I'm going to address your specific link.

Microsoft has different classes of customers and the functionality that you don't want, many customers request and may even require. You aren't obligated to use their disk encryption or functionality. You can install your own WDE product, but you appear to want the features of a Ferrari for the price of a Ford Focus, which is not reasonable.

Microsoft is not trying to mess with your system via that method. If anything, that is a blanket improvement prior by default there was no encryption. Could the design be made better? Maybe, with any implementation of a security feature there are always trade-offs. Microsoft could force users to store the key locally or print it, but then millions of people would simply turn encryption off or lose their key. This does not grant MS remote access to your system.

There are plenty of things that are wrong with MS, but saying Windows is malware is FUD plain and simple.

So basically they fucked up three times: 1. Marketing encryption while it's not safe, 2. Storing accessible backups of your data on their servers and 3. Actively sharing those backups with the NSA.

Out of those, #1 would be an excusable thing that many companies do, #2 is a reason to mistrust them and #3 is a reason never to store anything with Microsoft ever again. It's just not acceptable to take my data, promise me it is encrypted, then lie about it and freely share my data with the NSA whenever they want.

You're correct that Microsoft's device encryption is "free" to some extent, and it certainly is more secure than plaintext. That still doesn't mean it's ok to compromise it. At least with plaintext you avoid the performance overhead and associated risks of device encryption. With Microsoft's solution, you oay all the overhead -- and still get a much more limited form of protection.

Microsoft should know this so it is easy to say they were disingenuous even raising this as a point. If Windows is to be secure it needs to fundamentally change its security model and that means breaking compatibility with a huge number of applications. So that probably can't happen.

The crypto component of Windows was discovered to have a 1024-bit public key embedded within it whose symbol name is _NSAKEY. The "obvious" assumption was that this permits the NSA to read, sign, or authenticate anything for Windows. Microsoft denies this and says that "we have not shared this key with the NSA or any other party".

I remember when this story first broke. I thought it would lead to major embarrassment and repercussions for Microsoft. Boy was I wrong. There was no news coverage; other than a small subset of techies, nobody was concerned; and as far as I know, Microsoft never gave a technical explanation of how it was intended to be used.

I do not work for Microsoft, I have no insight into their decision making process. I doubt it has to do with security.

When your data is stolen because you were working in Cancun and the Mexican CIA was compromised, will you ever even know?

The point isn’t blaming a back door, it’s just pointing out that the more stakeholder that possess a key, the higher the probability of a compromise.

"Microsoft said that the key's symbol was "_NSAKEY" because the NSA is the technical review authority for U.S. export controls, and the key ensures compliance with U.S. export laws."

No sense at all. But if you read between the lines, it's the key without which Windows couldn't be exported. So it's a key which at least allows weaker encryption outside of the US.

It's not "lower concern". It's not a concern at all. Microsoft's code is comprehensively reverse engineered. People have reversed the most boring, tedious libraries on the system looking for memory corruption bugs. You posit that maybe they just forgot to look into this "NSA_KEY" business.

For a software security professional, you really come loaded for bear with a lot of weird advice:

* Avoid elliptic curve and use conventional Diffie Hellman and RSA because the NSA controls the ECC patents (?!).

* Use Blowfish because it has a long security track record (?!).

* Watch out for Google because they don't understand endpoint security (?!).

* NSAKEY isn't a high-priority issue but it's something that people should be concerned about (?!).

* Here's an unencrypted HTTP website that you can cut-and-paste GPG commands from instead of reading the manual (?!).

* Firewalls are just some made-up crap that don't actually provide any security (?!).

* Use MatrixSSL and PolarSSL instead of OpenSSL because OpenSSL's code quality is crap (?!).

I get the feeling that we do very different kinds of security. You talk a bit about formal verification and EAL levels. I had the misfortune of losing a couple months of my life in the early 2000s to Common Criteria work. If you're coming from a CCTL background, some of the very weird perspectives you have on this stuff start to make sense to me.

This points to structural issues at Microsoft.

I could be wrong about that, though, and I’d be curious to learn and understand more.

> · Customer content moving between customers and Microsoft will be encrypted by default.

> · All of Microsoft’s key platform, productivity and communications services will encrypt customer content as it moves between Microsoft data centers.

> · Strong cryptography to protect these channels, including Perfect Forward Secrecy and 2048-bit key lengths.

Microsoft already does each of these today (for sure Exchange and SQL, which I know the best), and they have done them for years now. Nothing changes. The more important question is how Microsoft manages the keys for this encryption, because when I was there the keys were still based on NSA-approved root keys...

We do in fact know what it is, because no matter what the bits of the secret key are, the use of the key in Microsoft's software is published: the code we're talking about isn't obfuscated.

You say "[l]ogically, we should assume it was a COMSEC backdoor for NSA so Microsoft could make money on exports". You say that as if it was impossible to look at the code and see where the key is used. It obviously isn't. People have done that work. They did it years and years ago. They explained what the key does. But the conspiracy theory about NSAKEY being a secret backdoor keeps coming up.

Once again: the key we're talking about doesn't even make sense as a backdoor. It's a second authentication key, the first of which is a key Microsoft already has, and could already use to the exact same effect.

> Microsoft, after considerable prodding, provided me with answers to some longstanding questions about BitLocker’s security. The company told me which random number generator BitLocker uses to generate encryption keys, alleviating concerns about a government backdoor in that subsystem

And then to answer it:

> Microsoft told me that while the backdoored algorithm is included with Windows, it is not used by BitLocker, nor is it used by other parts of the Windows operating system by default. According to Microsoft, the default PRNG for Windows is an algorithm known as CTR_DRBG, not Dual_EC_DRBG, and when BitLocker generates a new key it uses the Windows default.

Oh they "told you", great I guess we will just take them at face value and move on case clo... FUCK NO. Are you fucking kidding me???? MS may be getting better over all as a company by security/privacy is something I still don't trust them one bit on. That's not to say I think Apple is some bastion of privacy but MS has been in bed with the government for a LOT longer and hasn't been anywhere near as supportive of privacy/security as Apple has been as of late.

This ENTIRE article is supposed to be take on faith and I'm sorry but that's not good enough. It's one thing to say "Some encryption is better than none" or "It will protect your from run-of-the-mill thieves but not the government" but to eat up everything MS said as fact is insane...

And as one more gem:

> I asked Microsoft if the company would be able to comply with unlocking a BitLocker disk, given a legitimate legal request to do so. The spokesperson told me they could not answer that question.

MS knows what side their bread is buttered on and let me give you a hint, it's not the consumer side.