[OT] more from Cryptome on NSA, Windows firewals, mail services
Eugene Y. Vasserman
eyv at cs.umn.edu
Thu Jan 3 02:58:24 UTC 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Thus spake Ringo Kamens, on 1/2/2008 8:51 PM:
> A new vista service pack just "upgraded" to that "backdoored" random
> number algorithm. Suit yourself in believing Microsoft.
I'm not defending Microsoft, I'm just trying to see things from both
sides. They're not NECESSARILY adding a back door. The algorithm is
included in a standards document - Microsoft added it because some
customers will ask for it. SP1 also adds AES-GMAC.
Eugene
> Comade Ringo Kamens
>
> On Jan 2, 2008 9:42 PM, Eugene Y. Vasserman < eyv at cs.umn.edu
> <mailto:eyv at cs.umn.edu>> wrote:
>
> Thus spake Ringo Kamens, on 1/2/2008 4:17 PM:
>> Also, see http://www.schneier.com/essay-198.html
>> And yeah, I was talking about the NSA key.
>
> Personally (and god help me), I believe Microsoft when they say the key
> is not a key back door key. If it was, I wonder if they would name it
> "NSA". Or is that what they want us to think? :)
> The Schneier essay about the random number generator is more
> interesting, and worth reading.
>
> Eugene
>
>> Comrade Ringo Kamens
>
>> On Jan 2, 2008 4:24 PM, Nick Mathewson < nickm at freehaven.net
> <mailto:nickm at freehaven.net>
>> <mailto:nickm at freehaven.net <mailto:nickm at freehaven.net>>> wrote:
>
>> On Wed, Jan 02, 2008 at 02:47:11PM -0600, Eugene Y. Vasserman
> wrote:
>> > Thus spake Ringo Kamens on Sun, 23 Dec 2007:
>> >
>> > (snip)
>> > > Also, we know the NSA and DoJ have engaged in
>> > > this type of activity in the past such as "working" with
>> Microsoft to
>> > > secure vista and having their private key inserted into
> windows
>> > > versions so they could decrypt things.
>> >
>> > I've heard of the Vista bit, but what are you referring to,
> as far as
>> > having a decryption key for Windows stuff? I know they had
> one in...
>> > What was it? Lotus Notes?
>
>> He's probably referring to the "NSAKey" key in NT 4. For more
>> information, see
>> http://en.wikipedia.org/wiki/Nsakey
>
>> It's a secondary code-signing key, allegedy to be used if their
>> primary code signing key needed to be revoked.
>
>> If you believe Microsoft, the key was called "_NSAKEY" because
> it was
>> introduced in order to meet NSA requirements for a secondary key.
>> Naming things after the software or organization that requires
> them,
>> rather than after their actual purpose, is not unusual for
> Microsoft:
>> Their office XML spec is littered with stuff like the notorious
>> AutoSpaceLikeWord95.
>
>> Personally, I don't believe that contemporary operating
> systems are so
>> secure that the NSA would rather have security holes
> custom-built for
>> it instead of just using the ones that are already there.
>
>> peace,
>> --
>> Nick
>
>
>
- --
Eugene Y. Vasserman
Ph.D. Candidate, University of Minnesota
http://www.cs.umn.edu/~eyv/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iFcDBQFHfE9Qb9W6r3tKSVIRCFCkAQCPtuiKxhgKtxW2Id1PWP0eflsijZLfQ0E7
VpMKZkyicgD+KoadZMAVD9D4gVIW6jRb/foF6ep34f+1KxKgygGOtHg=
=I1sB
-----END PGP SIGNATURE-----
More information about the tor-talk
mailing list