Although I can understand what you're saying Hertz Man, I can't agree. Whether some total drongo cop has access to the information this tool can present, or only the NSA does, the simple fact is that this information can be gotten.
The fact that the information exists, and can be gotten is what bothers me, not how or by whom it can be retried.
Hiya Dr. E!
First up - apologies to all for me being in a snarly mood when I sarcastically referred to the MS forensic package as a "backdoor exploit." (We all know it's not.) Bad choice of words on my part even if I was making a lame-assed joke when I said it.
I don't want to get into a huge debate here (let's start a separate thread if anybody feels that need) but I think you might have missed my point just a bit.
- It's not that the information exists or can be gotten.
- It's not about cops, or the NSA, or anybody else in the government.
- It's not about the fact that comparable tools are available form other sources.
It's all about Microsoft
providing such tools.
Why this is an issue for me and not for you might have something to do with the differing ways our respective national governments operate.
In the USA, our government has discovered that it can get around its constitutional "checks and balances" by allowing (possibly encouraging) private entities* to perform actions and collect information the government is not allowed to legally collect on it's own.
I can't speak for how things work in Australia. But over here, there's a very real concern when a large company like Microsoft starts providing tools to get around its own security systems without first being required (by law) to do so. Nor is this concern based on simple paranoia or goofball conspiracy theories. The major US Telcos are still under fire for the illegal and warrant-less wiretaps they performed at the request of the federal government under its previous Administration. They were so concerned about the public outrage that they sought immunity from prosecution. And not because they believed they acted within the law. (They openly acknowledged that they knew they didn't.) They argued that because they were acting at the behest of the government - the government alone should be held solely responsible if any laws were broken. Hmmm...sounds a bit like the "Just following orders" defense doesn't it?
So while this story may seem like no big deal to someone outside the US; it remains a very big deal for many within its borders.
But hey! - maybe that's why this story made the tech news over here in the first place?
* These run the gamut from banks, credit agencies, ISPs, insurance companies and the telcos; all the way over to the shadowy world of 'gray area' businesses like DynCorp, KBR/Haliburton, and Blackwater Worldwide.