousand links/dents about it in the past week alone. The threat to Wikileaks is a threat to all of us who leak documents that serve as evidence of misconduct. Techrights did this many times before, so it's important to defend the practice.



One of the most major (and first) revelations coming out of Cablegate is to do with fear of Iran's nuclear programme. Given what can be found in Cablegate (not to mention brutal retaliation against Wikileaks), it is clear that the US government goes very far to get its way. Earlier this year we covered Stuxnet on many occasions as people raised suspicions that Stuxnet had something to do with governments and secret services. Experts who suggested this were not obscure people; some were well regarded in their field. As a roundup of Stuxnet posts consider:

  1. Ralph Langner Says Windows Malware Possibly Designed to Derail Iran's Nuclear Programme
  2. Windows Viruses Can be Politically Motivated Sometimes
  3. Who Needs Windows Back Doors When It's So Insecure?
  4. Windows Insecurity Becomes a Political Issue
  5. Windows, Stuxnet, and Public Stoning
  6. Stuxnet Grows Beyond Siemens-Windows Infections
  7. Has BP Already Abandoned Windows?
  8. Reports: Apple to Charge for (Security) Updates
  9. Windows Viruses Can be Politically Motivated Sometimes
  10. New Flaw in Windows Facilitates More DDOS Attacks
  11. Siemens is Bad for Industry, Partly Due to Microsoft
  12. Microsoft Security Issues in The British Press, Vista and Vista 7 No Panacea
  13. Microsoft's Negligence in Patching (Worst Amongst All Companies) to Blame for Stuxnet
  14. Microsoft Software: a Darwin Test for Incompetence
  15. Bad September for Microsoft Security, Symantec Buyout Rumours
  16. Microsoft Claims Credit for Failing in Security
  17. Many Windows Servers Being Abandoned; Minnesota Goes the Opposite Direction by Giving Microsoft Its Data
  18. Windows Users Still Under Attack From Stuxnet, Halo, and Zeus
  19. Security Propaganda From Microsoft: Villains Become Heroes
  20. Security Problems in iOS and Windows
  21. Eye on Security: BBC Propaganda, Rootkits, and Stuxnet in Iran's Nuclear Facilities
  22. Eye on Security: ClamAV Says Windows is a Virus, Microsoft Compromises Mac OS X, and Stuxnet Runs Wild
  23. Windows Kernel Vulnerability for Thanksgiving, Insecurity Used for Surveillance Again


"Stuxnet Still Out of Control At Iran Nuclear Sites" summarises Slashdot which says:

"Iran's nuclear program is still in chaos despite its leaders' adamant claim that they have contained the computer worm that attacked their facilities, cybersecurity experts in the US and Europe say. Last week President Mahmoud Ahmadinejad, after months of denials, admitted that the worm had penetrated Iran's nuclear sites, but he said it was detected and controlled. The second part of that claim, experts say, doesn't ring true. Owners of several security sites have discovered huge bumps in traffic from Iran, as the country tries to deal with Stuxnet. 'Our traffic from Iran has really spiked,' said a corporate officer who asked that neither he nor his company be named. 'Iran now represents 14.9 percent of total traffic, surpassing the United States with a total of 12.1 percent.'"


The original article comes from The Atlantic and says that "Stuxnet Disrupted Iranian Centrifuges":

Malicious software apparently designed to disrupt the Iranian nuclear program was able to do just that, Iran's president acknowledged today. Security researchers found that the Stuxnet worm could insinuate itself into industrial control systems -- and if it found a particular brand and arrangement of motor controllers would begin a long-term sabotage program. Now, in the wake of the apparent assassination of an Iranian nuclear scientist, Mahmoud Ahmadinejad acknowledged that Stuxnet did hit his country's centrifuge facility, though he downplayed its impact.


Techrights does not deal directly with politics, so staying more focused on technical aspects of this, what are the chances of targeted attacks? This needn't imply that Stuxnet was created by governments as some people allege. Either way, in the wake of Cablegate, it is unreasonable to rule out anything for which there is evidence.

In a new cable which goes back to 2004 it emerges that Microsoft produced code which would put a "black screen" on any computer running Windows upon some trigger invocation (e.g. war, not just counterfeiting). Some would call it a "kill switch". What's interesting here is that it took years for people to actually discover what black screens of death truly are. That's how secretive it was. This enabled control from the outside. To quote a relevant part of this newly-released cable:

WHAT'S DRIVING CHINA -------------------- €¶8. (C) According to another well-respected tech sector analyst here, a number of historical, cultural, and technological factors have coalesced to put China in a technologically-aggressive state-of-mind. One contributing factor was Microsoft's flubbed 2004 strategy to deter intellectual property theft by darkening computer monitors running unlicensed Windows operating software. This consultant believes that example of U.S. technology effectively wielding power over China's personal computers helped spur China's aggressive campaign for source codes and its own technology. This, combined with growing Chinese pride, economic clout and influence, and the "weakened" position of the U.S. and its allies after the global economic downturn, are emboldening the Chinese to take ever more aggressive positions in advancing its innovative industries at the expense of foreign ones.

€¶9. (C) A local Microsoft executive applauds the Secretary's speech and the Administration's commitment "to organize sustained, targeted, persistent engagement on the full range of Internet-related issues" with China. This executive said the Secretary's remarks were "right on point," particularly for companies who "desperately need the help of the USG" in the face of "harassment, threats and actual shutdowns of service, threats of licenses being revoked, resistance to provide legal authority, mandates to place servers in China, etc." Our local APCO contact described the Google issue as a "stirring of the beehive," but says the kind of harassment Microsoft describes is a fact of worsening life here which


But wait. It gets worse. Not only remote control of people's machines (in another country) is a feature to the US government and other governments. They also gather people's data as this other new cable reveals:

€¶12. (U) Assisting Brazil in creating legislation to counter cybercrimes, including online child pornography and tracking of sex offenders, represents another potential area of cooperation on law enforcement matters. Brazil lacks cybercrime laws and the Congress has opened a Parliamentary Committee of Inquiry (CPI) to look at the issue and come up with draft legislation. As part of the CPI's work, the CPI was able to obtain over 3,000 Google records of identified child pornography that had been distributed on the Internet from Brazil. The chairman of the CPI has voiced his concern about, in his view, inadequate cooperation from Google and its subsidiary Orkut, a relationship site. Google, Orkut, Microsoft, and all other Internet service providers are required to report the discovery of child pornography on the Internet and DHS/ICE has established a mechanism to have access to this information which has been reported. DHS/ICE has already initiated the practice of sharing this information with Brazilian Federal Police. Related to the CPI, its Chairman has made inquiries to the Mission on the case of DHS/ICE Deportation officer accused of child exploitation at a hotel in Brazil. The U.S. is seeking the toughest penalty possible, whether in Brazil or the U.S., and is fully cooperating with Brazilian authorities.


Only about 0.5% of the cables have been released so far, so there is a lot more coming, also about companies like Microsoft. Microsoft's eGovernment lobbyist Anke Domscheit-Berg has praised Wikileaks, but that was before Cablegate, i.e. when mostly information about crimes and wars was released.

The cables above ought to teach why Free software is essential to people's independence and countries' autonomy. By controlling information and software one controls almost everything and the latest developments around ACTA, TSA, and COICA law show that the government wants more control over people. It will change the law if necessary, in order to ensure continued domination over an increasingly upset population.

Access to personal data and 'jailing' of people inside devices is a threat to the hacker culture (which Wikileaks thrives in) and even just to control over one's life. In separate news, "Apple quietly drops iOS jailbreak detection API" and Google's Chrome OS seems like somewhat of a jail rather than a GNU/Linux distribution. About Apple we learn that:

Apple has disabled, without explanation, a jailbreak detection API in iOS less than six months after introducing it. Device management vendors say the reasons for the decision are a mystery, but insist they can use alternatives to discover if an iPhone, iPod touch or iPad has been modified so they can load and modify applications outside of Apple's iTunes-based App Store.


Nobody should need to 'jailbreak' a device in the first place.

Software freedom is not just about power (to the user). It's about control of one's own destiny and if society is indeed closing down and repressing the population, then now more than ever people and their governments should migrate away from proprietary software.

Recent Techrights' Posts

Microsoft-Sponsored Xenophobia and Nationalism
IBM is very similar in this regard
Tentative Summary of Things to Publish in Project 2030
I'll still be in my forties by then
 
Google's Software is Malware and Malware in Mobile Devices
Originally posted by Rob Musial
Links 20/09/2025: Hegemony Coming to a Close, Luigi Mangione Ruled Not Terrorist
Links for the day
Gemini Links 21/09/2025: "Charlie Kirk Was a Hateful Piece of Shit" and Slop Code Attempted by Microsofter
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, September 20, 2025
IRC logs for Saturday, September 20, 2025
Gemini Links 20/09/2025: Snowy Photos and utism is a Spectrum
Links for the day
Vintage is Sometimes Better
Why can't we get back to "simple" if (or where) "simple" means better?
Climate Breakdown Means We'll be Publishing More, Not Less
Press freedom will be a common, recurring theme
Our 5-Year Geminispace Anniversary is Coming Up
I still remember when Gemini Protocol was quite new
It's Right to Point Out Violence From the Right
Violence is a recurring theme
Web Browsers That "Do Hey Hi" (AI)
State-of-the-art plagiarism or "autocomplete on steroids" (not coined by us, nevertheless a nice description) don't have much/any prospect
Links 20/09/2025: Hardware Projects in View, Some Independent Publishers About Russia Prosper After Cheeto Cuts Funding
Links for the day
Gemini Links 20/09/2025: Options and TV Time Machine
Links for the day
Links 20/09/2025: Retrocomputer, Antique Phone Experience, and More
Links for the day
Links 20/09/2025: Internet Shutdowns, Media Censorship, and Climate Worries
Links for the day
About 700 New Gemini Capsules in 13 Months (or 54 Per Month)
4.8K would represent a 20% increase
Rust People: Drain the Swap, You're Holding It Wrong
Does Rust make sense?
Techrights the Name Turns 15
About 6 weeks from now we turn 19
Microsoft is Running Out of Time and Floating Fake Figures, Fake Projects, Fake Narratives, Fake Excuses
Also, a lot of Microsoft's "revenue" claims are circular financing (i.e. Microsoft buying from itself, which means Ponzi-like fraud)
Slopwatch: LinuxSecurity, linuxconfig.org, and Plagiarised Phoronix
Many articles out there are nowadays fake
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, September 19, 2025
IRC logs for Friday, September 19, 2025
Gemini Links 20/09/2025: Navigating the Pressures of Modern Life and SpellBinding Accidentally Wrote Another Gemini Server
Links for the day
Links 19/09/2025: Press Freedom Dying in US, Anti-Austerity Strikes in France, and Alan Rusbridger to Leave 'Prospect'
Links for the day
European Patent Office Illegally Gutting and Outsourcing Its Functions, Acting Like an Above-the-Law Commercial Business (It Won't Stop at Formalities Officers (FOs) and Classification Slop at the EPO)
breaking/violating laws and conventions
Offloading to the Sister Site
In the interest of not overwhelming readers
Links 19/09/2025: Coffee Club and "SpellBinding is Now Absurdly Fast"
Links for the day
Links 19/09/2025: Lobbyist of American GAFAM Becomes Data Protection Commissioner in Europe
Links for the day
Links 19/09/2025: Media Freedom Ceases to Exist in US, "Consider Dropping Twitter/X"
Links for the day
Gemini Links 19/09/2025: Thinking and Insect Bites
Links for the day
Microsoft E.E.E.: Git Will Now (or Very Soon) Fully Depend on Rust, Which is Controlled by Microsoft
Microsoft now makes Git dependent on Rust, or making Git dependent on GitHub, which is proprietary
The Right to Punch People (Apparently)
At Brett Wilson, Brett's job title is "Head of Crime" and Wilson normalises calls for violence
Slop or Fake Articles Have Turned Linux Journal From a Pioneering/Trailblazing "Linux" Magazine Into a Nuisance
some sites with former reputation - good reputation - turn into cesspools
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, September 18, 2025
IRC logs for Thursday, September 18, 2025