Microsoft Gives Vista Backdoor Keys To The Police

from the meaning-the-crooks-have-it-too dept

It's long been assumed that Microsoft has built in various "backdoors" for law enforcement to get around its own security, but now reader Kevin Stapp writes in to let us know that the company has also been literally handing out the keys to law enforcement. Apparently, they're giving out special USB keys that simply get around Microsoft's security, allowing the holder of the key to very quickly get forensic information (including internet surfing history), passwords and supposedly encrypted data off of a laptop. While you can understand why police like this, the very fact that the backdoor is there and that a bunch of these USB keys are out there pretty much guarantees that those with nefarious intent also have such keys. The second you build in such backdoors, no matter how noble the reason, you can rest assured that they will be used by criminals as well. No matter what, for those of you who didn't already know it, now you have more evidence as to why trusting Microsoft's "security" isn't such a good idea. Update: Some folks in the comments, and Ed Bott, claim that this post is a misreading of the original story. The USB key includes a bunch of standard tools, not access to a "backdoor." The confusion, on my part, was due to the original article claiming that the device "can decrypt passwords and analyze a computer's Internet activity, as well as data stored in the computer." In saying so, it appeared that the device must have access to a backdoor to decrypt the password -- but an update claims that it's merely "password security auditing technologies."

Filed Under: backdoor, security, vista
Companies: microsoft


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    draciron, 30 Apr 2008 @ 9:14am

    Old news

    You don't need a special USB device. Just boot into any Nix variant live CD with custom tools. I've saved many a windows admin who couldn't get into a machine and once or twice took over networks from fired admins who did not pass on the admin passwords. The encryption on the windows password DB has been very weak for a long time. The last copy I have was of tools that break the NT encryption but I'm sure there's equivs out for XP and Vista. It's been a long standing problem with windows.

    What is a bigger problem security wise is even though you THINK you deleted something it has a nasty habit of just getting moved around. Take a sector editor to any windows machine and you'd be amazed what you find just sitting around on the HD. Especially since the default moves the cache files all over the HD. So you've got cache files basically scattered all over your drive just waiting to be seen. Internet history, documents and all sorts of potentially sensitive data is cached as well. When recovering documents for users I've found copies of those documents in some really strange places. The user was just glad I recovered some or all of their lost work. I just sat there scratching my head as to why there was a copy there and not in the normal temp dir where you'd think such files would be kept. Varies from version to version as to where those things turn up.

    If you want security on any machine with any OS you have to zero out the free space periodically to truly erase files. Even then if a well funded agency wants that data merely zeroing it out is not enough. There are several good free multi-platform utilities that allow for obliterating the data. Unfortunately windows does not work and play well with multiple partitions so it's a real pain on a windows machine to move everything off a partition and wipe it good. Luckily it's only necessary if your facing somebody that REALLY might want your data like spies from other countries, law enforcement and such. The average hacker today is a glorified script kitty who wouldn't know what to do with a hex dump and probably has never heard of a sector walker. Hacking windows is so easy they don't need much skill or knowledge to accomplish it. Enough people don't even know to empty their trash cans, erase cache files and temp files that it's no challenge. Think about it, every time your app crashes all those cache files remain. So whatever you were in the middle of, a snapshot of it sits there on the hard drive until you manually delete it. If you were in the middle of a sensitive document it's there. Thumbnails from images you deleted long ago generally sit around forever. I've made a buck or two doing data forensics for suspicious spouses and it's not hard to figure out where and what a windows user has been up to. Microsoft is messy, very messy. Leaves all sorts of stuff laying around.

    Social engineering is easier anyway. Most people have a copy of their passwords stuck in a drawer, on them or it's something related to them. Birthdays, SSNs, pet names, stuff like that. A little knowledge about a person and with most people you can figure out their password pretty quickly. Just a stacked dictionary attack will find most passwords. When doing security audits on passwords it's usually %75 to %80 of passwords are easily cracked if you don't have stringent controls on what can be used as a password. However the more stringent the controls the more likely their password is to be written down nearby the computer. Admins are often lazy too. The more stringent the controls the more often users show up at your door asking for a password reset because they forgot theirs. Some every friggin weekend grrrrr.

    Last lets look at Microsoft's philosophy. Microsoft was eager to put the Clipper chip into effect. Microsoft was happy to filter the MSN search engine results for China. It doesn't stop at China. Do a search on Google, Yahoo and MSN about something Microsoft doesn't want you to know and you'll see dramatically different results. Two searches especially show the manipulation of Microsoft. Search for Linux topics on MSN and you'll find anti-Linux sites all over the top 2 or 3 pages, maybe more, I only went 2 to 3 pages. The results from Yahoo and Google are fairly close. Look for searches on a windows vulnerability and you again see from Google and Yahoo close results and often example exploit code. You won't find that on the MSN search engines.

    Microsoft was a leader in the use and development of DRM. It is the archetect of it really. Microsoft partnered with the big record companies and movie studios and used it's weight to attempt to force Intel and AMD to include DRM as chip level hardware features.

    You didn't see any Microsoft programmers in jail along side the author of PGP when the Clinton administration cracked down on encryption software. Microsoft happily gave the Gov backdoor keys to it's encryption. You do not need a USB key for that, just the keys the Gov has had for over a decade.

    The examples go on and on of Microsoft cooperating with governments and not even informing people they have sold them out. If you use windows you HAVE NO PRIVACY. The use of Windows assures exactly that because of Microsoft's core ideals and philosophy. Think about it, Gates actually said we should all be constantly under camera survaliance so that if we are accused of a crime we can prove our innocence. Can you expect anything from Microsoft to not reflect that philosophy?

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Shop Now: Copying Is Not Theft
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.