Secret backdoor conspiracy theory: Criticism of MS Windows

Secret backdoor conspiracy theory

In 1999 Andrew Fernandez, chief scientist with Cryptonym of Morrisville, North Carolina found a cryptographic public key stored in the variable _KEY and a second key labeled NSAKEY. The discovery lead to a flurry of speculation and conspiracy theories; such as the second key could be owned by the United States National Security Agency (the NSA), and that it could allow the intelligence agency to subvert any Windows user's security. Also researcher Dr. Nicko van Someren discovered these cryptographic keys and a third key in the ADVAPI.DLL file which, at that time, existed in Windows 2000 before its release. Concerns were raised about CPUs with encrypted instruction sets which, if they existed during that time, would have made it impossible to discover the cryptographic keys.

Microsoft denied the allegations — Microsoft attributes the naming of the key was due to a technical review by the NSA pointing out a backup key was required to conform to regulations.

No evidence other than the name of the key has ever been presented that the key enabled a backdoor.

Cryptographer and computer security specialist Bruce Schneier has also argued against the conspiracy theory pointing out that if the NSA wanted a back door into Windows with Microsoft's consent, they would not need their own cryptographic key to do so.

The cryptographic keys have been included in all versions of Windows from Windows 95 OSR2 onwards.

[SOURCE] http://en.wikipedia.org/wiki/Criticism_of_Microsoft_Windows#Secret_backdoor_conspiracy_theory

[RELATED] http://en.wikipedia.org/wiki/NSAKEY

The Free Software Foundation Campaigning to Stop UEFI SecureBoot

The Free Software Foundation is on an offensive against restricted boot systems and is busy appealing for donations and pledge in the form of signatures in a bid to stop systems such as the UEFI SecureBoot from being adopted on a large-scale basis and becoming a norm in the future.

The FSF, through an appeal on its website, is requesting users to sign a pledge titled "Stand up for your freedom to install free software" that they won’t be purchasing or recommending for purchase any such system that is SecureBoot enabled or some other form of restricted boot techniques. The FSF has managed to receive, as of this writing, over 41,000 signatures. Organizations like the Debian, Edoceo, Zando, Wreathe and many others have also showed their support for the campaign.

The Foundation acknowledges that SecureBoot, if implemented correctly, will help protect systems from malware and other such threats. But, it believes that Microsoft and other hardware manufacturers will implement boot restrictions thus preventing users from installing other operating systems. “...we are concerned that Microsoft and hardware manufacturers will implement these boot restrictions in a way that will prevent users from booting anything other than Windows”,reads the appeal.

Beyond the signatures, FSF is also asking individuals to come forward and donate $50 USD (minimum) for the cause of stopping the SecureBoot. “We need to raise $350,000 by January 31st to help us amplify your voices in 2013. Please, donate today to help us turn up the volume”, notes the campaign page. You can find more information on the campaign here.

SecureBoot has received a lot of criticism from various open source organizations. Promoters of Linux such as the Linux Foundation have already started working towards coming up with ways to make Linux work on UEFI enabled hardware. The Linux Foundation recently released a minimal UEFI SecureBoot preloader that will enable users to install Linux distributions on SecureBoot hardware.

Source: http://paritynews.com/software/item/530-the-free-software-foundation-campaigning-to-stop-uefi-secureboot