Skip to comments.Secret NSA Partnership with Microsoft: Provides US Government Total Access to Windows Computers
Posted on 06/24/2013 10:51:00 AM PDT by big'ol_freeper
WASHINGTON The National Security Agency has backdoor access to all Windows software since the release of Windows 95, according to informed sources, a development which follows the insistence by the agency and federal law enforcement for backdoor keys to any encryption, according to a report in Joseph Farahs G2 Bulletin.
Having such keys is essential for the export of any encryption allowed under U.S. export control laws to foreign users.
The NSA plays a prominent role in deliberations over whether such products can be exported, and routinely turns down any requests above a certain megabyte level that exceeds NSAs technical capacity to decrypt it. Thats been the standard for years for NSA, as well as the departments of Defense, Commerce and State.
Computer security specialists say that the Windows software driver used for security and encryption functions contains unusual features which give NSA that backdoor access.
These security specialists have identified the driver as ADVAPI.DLL. It enables and controls a variety of security functions. These specialists say that on Windows, it is located at C:\\Windows\system directory of anyones computer that uses Windows software.
Nicko van Someren says the driver contains two different keys. One was used by Microsoft to control cryptographic functions in Windows while another initially remained a mystery.
Then, two weeks ago, a U.S. security firm concluded that the second key belonged to NSA. Analysis of the driver revealed that one was labeled KEY while the other was labeled NSAKEY, according to sources. The NSA key apparently had been built into the software by Microsoft, which Microsoft sources dont deny.
This has allowed restricted access to Microsofts source code software that allows for such programming.
Access to Windows source code is supposed to be highly compartmentalized, actually making such actions easier because many of the people working on the software wouldnt see the access.
Such access to the encryption system of Windows can allow NSA to compromise a persons entire operating system. The NSA keys are said to be contained inside all versions of Windows from Windows 95 OSR2 onwards.
Having such the secret key inside your Windows operating system makes it tremendously easier for the NSA to load unauthorized security services on all copies of Microsoft Windows, and once these security services are loaded, they can effectively compromise your entire operating system, according to Andrew Fernandez, chief scientist with Cryptonym Corporation of North Carolina.
How many more of the Islamic beheadings, rapes, and murders,
and wildfires by Islamic terrorists, did the NSA
have prior knowledge of AND THEN IGNORED IT
... or ERASED IT??
Don’t use Windows. Never used any version of that crapware.
My first thought.. Sharyl Atkinnsons computer..
all the lids are starting to blow-off now
If they were let into Windows you just know Apple made room for them with open arms also.
Do ‘puter search for “ADVAPI.DLL”
I remember back in the 90’s when the discussion came up on encryption and backdoor keys.
The talk was that encryption was getting so good that the gov. needed backdoor access.
Funny how the timing on this kind of matches the lawsuits against Microsoft back in the ‘90s.
The most sophisticated cryptologists in the world have cleverly labeled their XML backdoor key as 'NSAKEY'. Subtle,...very subtle.....
We should all explain our vocabulary very carefully, to lessen the risk of semantic heterogeneity in our posts.
We assure you. All these 752 coincidences are just a coincidence.
Ever wonder what happened to the activity lights on the network icon on systems after XP?
What we need here Class, is Action...
Disney has a backdoor into my PC too, I just found a file called “mouse.dll”
a bit of history of the AVDAPI.dll “threat” from the golden-oldie pre-Y2K year 1999:
A CARELESS mistake by Microsoft programmers has revealed that special access codes prepared by the US National Security Agency have been secretly built into Windows. The NSA access system is built into every version of the Windows operating system now in use, except early releases of Windows 95 (and its predecessors). The discovery comes close on the heels of the revelations earlier this year that another US software giant, Lotus, had built an NSA "help information" trapdoor into its Notes system, and that security functions on other software systems had been deliberately crippled.
The first discovery of the new NSA access system was made two years ago by British researcher Dr Nicko van Someren. But it was only a few weeks ago when a second researcher rediscovered the access system. With it, he found the evidence linking it to NSA.
Computer security specialists have been aware for two years that unusual features are contained inside a standard Windows software "driver" used for security and encryption functions. The driver, called ADVAPI.DLL, enables and controls a range of security functions. If you use Windows, you will find it in the C:\Windows\system directory of your computer.
ADVAPI.DLL works closely with Microsoft Internet Explorer, but will only run cryptographic functions that the US governments allows Microsoft to export. That information is bad enough news, from a European point of view. Now, it turns out that ADVAPI will run special programmes inserted and controlled by NSA. As yet, no-one knows what these programmes are, or what they do.
More info at the link.
I’ve got a nslookup.exe in my System32 folder. Should I be concerned?
Steve Jobs died on Oct 05, 2012.
Being open source there are plenty of back doors they can sneak into the Linux flavors as well. Apple also collaborated with them as well.
Boys and girls, this has been going on for quite a while, not new. Whenever you have an open rather than closed and isolated system you are open to all kinds of things like viruses, trojans, snooping, etc.
If hackers can find ways around your security and firewalls and openings in your OS then the Fed with all its years of experience spying and cracking systems can do it easily.
Do any of you honestly believe that MS OS machines are the only ones they are interested in or can crack?
Yeah, sure, and obama didn’t know anything about the IRS scandal until he read it in the papers.
Does Linux have this “feature” too?
er...given Microsoft’s solid reputation for rock solid operating systems...(sarc)...methinks anyone using their stuff had pretty much given up on all thoughts of privacy around twenty years ago.
And yes, there are security holes in every operating system...it’s just that Microsoft has established the standard below which no company operates.
And being open source, they can be found pretty darn quick. Unlike MicroSloth, which is closed software, and where the source code is unavailable.
That statement just proves you know nothing about open source.
Please research before commenting further.
Does Microsoft protect its Windows own computers from US Government penetration?
If so, how?
If not, wouldn’t their shareholders be interested?
This I know for sure: if this situation ever begins to be taken seriously by Joe Sixpack (which I doubt will ever happen) you’ll know because it will all be blamed on George Bush.
How is this different from lock makers giving a master key to the government that opens all locks?
How about a master car key that lets the gov open your car door?
This is all so scary...
Four different .dll's on my Windows XP computer.
Good Hunting... from Varmint Al
Linux per se, no. Some implementations of Linux might, but since it’s open source, you can read the source code and cut out or modify any bits you don’t like. That’s the whole point of open source: you’re not buying a license when you get your copy, you own your copy (which you probably got free, though maybe you paid to get some support services from one of the Linux distro companies and got it on a disk you bought from them) and can do what you want with it.
Open Source is the virtue that permits detection of the fault, not the cause of the back door.
So how much did our Government PAY HIM for this ability to snoop on all of us?
It came out of taxpayers money, I'm sure.
We have a right to know.
Sarah Palin, are you listening?
Providing anyone finds the fault. The industry stats have indicated for a while that all OS have faults that are not detected until something very bad happens. They are all software and there aren’t enough geeks in the world to be able to detect the possible backdoors and other faulty code and access schemes. Remember, the software security industry is not the most sophisticated or competent entities in finding and detecting these problems; governments, including the U.S. have the resources and facilities to be on the bleeding edge of computer espionage. The private companies can’t come close to matching these capabilities. No OS, no coding language, and no Browser is truly safe.
Thanks, beyond my ken. I wrote hex assembly code twenty-five years ago, but have no recent experience with anything but html & css in recent years.
If one runs Windows on top of Linux, is that back door then open? I would assume so.
Not entirely true. We can prove that things are correct. As an example there is Ironsides, which is an implementation of a DNS server which is:
provably invulnerable to many of the problems that plague other servers. It achieves this property through the use of formal methods in its design, in particular the language Ada and the SPARK formal methods tool set. Code validated in this way is provably exception-free, contains no data flow errors, and terminates only in the ways that its programmers explicitly say that it can. These are very desirable properties from a computer security perspective.
If you run Windows IN Linux, it is in a sand-boxed Virtual environment.. meaning, it only sees what is inside the box (it can’t even see what hardware you are running since the hardware is virtual too)..
So, unless you check the boxes to allow it outside of the box, it sees nothing but what you put in the box (Win installation and Win apps on the virtual hard disc).
If you have the source, it's a lot easier to analyze. But it's not really my point to defend. You effectively asserted open source is just is full of holes as closed source. How can you prove that? None of the other information you cite has anything to do with that, it's all hand-waving in fact. The assertion that private individuals and private or public companies cant come close to matching the capability of governments is not falsifiable. Now I would prefer to assume government researchers as dreadfully capable assuming they are properly directed; it's always a good idea to look both ways before you cross the street too.
Why not another link from 1999 (Bruce Schneier debunking this theory):