Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Secret NSA Partnership with Microsoft: Provides US Government Total Access to Windows Computers
conservativerefocus.com ^ | 23 June 2013 | F. MICHAEL MALOOF

Posted on 06/24/2013 10:51:00 AM PDT by big'ol_freeper

WASHINGTON – The National Security Agency has backdoor access to all Windows software since the release of Windows 95, according to informed sources, a development which follows the insistence by the agency and federal law enforcement for backdoor “keys” to any encryption, according to a report in Joseph Farah’s G2 Bulletin.

Having such “keys” is essential for the export of any encryption allowed under U.S. export control laws to foreign users.

The NSA plays a prominent role in deliberations over whether such products can be exported, and routinely turns down any requests above a certain megabyte level that exceeds NSA’s technical capacity to decrypt it. That’s been the standard for years for NSA, as well as the departments of Defense, Commerce and State.

Computer security specialists say that the Windows software driver used for security and encryption functions contains unusual features which give NSA that backdoor access.

These security specialists have identified the driver as ADVAPI.DLL. It enables and controls a variety of security functions. These specialists say that on Windows, it is located at C:\\Windows\system directory of anyone’s computer that uses Windows software.

Nicko van Someren says the driver contains two different keys. One was used by Microsoft to control cryptographic functions in Windows while another initially remained a mystery.

Then, two weeks ago, a U.S. security firm concluded that the second key belonged to NSA. Analysis of the driver revealed that one was labeled KEY while the other was labeled NSAKEY, according to sources. The NSA key apparently had been built into the software by Microsoft, which Microsoft sources don’t deny.

This has allowed restricted access to Microsoft’s source code software that allows for such programming.

Access to Windows source code is supposed to be highly compartmentalized, actually making such actions easier because many of the people working on the software wouldn’t see the access.

Such access to the encryption system of Windows can allow NSA to compromise a person’s entire operating system. The NSA keys are said to be contained inside all versions of Windows from Windows 95 OSR2 onwards.

Having such the secret key inside your Windows operating system makes it “tremendously easier for the NSA to load unauthorized security services on all copies of Microsoft Windows, and once these security services are loaded, they can effectively compromise your entire operating system,” according to Andrew Fernandez, chief scientist with Cryptonym Corporation of North Carolina.


TOPICS: Computers/Internet
KEYWORDS: 666; microsoft; windows

1 posted on 06/24/2013 10:51:00 AM PDT by big'ol_freeper
[ Post Reply | Private Reply | View Replies]

To: big'ol_freeper
I used to like the NSA until they ignored the Boston terrorists.

How many more of the Islamic beheadings, rapes, and murders,
and wildfires by Islamic terrorists, did the NSA
have prior knowledge of AND THEN IGNORED IT
... or ERASED IT??

2 posted on 06/24/2013 10:53:13 AM PDT by Diogenesis
[ Post Reply | Private Reply | To 1 | View Replies]

To: big'ol_freeper

Don’t use Windows. Never used any version of that crapware.


3 posted on 06/24/2013 10:53:38 AM PDT by eCSMaster (Palin was right (again)!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: big'ol_freeper

And Linux?


4 posted on 06/24/2013 10:54:03 AM PDT by proxy_user
[ Post Reply | Private Reply | To 1 | View Replies]

To: big'ol_freeper

My first thought.. Sharyl Atkinnsons computer..


5 posted on 06/24/2013 10:54:32 AM PDT by ConservativeMan55
[ Post Reply | Private Reply | To 1 | View Replies]

To: big'ol_freeper

all the lids are starting to blow-off now


6 posted on 06/24/2013 10:55:00 AM PDT by Buckeye McFrog
[ Post Reply | Private Reply | To 1 | View Replies]

To: big'ol_freeper

If they were let into Windows you just know Apple made room for them with open arms also.


7 posted on 06/24/2013 10:55:21 AM PDT by Abathar (Proudly posting without reading the article carefully since 2004)
[ Post Reply | Private Reply | To 1 | View Replies]

To: big'ol_freeper

Do ‘puter search for “ADVAPI.DLL”


8 posted on 06/24/2013 10:55:37 AM PDT by Red Steel
[ Post Reply | Private Reply | To 1 | View Replies]

To: big'ol_freeper

I remember back in the 90’s when the discussion came up on encryption and backdoor keys.
The talk was that encryption was getting so good that the gov. needed backdoor access.
Funny how the timing on this kind of matches the lawsuits against Microsoft back in the ‘90s.
hmmmm...


9 posted on 06/24/2013 10:56:51 AM PDT by Zathras
[ Post Reply | Private Reply | To 1 | View Replies]

To: big'ol_freeper
Analysis of the driver revealed that one was labeled KEY while the other was labeled NSAKEY

The most sophisticated cryptologists in the world have cleverly labeled their XML backdoor key as 'NSAKEY'. Subtle,...very subtle.....

We should all explain our vocabulary very carefully, to lessen the risk of semantic heterogeneity in our posts.

10 posted on 06/24/2013 11:00:41 AM PDT by Cvengr (Adversity in life and death is inevitable. Thru faith in Christ, stress is optional.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: big'ol_freeper

bookmark


11 posted on 06/24/2013 11:04:40 AM PDT by GOP Poet
[ Post Reply | Private Reply | To 1 | View Replies]

To: Zathras

We assure you. All these 752 coincidences are just a coincidence.


12 posted on 06/24/2013 11:05:00 AM PDT by UCANSEE2 (The monsters are due on Maple Street)
[ Post Reply | Private Reply | To 9 | View Replies]

To: Zathras

Ever wonder what happened to the activity lights on the network icon on systems after XP?


13 posted on 06/24/2013 11:07:53 AM PDT by conserv8 (The treacherous dealers mark the decks - - - - Lev:19-28)
[ Post Reply | Private Reply | To 9 | View Replies]

To: big'ol_freeper

What we need here Class, is Action...


14 posted on 06/24/2013 11:10:14 AM PDT by Errant
[ Post Reply | Private Reply | To 1 | View Replies]

To: big'ol_freeper

Disney has a backdoor into my PC too, I just found a file called “mouse.dll”


15 posted on 06/24/2013 11:14:50 AM PDT by bigbob
[ Post Reply | Private Reply | To 1 | View Replies]

To: big'ol_freeper

a bit of history of the AVDAPI.dll “threat” from the golden-oldie pre-Y2K year 1999:

http://cryptome.org/jya/msnsa.htm


16 posted on 06/24/2013 11:20:23 AM PDT by bigbob
[ Post Reply | Private Reply | To 1 | View Replies]

To: big'ol_freeper
From 1999 LINK

Careless mistake reveals subversion of Windows by NSA.

A CARELESS mistake by Microsoft programmers has revealed that special access codes prepared by the US National Security Agency have been secretly built into Windows. The NSA access system is built into every version of the Windows operating system now in use, except early releases of Windows 95 (and its predecessors). The discovery comes close on the heels of the revelations earlier this year that another US software giant, Lotus, had built an NSA "help information" trapdoor into its Notes system, and that security functions on other software systems had been deliberately crippled.

The first discovery of the new NSA access system was made two years ago by British researcher Dr Nicko van Someren. But it was only a few weeks ago when a second researcher rediscovered the access system. With it, he found the evidence linking it to NSA.

Computer security specialists have been aware for two years that unusual features are contained inside a standard Windows software "driver" used for security and encryption functions. The driver, called ADVAPI.DLL, enables and controls a range of security functions. If you use Windows, you will find it in the C:\Windows\system directory of your computer.

ADVAPI.DLL works closely with Microsoft Internet Explorer, but will only run cryptographic functions that the US governments allows Microsoft to export. That information is bad enough news, from a European point of view. Now, it turns out that ADVAPI will run special programmes inserted and controlled by NSA. As yet, no-one knows what these programmes are, or what they do.

More info at the link.

17 posted on 06/24/2013 11:24:50 AM PDT by Rio
[ Post Reply | Private Reply | To 1 | View Replies]

To: bigbob

I’ve got a nslookup.exe in my System32 folder. Should I be concerned?

:)


18 posted on 06/24/2013 11:26:08 AM PDT by McGruff (I can't speak to the law here. The law is irrelevant,)
[ Post Reply | Private Reply | To 15 | View Replies]

To: Abathar
Acording to the time line I saw, they did not have access to Apple until Oct 2012.

Steve Jobs died on Oct 05, 2012.

19 posted on 06/24/2013 11:26:47 AM PDT by mware
[ Post Reply | Private Reply | To 7 | View Replies]

To: rdb3; Calvinist_Dark_Lord; Salo; JosephW; Only1choice____Freedom; amigatec; Still Thinking; ...

20 posted on 06/24/2013 11:27:35 AM PDT by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 1 | View Replies]

To: big'ol_freeper

Being open source there are plenty of back doors they can sneak into the Linux flavors as well. Apple also collaborated with them as well.

Boys and girls, this has been going on for quite a while, not new. Whenever you have an open rather than closed and isolated system you are open to all kinds of things like viruses, trojans, snooping, etc.

If hackers can find ways around your security and firewalls and openings in your OS then the Fed with all its years of experience spying and cracking systems can do it easily.

Do any of you honestly believe that MS OS machines are the only ones they are interested in or can crack?


21 posted on 06/24/2013 11:31:59 AM PDT by RJS1950 (The democrats are the "enemies foreign and domestic" cited in the federal oath)
[ Post Reply | Private Reply | To 1 | View Replies]

To: mware

Yeah, sure, and obama didn’t know anything about the IRS scandal until he read it in the papers.


22 posted on 06/24/2013 11:33:48 AM PDT by RJS1950 (The democrats are the "enemies foreign and domestic" cited in the federal oath)
[ Post Reply | Private Reply | To 19 | View Replies]

To: big'ol_freeper

Does Linux have this “feature” too?


23 posted on 06/24/2013 11:35:41 AM PDT by Carry_Okie (The environment is too complex and too important to be managed by central planning.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: McGruff
I’ve got a nslookup.exe in my System32 folder. Should I be concerned?

Delete it!

24 posted on 06/24/2013 11:38:12 AM PDT by JimRed (Excise the cancer before it kills us; feed &water the Tree of Liberty! TERM LIMITS, NOW & FOREVER!)
[ Post Reply | Private Reply | To 18 | View Replies]

To: big'ol_freeper

er...given Microsoft’s solid reputation for rock solid operating systems...(sarc)...methinks anyone using their stuff had pretty much given up on all thoughts of privacy around twenty years ago.

And yes, there are security holes in every operating system...it’s just that Microsoft has established the standard below which no company operates.


25 posted on 06/24/2013 11:38:32 AM PDT by Da Coyote
[ Post Reply | Private Reply | To 1 | View Replies]

To: RJS1950
Being open source there are plenty of back doors they can sneak into the Linux flavors as well.

And being open source, they can be found pretty darn quick. Unlike MicroSloth, which is closed software, and where the source code is unavailable.

/johnny

26 posted on 06/24/2013 11:40:15 AM PDT by JRandomFreeper (Gone Galt)
[ Post Reply | Private Reply | To 21 | View Replies]

To: RJS1950
Being open source there are plenty of back doors they can sneak into the Linux flavors as well.

That statement just proves you know nothing about open source.

Please research before commenting further.

27 posted on 06/24/2013 11:40:21 AM PDT by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 21 | View Replies]

To: Carry_Okie

No.


28 posted on 06/24/2013 11:41:11 AM PDT by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 23 | View Replies]

To: big'ol_freeper

Does Microsoft protect its Windows own computers from US Government penetration?

If so, how?

If not, wouldn’t their shareholders be interested?


29 posted on 06/24/2013 11:44:30 AM PDT by Steely Tom (If the Constitution can be a living document, I guess a corporation can be a person.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: ShadowAce
Have you ever heard Linus talk about the release process for the kernel? Ain't nothing sneaking in. ;)

/johnny

30 posted on 06/24/2013 11:45:57 AM PDT by JRandomFreeper (Gone Galt)
[ Post Reply | Private Reply | To 27 | View Replies]

To: big'ol_freeper

This I know for sure: if this situation ever begins to be taken seriously by Joe Sixpack (which I doubt will ever happen) you’ll know because it will all be blamed on George Bush.


31 posted on 06/24/2013 11:48:41 AM PDT by Steely Tom (If the Constitution can be a living document, I guess a corporation can be a person.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: big'ol_freeper

How is this different from lock makers giving a master key to the government that opens all locks?

No different.

Illegal. Both.

How about a master car key that lets the gov open your car door?

No different.

Illegal. Both.


32 posted on 06/24/2013 12:04:06 PM PDT by I want the USA back (If I Pi$$ed off just one liberal today my mission has been accomplished.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: big'ol_freeper

This is all so scary...


33 posted on 06/24/2013 12:19:04 PM PDT by foxpro2
[ Post Reply | Private Reply | To 1 | View Replies]

To: Red Steel
advapi32.dll C:\WINDOWS\system32 603 KB Application Ext... 2/9/2009 4:10 AM
advapi32.dll C:\WINDOWS\system32\dllcache 603 KB Application Ext... 2/9/2009 4:10 AM
advapi32.dll C:\WINDOWS\ServicePackFiles\i386 603 KB Application Ext... 4/14/2008 5:41 AM
advapi32.dll C:\WINDOWS\$hf_mig$\KB956572\SP3QFE 603 KB Application Ext... 2/10/2009 7:26 PM

Four different .dll's on my Windows XP computer.

Good Hunting... from Varmint Al

34 posted on 06/24/2013 12:33:20 PM PDT by Varmint Al
[ Post Reply | Private Reply | To 8 | View Replies]

To: Carry_Okie

Linux per se, no. Some implementations of Linux might, but since it’s open source, you can read the source code and cut out or modify any bits you don’t like. That’s the whole point of open source: you’re not buying a license when you get your copy, you own your copy (which you probably got free, though maybe you paid to get some support services from one of the Linux distro companies and got it on a disk you bought from them) and can do what you want with it.


35 posted on 06/24/2013 12:45:22 PM PDT by The_Reader_David (And when they behead your own people in the wars which are to come, then you will know...)
[ Post Reply | Private Reply | To 23 | View Replies]

To: RJS1950

Open Source is the virtue that permits detection of the fault, not the cause of the back door.


36 posted on 06/24/2013 12:49:53 PM PDT by no-s (when democracy is displaced by tyranny, the armed citizen still gets to vote)
[ Post Reply | Private Reply | To 27 | View Replies]

To: big'ol_freeper
Bill Gates NEVER did anything for FREE!

So how much did our Government PAY HIM for this ability to snoop on all of us?

It came out of taxpayers money, I'm sure.

We have a right to know.

Sarah Palin, are you listening?

37 posted on 06/24/2013 1:12:17 PM PDT by eCSMaster (Palin was right (again)!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: no-s

Providing anyone finds the fault. The industry stats have indicated for a while that all OS have faults that are not detected until something very bad happens. They are all software and there aren’t enough geeks in the world to be able to detect the possible backdoors and other faulty code and access schemes. Remember, the software security industry is not the most sophisticated or competent entities in finding and detecting these problems; governments, including the U.S. have the resources and facilities to be on the bleeding edge of computer espionage. The private companies can’t come close to matching these capabilities. No OS, no coding language, and no Browser is truly safe.


38 posted on 06/24/2013 1:43:20 PM PDT by RJS1950 (The democrats are the "enemies foreign and domestic" cited in the federal oath)
[ Post Reply | Private Reply | To 36 | View Replies]

To: The_Reader_David
Linux per se, no. Some implementations of Linux might, but since it’s open source, you can read the source code and cut out or modify any bits you don’t like.

Thanks, beyond my ken. I wrote hex assembly code twenty-five years ago, but have no recent experience with anything but html & css in recent years.

If one runs Windows on top of Linux, is that back door then open? I would assume so.

39 posted on 06/24/2013 2:12:55 PM PDT by Carry_Okie (The environment is too complex and too important to be managed by central planning.)
[ Post Reply | Private Reply | To 35 | View Replies]

To: RJS1950
hey are all software and there aren’t enough geeks in the world to be able to detect the possible backdoors and other faulty code and access schemes.

Not entirely true. We can prove that things are correct. As an example there is Ironsides, which is an implementation of a DNS server which is:

provably invulnerable to many of the problems that plague other servers. It achieves this property through the use of formal methods in its design, in particular the language Ada and the SPARK formal methods tool set. Code validated in this way is provably exception-free, contains no data flow errors, and terminates only in the ways that its programmers explicitly say that it can. These are very desirable properties from a computer security perspective.

40 posted on 06/24/2013 2:39:59 PM PDT by OneWingedShark (Q: Why am I here? A: To do Justly, to love mercy, and to walk humbly with my God.)
[ Post Reply | Private Reply | To 38 | View Replies]

To: Carry_Okie

If you run Windows IN Linux, it is in a sand-boxed Virtual environment.. meaning, it only sees what is inside the box (it can’t even see what hardware you are running since the hardware is virtual too)..
So, unless you check the boxes to allow it outside of the box, it sees nothing but what you put in the box (Win installation and Win apps on the virtual hard disc).


41 posted on 06/24/2013 2:46:12 PM PDT by Bikkuri (Molon Labe)
[ Post Reply | Private Reply | To 39 | View Replies]

To: RJS1950
Providing anyone finds the fault.

If you have the source, it's a lot easier to analyze. But it's not really my point to defend. You effectively asserted open source is just is full of holes as closed source. How can you prove that? None of the other information you cite has anything to do with that, it's all hand-waving in fact. The assertion that private individuals and private or public companies can’t come close to matching the capability of governments is not falsifiable. Now I would prefer to assume government researchers as dreadfully capable assuming they are properly directed; it's always a good idea to look both ways before you cross the street too.

42 posted on 06/24/2013 8:11:36 PM PDT by no-s (when democracy is displaced by tyranny, the armed citizen still gets to vote)
[ Post Reply | Private Reply | To 38 | View Replies]

To: big'ol_freeper

BTTT


43 posted on 06/24/2013 8:12:19 PM PDT by Jet Jaguar
[ Post Reply | Private Reply | To 1 | View Replies]

To: Jet Jaguar

Bookmark


44 posted on 06/25/2013 1:12:46 AM PDT by publana (Beware the olive branch extended by a Dem for it disguises a clenched fist.)
[ Post Reply | Private Reply | To 43 | View Replies]

To: Rio; big'ol_freeper; ShadowAce

Why not another link from 1999 (Bruce Schneier debunking this theory):

http://greenhouse.economics.utah.edu/pipermail/marxism-thaxis/1999-September/015110.html


45 posted on 06/25/2013 7:55:11 AM PDT by AdmSmith (GCTGATATGTCTATGATTACTCAT)
[ Post Reply | Private Reply | To 17 | View Replies]

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson