topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Monday March 18, 2024, 9:56 pm
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: NSA Backdoor Exploit in Windows 8 Uncovered  (Read 3000 times)

Renegade

  • Charter Member
  • Joined in 2005
  • ***
  • Posts: 13,288
  • Tell me something you don't know...
    • View Profile
    • Renegade Minds
    • Donate to Member
NSA Backdoor Exploit in Windows 8 Uncovered
« on: November 24, 2014, 07:20 PM »
Presented without comment so that other people can rant instead.  ;)

http://www.technobuf...a-windows-8-exploit/

An internal document issued by IT experts working for the German federal government warned national agencies and companies not to use Windows 8. The reason? An alleged backdoor exploit has been discovered, and the details were obtained and published by German site Zeit Online. The leaked message suggests that the NSA likely has access to a hidden feature which apparently can’t be shut off and allows Microsoft to remotely control any computer running the software.

The Windows 8 feature under scrutiny by the German government is called Trusted Computing, a backdoor setting established ten years ago by a number of American tech giants including Microsoft, HP and IBM. Trusted Computing is supposed to protect computers from being manipulated by malicious third parties using viruses or other methods. The chip used to install Trusted Computing on Windows 8 computers allegedly offers Microsoft backdoor access, though the implication appears to be that the American company will extend that power to the U.S. government as well.

A second leaked report also notes that Windows 7 can “be safely operated until 2020,” implying that the German government may revert to the now-outdated operating system until the current security holes are plugged. However, in response to Zeit Online’s report, the Reichstag issued a statement partially denying claims it would downgrade its software.

Slow Down Music - Where I commit thought crimes...

Freedom is the right to be wrong, not the right to do wrong. - John Diefenbaker

mwb1100

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,645
    • View Profile
    • Donate to Member
Re: NSA Backdoor Exploit in Windows 8 Uncovered
« Reply #1 on: November 24, 2014, 07:52 PM »
(Disclaimer: my reading and quoting of the ZEIT ONLINE article was done using Google Translate, since I cannot read German nearly well enough on my own)

If you read the original article on ZEIT ONLINE, it doesn't say that a backdoor has been discovered. In fact, the article is mostly about the Trusted Platform Module (TPM) standard, which has been around for a a while now.  The ZEIT ONLINE article is addressing an upcoming 2.0 version of TPM which apparently will not let users disable the TPM functionality (or something).

TPM is a mechanism where the computer will boot and run code only if it has been signed by some authority.

The article does say this about the NSA backdoor:

In light of the revelations [by] Snowden it takes little imagination accordingly, to be regarded by 8 TPM 2.0 and Windows as a back door for the NSA, just waiting to be opened.

In other words, they can well imagine that the TPM 2.0 standard could harbor an NSA backdoor.  But one hasn't been discovered yet.

While TPM may be undesirable to end users (though if administration of TPM keys is allowed to end users, it could be a benefit to them), the NSA backdoor is simply speculation - one has not been discovered. 

Not to mention, if MS were going to provide (or has provided, if you like) a backdoor for the NSA, they wouldn't necessarily need TPM to do it.

phitsc

  • Honorary Member
  • Joined in 2008
  • **
  • Posts: 1,198
    • View Profile
    • Donate to Member
Re: NSA Backdoor Exploit in Windows 8 Uncovered
« Reply #2 on: November 25, 2014, 02:01 AM »
Your reading and interpretation of the translation is correct mwb1100.