Posted in Microsoft, Security at 3:06 pm by Dr. Roy Schestowitz
Summary: Cryptome has an article, comprised/composed of hard evidence, revealing ways in which Microsoft enables aggressive spies to break encryption
The FBI does not even pretend not to be pursuing back doors; quite the contrary! It demands them and now insists on legislation that would make them mandatory. The same goes for the NSA, Microsoft’s very special partner. Anyone who still thinks that back doors in encryption are within the realm of “conspiracy theory” must not have paid attention. We wrote about such issues more than half a decade ago. At this stage, judging by thousands of articles on the topic, these factual observations are very commonplace in the press, even in the corporate media.
“Anyone who still thinks that back doors in encryption are within the realm of “conspiracy theory” must not have paid attention.”“Microsoft backdoor bitlocker key escrow for the FBI & NSA,” writes to us David Sugar from GNU Telephony. “From the OS that loves to spy on you,” he added.
Some months ago we showed that a former Microsoft engineer working on Windows BitLocker confirmed that the US government asks Microsoft for back doors and now we have more details on how this is done, courtesy of cryptology enthusiasts in Cryptome:
Microsoft OneDrive in NSA PRISM
A sends:
1) Bitlocker keys are uploaded to OneDrive by ‘device encryption’.
“Unlike a standard BitLocker implementation, device encryption is enabled automatically so that the device is always protected.
…
If the device is not domain-joined a Microsoft Account that has been granted administrative privileges on the device is required. When the administrator uses a Microsoft account to sign in, the clear key is removed, a recovery key is uploaded to online Microsoft account and TPM protector is created.”
http://technet.microsoft.com/en-us/library/dn306081.aspx
2) Device encryption is supported by Bitlocker for all SKUs that support connected standby. This would include Windows phones.
“BitLocker provides support for device encryption on x86 and x64-based computers with a TPM that supports connected stand-by. Previously this form of encryption was only available on Windows RT devices.”
http://technet.microsoft.com/en-us/library/dn306081.aspx#BKM…
3) The tech media and feature articles recognise this.
“… because the recovery key is automatically stored in SkyDrive for you.”
http://www.zdnet.com/surface-bitlocker-and-the-future-of-encryption-7000024613/
4) Here’s how to recover your key from Sky/OneDrive.
“Your Microsoft account online. This option is only available on non-domain-joined PCs. To get your recovery key, go to …onedrive.com…”
http://windows.microsoft.com/en-us/windows-8/bitlocker-recovery-keys-faq
5) SkyDrive (now named OneDrive) is onboarded to PRISM. (pg 26/27)
http://hbpub.vo.llnwd.net/o16/video/olmk/holt/greenwald/NoPlaceToHide-
Documents-Uncompressed.pdf
When Microsoft speaks about security it usually means “national security”, i.e. the ability of the state to break security of software. It’s about interception, not security. When Microsoft speaks about ‘secure boot’ it speaks about an antifeature in UEFI that enables the state to remotely brick computers, too.
The sad thing is that amid many BSD milestones as of recently (FreeBSD, OpenBSD, PC-BSD and others) there are those who fall for the false promise of UEFI, which does more harm than good to security. OpenBSD, which takes security very seriously, has already blasted UEFI 'secure boot' and blasted those who support it (including Red Hat), whereas FreeBSD got bamboozled into UEFI 'secure boot' and with it, the FreeBSD-derived PC-BSD gets bamboozled too:
Marking the twenty-first birthday of FreeBSD was the release of FreeBSD 10.1-RC4 and separately was the FreeBSD-derived PC-BSD 10.1 RC2 release.
FreeBSD 10.1-RC4 is expected to be the final RC build of FreeBSD 10.1 and brought fixes for ATA CF ERASE breakage and a race fix that could cause an EPT misconfiguration VM-exit.
More details on FreeBSD 10.1-RC4 can be found via its Sunday release announcement. The official release of FreeBSD 10.1 is now hopefully a few days out with its many new features and changes.
This is not a good idea at all. PC-BSD needs to follow the example set by OpenBSD, not FreeBSD (with its codebase). It sure starts looking like not only Microsoft but Red Hat too is bending over to its lucrative clients and contracts with the Deep State. Based on established observations from one decade ago, including more recent developments that Red Hat refuses to comment on, it seems possible that back doors in encryption (by default) is the de facto standard among large corporations. When they speak about “security” there must be fine prints and they’re omitted from the advertising. At risk of breaking the silence about systemd
(because we don’t want to inflame ‘civil wars’), systemd
replaces/obviates so much highly mature software that it certainly increases the likelihood of bug doors being introduced in RHEL/Red Hat (systemd
‘s patron) and by extension/inheritance many other distributions of GNU/Linux. █
Permalink
Send this to a friend
Posted in Deception, Free/Libre Software, FUD, Security at 2:35 pm by Dr. Roy Schestowitz
“Our products just aren’t engineered for security.”
–Brian Valentine, Microsoft executive
Summary: Following the familiar pattern of FOSS FUD, wherein we see Microsoft partners badmouthing FOSS over “security” (ignoring much worse problems in proprietary software), FOSS gets widely bashed in the British media
MICROSOFT has made many back doors available for the FBI and for the NSA. We have covered this for over half a decade and given concrete examples. Our next post will give yet another new example.
So, how does Microsoft have the audacity to tell us — usually by proxy — that Free software is not secure? Yes, Free software has some bugs (not many are critical), but Microsoft software is insecure by design. There are lots of back doors in Windows XP, for example, but the British NHS, which holds medical records (highly sensitive) of tens of millions of people (including my family), continues using it based on this new report:
Many UK NHS Trusts are at risk of missing the extended cut-off deadline for Windows XP support in April 2015, according to the results of several Freedom of Information requests by software firm Citrix.
Although the government acquired a support extension, the FOI request found that the trusts have been slow to make the transition, or are simply unsure when their transition would be complete.
Why on Earth are they not migrating to GNU/Linux yet? I have been part of British migrations to GNU/Linux, both in the private sector and government, and all I can say is that it always works. Not only does it save money but it also produces more secure and more stable systems.
“Entertaining more of that nonsense about FOSS being less secure than platforms with back doors or about Microsoft loving the competition that hurts it the most is probably a waste of time.”Trend Micro littering the British press at the moment with anti-FOSS messages that promote Microsoft, not mentioning back doors. We need not link to any examples because there are many of them this afternoon, but we have confronted Trend Micro UK and publications that gave it a platform today. So has the President of the OSI. Trend Micro has a FOSS-hostile track record, so it hasn’t been too surprising.
Speaking of poor journalism that’s actually PR in disguise, watch what IDG is doing right now. A new article by Eric Knorr of InfoWorld (editor), perhaps infatuated/in love with his sponsor (ads), repeats Microsoft's lie that it loves Linux
Entertaining more of that nonsense about FOSS being less secure than platforms with back doors or about Microsoft loving the competition that hurts it the most is probably a waste of time. The next post will show another back door that Microsoft deliberately put it its common carrier. █
Permalink
Send this to a friend
Posted in Europe, Patents at 7:49 am by Dr. Roy Schestowitz
Summary: Contact details for national delegations to whom complaints can and should be made regarding irregularities and bad behaviour at the European Patent Office (EPO)
DAYS ago we covered some of the latest abuses at the EPO, which is no stranger to scandals. The EPO is hardly accountable, it eliminated oversight, and it is wasting billions of euros of taxpayers’ money all across Europe in order to protect corporations (at taxpayers’ expense) using patents, including patents of rogue, wide scope, potentially software patents and monopolies on genetics/life too.
To reduce oversight even further the EPO has made it harder to lodge complaints from the public. “There used to be e-mail addresses for the national delegations on the AC website,” tells us a source, “but Battistelli disabled these last year due to alleged “abuse” (i.e. he basically wanted to prevent members of the public from directly contacting their delegations).”
Thanks to some digging, today we can provide a list of E-mail addresses for the heads of delegation, for those among our readers who are interested in lodging a complaint electronically. We are also trying to compile a list of the competent Ministries, but this is hard to keep up to date as it is subjected to changes whenever there is an election. We will give some addresses at the bottom. These hardly change over time.
In case our regular readers or anybody else might be interested in complaining, here is a list of E-mail addresses for EPO Administrative Council members and their deputies (from the national IPOs). We also include a list with information about the Ministries that supervise the national IPOs. This listing is not complete, but it has details of the Ministries for about 18 of the more significant EPO member states (total member states around 38 at the last count). This information is in the public domain so we are free to distribute it.
There used to be email addresses for the AC delegations provided on the official EPO website but Battistelli had these removed allegedly due to “abuse”. Let’s not Battistelli to get away with even more of his abuses. According to our sources of information, people had been using these addresses to send in submissions about the controversial if not corrupt Topić, so it could be that Battistelli wanted to put a stop to that.
LIST OF EMAIL ADDRESSES FOR ADMINISTRATIVE COUNCIL DELEGATES (& DEPUTIES) FROM NATIONAL INTELLECTUAL PROPERTY OFFICES OF EPO CONTRACTING STATES
STATUS: 14 September 2014
Official website of the EPO’s Administrative Council:
http://www.epo.org/about-us/organisation/administrative-council/representatives.html
See also: http://www.wipo.int/directory/en/urls.jsp
ALBANIA: elvin.lako@dppm.gov.al
elvanda.mece@dppm.gov.al
mailinf@dppm.gov.al
AUSTRIA: friedrich.roedler@patentamt.at
andrea.scheichl@patentamt.at
info@patentamt.at
BELGIUM: jerome.debrulle@economie.fgov.be
geoffrey.bailleux@mineco.fgov.be
BULGARIA: vbabaleva@bpo.bg
tnaydenova@bpo.bg
bpo@bpo.bg
CROATIA: ljiljana.kuterovac@dziv.hr
CYPRUS: skokkinos@drcor.mcit.gov.cy
eeleftheriou@drcor.mcit.gov.cy
CZECH REPUBLIC: jkratochvil@upv.cz
skopecka@upv.cz
posta@upv.cz
DENMARK: jko@dkpto.dk
arj@dkpto.dk
mlr@dkpto.dk
knj@dkpto.dk
pbp@dkpto.dk
pvs@dkpto.dk
ESTONIA: Matti.Paets@epa.ee
Margus.Viher@epa.ee
FINLAND: rauni.hagman@prh.fi
jorma.hanski@prh.fi
FRANCE: ylapierre@inpi.fr
fclaireau@inpi.fr
contact@inpi.fr
GERMANY: ernst-ch@bmj.bund.de
info@dpma.de
GREECE: ssta@obi.gr
kmar@obi.gr
info@obi.gr
HUNGARY: miklos.bendzsel@hipo.gov.hu
mihaly.ficsor@hipo.gov.hu
elnokseg@hipo.gov.hu
ICELAND: borghildur@els.is
elfa@els.is
IRELAND: gerard.barrett@patentsoffice.ie
ITALY: mauro.masi@consap.it
loredana.gulino@mise.gov.it
LATVIA: guntis.ramans@lrpv.gov.lv
sandris.laganovskis@lrpv.gov.lv
valde@lrpv.lv
LIECHTENSTEIN: Sabine.Monauni@llv.li
Esther.Schindler@llv.li
ute.hammermann@avw.llv.li
info@avw.llv.li
LITHUANIA: rimvydas.naujokas@vpb.gov.lt
zilvinas.danys@vpb.gov.lt
LUXEMBOURG: lex.kaufhold@eco.etat.lu
claude.sahl@eco.etat.lu
MACEDONIA: safet.emruli@ippo.gov.mk
irenaj@ippo.gov.mk
MALTA: godwin.warr@gov.mt
michelle.bonello@gov.mt
MONACO: ekheng@gouv.mc
expansion@gouv.mc
mcpi@gouv.mc
NETHERLANDS: derk-jan.degroot@agentschapnl.nl
p.h.m.vanbeukering@minez.nl
NORWAY: pfo@patentstyret.no
jsa@patentstyret.no
POLAND: aadamczak@uprp.pl
ematysiak@uprp.pl
glachowicz@uprp.pl
PORTUGAL: leonor.trindade@inpi.pt
marco.dinis@inpi.pt
ROMANIA: ionel.muscalu@osim.ro
alexandru.strenc@osim.ro
office@osim.ro
SAN MARINO: silvia.rossi.ubm@pa.sm
b.cinquantini@ngpatent.it
SERBIA: btotic@zis.gov.rs
bbilenkati@zis.gov.rs
zis@zis.gov.rs
SLOVAKIA: lubos.knoth@indprop.gov.sk
lukrecia.marcokova@indprop.gov.sk
urad@indprop.gov.sk
SLOVENIA: Vesna.StankovicJuricic@uil-sipo.si
Ales.orazem@uil-sipo.si
h.zalaznik@uil-sipo.si
sipo@uil-sipo.si
SPAIN: patricia.garcia-escudero@oepm.es
pedro.cartagena@oepm.es
SWEDEN: susanne.sivborg@prv.se
per.holmstrand@prv.se
SWITZERLAND: roland.grossenbacher@ipi.ch
christian.bock@metas.ch
info@ipi.ch
TURKEY: habip.asan@turkpatent.gov.tr
akocer@turkpatent.gov.tr
info@turkpatent.gov.tr
U.K.: john.alty@ipo.gov.uk
sean.dennehey@ipo.gov.uk
Just for information, the last quarterly meeting of the EPO’s Administrative Council (AC) was scheduled to take place on the 15th October in Munich and the next one is scheduled to take place in December, also in Munich. This means that the more publicity that this stuff attracts in advance of that latter meeting, the more political pressure will be on the AC to react. To date it seems that they have decided to ignore the matter and make no public statement, probably in the hope that the problem would go away of its own accord. Here is the full list [PDF]
of contacts again, with additional details:
COMPETENT MINISTRIES FOR NATIONAL INTELLECTUAL PROPERTY OFFICES OF SELECTED EPO CONTRACTING STATES
STATUS: 14 September 2014
For other states refer to: http://www.wipo.int/directory/en/
BENELUX
[Order of details:]
State
Patent Office
Competent Ministry
Current Minister
Email contact
Belgium
L’Office belge de la Propriété intellectuelle (OPRI)
SPF Economie, P.M.E., Classes moyennes et Energie
City Atrium C
Rue du Progrès, 50
B-1210 Brussels, BELGIUM
Ms. Sabine Laruelle
http://www.laruelle.belgium.be/fr/equipe-et-contact
http://www.sabinelaruelle.be/homepage
info@laruelle.fgov.be
Netherlands
NL Octrooicentrum
Ministerie van Economische Zaken
Bezuidenhoutseweg 73
postbus 20401
NL- 2500 EK, Den Haag
NEDERLANDS
Mr. Henk Kamp
http://www.rijksoverheid.nl/regering/bewindspersonen/henk-kamp
Assistant:
b.becker@minez.nl
Spokespersons:
b.visser@minez.nl
P.vanStrien@minez.nl
t.d.vanes@minez.nl
Luxembourg
Office de la propriété intellectuelle
Ministère de l’Economie et du Commerce extérieur
19-21, boulevard Royal
L-2914 Luxembourg
LUXEMBOURG
Mr. Etienne Schneider
http://www.eco.public.lu/ministere/ministre/index.html
etienne.schneider@eco.etat.lu
minister@eco.etat.lu
Secretary:
catherine.lammar@eco.etat.lu
UK
Intellectual Property Office
Department for
Business Innovation & Skills
1 Victoria Street
London SW1H 0ET
UNITED KINGDOM
Dr. Vince Cable
https://www.gov.uk/government/people/vince-cable
enquiries@bis.gsi.gov.uk
cablev@parliament.uk
Ireland
Irish Patents Office
Department of
Jobs, Enterprise and Innovation,
23 Kildare Street, Dublin 2
IRELAND
Mr. Richard Bruton
http://www.djei.ie/corporate/ministersoffice/richardbruton.htm
minister@djei.ie
France
Institut National de la Propriété Industrielle (INPI)
Ministère de l’Économie,
des Finances et
du Commerce extérieur
139, rue de Bercy
F-75572 Paris Cedex 12
FRANCE
Mr. Emmanuel Macron
http://www.economie.gouv.fr/le-ministere/emmanuel-macron
Italy
Ufficio Italiano Brevetti e Marchi
(UIBM)
Ministero dello Sviluppo Economico
Uffici del Ministro
Via Veneto 33
IT-00187 Roma
ITALIA
Ms. Federica Guidi
http://www.sviluppoeconomico.gov.it/index.php?option=com_content&view=article&idmenu=3315
segreteria.ministro@mise.gov.it
Spain
Oficina Española de Patentes y Marcas
(OEPM)
Ministerio de Industria,
Energía y Turismo
Pº de la Castellana 160.
ES-28046 Madrid
ESPAÑA
Dr. José Manuel Soria López
http://www.minetur.gob.es/es-ES/Ministro/Biografia/Paginas/CV_Ministro.aspx
secretaria.ministro@mityc.es
Germany
Deutsches Marken- und Patentamt (DPMA)
Bundesministerium der Justiz (BMJ)
Mohrenstraße 37
D-10117 Berlin
DEUTSCHLAND
Mr. Heiko Maas
http://www.bmjv.de/DE/Ministerium/Hausleitung/Minister/_node.html
mail@heiko-maas.de
poststelle@bmj.bund.de
Switzerland
Eidgenössisches Institut für Geistiges Eigentum
Eidgenössischen Justiz- und Polizeidepartement (EJPD)
Bundeshaus West
CH-3003 Bern
SCHWEIZ
Ms. Simonetta Sommaruga
http://www.ejpd.admin.ch/ejpd/de/home/ueber-uns/dv.html
simonetta.sommaruga@gs-ejpd.admin.ch
simonetta.sommaruga@parl.ch
Liechtenstein
Eidgenössisches Institut für Geistiges Eigentum
Ministerium für Inneres,
Justiz und Wirtschaft
Postfach 684
9490 Vaduz
LIECHTENSTEIN
Dr. Thomas Zwiefelhofer
http://www.regierung.li/ministerien/wirtschaft/mitarbeitende-kontakt/
thomas@zwiefelhofer.net
Assistant:
Simon.Biedermann@regierung.li
Austria
Österreichisches Patentamt
Bundesministerium für Verkehr, Innovation und Technologie (BMVIT)
Radetzkystraße 2
A-1030 Wien
ÖSTERREICH
Mr. Alois Stöger
http://www.bmvit.gv.at/
alois.stoeger@spoe.at
Hungary
Hungarian Intellectual Property Office
Ministry of Public Administration
and Justice
Kossuth Lajos tér 2-4.
HU-1055 Budapest
HUNGARY
Dr. Tibor Navracsics
http://www.kormany.hu/en/ministry-of-public-administration-and-justice/the-minister
info@kim.gov.hu
intcomm@me.gov.hu
Denmark
Danish Patent and Trademark Office (DKPTO)
Ministry for Business and Growth
Slotsholmsgade 10-12
DK-1216 København K
DENMARK
Mr. Henrik Sass Larsen
http://www.evm.dk/english/the-minister
evm@evm.dk
Press Secretary
smn@evm.dk
Sweden
Swedish Patent and Registration Office
Ministry of Justice
Rosenbad 4
SE-103 33 Stockholm
SWEDEN
Ms. Beatrice Ask
http://www.government.se/sb/d/7567
beatrice.ask@gov.se
Justitiedepartementet.registrator@regeringskansliet.se
Finland
National Board of Patents and Registration of Finland (NBPR)
Ministry of Employment
and the Economy
P.O. Box 32
FI-00023 GOVERNMENT
FINLAND
Mr. Jan Vapaavuori
Minister of Economic Affairs
http://www.tem.fi/index.phtml?l=en&s=2297
jan.vapaavuori@tem.fi
Secretary:
jonna.sjogren@tem.fi
Norway
The Norwegian Industrial Property Office (NIPO)
Ministry of Trade and Industry
P.O.Box 8114 Dep.,
N-0030 Oslo
NORWAY
Monica Mæland, Minister of Trade and Industry
http://www.regjeringen.no/en/dep/nfd/about-the-ministry/minister-of-trade-and-industry-monica-ma.html?id=742948
postmottak@nfd.dep.no
Iceland
Icelandic Patent Office
Ministry of Industries and Innovation
Skulagotu 4
150 Reykjavík
Iceland
Ragnheiður Elín Árnadóttir
Minister of Industry and Commerce
http://eng.atvinnuvegaraduneyti.is/ministers/nr/6748
rea@althingi.is
postur@anr.is
To our dear European readers: If you have not been following our 2-month, 9-part series to date, now is a good time to familiarise yourself with it and issue an E-mail/letter to your local representatives. They ought to be informed of what goes on inside the secretive EPO. They can react to it and rectify matters. █
Permalink
Send this to a friend