[OT] more from Cryptome on NSA, Windows firewals, mail services
Eugene Y. Vasserman
eyv at cs.umn.edu
Thu Jan 3 02:42:48 UTC 2008
-----BEGIN PGP SIGNED MESSAGE-----
Thus spake Ringo Kamens, on 1/2/2008 4:17 PM:
> Also, see http://www.schneier.com/essay-198.html
> And yeah, I was talking about the NSA key.
Personally (and god help me), I believe Microsoft when they say the key
is not a key back door key. If it was, I wonder if they would name it
"NSA". Or is that what they want us to think? :)
The Schneier essay about the random number generator is more
interesting, and worth reading.
> Comrade Ringo Kamens
> On Jan 2, 2008 4:24 PM, Nick Mathewson < nickm at freehaven.net
> <mailto:nickm at freehaven.net>> wrote:
> On Wed, Jan 02, 2008 at 02:47:11PM -0600, Eugene Y. Vasserman wrote:
> > Thus spake Ringo Kamens on Sun, 23 Dec 2007:
> > (snip)
> > > Also, we know the NSA and DoJ have engaged in
> > > this type of activity in the past such as "working" with
> Microsoft to
> > > secure vista and having their private key inserted into windows
> > > versions so they could decrypt things.
> > I've heard of the Vista bit, but what are you referring to, as far as
> > having a decryption key for Windows stuff? I know they had one in...
> > What was it? Lotus Notes?
> He's probably referring to the "NSAKey" key in NT 4. For more
> information, see
> It's a secondary code-signing key, allegedy to be used if their
> primary code signing key needed to be revoked.
> If you believe Microsoft, the key was called "_NSAKEY" because it was
> introduced in order to meet NSA requirements for a secondary key.
> Naming things after the software or organization that requires them,
> rather than after their actual purpose, is not unusual for Microsoft:
> Their office XML spec is littered with stuff like the notorious
> Personally, I don't believe that contemporary operating systems are so
> secure that the NSA would rather have security holes custom-built for
> it instead of just using the ones that are already there.
Eugene Y. Vasserman
Ph.D. Candidate, University of Minnesota
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the tor-talk