It's about microsoft insisting that the only pre-loaded encryption key is theirs, to the exclusion of all other encryption keys. It's this exclusionary practice that's the problem, not the implementation per se.
I agree. It seems Microsoft wants to get the accolades of solving a hard key exchange problem without actually solving that hard key exchange problem. We see this a LOT in companies that "make it easy" to do cryptography.
Microsoft has different classes of customers and the functionality that you don't want, many customers request and may even require. You aren't obligated to use their disk encryption or functionality. You can install your own WDE product, but you appear to want the features of a Ferrari for the price of a Ford Focus, which is not reasonable.
Microsoft is not trying to mess with your system via that method. If anything, that is a blanket improvement prior by default there was no encryption. Could the design be made better? Maybe, with any implementation of a security feature there are always trade-offs. Microsoft could force users to store the key locally or print it, but then millions of people would simply turn encryption off or lose their key. This does not grant MS remote access to your system.
There are plenty of things that are wrong with MS, but saying Windows is malware is FUD plain and simple.
The problem is that Microsoft gives users a false sense of security. Marketing speak for this feature is "Your device is always automatically encrypted", which results in users thinking their data is safe. The content is then automatically backed up to Microsoft servers, to which users will not have much of an objection since it's encrypted anyway. But then behind their backs, Microsoft not only stores the encryption keys as a backup but also immediately shares them with the NSA that has full access to those backups.
So basically they fucked up three times: 1. Marketing encryption while it's not safe, 2. Storing accessible backups of your data on their servers and 3. Actively sharing those backups with the NSA.
Out of those, #1 would be an excusable thing that many companies do, #2 is a reason to mistrust them and #3 is a reason never to store anything with Microsoft ever again. It's just not acceptable to take my data, promise me it is encrypted, then lie about it and freely share my data with the NSA whenever they want.
It’s supposedly only accessible to LocalSystem. If they were to encrypt it, it could just be decrypted anyway. Still, it’s a huge liability and a major blunder by Microsoft.
I'm not sure I understand the argument here. Several manufacturers have now implemented on-by-default device encryption with no backdoor. This is not only feasible (in a business and technical sense) but is rapidly becoming the standard. Microsoft's approach is now an outlier. It almost certainly provides a much more vulnerable form of encryption than, say, Apple's and Google's.
You're correct that Microsoft's device encryption is "free" to some extent, and it certainly is more secure than plaintext. That still doesn't mean it's ok to compromise it. At least with plaintext you avoid the performance overhead and associated risks of device encryption. With Microsoft's solution, you oay all the overhead -- and still get a much more limited form of protection.
I know microsoft has crap security, but in this case they probably aren't lying about it being encrypted. Encryption for storage simply isn't a solution that most people need for security of data on their devices. It pretty much only protects against the threat of a device being stolen, and that simply isn't the way most people lose their data. Almost every virus runs as the main user of the PC, so almost every virus will be able to decrypt the recall storage.
Microsoft should know this so it is easy to say they were disingenuous even raising this as a point. If Windows is to be secure it needs to fundamentally change its security model and that means breaking compatibility with a huge number of applications. So that probably can't happen.
The crypto component of Windows was discovered to have a 1024-bit public key embedded within it whose symbol name is _NSAKEY. The "obvious" assumption was that this permits the NSA to read, sign, or authenticate anything for Windows. Microsoft denies this and says that "we have not shared this key with the NSA or any other party".
I remember when this story first broke. I thought it would lead to major embarrassment and repercussions for Microsoft. Boy was I wrong. There was no news coverage; other than a small subset of techies, nobody was concerned; and as far as I know, Microsoft never gave a technical explanation of how it was intended to be used.
My understanding from the context is: Microsoft made it a prerequisite for registering the app in the Windows store, after noticing encryption in features.
Still, the explanation given by Microsoft has even less sense than the "backdoor" theory:
"Microsoft said that the key's symbol was "_NSAKEY" because the NSA is the technical review authority for U.S. export controls, and the key ensures compliance with U.S. export laws."
No sense at all. But if you read between the lines, it's the key without which Windows couldn't be exported. So it's a key which at least allows weaker encryption outside of the US.
This is a very long source from 2000 that says in 6500 words what 'geofft said in just ~300: that this is a code signing key for crypto libraries. If Microsoft wanted to backdoor your Windows machine, they already have complete control over Windows code signing. They do not need a special key literally labeled "NSA_KEY" to do that.
It's not "lower concern". It's not a concern at all. Microsoft's code is comprehensively reverse engineered. People have reversed the most boring, tedious libraries on the system looking for memory corruption bugs. You posit that maybe they just forgot to look into this "NSA_KEY" business.
For a software security professional, you really come loaded for bear with a lot of weird advice:
* Avoid elliptic curve and use conventional Diffie Hellman and RSA because the NSA controls the ECC patents (?!).
* Use Blowfish because it has a long security track record (?!).
* Watch out for Google because they don't understand endpoint security (?!).
* NSAKEY isn't a high-priority issue but it's something that people should be concerned about (?!).
* Here's an unencrypted HTTP website that you can cut-and-paste GPG commands from instead of reading the manual (?!).
* Firewalls are just some made-up crap that don't actually provide any security (?!).
* Use MatrixSSL and PolarSSL instead of OpenSSL because OpenSSL's code quality is crap (?!).
I get the feeling that we do very different kinds of security. You talk a bit about formal verification and EAL levels. I had the misfortune of losing a couple months of my life in the early 2000s to Common Criteria work. If you're coming from a CCTL background, some of the very weird perspectives you have on this stuff start to make sense to me.
Though this is bad for Microsoft, does it make the situation substantially worse from a security perspective? Assuming they’re following good practices like not storing access keys, passwords, etc, in their source control system(s), this seems like more of an IP protection issue.
I could be wrong about that, though, and I’d be curious to learn and understand more.
> · Customer content moving between customers and Microsoft will be encrypted by default.
> · All of Microsoft’s key platform, productivity and communications services will encrypt customer content as it moves between Microsoft data centers.
> · Strong cryptography to protect these channels, including Perfect Forward Secrecy and 2048-bit key lengths.
Microsoft already does each of these today (for sure Exchange and SQL, which I know the best), and they have done them for years now. Nothing changes. The more important question is how Microsoft manages the keys for this encryption, because when I was there the keys were still based on NSA-approved root keys...
I sometimes don't know where to start with comments like these.
We do in fact know what it is, because no matter what the bits of the secret key are, the use of the key in Microsoft's software is published: the code we're talking about isn't obfuscated.
You say "[l]ogically, we should assume it was a COMSEC backdoor for NSA so Microsoft could make money on exports". You say that as if it was impossible to look at the code and see where the key is used. It obviously isn't. People have done that work. They did it years and years ago. They explained what the key does. But the conspiracy theory about NSAKEY being a secret backdoor keeps coming up.
Once again: the key we're talking about doesn't even make sense as a backdoor. It's a second authentication key, the first of which is a key Microsoft already has, and could already use to the exact same effect.
I generally like and agree with FirstLook/Intercept articles but this....
> Microsoft, after considerable prodding, provided me with answers to some longstanding questions about BitLocker’s security. The company told me which random number generator BitLocker uses to generate encryption keys, alleviating concerns about a government backdoor in that subsystem
And then to answer it:
> Microsoft told me that while the backdoored algorithm is included with Windows, it is not used by BitLocker, nor is it used by other parts of the Windows operating system by default. According to Microsoft, the default PRNG for Windows is an algorithm known as CTR_DRBG, not Dual_EC_DRBG, and when BitLocker generates a new key it uses the Windows default.
Oh they "told you", great I guess we will just take them at face value and move on case clo... FUCK NO. Are you fucking kidding me???? MS may be getting better over all as a company by security/privacy is something I still don't trust them one bit on. That's not to say I think Apple is some bastion of privacy but MS has been in bed with the government for a LOT longer and hasn't been anywhere near as supportive of privacy/security as Apple has been as of late.
This ENTIRE article is supposed to be take on faith and I'm sorry but that's not good enough. It's one thing to say "Some encryption is better than none" or "It will protect your from run-of-the-mill thieves but not the government" but to eat up everything MS said as fact is insane...
And as one more gem:
> I asked Microsoft if the company would be able to comply with unlocking a BitLocker disk, given a legitimate legal request to do so. The spokesperson told me they could not answer that question.
MS knows what side their bread is buttered on and let me give you a hint, it's not the consumer side.
reply