RE: [TCLUG:8088] Can anyone verify the contents of this email?

To: <tclug-list@mn-linux.org>
Subject: RE: [TCLUG:8088] Can anyone verify the contents of this email?
From: "Eric Hillman" <ehillman@cccu.com>
Date: Fri, 3 Sep 1999 14:39:36 -0500
Importance: Normal
In-Reply-To: <37D01714.2FEF4743@tc.umn.edu>


> August 31, 1999 - WINSA - In what's sure to become some of the
> hottest news on the planet, we've just posted a detailed report
> that reveals at staggering revelation: MS OPERATING SYSTEMS APPEAR
> TO HAVE A BACK DOOR!. And according to the discoverer, the keys to
> this door are held by both MS and the National Security Agency
> (NSA.) This is very distrurbing news folks.
>
> In his report, Andrew Fernandez airs out exactly what he found,
> how he found it, and how to remove the risk from your NT and
> Win2K systems -- we're providing a mirror site to the fix
> utility provided by Fernandez. Be sure to stop by the home and
> read this startling information! http://www.ntsecurity.net


  This was on slashdot earlier, and the site to which the slashdot article
refers is quite well-documented.
http://www.cryptonym.com/hottopics/msft-nsa.html

  The "back door" is roughly this -- when you attempt to load a module that
uses MS's crypto API, a subroutine in "advapi32.dll" is supposed to confirm
that it contains a key previously set up by Microsoft.  If the key is there,
it prompts you regarding export restrictions, etc, and if you OK the
transaction, the module is signed and installed.
  However, if the key doesn't match, the computer silently checks it against
a pre-installed NSA key.  If there is a match there, then the computer
simply signs & installs the module without notifying you.  It's uncertain
what the exact intent is here, but I'm sure you can imagine a scenario or
two where this would be potentially useful.  It appears to be in foreign as
well as domestic versions of Windows (Which has a few governments ticked
off.  There's already a group in Germany circulating petitions to pass laws
forbidding this kind of thing in all software sold there.)

  Even more intriguing, Windows 2000 apparently contains a *third* key,
belonging to an as yet unknown party.  You may begin the conspiracy
theorizing now.

  For whatever it's worth, this is (allegedly) *not* the first time the US
has tried something like this.  For a quick trip through the murky world of
computer espionage and shadow governments, check out
http://www.wbaifree.org/letemtalk/promis.html  (Or just do a quick net
search for the words "PROMIS", "Casolaro" and "Inslaw".)  Enjoy...

References:
- Can anyone verify the contents of this email?
  - From: Troy Johnson <john1536@tc.umn.edu>

Prev by Date: RE: [TCLUG:8088] Can anyone verify the contents of this email?
Next by Date: Re: [TCLUG:8088] Can anyone verify the contents of this email?
Prev by thread: Re: [TCLUG:8088] Can anyone verify the contents of this email?
Next by thread: Re: [TCLUG:8088] Can anyone verify the contents of this email?
Index(es):
- Date
- Thread