LITEROTICA PODCAST
LIT CAMS (200 Free Tokens)ADULT TOYSVOD MOVIES

The NSAKEY: the Feds' Backdoor into Windows

E

eyer

Literotica Guru
Joined
Jun 27, 2010
Posts
21,263
The National Security Agency has backdoor access to all Windows software since the release of Windows 95, according to informed sources, a development that follows the insistence by the agency and federal law enforcement for backdoor “keys” to any encryption.

Having such “keys” is essential for the export of any encryption under U.S. export control laws.

The NSA plays a prominent role in deliberations over whether such products can be exported. It routinely turns down any requests above a megabyte level that exceeds NSA’s technical capacity to decrypt it. That’s been the standard for years for NSA, as well as the departments of Defense, Commerce and State.

Computer security specialists say the Windows software driver used for security and encryption functions contains unusual features the give NSA the backdoor access.

he security specialists have identified the driver as ADVAPI.DLL. It enables and controls a variety of security functions. The specialists say that in Windows, it is located at C:\\Windows\system.

Specialist Nicko van Someren says the driver contains two different keys. One was used by Microsoft to control cryptographic functions in Windows while another initially remained a mystery.

Then, two weeks ago, a U.S. security firm concluded that the second key belonged to NSA. Analysis of the driver revealed that one was labeled KEY while the other was labeled NSAKEY, according to sources. The NSA key apparently had been built into the software by Microsoft, which Microsoft sources don’t deny.

http://www.poorboycomputers.com/
Click to expand...

I can remember first hearing/reading, somewhere in the mid 90s/late 90s, that as a condition of Microsoft being allowed to sell their OS outside the US, they had to provide the Feds backdoor access to it...

...if you didn't know: the federal government has total power over whether a US private or public company can sell their product to foreign countries.

It's already been reported that Google gives the Feds open access to everything their customers do with them...

...Orwell's cameras are nothing compared to the total capture of every digital transaction by the "trust us" folks leading the USSA today.
 
Encryption software of 128 bits or greater is classed as munitions and so subject to federal export regulations. Phil Zimmermann ran in to this with PGP, he couldn't legally distribute it outside the US. So he merely published the source code in book form, which was legal to export, and people could use OCR software to make a soft copy and subsequently compile it.

If you don't want anyone spying on your system just use Truecrypt hard disk encryption. It's open source and free. And no back door.
 
I really really wanted to make a backdoor joke but I'm above that sort of thing.
 
Laurel said:
Nah, I think you're 100% behind it.

Got its back, so to speak.

As the Feds look for a Window of opportunity.
Click to expand...

I'd hate to strap on some courage only to be made the butt of a joke just because I was trying to work my way into a tight spot.
 
KRCummings said:
I'd hate to strap on some courage only to be made the butt of a joke just because I was trying to work my way into a tight spot.
Click to expand...

captain-picard-full-of-win-500x381.jpg
 
For most of the history of mankind, the concept of victory in warfare was simply to destroy a sufficient amount of the enemy's troops, weaponry and general capability to wage war as well as damaging or destroying natural resources and socioeconomic infrastructure critical to both individual civilian and governmental survival.

Until the last decade of the 20th century, computer networks had virtually no role in the conduct of warfare and were only beginning to be a force in the greater economic and social picture.

Today, every aspect of international and domestic commerce, from ordering to manufacturing, to distribution, to sales and delivery is dependent on computer networks. The electrical grid, the air transportation system. Treatment and distribution of clean water.

Even the most basic aspects of warfare -- the infantry soldier -- is about to become computerized.

The need for and the legal demand that certain transactions on computer networks remain confidential is no more or no less vital than the necessity of ensuring th survivability of the networks themselves.

The question is, how can those networks be adequately protected without granting the degree of access to and within them that would potentially compromise the necessary confidentiality with which they were designed to operate?

Quite simply, it cannot be done.

For that matter, national security has always depended in some manner on a body of secrets, even before computers. The "trust us" folks who hold those secrets will always be with us. We cannot evade the necessity of appointing a cadre of those among us with that specific task. We do our collective best at screening those applicants for their suitability for performing the duty, but our methods in that process are not nor can they be infallible.
 
Colonel Hogan said:
For most of the history of mankind, the concept of victory in warfare was simply to destroy a sufficient amount of the enemy's troops, weaponry and general capability to wage war as well as damaging or destroying natural resources and socioeconomic infrastructure critical to both individual civilian and governmental survival.

Until the last decade of the 20th century, computer networks had virtually no role in the conduct of warfare and were only beginning to be a force in the greater economic and social picture.

Today, every aspect of international and domestic commerce, from ordering to manufacturing, to distribution, to sales and delivery is dependent on computer networks. The electrical grid, the air transportation system. Treatment and distribution of clean water.

Even the most basic aspects of warfare -- the infantry soldier -- is about to become computerized.

The need for and the legal demand that certain transactions on computer networks remain confidential is no more or no less vital than the necessity of ensuring th survivability of the networks themselves.

The question is, how can those networks be adequately protected without granting the degree of access to and within them that would potentially compromise the necessary confidentiality with which they were designed to operate?

Quite simply, it cannot be done.

For that matter, national security has always depended in some manner on a body of secrets, even before computers. The "trust us" folks who hold those secrets will always be with us. We cannot evade the necessity of appointing a cadre of those among us with that specific task. We do our collective best at screening those applicants for their suitability for performing the duty, but our methods in that process are not nor can they be infallible.
Click to expand...

There's a disturbing lack of double entendres and/or backdoor jokes in this post.
 
about_average said:
If you don't want anyone spying on your system just use Truecrypt hard disk encryption. It's open source and free. And no back door.
Click to expand...

That was too easy...

...from Truecrypt documentation:

TrueCrypt does not:

Encrypt or secure any portion of RAM (the main memory of a computer).
Secure any data on a computer* if an attacker has administrator privileges** under an operating system installed on the computer.
Secure any data on a computer if the computer contains any malware (e.g. a virus, Trojan horse, spyware) or any other piece of software (including TrueCrypt or an operating system component) that has been altered, created, or can be controlled, by an attacker.
Secure any data on a computer if an attacker has physical access to the computer before or while TrueCrypt is running on it.
Secure any data on a computer if an attacker has physical access to the computer between the time when TrueCrypt is shut down and the time when the entire contents of all volatile memory modules connected to the computer (including memory modules in peripheral devices) have been permanently and irreversibly erased/lost.
Secure any data on a computer if an attacker can remotely intercept emanations from the computer hardware (e.g. the monitor or cables) while TrueCrypt is running on it (or otherwise remotely monitor the hardware and its use, directly or indirectly, while TrueCrypt is running on it).
Secure any data stored in a TrueCrypt volume*** if an attacker without administrator privileges can access the contents of the mounted volume (e.g. if file/folder/volume permissions do not prevent such an attacker from accessing it).
Preserve/verify the integrity or authenticity of encrypted or decrypted data.
Prevent traffic analysis when encrypted data is transmitted over a network.
Prevent an attacker from determining in which sectors of the volume the content changed (and when and how many times) if he or she can observe the volume (dismounted or mounted) before and after data is written to it, or if the storage medium/device allows the attacker to determine such information (for example, the volume resides on a device that saves metadata that can be used to determine when data was written to a particular sector).
Encrypt any existing unencrypted data in place (or re-encrypt or erase data) on devices/filesystems that use wear-leveling or otherwise relocate data internally.
Ensure that users choose cryptographically strong passwords or keyfiles.
Secure any computer hardware component or a whole computer.
Secure any data on a computer where the security requirements or precautions listed in the chapter Security Requirements and Precautions are not followed.
Do anything listed in the section Limitations.

http://www.truecrypt.org/docs/security-model
Click to expand...

By even implying that any published software truly secures any system from anyone spying on it...

...simply opens you up to the charge of impersonating someone who knows what they're talking about.

Alas, the OP doesn't address your invalid point at all, anyway...

...that is, unless Truecrypt covertly colludes with the Feds, too.

Got any inside dope on that...

...Mata Hari?

And...

...what the h3ll is the gash doing in this, a manly thread?
 
eyer said:
That was too easy...

...from Truecrypt documentation:



By even implying that any published software truly secures any system from anyone spying on it...

...simply opens you up to the charge of impersonating someone who knows what they're talking about.

Alas, the OP doesn't address your invalid point at all, anyway...

...that is, unless Truecrypt covertly colludes with the Feds, too.

Got any inside dope on that...

...Mata Hari?

And...

...what the h3ll is the gash doing in this, a manly thread?
Click to expand...
A manly thread? Is that what you wanted to have?
 
Just for reference...

...you know, IF ANY OF YOU GASHES ACTUALLY GIVE A FVCK, here's a no-doubt partial listing of what the NSA's got going on these days:

ONEROOF: Main tactical SIGINT database (Afghanistan), consisting of raw and unfiltered intercepts

NUCLEON: Global telephone content database

XKEYSCORE: Collection tool for international metadata

AIRGAP: Priority missions tool used to determine SIGINT gaps

HOMEBASE: Tactical tasking tool for digital network identification

SNORT: Repository of computer network attack techniques/coding

WIRESHARK: Repository of malicious network signatures

TRAFFICTHIEF: Raw SIGINT viewer for data analysis

BANYAN: NSA tactical geospatial correlation database

OILSTOCK: Air Force/Navy tool to track ships in real time

MAINWAY: Telephony metadata collection database

ASSOCIATION: Tactical SIGINT social network database

MESSIAH/WHAMI: Electronic intelligence processing and analytical database

MARINA: Internet metadata collection database

PINWALE: Internet data content database

SURREY: Main NSA requirements database, where targets and selectors are “validated” by NSA managers

PROTON: SIGINT database for time-sensitive targets/counterintelligence

OCTAVE/CONTRAOCTAVE: Collection mission tasking tool

WRANGLER: Electronic intelligence intercept raw database

ANCHORY: Main repository of finished NSA SIGINT reports going back three years.

AQUADOR: Merchant ship tracking tool
Click to expand...


That MESSIAH/WHAMI tag makes me so paranoid, I'm thinking the NSA is the infamous anti-christ; you know:

Hi, I'm with the NSA and you can trust me to save you from all the evil in the world...

...then, WHAMI!


What the NSA’s Massive Org Chart (Probably) Looks Like

http://www.defenseone.com/ideas/2013/08/what-nsas-massive-org-chart-probably-looks/68642/
 
No one wants the level of chaos we're capable of unleashing by taking down the compters. Its mutually assured destruction a la atomic bombs and biological weapons. Aint gonna happen.

The best way to enslave us is to continue destroying our institutions and money...a little at a time, so we become like Africans and Arabs.
 
Look at the headlines today...



So is Snowden looking less like traitor and more like misguided whistleblower?
 
You must log in or register to reply here.

Similar threads

H
Windows Tech Tip: Activate WinXp Without Registration Key
Replies
9
Views
245
LiFeNdEaTh
LiFeNdEaTh
E
'2011 - Year of the Dupe' - A Geopolitical Exposé
Replies
0
Views
746
eyer
E
VaticanAssassin
So the Wall Street crew are marching for this guy?
Replies
12
Views
920
akatrex
akatrex
E
The U.S. Monetary System and Descent into Fascism
Replies
15
Views
795
JAMESBJOHNSON
J
R. Richard
Windows 8.1 Preview Release
Replies
24
Views
3K
Zeb_Carter
Zeb_Carter
Back
Top