Deep Dives Research Challenge #6 (Cryptome Archive) - _NSAKEY
For this edition of the Cryptome Deep Dives Research Challenge, we delve into the controversial and still extremely relevant issue of backdoors embedded within popular operating systems and software packages, with collaboration between the tech industry and the global intelligence apparatus. These operating systems and software packages are sold and widely distributed to the general public and corporations all around the world as a standard pre packaged model, making it almost impossible to avoid any of the serious repercussions involved. There are many reasons why this is a priority for the intelligence agencies, and as we have seen with the major leaks and disclosures in recent years, bulk data gathering and mass surveillance are two of the main reasons.
In 1999, Andrew D. Fernandes of Cryptonym Corporation discovered a variable cryptographic key called _NSAKEY embedded into Windows NT 4 Service Pack 5 software released in 1996 by Microsoft. The variable contained a public key which could be openly distributed and accessed widely within the software and amongst the intelligence agencies, whilst still controlling and maintaining secrecy with the ownership of the private keys held for decryption.
You can find the source of the above diagram and an explanation of how this exploit was discovered and defined in a research paper published by Cryptonym Corporation and viewable on the wayback machine webpage.
An overview from the Wikipedia page on the _NSAKEY Debacle:
Microsoft's operating systems require all cryptography suites that work with its operating systems to have a digital signature. Since only Microsoft-approved cryptography suites can be installed or used as a component of Windows, it is possible to keep export copies of this operating system (and products with Windows installed) in compliance with the Export Administration Regulations (EAR), which are enforced by the US Department of Commerce and Bureau of Industry and Security(BIS).
It was already known that Microsoft used two keys, a primary and a spare, either of which can create valid signatures. Microsoft had failed to remove the debugging symbols in ADVAPI32.DLL, a security and encryption driver, when it released Service Pack 5 for Windows NT 4.0, and Andrew Fernandes, chief scientist with Cryptonym, found the primary key stored in the variable _KEY and the second key was labelled _NSAKEY. Fernandes published his discovery, touching off a flurry of speculation and conspiracy theories, including the possibility that the second key was owned by the United States National Security Agency (the NSA) and allowed the intelligence agency to subvert any Windows user's security.
As we can see, the entire process is overseen or approved in compliance with the same bureaucratic offshoots of agencies and departments involved in the National Security mantra, as justification for every action that is taken in all of these matters. Also of course, many of these occurrences and controversies are instantly and widely denounced as paranoid ‘conspiracy theories’ without any real investigation to prove otherwise (only denial).
Microsoft themselves published an official response with regards to the allegations of a probable NSA backdoor embedded within windows, put forward by Andrew D. Fernandes.
At the time Microsoft denied all allegations in full stating; “Microsoft does not leave "back doors" in our products. This is in keeping with our historical stance on this issue. For instance, we have opposed the various key escrow proposals that have been suggested by the government, because we don't believe they are in the best interests of consumers or the industry.” With all the recent and ongoing revelations however, we now know this was most likely not the case. Who knew what, and how much they knew, is of course a matter for debate….
In a very interesting series of email correspondence published on cryptome.org, a discussion between Duncan Campbell Electronic Privacy Information Center and Microsoft’s Richard Purcell and Scott Culp took place at the time of the controversy, discussing the _NSAKEY debate.
There seems to have been a lot of circling and direct avoidance of more in depth questions, after initially answering a lot of concerns about the _NSAKEY itself. Then finally, a completer lack of response once the questions got a little too difficult.
Microsoft has since of course, publicly acknowledged that NSA backdoors or ‘exploits’ were and have been inserted within its operating system, by stating that they have now patched “most” of them against further vulnerabilities and exploits.
What I found interesting myself, is this mission statement that can be found on the NSA’s own website on what “research they do”.
To me this reads as the exact accusations that have been levelled at the agency and corporations such as Microsoft, who publicly deny any such covert behaviour!
It’s a game of cat and mouse of PR hysteria and denial, until eventually the revelations are brought out into the public sphere and proven accurate on many occasions. A very effective tactic and time wasting exercise until it’s too late and the damage has already been done. It seems to me that these entities are only too happy to collude to effect the changes they are after, in the direct opposition of public debate and the breaching of all privacy laws against the citizenry of the world.
For more reading on the widespread use and likelihood of backdoors embedded within the windows operating system since its inception, I suggest reading some of the articles listed below.
How NSA access was built into Windows
HOW A CRYPTO 'BACKDOOR' PITTED THE TECH WORLD AGAINST THE NSA
Microsoft: NSA snooping? Code backdoors? Our hands are clean!
Microsoft handed the NSA access to encrypted messages
NSA Built Back Door In All Windows Software by 1999
NSA has total access via Microsoft Windows
Microsoft gives NSA backdoor, complains about exploits
I personally found NSAKey in Win98 in the registry back in the day. I am not confident such a key did not exist in prior software products released by Microshaft, and indeed, all commercial OSes and commercial softwares.
My assumption is they did, and always has been. Further I am confident that all commercially available chips are provided with backdoors by manufacturers.
Unless you have written the code yourself, designed, and crafted the chip yourself, the assumption should be that it is not secure.
Thanks!
Hey @valued-customer. First of all apologies for the delayed reply. I'm having huge issues with my own PC ATM and I actually thought at one stage that I wasn't going to be able to complete this article by the deadline, so it's a slightly watered down version of what I was originally planning! I completely agree with your comments. As users of these technologies we really are at the mercy of these manufacturers who design these systems and software with these built in back doors and exploits provided by the intelligence apparatus. Unless as you say, you code and build it yourself, just assume it's not completely secure and will be used as a data collection and monitoring service. I also think they were built this way from day one, anticipating the information world we would be living in currently...Thanks for your input!
Posted using Partiko Android
Back doors Bug doors, there also are a few 'bugs' that mysteriously got ignored and 'muted' from the knowledge base. And those later turned out to be very popular with the spy agencies. Back then it was easy to find these bugs in the knowledge base, as those where the ones where a description was missing.
It was stuff like this, that made me move away from Micro$oft
Great article @palikari123
Ty @bifilarcoil:) The bugs are always there lol.
Posted using Partiko Android
Thanks for the deep dive. It's interesting and scary. Information is power however and I am better off after reading this. I assumed for a long time that these people had backdoors into everything. I shared on the other entry earlier that all of this stuff is simply just the hand-me-downs of the military industrial complex. Stuff like this they perfect it to a point where they can take full advantage of it and then release it to the public and watch as the data they want rolls right in. It's a sad reality where these backdoors exist but also that people willingly let these things happen. For example, you download an app and it asks you for permission to see your contacts, your photos and other personal data on your phone such as what Fakebook requests. I did at one point, accept it without even giving it a second thought! I have since deleted my Fakebook app and account but so many people just give them all the access they want without having a second thought. Then the complaining years later when they are told that they sell all of their information as if that was something you couldn't figure out with a little bit of critical thinking.
Keep up the dives! I enjoy reading them.
Exactly! Thanks for stopping by and leaving such a great comment:) I hope we can continue to provide you and other readers some more interesting and important content for sharing on this platform...
Posted using Partiko Android
Curated for #informationwar (by @openparadigm)
Our purpose is to encourage posts discussing Information War, Propaganda, Disinformation and other false narratives. We currently have over 7,500 Steem Power and 20+ people following the curation trail to support our mission.
Join our discord and chat with 250+ fellow Informationwar Activists.
Join our brand new reddit! and start sharing your Steemit posts directly to The_IW, via the share button on your Steemit post!!!
Connect with fellow Informationwar writers in our Roll Call! InformationWar - Leadership/Contributing Writers/Supporters: Roll Call
Ways you can help the @informationwar
I upvoted your post.
Best regards,
@Council
Posted using https://Steeming.com condenser site.
Congratulations! This post has been upvoted from the communal account, @minnowsupport, by palikari123 from the Minnow Support Project. It's a witness project run by aggroed, ausbitbank, teamsteem, someguy123, neoxian, followbtcnews, and netuoso. The goal is to help Steemit grow by supporting Minnows. Please find us at the Peace, Abundance, and Liberty Network (PALnet) Discord Channel. It's a completely public and open space to all members of the Steemit community who voluntarily choose to be there.
If you would like to delegate to the Minnow Support Project you can do so by clicking on the following links: 50SP, 100SP, 250SP, 500SP, 1000SP, 5000SP.
Be sure to leave at least 50SP undelegated on your account.