How NSA access was built into Windows

oldman talbotscott at cox.net
Mon Jan 15 05:54:24 UTC 2007 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Gene Heskett wrote:
> On Sunday 14 January 2007 23:58, Claude Jones wrote:
>> " A CARELESS mistake by Microsoft programmers has revealed that special
>> access codes prepared by the US National Security Agency have been
>> secretly built into Windows. The NSA access system is built into every
>> version of the Windows operating system now in use, except early
>> releases of Windows 95 (and its predecessors). The discovery comes
>> close on the heels of the revelations earlier this year that another US
>> software giant, Lotus, had built an NSA "help information" [local]
>> trapdoor into its Notes system, and that security functions on other
>> software systems had been deliberately crippled.
>>
>> The first discovery of the new NSA access system was made two years ago
>> by British researcher Dr Nicko van Someren. But it was only a few weeks
>> ago when a second researcher rediscovered the access system. With it,
>> he found the evidence linking it to NSA.
>>
>> Computer security specialists have been aware for two years that unusual
>> features are contained inside a standard Windows software "driver" used
>> for security and encryption functions. The driver, called
>> ADVAPI.DLL,.........snip"
>>
>> The rest is here: http://www.heise.de/tp/r4/artikel/5/5263/1.html
>>
>> So, my question is, if this is all true, then, what about Selinux?
> 
> Helluvagood question Claude, that same thought has crossed my mind for 
> several so-called security products, particularly Phil Zimmermans pgp 
> versions SINCE he was released from prison, and one reason that until I'm 
> reassured by someone knowledgeable, and whom I can personally believe in, 
> says its clean, I will never use a pgp newer than 2.6.2i.
> 
> Compatibility with whats running today, and potentially giving everyone a 
> false sense of the warm fuzzies, in the event we should NEED pgp to 
> refresh the tree of liberty, will be a very minor consideration, if at 
> all.
> 
> Call me a paranoid (expletive deleted), that's fine, I can live with that.  
> Then how does our competing gpg stand up under that same spotlight and 
> magnifying glass?  I have exactly the same reservations about that, its 
> all newer than 2.6.2i and born under suspicious circumstances.
> 
> The fact that we were handed this thing, basicly on a well polished 
> platter of extremely dubious ancestry, makes it very troublesome when I 
> think about it at night.
> 
>> --
>> Claude Jones
>> Brunswick, MD, USA
> 
	Here's a good idea Claude.  If you want to know if gpg is secure,
download the source and go through it until you understand every line
then compile it yourself.  You'll have to get to the point where you
trust your own programming skills (shouldn't take many months or maybe
years!).

Scott
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFFqxcP5mBKdb7VQEcRAooDAJ9BCgt3FbpcI9NHp7Q2tWd9BTDaogCfQJm3
AhvFAh+riPIRMRNFGGmXtO4=
=L7v+
-----END PGP SIGNATURE-----

More information about the fedora-list mailing list