Comments on: Windows Back Doors Spin Out of Control, End up in Black Market

By: Yuhong Bao

Yuhong Bao — Tue, 10 Nov 2009 00:56:57 +0000

Well, live data capture would make a BitLocker backdoor unnecessary, and that is indeed how MS claims COFFE works:
From http://government.zdnet.com/?p=3781:
“While COFEE doesn’t break BitLocker or open a back door, it captures live data on the computer, which is why it’s important for agents not to shut down the computer first, Fung said. A law enforcement agent connects the USB drive to a computer at the scene of a crime and it takes a snapshot of important information on the computer. It can save information such as what user was logged on and for how long and what files were running at that time, Fung said. It can be used on a computer using any type of encryption software, not just BitLocker. Previously, an officer might spend three or four hours digging up the information manually, but COFEE lets them do it in about 20 minutes, he said.”

By: Yuhong Bao

Yuhong Bao — Mon, 09 Nov 2009 23:08:18 +0000

“Yes, Microsoft software’s weak security and Microsoft’s delays in fixing security problems or not addressing the underlying causes is effectively their support of backdoors”
I don’t think so, but yes there is indeed an industry where 0-day security bugs are sold as “happy packs” instead of reported to the vendor:
http://reversemode.com/index.php?option=com_content&task=view&id=60&Itemid=1
http://reversemode.com/index.php?option=com_content&task=view&id=58&Itemid=1
It is not MS’s fault, though, and it is not even limited to MS code security bugs either.
“Since all software essentially has bugs, the choice between Microsoft software and open source software becomes one of degree. How easily can you be compromised when you use each system. And whom do you trust: a particular for-profit company with a dirty past or the public and yourself (who have access to open source)? I trust the public to take care of itself more than I trust Microsoft to take care of all of us.”
AFRIK, open source projects do vary in how they handle security bugs, the worst is this case:
http://www.coresecurity.com/content/open-bsd-advisorie
But, yes, open source do make it better.

By: Roy Schestowitz

Roy Schestowitz — Mon, 09 Nov 2009 22:00:18 +0000

There have been cases where Microsoft (and more infamously Yahoo!) collaborated with governments to suppress free speech.

By: Jose_X

Jose_X — Mon, 09 Nov 2009 21:37:42 +0000

Yes, Microsoft software’s weak security and Microsoft’s delays in fixing security problems or not addressing the underlying causes is effectively their support of backdoors while attempting to maintain Plausible Deniability http://en.wikipedia.org/wiki/Plausible_deniability .

From the user’s pov there are many backdoors inside Microsoft software and many third parties exploiting these every day (Windows malware). Which of these backdoors are intentional to exploit the user or intentional to facilitate “justified remote overrides” and which are bugs is not that important if the goal is for the owner of the box and the data to avoid compromises and violations of privacy, period.

OTOH, I think Microsoft _might_ lay claim over ownership to a lot of software and data created by their software. In this case, the accurate question would be, why use “their software to create their data” instead of using open source software (“your” software) to create your data?

Since all software essentially has bugs, the choice between Microsoft software and open source software becomes one of degree. How easily can you be compromised when you use each system. And whom do you trust: a particular for-profit company with a dirty past or the public and yourself (who have access to open source)? I trust the public to take care of itself more than I trust Microsoft to take care of all of us.

By: uberVU - social comments

uberVU - social comments — Mon, 09 Nov 2009 10:07:37 +0000

Social comments and analytics for this post…

This post was mentioned on Twitter by Gumblar: Blog: Windows Back Doors Spin Out of Control, End up in Black Market … http://bit.ly/3BEV9q…

By: your_friend

your_friend — Mon, 09 Nov 2009 07:33:36 +0000

We shall see, but there's no denying that Windows is backdoored. Schneier said, "it's certainly not a back door, as TechDirt claims." To his discredit, he offered no explanation of how encrypted data can be so easily cracked without the underlying encryption being intentionally weak or compromised, aka "backdoored." It would also have been rash of him to dismiss the possibility of COFEE installing even more malicious software on the victim's computer but it is not clear he meant that. Those interested will learn exactly what's on the device, if the leaked version is not itself a trojan or missdirection. Schneier predicted something would get out because no one can share a secret it with hundreds of minimally trained staff and expect it to remain a secret. Eventually, he will be right.

By: Yuhong Bao

Yuhong Bao — Mon, 09 Nov 2009 05:24:03 +0000

Well, does COFEE really use any Windows backdoors? Has anyone disassembled or even used the software to see if it does.