Windows 8 and the NSA

kaimera

http://investmentwatchblog.com/leaked-german-government-warns-key-entities-not-to-use-windows-8-links-the-nsa/

tl;dr:

According to leaked internal documents from the German Federal Office for Information Security (BSI) that Die Zeit obtained, IT experts figured out that Windows 8, the touch-screen enabled, super-duper, but sales-challenged Microsoft operating system is outright dangerous for data security. It allows Microsoft to control the computer remotely through a built-in backdoor. Keys to that backdoor are likely accessible to the NSA.

In fairness, is it that much of a leap to say MS would allow the NSA backdoor access?

Capt'n Midnight

LOL

anyone who thinks that a major US corporation wouldn't put in back doors for law enforcement is living in cloud cuckoo land
even Cisco admit do doing that

also check out what escrow means

sure not even M$ know what half the lines of code in there does

if you want a conspiracy google nsakey


also it's windows , there is always at least one undisclosed zero day that gives an attacker complete control , so they don't even need to add special code

and it's all moot because emails are like postcards and your ISP knows where you've been

Overheal

I frankly have more concerns about the other aspects of my life that are in the control of the NSA.

But lets face it, I use facebook and waze and shopkick and all manner of services that essentially datamine every aspect of who I am. I do absolutely despise the idea that its abused, but it hasn't stopped me from using those services or prompted me to wear tinfoil.

All the same, Im extremely dissatisfied with how my govt is being operated. I have decided however to sit back and watch carefully as it inevitably implodes or sparks some kind of civil revolt as some predict.

Torqay

Well, Microsoft passing on Zero Day exploits to the N5A is rather old news. With Windows 8 and TPM 2.0 you surrender sovereignty to Microsoft (and probably a variety of alphabet agencies) resulting in the worrying fact that a system you own might stop working for reasons that are completely beyond your control. While the sheeple couldn't care less, this is entirely inacceptable for critical infrastructures.

bd0101

There are many reasons to believe that Microsoft which was the first company that joined PRISM, uses software backdoors in its products. Thus there is no independence (nor many easy, accessible and functional alternatives) from the technological point of view.

It appears that we live times where privacy and right to private life, as well as state secrets, became an illusion. If EU, Brazilian, UN, etc top level authorities have been eavesdropped for quite some time, what are the chances of them "owning" your data at anytime?...

US spying affects clearly the national sovereignty, an attribute fundamental for any independent country - owning all data is not all that different than owning your streets and home and work and and and

clairefontaine

I'm less worried about the NSA than I am about private companies that sell and gather all your personal information, including address and phone numbers, and publish it on people search engines.

Capt'n Midnight

Torqay wrote: »

Well, Microsoft passing on Zero Day exploits to the N5A is rather old news.

Ain't it just

*dusts down this one*

https://en.wikipedia.org/wiki/NSAKEY

n September 1999, an anonymous researcher reverse-engineered both the primary key and the _NSAKEY into PGP-compatible format and published them to the key servers.

bd0101

clairefontaine wrote: »

I'm less worried about the NSA than I am about private companies that sell and gather all your personal information, including address and phone numbers, and publish it on people search engines.

There are companies that generate revenue by donations; I would trust much more a service provider smaller than google, Microsoft, or Apple.

Overheal

such providers usually get absorbed by entities such as google. Waze, for instance, was one such entity. On the whole it hasn't been twisted by google at all, but google now owns them and collects on their data, adding it to the overmind.

bd0101

Let's not forget that it is not only companies that assist the worldwide surveillance from US secret agencies, but internet backbone and fundamental organizations, such as ICANN..

US idea to weaken its domain-control influence, gives ICANN the chance to rebuilt its structure, but NOT to review its information security approach and ensure neutrality. At the end, it is about façade changes, with no real context - pretty much like the NSA reform... .

As a result, ICANN still escapes a rightful international watch, and we - remain vulnerable to illegality.