[5510] in cryptography@c2.net mail archive
A-M$: The Microsoft NSA Back Door. (fwd)
daemon@ATHENA.MIT.EDU (Zombie Cow)
Fri Sep 3 17:29:27 1999
Date: Fri, 3 Sep 1999 22:20:03 +0300 (EEST)
From: Zombie Cow <waste@zor.hut.fi>
To: cryptography@c2.net
---------- Forwarded message ----------
Date: Fri, 3 Sep 1999 14:13:01 -0400
From: Darren Stuart Embry <dsembr01@ox.slug.louisville.edu>
Reply-To: Anti_MS@enemy.org
To: Anti-Microsoft Mailing List <anti_ms@enemy.org>
Subject: A-M$: The Microsoft NSA Back Door.
http://www.cryptonym.com/hottopics/msft-nsa.html
It turns out that every copy of Windows 95, 98, NT 4, and Windows 2000
has a back door that makes it easy for the National Security Agency to
gain access to your computer. The first two paragraphs of the press
release follow. Full details are available via the URL posted above,
as well as a sample program you can use to replace the NSA back door.
Research Triangle Park, NC - 31 August 1999 - Between Hotmail
hacks and browser bugs, Microsoft has a dismal track record in
computer security. Most of us accept these minor security flaws
and go on with life. But how is an IT manager to feel when they
learn that in every copy of Windows sold, Microsoft has installed
a 'back door' for the National Security Agency (NSA - the USA's
spy agency) making it orders of magnitude easier for the US
government to access their computers?
While investigating the security subsystems of WindowsNT4,
Cryptonym's Chief Scientist Andrew Fernandes discovered exactly
that - a back door for the NSA in every copy of Win95/98/NT4 and
Windows2000. Building on the work of Nicko van Someren (NCipher),
and Adi Shamir (the 'S' in 'RSA'), Andrew was investigating
Microsoft's "CryptoAPI" architecture for security flaws. Since the
CryptoAPI is the fundamental building block of cryptographic
security in Windows, any flaw in it would open Windows to
electronic attack.
###
I've been telling people lately that ``all this Microsoft stuff is
*bad* *voodoo*'', in reference to Microsoft's propensity to hide
details just like this so that they can screw you over without you
even knowing it, and to just write software that's so unnecessarily
complex and so poorly documented and designed internally that even
their entire team of developers can't seem to understand the whole
picture, and the software gets more and more broken to the point where
even the service packs are full of bugs.
I don't know if people realize that I'm deadly serious when I refer to
Microsoft's Bad Voodoo.
Every once in a while I have been mulling around the idea of creating
a separate organization inside my university (that of Louisville)
whose task is to tell people about the dangers of using Microsoft
products, or at least posting flyers promoting the Boycott Microsoft
web site <URL:http://www.vcnet.com/bms/>.
--
http://www.slug.louisville.edu/~dsembr01/ <-- Darren Stuart Embry. Cats won't
get away from him. He wishes they would.
``Tyson was provoked by Holyfield. The videotape clearly shows
Holyfield hitting him.'' -- from The Onion
== "Anti-M$ Mailing List", another fine service of Enemy.ORG / VBS ==
== [un]subscribe requests to Majordomo@Enemy.ORG or Anti_ms-owner@Enemy.ORG ==
