Bonum Certa Men Certa

NSA Back Doors Get Microsoft Windows Excluded From Procurement in Germany

Blowback time

Angela Merkel Angela Merkel, by Αντώνης Σαμαράς Πρωθυπουργός της Ελλάδας



Summary: The NSA is getting US corporations (subsidised by US taxpayers to an extent) banned for security reasons, showing in the process how proprietary paradigm helps conceal back doors and reduce trust

Angela Merkel has been working with the NSA, Microsoft's close ally, for quite some time. But right now this relationship is exploding right in her face and jeopardises her election campaign in Germany (voting is imminent). She needs to rethink her policies in light of the NSA abuses which everyone now knows about.



The NSA has been involved in Vista 8 development (as usual, the same was done with previous versions of Windows) and it gets notified of back doors in the operating system (while they are universally unaddressed). Add UEFI to the equation and the NSA can now remotely brick some motherboards as long as they run Windows. The British military does not seem to mind this. It gave the US control of all PCs. National Security in the UK assumes that by "national" we mean the US. We already have some NSA bases in the UK.

Nations are finally grasping the threat of the NSA. First China and Russia took action, with China launching a large probe and Russia abandoning some computers. Well, now Germany joins the pack. As David Sugar said it to me,‏ "Windows 8 banned by German govt for integrating forced hardware surveillance & backdoors"

They also warned against UEFI (for secure boot) less than a year ago. Here is the a summary of a report written in German:

According to leaked internal documents from the German Federal Office for Information Security (BSI) that Die Zeit obtained, IT experts figured out that Windows 8, the touch-screen enabled, super-duper, but sales-challenged Microsoft operating system is outright dangerous for data security. It allows Microsoft to control the computer remotely through a built-in backdoor. Keys to that backdoor are likely accessible to the NSA – and in an unintended ironic twist, perhaps even to the Chinese.

The backdoor is called “Trusted Computing,” developed and promoted by the Trusted Computing Group, founded a decade ago by the all-American tech companies AMD, Cisco, Hewlett-Packard, IBM, Intel, Microsoft, and Wave Systems. Its core element is a chip, the Trusted Platform Module (TPM), and an operating system designed for it, such as Windows 8. Trusted Computing Group has developed the specifications of how the chip and operating systems work together.


The other day, unofficial Microsoft spokeswoman Mary Jo Foley (her criticisms of Microsoft are rare and weak) was pushing people to buy new software from Microsoft, citing security reasons. [via]

Microsoft's latest tack in trying to wean users off Windows XP is to warn them of a possible 'zero day forever' scenario in the post-April 2014 support cut-off world.


This is nonsense because after the NSA leaks we know that this threat is perpetual. As Pogson put it:

Well, I don’t think those numbers are very accurate but it’s the trend that matters. There are still hundreds of millions of PCs out there using XP and after 234 days there will still be ~200 million clinging to what they know. According to M$, XP will be revealed as the garbage OS that it is after that because it will be a huge unprotected target for malware artists. They shipped it with ~50K bugs and added more over the years. Malware artists have been discovering hundreds of ways of penetrating the OS every day for more than a decade. XP inspired whole industies of “anti-malware” and malware, spending the resources of IT defending IT from the carelessness of M$ for security, integrity and performance. M$ has used hundreds of millions of users and owners of PCs as slaves all these years and many have accepted that slavery as a way of life.


Pogson's point is valid. But he does not address the fact that flaws are being spread to partners (like Microsoft does with the NSA). An article from the British press says that "Microsoft warns it'll hand out zero days for Windows XP" (like it has done for a dozen years with the NSA). To quote:

Microsoft has a Windows XP problem: people still like it and aren't willing to upgrade just yet. So it's warning users that if they don’t upgrade soon, each new Patch Tuesday will gift a new series of vulnerabilities to the hacking community.


Windows XP is already Swiss cheese. Microsoft is trying to exploit its rubbish security as a marketing tool right now. It wants to upsell.

Woody Leonhard, an author of IDG, wrote about 17 epic Microsoft Windows Auto Update meltdowns [via], preceding it with:

These legendary clunkers made Patch Tuesday a living hell for Windows users the world over


A lot of the press has been overlooking an important point. The Windows toggle button which tells Microsoft not to automatically update (modify) the system has no effect. We know this empirically, at least when it comes to XP; about 5 years ago it was shown to have no effect. Automatic update is a back door, so Microsoft would let the NSA take over PCs with this back door, too. Staying "up to date" with patches can thus have the opposite effect.

The bottom line is, any company that comes in contact with the Department of Espionage (the NSA) should be suspect and should be avoided where possible. Germany should do nationally what it already did in Munich and a few smaller places,

Comments

Recent Techrights' Posts

Nothing that Microsoft Lunduke claims or says can be trusted
Nothing that Microsoft Lunduke claims of says can be trusted
How Software Patents Were Viewed or Their General Status Changed Over Time
A rough summary
Datamation, Where I Used to Publish Articles, Appears to Have Been Sold to TechnologyAdvice Only to Become a Slopfarm
I'd prefer to not associate with that site anymore
 
Links 04/10/2025: "Privacy Harm Is Harm", Criticism Outlawed in US
Links for the day
Garmin Uses Linux for Some of the Garmin Products, Now It's Sued by Strava Using Software Patents
Software patents should never have been granted in the first place
Richard Stallman Will Give a Talk in Sweden in 6 Days
Dr. Stallman, despite his battle with cancer is still alive and mentally sharp
FSF Turns 40
We'll be focusing on patent-related topics this weekend
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, October 03, 2025
IRC logs for Friday, October 03, 2025
Gemini Links 04/10/2025: Distro Hopping and "Part Time"
Links for the day
We Are Turning 19 in One Month, FSF Turns 40 in 3 Hours (CET)
For our anniversary next month we still have no concrete plans
Patent Docs (or PatentDocs) Learned the Wrong Lessons From the Death of TypePad
Had they gone ahead with an SSG, they'd become a lot more future-proof
USPTO Patent Bubble Already Imploding, After Decades of Artificial Inflation, Entire Offices Close for Good
we can deduce that financial pressures (lack of "demand" for monopolies) play a role
TikTok is Not Harmless (Being CheeTok in the US Will Advance Orange Agenda)
Social control media isn't "fun and games"; it's a digital weapon that lets hostile groups or nations infiltrate others, then turn them against themselves
Andy Farnell and Helen Plews Explain What "Modern" Tech Does to Old People
Imposing terrible tech "religion" on people is not helping them
Tomorrow the Free Software Foundation (FSF) Turns 40 and Its Web Site is Still Slow Due to DDoS by LLM Slop Bots
For an advocacy group, uptime is important (for its message to remain accessible)
Slopwatch: Google News as a Firehose of LLM Slop About "Linux"
Google News is really bad
Links 03/10/2025: "NPR’s Economics Lessons Come With Neoliberal Spin" and Canada Post at Risk
Links for the day
Gemini Links 03/10/2025: Panic Attacks and Food Adulteration
Links for the day
Links 03/10/2025: Lawyers Caught Using LLM Slop Explain Why They Did It, LibreSSL 4.1.1 and 4.0.1 Released
Links for the day
FSF Board Grew 50% Since Last Year, Has New President, Turns 40 in Two Days
It's a good move for the FSF and - by extension - for software freedom
Links 03/10/2025: Conflicts, Death of TypePad, and TikTok/CheeTok Gives a Boost to Far Right Groups in Europe
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, October 02, 2025
IRC logs for Thursday, October 02, 2025
Slopwatch: Linux Journal, Google News, and LinuxSecurity
They carry on polluting the Web with fake articles
Gemini Links 02/10/2025: Kubernetes With FreeBSD and robots.txt
Links for the day
Links 02/10/2025: 'Open' 'AI' Resorting to Gimmicks and Fake Funding, Europe’s ‘Drone Wall’ Discussed
Links for the day
Links 02/10/2025: Brave Passes 100M Users Milestone, Kodak Selling Its Own Film Again
Links for the day
Michael “Monty” Widenius: It Started in 1983 With Richard Stallman (RMS)
The other co-founder of MySQL is a bit notorious for confronting RMS rather viciously
su lisa && rm -rf /home/ibm/power
Novell was ruined by another person from IBM, Ronald Hovsepian
A Record Demand at Microsoft: Demand to Cancel
What we're witnessing is a very ungraceful destruction of XBox
Microsoft is Losing Europe
Hence all the "support" and "discount" offers that are limited to Europe
The Free Software Foundation Starts Fund-raising for 40th Anniversary
New pop-up 2-3 days ahead of the 40th anniversary event
Systemd Breaks Networking in Debian and Microsoft Staff Rushes to Make Face-Saving Excuses in LWN
Microsoft's bluca is already there in the comments, his Microsoft money pays for LWN to let him leave comments early
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, October 01, 2025
IRC logs for Wednesday, October 01, 2025
What the End of XBox Will Look Like: a Fiery Crash
XBox is the next Skype. It won't last much longer. Expect many more layoffs.
Richard Stallman is Going to Finland to Give a Talk Next Thursday
A day later he speaks in Sweden
Gemini Links 02/10/2025: SMTP Pipelining and End of ROOPHLOCH 2025
Links for the day