06.15.13

Confirmed: Microsoft Tells the NSA About Back Doors in Windows

Posted in Microsoft at 7:22 am by Dr. Roy Schestowitz

Nobody needs hardware-level back doors when Windows (or other proprietary software) is installed

Hardware

Summary: Official confirmation that the NSA is being notified about ways of hijacking Windows before Microsoft releases fixes

Half a decade ago I put together some links about backdoors in Windows. I had accumulated those links for years. Now that we know how corrupt and aggressive the NSA can be (common knowledge after the latest leak), with cracking attacks on China, espionage, and unlimited mass surveillance in a fascistic manner (with corporations fully complicit), it all seems far less improbable and hardly far-fetched.

According to a new report from the corporate press (as corporate as it can get, being Bloomberg), Microsoft tells NSA staff about universal unpatched holes before they are being addressed:

Microsoft Corp. (MSFT), the world’s largest software company, provides intelligence agencies with information about bugs in its popular software before it publicly releases a fix, according to two people familiar with the process. That information can be used to protect government computers and to access the computers of terrorists or military foes.

Redmond, Washington-based Microsoft (MSFT) and other software or Internet security companies have been aware that this type of early alert allowed the U.S. to exploit vulnerabilities in software sold to foreign governments, according to two U.S. officials. Microsoft doesn’t ask and can’t be told how the government uses such tip-offs, said the officials, who asked not to be identified because the matter is confidential.

Frank Shaw, a spokesman for Microsoft, said those releases occur in cooperation with multiple agencies and are designed to be give government “an early start” on risk assessment and mitigation.

Glyn Moody asked, “why would anyone ever trust Microsoft again…?”

Frank Shaw is not a technical man. His job is to lie, e.g. about sales of Vista 8 (quite famously and most recently). He came from Waggener Edstrom, a lying and AstroTurfing company. The above should be read as follows: when new holes exist which permit remote hijacking the unaccountable, cracking-happy NSA is being notified. What can possibly go wrong now that we have proof that the NSA is cracking PCs abroad with impunity? Germany, are you paying attention?

Here is more about this news:

Some of the back and forth is innocuous, such as Microsoft revealing ahead of time the nature of its exposed bugs (ostensibly providing the government with a back door into any system using a Microsoft OS, but since it’s don’t ask, dont’ tell, nobody really knows). However the bulk of the interaction is steeped in secrecy: “Most of the arrangements are so sensitive that only a handful of people in a company know of them, and they are sometimes brokered directly between chief executive officers and the heads of the U.S.’s major spy agencies, the people familiar with those programs said.”

In IRC, Sosumi highlighted this article and said, “tell me something that isn’t known already, like PRISM is just an evolution of a previous snooping program and that the NSA has built an AI, even if rudimentary, in order to assist them sort the information… also I wonder if Keith Alexander will be at this year’s DEFCOM conference” (part of the PR and recruitment exercise).

Here is an interesting new post which relates to what we know about NSA’s cracking of people’s PCs (the lesser-advertised role of the NSA):

Skype is said to have several back doors. Our latest post about it got updated with new information. Skype can be used as a back door on any platform (known holes left unaddressed), GNU/Linux included. Microsoft controls it and it has a monopoly on the source code.

Watch the MSN corporate press (Microsoft’s pseudo ‘news’ site) promoting both Skype and Facebook:

Thanks to a simple inquiry on Facebook, it’s now a day to celebrate with a father who didn’t know he existed for nearly three decades.

“Whitewashing of Skype and Facebook” is what iophk called this. “Notice the lack of I-told-you-so articles about FB snooping or any coverage of the snooping at all.”

Skype is a Microsoft-controlled product (acquired and quickly altered to reduce decentralisation, user control, and privacy). Advertising it with the partly Microsoft-owned Facebook is too shallow a case of bogus ‘journalism’.

There is also something about spying capabilities of the Xbox One, summarised by the headline “US Navy serviceman calls Xbox One’s 24-hour online check “a sin committed against all service members”” (people seem to be getting the importance of privacy, over time).

A few weeks ago we spoke about expanding the scope of coverage in Techrights to privacy-related matters. We’ll soon conduct an interview with Richard Stallman (to be published later this month) as privacy becomes a central issue relating to software freedom. We should start using the privacy card to advance the Free/libre software agenda.

National Security Agency

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

This post is also available in Gemini over at:

gemini://gemini.techrights.org/2013/06/15/nsa-and-microsoft/

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

What Else is New


  1. Links 4/8/2021: Mesa 21.2 and Kaisen Linux Rolling 1.8

    Links for the day



  2. Links 4/8/2021: Audacity as Spyware and PCLinuxOS Updates

    Links for the day



  3. Destroying Freenode Was Not the Objective, But That's Just What Happened

    Killing Freenode was certainly not what Andrew Lee wanted, but Lee will be remembered as the person whose takeover basically led to the end of Freenode; it's in disarray



  4. GNU/Linux Users, Developers and Advocates Being Painted as Unruly and Rude by Corporate Media Looking to Undermine Software Freedom

    Corporate media, funded by companies that nonchalantly oppress people, would have us believe there's something wrong with people who reject corporate masters in their computing; reality, however, suggests that it is a wholly false narrative induced or cemented by endless repetition, so this framing ought to be rejected outright



  5. IRC Proceedings: Tuesday, August 03, 2021

    IRC logs for Tuesday, August 03, 2021



  6. The Free Software Community Needs Solidarity and Stronger Resistance Against Corporate Oligopolies With Their Overlapping Interests

    Linus Torvalds and Richard Stallman (RMS) do not have to be idolised ("cult of personalities") but they definitely need to be defended from a longstanding and ongoing corporate coup, which the corporations seek to justify using nicer-sounding terms like "security" (that's how they justify added complexity such as Rust) or "safe space" (they're collectively insulting the community as if only employees of monopolies can help combat bigotry)



  7. Links 4/8/2021: More IBM Downtimes and Firefox Losing Many Users

    Links for the day



  8. Links 3/8/2021: DeaDBeeF 1.8.8, CrossOver 21, AMD and Valve Hook Up for GNU/Linux Work

    Links for the day



  9. Links 3/8/2021: LibreOffice Autoupdater and Vulkan in X-Plane

    Links for the day



  10. How the News About 'Linux' Gets Manipulated to Spread FUD and Promote the Competition of GNU/Linux

    We quickly examine the sorts of news one gets from Google 'News' when searching for “Linux” and we conclude that real news is occluded or missing



  11. The EPO is Europe's Largest Scale Scam (by Far the Largest)

    In another fine instance of deja vu, the biggest scammers are warning everybody else about lesser “scammers”; one might be tempted to call this “projection tactics” or deflection (staring at the mirror) which helps churn/flood the "news" section with tons of recycled old fluff (they could certainly use a distraction right now)



  12. Links 3/8/2021: Raspberry Pi ‘WeatherClock’ and IPFire 2.27 - Core Update 159

    Links for the day



  13. IBM's Attack on the Community and on GPL/FSF is an Attack on Red Hat's Greatest Asset

    Ever since IBM bought Red Hat it has repeatedly attacked the FSF (in a malicious and personified fashion), looking for its own ‘copyright grab’ whilst outsourcing loads of code to proprietary software monopolisers who attack the GPL; by doing so, IBM is destroying the value of what it paid more than 30 billion dollars for (IBM is governed by pretentious fools, according to IBM insiders; they’ve already lost Red Hat’s longtime CEO and IBM’s new President), so it’s falling back on openwashing of IBM's proprietary software with help from the so-called ‘Linux’ Foundation



  14. Four Weeks of Non-Compliance: EPO Only Accepts Courts That It Rigs and Controls

    Compliance is for suckers, believes the “Mafia” which runs the EPO; it is not even responding (for three weeks!) to letters from the victims who won the cases; this is bad for Europe's image and it sets a dangerous precedent



  15. Seven Eleven: 11 is to 10 What 7 Was to Vista

    Microsoft is, as usual, aggressively manipulating/bribing the media (hyping up a shallow version inflation along with paid-for vapourware advertising) while strong-arming the market; there’s no other way they can compete anymore



  16. IRC Proceedings: Monday, August 02, 2021

    IRC logs for Monday, August 02, 2021



  17. Links 3/8/2021: Nitrux 1.5.1 and Gerbera Media Server 1.9.0

    Links for the day



  18. Links 2/8/2021: XEyes 1.2 and Fwupd 1.6.2 Released

    Links for the day



  19. Freenode is IRC... in Collapse

    Freenode is now down to just 13,194 online users, which makes it the 6th biggest IRC network. Months ago it was #1 with almost 6 times as many users as those below it. The graph above shows what the latest blunder has done (another massive drop in less than a week, with a poem and the all-time chart at the very bottom).



  20. Barrier and Synergy Can Work Together, Connecting Lots of Different Machines

    Barrier and Synergy can be configured to work properly in conjunction, though only provided different port numbers (non-default) are specified; in my current setup I have two computers to my right, working over Barrier, and two older ones on the left, working over Synergy; the video explains the setup and the underlying concepts



  21. Links 2/8/2021: Open Science in France and Zoom Pays to Settle Privacy Violations

    Links for the day



  22. It Almost Feels Like Battistelli Still Runs the EPO (by Extension/Proxy)

    The "Mafia" that destroyed the EPO is still being put in charge and is using the EPO for shameless self-promotion; it is never being held accountable, not even when courts demand remediatory action and staff seeks reparations



  23. [Meme] Vichyite Battistelli Committed Crimes and His Buddy António Snubs Courts That Confirm These Are Crimes

    Staff of the EPO is coming to realise (or reaching acceptance of the fact) that the spirit of Battistelli — not just people he left in charge of the EPO — dooms the Office and there’s no way out of this mess



  24. Links 2/8/2021: Linux 5.14 RC4 and 20% Growth in Steam

    Links for the day



  25. IRC Proceedings: Sunday, August 01, 2021

    IRC logs for Sunday, August 01, 2021



  26. Links 1/8/2021: LibreOffice 7.2 RC2 and Lakka 3.3

    Links for the day



  27. Was Microsoft Ever First in the Market?

    Confronting the false belief that Microsoft ever innovates anything of significance or is "first" in some market/s



  28. Links 1/8/2021: 4MLinux 37.0, IBM Fluff, and USMCA Update

    Links for the day



  29. Microsoft Knows That When Shareholders Realise Azure Has Failed the Whole Boat Will Sink

    The paranoia at Microsoft is well justified; they've been lying to shareholders to inflate share prices and they don't really deliver the goods, just false hopes and unfulfilled promises



  30. [Meme] Nobody and Nothing Harms Europe's Reputation Like the EPO Does

    Europe’s second-largest institution, the EPO, has caused severe harm/damage to Europe’s economy and reputation; its attacks on the courts and on justice itself (even on constitutions in the case of UPC — another attempt to override the law and introduce European software patents) won’t be easily forgotten; SUEPO has meanwhile (on Saturday, link at the bottom in German) reminded people that Benoît Battistelli and António Campinos have driven away the EPO’s most valuable workers or moral compass


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts