Bonum Certa Men Certa

Former Microsoft Engineer Working on Windows BitLocker Confirms Government Asks Microsoft for Back Doors

Built with elegance, concealed with compilers

Iron doors



Summary: Recalling the times when even Microsoft staff spoke about secret government collaborations and back doors

China and Russia are currently moving away from Windows (GNU/Linux to be imminently installed on all government machines) -- a point which we are going to focus on later today because truths about security and privacy rapidly come out, revealing the clear advantage of Free -- as in freedom/libre -- software. China and Russia must be motivated by advice of security gurus (of which they have plenty) and the secret services; it's not about anti-American sentiments but about national sovereignty, especially now that we know about espionage and attacks on companies like Huawei (breached by the NSA, with proof provided).



On numerous occasions in the past we highlighted Microsoft's relationship with the NSA, going about 7 years back. Many of Microsoft's back doors are there by design; they need not involve slow patches, hidden patches, malware (e.g. CIPAV) or even warrants for physical access (COFFE). Microsoft is like the world's leading back doors specialist, and it needn't even require that people upload their data to some so-called 'cloud' services which tempt the gullible (low-hanging fruit). Surely Microsoft understands that it is losing business because people understand what it does now; it's not due to misconceptions; quite the contrary; businesses and governments finally realise what was true all along. Remember Stuxnet?

Microsoft's Scott Charney, a professional liar with agenda and big salary (people would happy lie for the type of money he receives), is trying hard along with Smith (lawyer who lies or deceives by omission) to deny Microsoft book doors, but as the following new article explains, the admissions from Microsoft itself are already out there and they cannot be retracted:

Scott Charney, of Microsoft's Trustworthy Computing, said the government has "never" asked for a backdoor in Microsoft products. Yet a former engineer working on BitLocker claimed the government does ask, but those requests are “informal.”

Four of Microsoft offices in Beijing, Shanghai, Guangzhou and Chengdu, China, were raided as part of an official government investigation. Microsoft China spokeswoman Joan Li confirmed that Investigators of the State Administration for Industry and Commerce were investigating the company and Microsoft would “actively cooperate”’ with the Chinese government. The South China Morning Post reported that the investigation may involve antitrust matters.

[...]

Yet in September 2013, The New York Times reported the NSA worked with Microsoft “officials to get pre-encryption access to Microsoft’s most popular services, including Outlook e-mail, Skype Internet phone calls and chats, and SkyDrive, the company’s cloud storage service. Microsoft asserted that it had merely complied with ‘lawful demands’ of the government, and in some cases, the collaboration was clearly coerced.”

Mashable followed up these claims by asking the FBI if it had ever asked for backdoors in Microsoft products. Although the feds denied it, Peter Biddle, the head of the engineering team working on BitLocker in 2005, claimed that the government makes “informal requests” for backdoors. Allegedly after making claims about “going dark,” the FBI “informally” asked Microsoft for a backdoor in BitLocker.

A request for a backdoor, whether informal or not, is still a request for a backdoor. That’s quite a bit different than the government having “never done that,” but perhaps the feds didn’t request backdoor access directly from Charney?

[...]

Yet you might be wise to recall that Caspar Bowden, the man formerly in charge of Microsoft's privacy policy for 40 countries, claims he no longer trusts Microsoft or its software; he added that Microsoft's corporate strategy is to grind down your privacy expectations and that the company's transparency policies are nothing more than "corporate propaganda."


Over the years we have covered several more examples. Whenever Microsoft makes claims about collaborations with government surveillance pay careful attention not to what Microsoft is saying but what Microsoft refuses to say. The same goes for Apple. They embrace carefully-worded non-denying 'denials'. When everyone sees through the lies they will both pay for it dearly, and perhaps go bankrupt owing to the network effect.

Recent Techrights' Posts

"Many Applications Labelled as "Cybersecurity" and Given a Veneer of Legitimacy Are Really "Weaponised" and Abusive Code"
New from Dr. Andy Farnell
Security Advisory: Debian falls for social engineering hacks
Reprinted with permission from Daniel Pocock
The High Cost of Making Scepticism of Proprietary Voting Machines a "Trump" and "Conspiracy Theory" Territory
Time to get back to paper? Or read an old paper?
 
Donald Trump as Censor in Chief Can Now Leverage Censorship Companies and Fake Protection Disguised as 'Security'
Centralised CAs were trouble all along
Technology: rights or responsibilities? - Part VI
By Dr. Andy Farnell
A Death of a News Industry
A theme we explored thrice today
Deciphering Centralised CAs and Why Their Demise Should be a Goal
Encryption in transmission is good; but who controls the key exchange and certification/authentication/validation?
Links 08/11/2024: Strikes, Recessions, and Slowdowns
Links for the day
[Teaster] [Meme] New Ways of Wrecking (NWoW)
The EPO
Gateway for News and Blogs
In the long run, this site and its sister site (less overlap between them now) should hopefully become a popular destination for people who look for information, not chaff
Going Even Faster
We hope the site will be faster soon
Psychopaths Who Reaffirm Our Work's Value
Psychopaths and sociopaths lack empathy, so they're willing to go very far and stoop as low as they deem necessary
[Meme] How Low Can You Go at the European Patent Office?
Not just in terms of patent quality
More Cuts/End to Benefits for EPO Workers (Europe's Working Conditions Incompatible With the European Patent Convention)
"The Office is now reviving it but plans to introduce new cuts on benefits"
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, November 07, 2024
IRC logs for Thursday, November 07, 2024
Gemini Links 08/11/2024: US Election, RetroChallenge 2024, and More
Links for the day
[Meme] Questioning Proprietary Software? Not OK...
A disaster long in the making
Links 07/11/2024: HTTP/3, Health Research, and Punditry
Links for the day
Gemini Links 07/11/2024: On Writing Publicly and Record Player Table
Links for the day
Open Source Security Foundation (OpenSSF) Hosted SOSS as Microsoft Propaganda Platform With Microsoft Front Group OSI
They essentially promote what they're attacking under false pretences [...] OSI is deeply corrupt. It's more toxic than arsenic.
Anti-Linux FUD, Now in LLM Form, Thanks to Brittany Day
They attack Linux with chatbots
[Meme] When You Discredit People Who Discredit Secret Code
proprietary systems with hundreds of millions of transistors (and hundreds of millions of lines of code)
Links 07/11/2024: Online Manipulation in Social Control Media, Election Deniers, and More
Links for the day
Gemini Links 07/11/2024: emacs-guix and File Hoarding
Links for the day
[Meme] Election Day at the European Patent Office
Less than 60 minutes left to cast your vote
Staff Union of the European Patent Office (SUEPO) Election Ending Today
In one hour
[Meme] When the Patent Office Does Illegal Things and Staff Speaks Out
many leaks received today
Today We Got an Early Birthday Gift
Exciting times
[Meme] Going Too Far to the Left Can Breed Militant Ideology
Some people can never be appeased because they prefer not to be appeased
Apple's Debt Has Skyrocketed While Gimmicks Like Vision Pro Failed
In Apple's case, the debt is almost double the "Cash on Hand", which isn't even cash
FSF Expressed No Preference Regarding Presidential Candidates (Its Founder Did)
Because he is a principled person, he does not prioritise loyalty to customers or employers (money)
A President Trump is Excellent News to Microsoft
His racist policies gave lots of contracts to Microsoft
Who Next on the Linux Foundation's 'Kill List'?
Remember that only about 2% of the "Linux" Foundation's budget goes to Linux
Links 07/11/2024: Facebook Scams, Journalists on Strike
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, November 06, 2024
IRC logs for Wednesday, November 06, 2024
Microsoft-Connected Publishers Want Us to Think That Linux is Some Sort of a Virus and a "Backdoor"
"The problem is with windows and the attack vector is via Windows"
We've Made it to 18! Here's to Another 18!
Going on for another 18 years means until some time at the end of 2042
Links 07/11/2024: Political Angst and Laptop Issues
Links for the day
Even LKML Subjected to Slop/SPAM by Guardian Digital, Inc (linuxsecurity.com)
They're really awful
Links 06/11/2024: BPF in RFC 9669, More Facebook Fines for Privacy Abuses
Links for the day
Gemini Links 06/11/2024: Political Shock and Hermaic Encouragement
Links for the day
Planet Debian Allows Politics (But It Depends on Your Opinions and Debian's Big Sponsors)
Planet Debian is OK with politics... as long as all your political opinions are the "correct" ones and you add cute animals
What Makes RMS Such an Attractive Target ('Discreditisation' Campaigns)
Don't be so easily fooled
The Biggest OEMs or Vendors of GNU/Linux Stopped Competing With Microsoft (Which Pays Them to Promote Windows, Too)
Where are the competition authorities (or regulators for that matter)?
Let's Encrypt Falls to a New Low of Only 0.6% of Gemini Capsules Known to Lupa
In Gemini Protocol, certificates for encryption are required, but centralised Certificate Authorities (CAs) aren't needed
Computer-Generator Crap Flooding the Web, the Latest Example About "Linux"
Here's today's example
Links 06/11/2024: Election Disinformation and Legal Actions
Links for the day
Gemini Links 06/11/2024: Stargazing and Death on Hallowe'en
Links for the day
Would You Trust a Liar?
Why lie about the authorship?
Mass Layoffs at Mozilla Announced During US Elections
Maybe nobody will notice?
[Meme] Announcing "Results" Before Everyone Even "Played"
There is a "tech" angle to otherwise political news
US Polls Close in One Minute (Social Control Media Does Not Care, Will Not Wait)
US election results will be known in about 2 days
Concentration and Centralisation Versus Aggregation or Syndication
KDE has a history of burying old sites
Social Control Media, Even Hours Before Polls Have Closed
Has social control media controlled by CPC (TikTok) and the Trumpmobile guy (Musk's "X") done enough to convince people not to even vote (based on presumptive "results", presented a long time before all polls have closed)?
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, November 05, 2024
IRC logs for Tuesday, November 05, 2024
Wayland Pains in Community-Led Distros of GNU/Linux
Few people and companies use Wayland; there's hardly any technical or practical reason to choose it
IBM Still Conflating Microsoft With 'Security'
As a meme
Sanctions Cause Fragmentation in Software
some Chinese Linux developers are already subjected to restrictions similar to Russians'
Web Failing With Slop, Even in 'Linux' Sites (LLM Spam)
Add SEO prompting to the mix and the Web becomes a pool of slop, not knowledge
[Meme] State of the World Wide Web and Online Journalism
Technically a failure (DRM) and cannot even get basic things right
Trump's signature policy, building a wall, copied from Irish-Australian student politician
Reprinted with permission from Daniel Pocock
Linus Torvalds' self-deprecating LKML CoC mail linked to Hitler's first writing: Gemlich letter
Reprinted with permission from Daniel Pocock
[Meme] Turning 18 in One Day
just one more day