Microsoft Helps Police Crack Your Computer 558
IGnatius T Foobar writes "Microsoft has developed a small plug-in device that investigators can use to quickly extract forensic data from computers that "may have been used in crimes." It basically bypasses all of the Windows security (decrypting passwords, etc.) in order to eliminate all that pesky privacy when the police have physical access to your computer. Just one more reason not to run Windows on your computer."
Flaw (Score:5, Insightful)
What could possibly go wrong? (Score:4, Insightful)
This is very smart on Microsoft's part... (Score:3, Insightful)
I'm sure some lobbyist is sitting with a Congressional staffer right now, explaining how requiring Windows on every computer is essential to the War on Terrorism.
Physical access equals ownage under any OS (Score:3, Insightful)
This has always been true.
Box 0wned by person with physical access! (Score:1, Insightful)
Really? (Score:5, Insightful)
I'd just boot knoppix and mount the partition. There, I have access to all the files. That goes for windows AND unix/linux.
If you really depend on the password for anything other than stopping casual or remote access, you're just fooling yourself.
Re:If It's Possible... (Score:5, Insightful)
No. The ONLY question that is of any interest is whether or not this device actually has a back door to Windows encryption. Somehow I seriously doubt that it does. Its probably little more than a bootable drive with NTFS support, and some tools. If you've got a password on your login, it doesn't mean you are using encryption. And this tool probably just lets you get straight to searching the -unencrypted- disk without cracking the login, or without pulling the drive and installing it somewhere else to scan through.
The implications of a device like this are scary to say the least. Although I'm not a Microsoft hater, this alone is more than enough to make me take a second look at options other than Microsoft Windows.
I suspect your average Linux LiveCD Recovery Disk has all the same tools on it. MS is just getting on board with their own version, to remove another area, where, right now, you have to use Linux. If that's the case the implications aren't scary at all.
And this whole are article is pure FUD.
Unless they've provided a back door to the encryption. That is the -only- question. But I really doubt they have.
FUD (Score:2, Insightful)
Re:Flaw (Score:5, Insightful)
And, a scary precedent.
When the man kicks in your door, hooks up his thumb drive to your Linux box and doesn't get what he wants
The above is a deliberately absurd example. One which I fear is less far fetched than one would have previously hoped.
Mostly, I agree with some of the other posters here
Cheers
RE: Just one more reason not to run Windows (Score:1, Insightful)
Re:If It's Possible... (Score:4, Insightful)
I can't believe all the people who are freaking out about this. This isn't a remote exploit. This isn't a massive security hole. This is trivial stuff that anyone who is reasonably computer savvy should be able to do.
Could set crooks free easier too (Score:3, Insightful)
You'd always have to shut it down, image the drive, and then run your test against the image. If you ever so much as boot the image and use the device at that point, you've still just changed a shit load of files during the boot up process and a lawyer may still be able to get you off.
This device is only helpful if it contains a standalone script that can be pointed to a set of files on a write-blocked drive. Blindly letting it have full read/write access to any drive would be instant not-guilty result.
Unless this device gets some hefty certs, I'd be surprised if any law enforcement agency that reports to the public courts would ever use this device as reported.
Re:Really? (Score:2, Insightful)
Re:Really? (Score:3, Insightful)
If the NSA isn't freaking out about some kind of encryption trying to get it banned, it's because they can get into it.
Also, the more secure you think your files are, the more likely you'll put stuff there that might interest them.
Re:Flaw (Score:4, Insightful)
linux-based livecd that will reset any password on your windows partition.
if you have physical access and it's not encrypted, any data is fair game, it doesnt have anything to do with microsoft (in fact, im pretty pissed at ms for making it such a hassle to reset a password)
Re:Interesting thought (Score:4, Insightful)
They wouldn't boot your machine, though. They'd remove the drive, duplicate it, and then look at the duplicate through a hardware write blocker. Software would probably indicate that the majority of the disk was ext2/whatever Unix format you use partitions, and the layout of the root partition would make it fairly clear you were using a Unix variant. If they really wanted to "boot" your machine, they'd boot an image of your drive using a VM.
Re:Flaw (Score:3, Insightful)
Re:Some COFEE info from an Australian L.E. Confere (Score:2, Insightful)
Not only that, it would be horrible for avoiding the trolls. All they would need to do is get a +5 informative on a post then edit it to be a link to a virus filled site or something else.