Jump to content



Photo

How NSA access was built into Windows

nsa back door windows

  • Please log in to reply
77 replies to this topic

#16 Growled

Growled

    Neowinian Senior

  • 41,508 posts
  • Joined: 17-December 08
  • Location: USA

Posted 26 June 2013 - 00:54

Of course there is a NSA key in Windows. They'd be crazy not to put one in it.




#17 Silpheed2K

Silpheed2K

    Neowinian

  • 299 posts
  • Joined: 30-September 05

Posted 26 June 2013 - 06:57

Don't forget process monitor and network firewalls, And what about all those people on slow wan links wouldn't they notice it ?

You can actually hide stuff from process monitor. Good malware writers know this.

#18 thomastmc

thomastmc

    Unofficial Attorney of Neowin

  • 1,329 posts
  • Joined: 18-July 12
  • Location: Kansas City
  • OS: Windows 8.1 Pro
  • Phone: Lumia 928

Posted 26 June 2013 - 07:42

Any articles from last decade? Or, better yet, this decade?

 

Forget about encryption, if they wanted a real backdoor to any system and it was built from the lab into all RTM and retail copies that left MS, no one except those developers would ever know it was there. It would lay dormant until activated over the net or locally by an NSA agent. If it's ever needed it's activated and then loses much of it's stealth, but unless you know what you're looking for and how to look for it, it would be almost impossible to detect because it would use the OS's internal mechanisms legitimately to disguise it's activity. It wouldn't be "malware", or a rootkit, it would be a kernel level legitimate function of the system, designed to work with the system as any other legitimate mechanism does. It might even be wrapped by a legitimate and benign piece of the standard system.

 

It would probably also communicate through a protocol that is hidden intentionally on the network, by other additions by the NSA into software, such as routers. You'd probably have to write special code to even have a chance of finding it, and you'd have to know what you're looking for to write the code. Chicken and the egg. Then you'd still have to get the NSA to activate the backdoor on a system you're testing. By the time even someone educated and paranoid (or curious) enough found what they were looking for, it'd be too late, at least for them.



#19 JonnyLH

JonnyLH

    I say things.

  • 1,181 posts
  • Joined: 15-February 13
  • Location: UK
  • OS: W8, W7, WP8, iOS, Ubuntu
  • Phone: Nokia Lumia 920

Posted 26 June 2013 - 08:24

Any articles from last decade? Or, better yet, this decade?

 

Forget about encryption, if they wanted a real backdoor to any system and it was built from the lab into all RTM and retail copies that left MS, no one except those developers would ever know it was there. It would lay dormant until activated over the net or locally by an NSA agent. If it's ever needed it's activated and then loses much of it's stealth, but unless you know what you're looking for and how to look for it, it would be almost impossible to detect because it would use the OS's internal mechanisms legitimately to disguise it's activity. It wouldn't be "malware", or a rootkit, it would be a kernel level legitimate function of the system, designed to work with the system as any other legitimate mechanism does. It might even be wrapped by a legitimate and benign piece of the standard system.

 

It would probably also communicate through a protocol that is hidden intentionally on the network, by other additions by the NSA into software, such as routers. You'd probably have to write special code to even have a chance of finding it, and you'd have to know what you're looking for to write the code. Chicken and the egg. Then you'd still have to get the NSA to activate the backdoor on a system you're testing. By the time even someone educated and paranoid (or curious) enough found what they were looking for, it'd be too late, at least for them.

Hows the tin foil hat?



#20 REM2000

REM2000

    Neowinian Senior

  • 2,266 posts
  • Joined: 20-July 04
  • Location: UK

Posted 26 June 2013 - 08:42

Hows the tin foil hat?

 

yeah it's not like the NSA has been caught accessing information from all major cloud providers... oh wait

 

It's pretty obvious that Windows has had a back door for use by government organisations, i wouldn't be surprised if MacOSX had it too. Oh course they are not going to be using it all the time, however i can imagine some kind of remote execution ability. Linux and Open source in general i would be more surprised about as it would be a lot easier to discover this through open source.

 

However it's worth taking stock, we know that government agencies have had access to cloud services, a few years ago it was proven that BlackBerry has done the same for it's messaging systems

 

http://www.guardian....onitored-emails

 

It's the way of the world, it would be nice if governments were a little more transparent and i hope people continue to fight for freedoms of information, but this kind of stuff has been going on for centuries with governments intercepting, phone calls, letters, telegrams etc.. The only difference is that with each passing year it's getting easier and easier to collect more and more information.



#21 JonnyLH

JonnyLH

    I say things.

  • 1,181 posts
  • Joined: 15-February 13
  • Location: UK
  • OS: W8, W7, WP8, iOS, Ubuntu
  • Phone: Nokia Lumia 920

Posted 26 June 2013 - 08:53

yeah it's not like the NSA has been caught accessing information from all major cloud providers... oh wait

 

It's pretty obvious that Windows has had a back door for use by government organisations, i wouldn't be surprised if MacOSX had it too. Oh course they are not going to be using it all the time, however i can imagine some kind of remote execution ability. Linux and Open source in general i would be more surprised about as it would be a lot easier to discover this through open source.

 

However it's worth taking stock, we know that government agencies have had access to cloud services, a few years ago it was proven that BlackBerry has done the same for it's messaging systems

 

http://www.guardian....onitored-emails

 

It's the way of the world, it would be nice if governments were a little more transparent and i hope people continue to fight for freedoms of information, but this kind of stuff has been going on for centuries with governments intercepting, phone calls, letters, telegrams etc.. The only difference is that with each passing year it's getting easier and easier to collect more and more information.

To protect National Security? Do you condone events like Boston or a possible terrorist threat on the Olympics? 

 

The people which create these programs are normal people, they're doing it to protect national security not to see what porn people are watching. If there was a backdoor to any software system, it would of been found by now. You'd be able to spot it a mile off. Another point is, who's computer here actually has a public IP address? If not, you're sitting behind a NAT which will not let any un-prompted connections incoming unless the client initialized it. So a backdoor wouldn't even work in todays Internet.

 

So once again, hows the tinfoil hat?



#22 +Nik L

Nik L

    Where's my pants?

  • 33,999 posts
  • Joined: 14-January 03

Posted 26 June 2013 - 08:58

Do you condone events like Boston

Oh dear.  You just threw your entire argument out of the window with that one ridiculous yet (hopefully) rhetorical question.



#23 JonnyLH

JonnyLH

    I say things.

  • 1,181 posts
  • Joined: 15-February 13
  • Location: UK
  • OS: W8, W7, WP8, iOS, Ubuntu
  • Phone: Nokia Lumia 920

Posted 26 June 2013 - 09:01

Oh dear.  You just threw your entire argument out of the window with that one ridiculous yet (hopefully) rhetorical question.

Condoning a system which supports national security is indirectly related to events like this. Stop being so up-tight.



#24 +Nik L

Nik L

    Where's my pants?

  • 33,999 posts
  • Joined: 14-January 03

Posted 26 June 2013 - 09:02

Stop being so up-tight.

Accusations of me being "up-tight" do not help your argument.



#25 thomastmc

thomastmc

    Unofficial Attorney of Neowin

  • 1,329 posts
  • Joined: 18-July 12
  • Location: Kansas City
  • OS: Windows 8.1 Pro
  • Phone: Lumia 928

Posted 26 June 2013 - 09:04

A possible terrorist threat on the Olympics?

 

Oh my gosh, you're so paranoid. How's the tin foil flack jacket? (That game can be played both ways. Don't dismiss what I said as if I'm paranoid. I was just stating what is possible, as you just did).

 

If there was a backdoor to any software system, it would of been found by now. You'd be able to spot it a mile off. Another point is, who's computer here actually has a public IP address? If not, you're sitting behind a NAT which will not let any un-prompted connections incoming unless the client initialized it. So a backdoor wouldn't even work in todays Internet.

 

So once again, hows the tinfoil hat?

 

You don't know what you're talking about, by the way.



#26 JonnyLH

JonnyLH

    I say things.

  • 1,181 posts
  • Joined: 15-February 13
  • Location: UK
  • OS: W8, W7, WP8, iOS, Ubuntu
  • Phone: Nokia Lumia 920

Posted 26 June 2013 - 09:08

Oh my gosh, you're so paranoid. How's the tin foil flack jacket? (That game can be played both ways. Don't dismiss what I said as if I'm paranoid. I was just stating what is possible, as you just did).

 

 

You don't know what you're talking about, by the way.

Really, my job positions tell me other wise. Ran a hosting company when I was 14 and worked at 3 of the top ISP's in the UK and I'm only 21. I even help the GCHQ set up their scheme for an ISP I worked at, at the time. So please give me points against my argument to make me think otherwise.

 

I'm paranoid? You do realise that the possible threat was confirmed by the GCHQ when the project got announced right? So when you try and discuss a topic, understand it before you make remarks.


Accusations of me being "up-tight" do not help your argument.

Remarks against the nature of which I'm trying to discuss my points doesn't give any more base to your argument. Mine still stands. It was far-right statement, but its relevant.



#27 thomastmc

thomastmc

    Unofficial Attorney of Neowin

  • 1,329 posts
  • Joined: 18-July 12
  • Location: Kansas City
  • OS: Windows 8.1 Pro
  • Phone: Lumia 928

Posted 26 June 2013 - 09:15

Really, my job positions tell me other wise. Ran a hosting company when I was 14 and worked at 3 of the top ISP's in the UK and I'm only 21. I even help the GCHQ set up their scheme for an ISP I worked at, at the time. So please give me points against my argument to make me think otherwise.

 

I'm paranoid? You do realise that the possible threat was confirmed by the GCHQ when the project got announced right? So when you try and discuss a topic, understand it before you make remarks.

 

So you've done all of that and you think a simple NAT is going to protect you from the NSA? Especially if they were able to get access to and manipulate proprietary source code at the manufacturer level? Why don't we just secure everything behind a NAT and thwart all of the hackers in the entire world then? No need to keep all of those sensitive networks off the public net anymore, you've figured it out :)

 

Did you read in the parentheses? I was making point there that you missed entirely.



#28 +Nik L

Nik L

    Where's my pants?

  • 33,999 posts
  • Joined: 14-January 03

Posted 26 June 2013 - 09:17

Remarks against the nature of which I'm trying to discuss my points doesn't give any more base to your argument. Mine still stands. It was far-right statement, but its relevant.

My argument?  My argument is that by asking that inane question you have undermined any rationality that you have.  Your arguments before then were fairly sound (I may not agree, but the way you argued was sound).  But that stupid question wholly undermined that.



#29 JonnyLH

JonnyLH

    I say things.

  • 1,181 posts
  • Joined: 15-February 13
  • Location: UK
  • OS: W8, W7, WP8, iOS, Ubuntu
  • Phone: Nokia Lumia 920

Posted 26 June 2013 - 09:24

So you've done all of that and you think a simple NAT is going to protect you from the NSA? Especially if they were able to get access to and manipulate proprietary source code at the manufacturer level? Why don't we just secure everything behind a NAT and thwart all of the hackers in the entire world then? No need to keep all of those sensitive networks off the public net anymore, you've figured it out :)

 

Did you read in the parentheses? I was making point there that you missed entirely.

Are you kidding me? NAT doesn't block incoming by choice, its just technically how it works. I could lecture you for a day about NAT translation tables if you want and all the different types of NAT. The fact of the matter is, NAT only allows incoming connections if they're initialised by the client on the end. There is P2P protocols etc, but then again, initialised by the client.

 

It wouldn't happen, and if it did, it'd get spotted very quickly.


My argument?  My argument is that by asking that inane question you have undermined any rationality that you have.  Your arguments before then were fairly sound (I may not agree, but the way you argued was sound).  But that stupid question wholly undermined that.

Emotion doesn't portray well through text, and its a subject matter I feel very strongly about currently. Its my area of work, and like stated before, I even racked the equipment to do this for the GCHQ. It was a very unrational and far-right statement. The disagreement with a snooping platform like this isn't directly related to the opinion of extremism I know. I just struggle to see how people can condone this when its for the greater good. I honestly pass the motion that a terrorist attack would of happened if it weren't for these platforms.



#30 +Nik L

Nik L

    Where's my pants?

  • 33,999 posts
  • Joined: 14-January 03

Posted 26 June 2013 - 09:48

I just struggle to see how people can condone this when its for the greater good.

 

I'm sorry, but do you know what condone means?  It means to give approval to.  You don't see how someone can give approval to something that's for the greater good?  Have you got your argument confused somewhere?