Bonum Certa Men Certa

Confirmed: Microsoft Tells the NSA About Back Doors in Windows

Nobody needs hardware-level back doors when Windows (or other proprietary software) is installed

Hardware



Summary: Official confirmation that the NSA is being notified about ways of hijacking Windows before Microsoft releases fixes

Half a decade ago I put together some links about backdoors in Windows. I had accumulated those links for years. Now that we know how corrupt and aggressive the NSA can be (common knowledge after the latest leak), with cracking attacks on China, espionage, and unlimited mass surveillance in a fascistic manner (with corporations fully complicit), it all seems far less improbable and hardly far-fetched.



According to a new report from the corporate press (as corporate as it can get, being Bloomberg), Microsoft tells NSA staff about universal unpatched holes before they are being addressed:

Microsoft Corp. (MSFT), the world’s largest software company, provides intelligence agencies with information about bugs in its popular software before it publicly releases a fix, according to two people familiar with the process. That information can be used to protect government computers and to access the computers of terrorists or military foes.

Redmond, Washington-based Microsoft (MSFT) and other software or Internet security companies have been aware that this type of early alert allowed the U.S. to exploit vulnerabilities in software sold to foreign governments, according to two U.S. officials. Microsoft doesn’t ask and can’t be told how the government uses such tip-offs, said the officials, who asked not to be identified because the matter is confidential.

Frank Shaw, a spokesman for Microsoft, said those releases occur in cooperation with multiple agencies and are designed to be give government “an early start” on risk assessment and mitigation.


Glyn Moody asked, "why would anyone ever trust Microsoft again...?"

Frank Shaw is not a technical man. His job is to lie, e.g. about sales of Vista 8 (quite famously and most recently). He came from Waggener Edstrom, a lying and AstroTurfing company. The above should be read as follows: when new holes exist which permit remote hijacking the unaccountable, cracking-happy NSA is being notified. What can possibly go wrong now that we have proof that the NSA is cracking PCs abroad with impunity? Germany, are you paying attention?

Here is more about this news:

Some of the back and forth is innocuous, such as Microsoft revealing ahead of time the nature of its exposed bugs (ostensibly providing the government with a back door into any system using a Microsoft OS, but since it's don't ask, dont' tell, nobody really knows). However the bulk of the interaction is steeped in secrecy: "Most of the arrangements are so sensitive that only a handful of people in a company know of them, and they are sometimes brokered directly between chief executive officers and the heads of the U.S.’s major spy agencies, the people familiar with those programs said."


In IRC, Sosumi highlighted this article and said, "tell me something that isn't known already, like PRISM is just an evolution of a previous snooping program and that the NSA has built an AI, even if rudimentary, in order to assist them sort the information... also I wonder if Keith Alexander will be at this year's DEFCOM conference" (part of the PR and recruitment exercise).

Here is an interesting new post which relates to what we know about NSA's cracking of people's PCs (the lesser-advertised role of the NSA):



Skype is said to have several back doors. Our latest post about it got updated with new information. Skype can be used as a back door on any platform (known holes left unaddressed), GNU/Linux included. Microsoft controls it and it has a monopoly on the source code.

Watch the MSN corporate press (Microsoft's pseudo 'news' site) promoting both Skype and Facebook:

Thanks to a simple inquiry on Facebook, it's now a day to celebrate with a father who didn’t know he existed for nearly three decades.


"Whitewashing of Skype and Facebook" is what iophk called this. "Notice the lack of I-told-you-so articles about FB snooping or any coverage of the snooping at all."

Skype is a Microsoft-controlled product (acquired and quickly altered to reduce decentralisation, user control, and privacy). Advertising it with the partly Microsoft-owned Facebook is too shallow a case of bogus 'journalism'.

There is also something about spying capabilities of the Xbox One, summarised by the headline "US Navy serviceman calls Xbox One’s 24-hour online check “a sin committed against all service members”" (people seem to be getting the importance of privacy, over time).

A few weeks ago we spoke about expanding the scope of coverage in Techrights to privacy-related matters. We'll soon conduct an interview with Richard Stallman (to be published later this month) as privacy becomes a central issue relating to software freedom. We should start using the privacy card to advance the Free/libre software agenda.

National Security Agency

Recent Techrights' Posts

Punching People Doesn't Work
It makes nobody any safer
This is How Microsoft's XBox and Entire Consoles (If Not Gaming) Ventures Will Ultimately Die
Ensure you can blame "Tariffs" (politics)? If not "hey hi", the fashionable go-to excuse when businesses fail?
The Complaint About Brett Wilson LLP - Part II - UK SLAPPs for Americans, SLAPPs for Profit
Brett Wilson LLP has a track record of this kind
Cloudflare Gives Us All Another Reason to Boycott Cloudflare
If Cloudflare wants to use its vast surveillance network (which is what it does as a CDN) to foist paywalls and maybe something worse (like DRM on top), then Cloudflare should be more widely rejected as a company
Someone Expiring Certificates on the Day of the 9/11 Attacks is Not Someone I Would Want Controlling My PC (or Deciding What's Authorised for Booting)
"social justice warriors"
More Microsoft-Red Hat Cross-Pollination as the Company Loses a Managing Director
some people move from Microsoft to Red Hat and some do the opposite
 
Slopwatch: Fake Articles, SPAM With Slop, and Google News Directs People to Read Slopfarms
why does Google News insist on still linking to prolific slopfarms?
Gemini Links 25/09/2025: New Game for Gemini Protocol, Eleven, and Network Solutions Woes
Links for the day
Look Ma, No "Cloud"
So far this year we've had an almost perfect uptime
Links 24/09/2025: Autism Blame-Shifting and Typhoon Ragasa Enters China
Links for the day
Buying From Oneself is Not Business Success
This isn't at all a joking matter even if you already laugh at the whole thing because your pension, savings etc. are tied to this scam at some level
What They Really Hate David Heinemeier Hansson (DHH) for
Nothing to do with code
Smart People Won't Buy 'Smart' Cars
Imagine trying to sell someone a house (proper home) while insisting that it'll need to be demolished 5 or 10 years later, then rebuilt again from scratch on the same vacant lot
The Relationship Between IBM Red Hat and Microsoft, Visualised
This metaphor goes a long way (projects, collaborations, and outsourcing
The Complaint About Brett Wilson LLP - Part III - Spying on Reporters' Families, Chaining Cases for Microsoft Employees Who Demand Censorship of Facts (Even Politely Expressed)
the time seems right to wrap up this introductory series
Links 24/09/2025: "NASA Moving Out of Entire Buildings as It's Gutted" and Purge of Online Critics (Opposing Fascism Becomes Unlawful)
Links for the day
Science is Under Attack
Oligarchy prefers a dumbed-down population
The Solicitors Regulation Authority (SRA) Has Reportedly Failed People With Wrong Advice
At the moment the SRA has a PR blunder
The Man Suing Brett Wilson LLP and Gervase de Wilde (5RB)
Now he's probably using the (almost) 200,000 pounds he's supposed to receive to sue Brett Wilson LLP and former colleagues/partners
Slopwatch: A World Wide Web That's Rotting for Companies That Won't Even Exist in a Few Years
some of the junk Google News is promoting
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, September 23, 2025
IRC logs for Tuesday, September 23, 2025
Links 24/09/2025: Qt Creator 18 Beta, Microsoft Cannot Bail Out "ChatGPT" Anymore, China and US Intensify Censorship
Links for the day
Gemini Links 24/09/2025: Gemlogs and Politics
Links for the day
Links 23/09/2025: Japan Limits Uses of Skinnerboxes ('Smartphones') With Toxic "Apps", Fentanylware (TikTok) Tapped by "MAGAts"
Links for the day
Brett Wilson LLP Has Just Been Sued (by Their Own Clients!)
Vladimir and Alla Yanpolsky sued Brett Wilson LLP in BL-2025-001167 at the end of last week
Mayday: Optus emergency calling crisis
Reprinted with permission from Daniel Pocock
Links 23/09/2025: Massive Data Breach, Slop Versus Productivity, and Vista 11 Update Breaks Things Again
Links for the day
Code of Censorship
Extortion is peace
The Free Software Foundation (FSF) Has Un-cancelled the Best People, Just in Time for the Big 4-0
Mr. Oliva should have been there all along (since 2019)
Most "Modern" Technology Makes You Slower and Dumber
Because proprietary software makes you worse off
"What Comes After Free Software?" Wrongly Insinuates We've Reached the Goal (Prison is Not the Goal)
The oil tycoons use similar tactics against environmentalists, giving them fake "wins"
Making More Work Space
I learned the hard way that less is more in circumstances where more means distraction
MAHA is a Lie, Public Officials Never Valued Citizens' Health (They Still Value Private Businesses, Their Sponsors)
Reject demagogues
Free Software Foundation (FSF) Has a New Press Kit for the Weekend After Next Weekend (40th Anniversary)
miles better than social [sic] media [sic] quips, moderated by narcissists and oil tycoons.
Microsoft Had Two Waves of Mass Layoffs This Month (That We Know of) and It'll Get Worse for Microsoft Soon
Will the axe fall again by month's end?
Gemini Links 23/09/2025: Happy Equinox, Photronic Arts, and Perception Cognition
Links for the day
Lessons We've Learned After 17 Years of American Hosting
GAFAM is "all-in" with the "Trump agenda"
Back to Normal Now, We Plan to Do More In-Depth Series (or Multi-part Stories)
Articles (or series thereof) that contain philosophy are important to us
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, September 22, 2025
IRC logs for Monday, September 22, 2025
Microsoft Media is Panicking Amid Mass Layoffs Every Month, H-1B Fees, and "Seattle’s Tech Scene in Trouble"
In "late stage Microsoft", copyleft becomes proprietary
The Next Wave of IBM/Red Hat Layoffs Being Discussed Already
Red Hat is sort of disappearing the way Tivoli did
New Techrights Turns 2
Today starts the third year of the SSG-based Techrights