UK Government Wants a Backdoor Into Windows 598
REBloomfield writes "The BBC is reporting that the British Government is working with Microsoft in order to gain backdoor access to hard drives encrypted by the forthcoming Windows Vista file system. Professor Anderson, professor of security engineering at Cambridge University, urged the Government to contact Microsoft over fears that evidence could be lost by suspects claiming to have forgotten their encryption key."
Why? (Score:2, Interesting)
What is the point of filesystem encryption? (Score:2, Interesting)
About the only thing windows encryption seems to be able to do is prevent you from recovering your files if your PC ever dies.
Whats the point?
Re:Why? (Score:3, Interesting)
You would be surprised how dim some crooks can be, like thinking that swallowing a sim card will destroy the data. Or even snapping it in two - might break the bond pad connections, but not the die. Easy to fix.
I hope China gets the same privs (Score:1, Interesting)
Not "lost" (Score:5, Interesting)
Re:Pfff (Score:5, Interesting)
In the end, the bad guys will use real encryption and the backdoor won' effect them. It will only serve as a security risk for legitimate users.
-Eric
Contempt of court (Score:4, Interesting)
keyloggers (Score:5, Interesting)
As usual, the wrong solution to the problem (Score:3, Interesting)
Everyone else* will have a computer with a guaranteed back door, which I am willing to bet will be open to hackers on about Day 3 after Vista's launch.
* - Well, everyone else who's not running Linux, of course.
Don't attribute.... (Score:3, Interesting)
Re:China & PGP (Score:4, Interesting)
Re:China & PGP (Score:4, Interesting)
It'll be interesting to watch this play out. I'm sure any resolution will disappear deep within the inner pages of the paper, if it is discussed at all.
Re:Why? (Score:3, Interesting)
Time to switch! (Score:4, Interesting)
Re:What is the point of filesystem encryption? (Score:5, Interesting)
Because all the sectors on my hard drive are encrypted on the fly. When you read it directly in other computer all you get is nearly random gibberish. There's not even a proper filesystem on it. Only after you mount it giving my long and convoluted passphrase the OS decrypts the sectors on the fly, so you can read the files. Switch the power off, reboot my machine or unmount the partition and there is no way to access my data again.
Is that easier to grok?
Robert
This is fantastic news to hear. (Score:3, Interesting)
The pleasant result of all this is that it dispells the whiff of paranoid conspiracy-theory. The government has been advised to ask for the backdoor access. By a british Cambridge expert. There is every reason to think Microsoft will agree.
There is now simple historical evidence to point the public to. Previously there were more technical , less convincing ones.
The average person is not going to care if Microsoft accidentally included some debugging code in a patch. Even if that made it look like it had a backdoor key. "Whatever that means?", they'll say.
A BBC news article about an expert asking for such a backdoor is a lot more convincing.
Re:Obviously you have never used real encryption (Score:2, Interesting)
Unless of course the password / passphrase that you enter in is still held in the pagefile in some obtainable manner. Anyone want to take a guess as to whether Windows Vista keeps your passphrase in the pagefile? Anyone want to further bet that the Fed already knows this?
D.--
The history of science resembles a collection of ghosts remembering that once they too were gods.
-- David Berlinsky, theoretical mathematician
Like all such tools, security depends on usage (Score:3, Interesting)
Having needed to break into someone's system to recover encrypted files, I can say it's not that simple.
Windows NTFS encryption is certificate based. For installs done by anyone not a professional paranoid, the user has access to the file recovery certificate, and the domain administrator may have access to a file recovery certificate valid domain-wide. To use a certificate stored on the hard drive, you MUST have the password to that certificate... which is NOT changed when you force-change an account password.
So, yes, you can hack a machine, install a trojan, and read the users files when they login next. But, until the user logs in (which, yeah, is usually a short wait) and starts the trojan running under their user ID and password before your trojan can decrypt the files to examine/copy them. Alternately, you can get a dump of the encrypted password files, and try a brute force crack. But if the password used on the account (and, ergo, certificate) is, say, 12 random printable characters... dude, you are so SCREWED.
Fortunately, the time I needed to break in for someone, the password was "only" nine random characters. I used a boot disk to dump the password file. Then, we wandered over to the operator for the school 128-processor Linux cluster with a case of good beer at 3:30 on Friday, explained the problem, and he agreed it would be OK this once to "not notice" the copy of the cracker program that would be blatantly running over the weekend in violation of several rules. We left, "not noticing" the case we were leaving behind. At 9AM Monday morning, I checked my email, and my batch job had left the user password sitting in my inbox.
If it had been a 12 random printable character password, we'd still be waiting for the rest of our lives. And, for the professionally paranoid, I understand it's possible to use a non-default certificate (with potentially a different password) for encrypting files... where the decryption certificate need not be on the machine.
Afterwards, I gently explained to the user that EFS should generally be reserved for situations where you consider the data's loss preferable to its disclosure. "EFS is not quite blow-up-the-building-first security, but it's close." He now reserves EFS for his financial information and consulting work covered under legal privelege.
Plausible deniability ... and continued access (Score:5, Interesting)
If terrorists or an oppressive government take your computer and hard drives away, anyone who depends on that data is very much out of luck.
For this reason, local encrypted filestores and plausible deniability are only part of the puzzle. Quite a lot more is required, in particular cryptographic online distribution.
A comprehensive solution will need to use a large population of fixed size raw dataspaces spread across the net, instead of local disks. Quite likely, it would be stored steganographically 1:<large-N>:1 so that (for example) changing webcam images could be used as repositories. And it will need cryptographically-random access for site selection and dataspace selection and to individual bits in the dataspaces. And it'll need huge redundancy since the online storage will be inherently unreliable, yet without laying the scheme open to pretty simple differential cryptoanalysis.
That's a very tall order.
Re:Pfff (Score:5, Interesting)
For each level there are two passwords, one which will unlock it as normal, and another which will unlock it, and also begin a routine which will start securely erasing the third level data, then the second level, and then the first level + OS, and maybe trigger a lump of thermite sitting on top of the RAM for good measure. Or maybe it would be better just to get rid of the third level silently, so that it's as if it never existed. That's probably healthier, on second thought.
So that after you provide a good show of resisting giving out the password, you hand over the 'distress' one and let them have fun getting through the first level of junk data, while at the same time the system is slowly eating away at the stuff you really don't want, down on the third level.
You could even set it up so that the mal-effects caused by the distress passwords increase as you move through the levels of security. The distress password on the first level of security just starts the "silent erase" mechanism. The distress password on the second level speeds it up at the cost of less subtlety (because obviously they're getting closer to the actual data, so you need it gone faster). The distress password on the third level physically destroys the system in some sort of obvious (but quick) fashion. That way you're almost guaranteed not to compromise the data, but you also don't have to necessarily compromise yourself, unless they're really close to getting the stuff.
Keyloggers (Score:5, Interesting)
http://www.epic.org/crypto/scarfo.html [epic.org]
That's US v. Scarfo; basically a mobster was using PGP to encrypt his communications and rather than breaking the encryption the hard way, the investigators got a warrant to install a keylogger. I'm not sure exactly how they did it, but I'm pretty certain that it was a hardware device implanted in the keyboard, rather than software. (The warrant they got was pretty much a blanket thing, approval for 'hardware, software, and firmware as necessary...') However they didn't divulge the exact methodology in the trial, because they successfully claimed an exemption under the Classified Information Procedures Act.
Re:Contempt of court (Score:4, Interesting)
It's kind of silly to think that an average user with no incriminating evidence encrypted is going to be randomly ordered to turn over a password, and thrown in jail for legitimately forgetting it. It's a disturbing thought that the law, as written, could lead to that, but it's not a compelling argument against using encryption if you're not a criminal.
Using this sort of hypothetical scenario to argue against routine use of encryption is a bit like arguing against keeping sharp knives in your kitchen, because you're afraid the police might claim you stabbed someone with one of them and cleverly removed all forensic evidence of the stabbing from the knife.
Private Disk (Score:4, Interesting)
Institutions such as NIST test the implementations of the algorithms, then the program either gets certified or not.
The problem is that without certification, we do not know whether what they've implemented is what they think they've implemented*.
The point is that they might use some obscure algorithm nobody knows - which has no guaranteed strength; thus one cannot rely on it. They can also implement standard algorithms such as AES or DES - but were they correctly implemented?
Sure - "why don't you take the sources and look at them yourself?" some might say, but is everybody competent enough to do that?
On the other hand, implementing something and then certifying it, means that:
[a] it was done right
[b] it is as strong as the standard says
In the case of encryption, the strength is in the key itself and in the mathematical basis of the algorithm, NOT in the obscurity of the mechanisms applied within the software.
One minor thing - NIST certification is expensive, I doubt TrueCrypt will pass it, unless some company pays for this. Commercial encryption software is a different thing, if they want to be treated seriously, they must go for it. An example is Private Disk [dekart.com].
* an old saying:
Decide for yourself (Score:3, Interesting)
He also has some really interesting papers on there. (Check out the "Cocaine Auction Protocol" and "Programming Satan's Computer" -- the first is a methodology for creating an un-mediated auction house, the latter is about programming on untrusted networks.)
Of course, to each his own.
Here's the link:
http://www.cl.cam.ac.uk/~rja14/#Lib [cam.ac.uk]
USA & 5th amendment (Score:5, Interesting)
The summary states that this black hole is desirable for "fears that evidence could be lost by suspects claiming to have forgotten their encryption key", but why would a suspect have to say they lost their encryption key? Why not just plead the 5th?
The 5th amendment states: "No person shall [...] nor shall be compelled in any criminal case to be a witness against himself [...]"
I honestly do not believe that the contents of a person's hard drive falls into the same category of evidence as eye witnesses or DNA. A personal computer's hard drive, particularly one with an encrypted file system, is effectively an extension of that person's memory and hence any data extracted from it seems very much like testifying against oneself.
Osama is mostly just an asshole (Score:3, Interesting)
Maybe his long term goal is Muslim rule (though I'm not conviced he's anything more than a power hungry madman who's merely using Islam) but his short term goals generally revolve around hurting/killing people and the general undermining of societies he doesn't like.
He doesn't like our way of life, with our quasi-democracy and capitalism and relative tolerance of different faiths. And every time we change our way of life, every time we give up one of our rights in the name of "fighting terrorism" we are delivering a victory to him and people like him.
Re:Osama is mostly just an asshole (Score:1, Interesting)
http://www.globalresearch.ca/articles/CHO311A.htm
oh please, yes please (Score:4, Interesting)
oh please, yes please. switch on encryption that uses TPM. then all it takes is a virus to overwrite the TPM keys in the BIOS memory and that's it - game over: your entire hard drive rendered useless. mwhahahahah
The irony here is beautiful (Score:3, Interesting)
And so, inevitably, the Powers That Be(TM) competing to dominate the lives of the Minions(TM) come into conflict.
If the governments get their way, there will be no true encryption permitted, because otherwise they can't spy on people.
If there is no true encryption, there is no point whatsoever to having the TPM, the entire DRM concept just got screwed, etc. It doesn't matter whether it's "only governments" who can break the codes, because someone will crack/leak/otherwise work around that restriction within days, and the Internet will do the rest within hours.
So, the media industry's current prime directive and major investment just came into direct opposition with the government's current prime directive and major political hot potato. The blue touch paper has been lit; please retire to a safe distance, and wait to see which of the rights you thought you were losing will be staying after all...