|
Posted by Unruh on January 14, 2007, 6:17 pm
If you were Registered and logged in, you could reply and use other advanced thread options
>On 14 Jan 2007, in the Usenet newsgroup comp.security.misc, in article
>>Someone just re-posted to a link-sharing site the old
>>Duncan Campbell article from 1999 about the NSA backdoor or
>>trapdoor into Windows.
>Yeah, old legends never die. Did you try a search at groups.google.com
>looking in the "alt.folklore.urban" newsgroup?
>>It's now almost 8 years later, but the question is, does such a
>>backdoor still exist?
>You want to think about that. Those who _know_ aren't going to tell
>you - because it would be highly classified information. Not only would
>they not tell you, they wouldn't even hint one way or the other. It's
>supposed to be a secret, and it wouldn't be a secret if every klown in
>the world had a friend who heard from a secret source that it's actually
>there. Further, since revealing secret information is a federal felony,
>do you really think anyone who knows would risk jail time to tell you?
>You _could_ ask at a university or company that has the windoze source
>code, but there are two problems - first, anyone who can actually view
>the source code has signed a Non-Disclosure-Agreement, and would violate
>that to tell you. Second, do you really think anyone - even the typical
>idiot programmer hired by microsoft - would be st00pid enough to hang a
>sign on the source code saying "NSA Back Door". They can't program worth
>a damn, but even the lamest mystery writer knows that you use code words
>that have nothing to do with the actual secret - that's been a common
>trick since the Old Testament.
>While it is illegal to "reverse engineer" (the actual term would be to
The courts have ruled that it is perfectly legal to reverse engineer,
unless you have signed a specific contract ( not license, contract) not to
do so, and then it is a violation of the contract, not violation of the
law.
>"disassemble") software in the United States (and microsoft would bring
>legal action if you did), it's not illegal elsewhere, and foreign
>government agencies don't care about laws anyway. Have you heard of
>that many foreign governments refusing to use windoze? Outside of China,
>France, Germany, and several smaller nations like Peru who may or may not
>have other reasons for rejecting the crap that comes out of Redmond, can
>you think of any? Don't you think they'd LOOK?
>By the way, you may also want to look at your browser, and determine
>whose algorithms it is using when you go to a secure website - one that
>causes that cute little padlock icon, that begin with "https:" rather
>than just "http:". (Oh, crap - they've got your credit card number too!)
>Maybe you want to look at RFC4772 - any search engine will find it:
>4772 Security Implications of Using the Data Encryption Standard
> (DES). S. Kelly. December 2006. (Format: TXT=68524 bytes) (Status:
> INFORMATIONAL)
>And in case you are wondering, no - the world is not restricted to only
>use windoze on their computers. You may have heard that there is an
>alternative - maybe you've even seen a Macintosh (which doesn't run
>windoze). Maybe you've even heard that there are other alternatives.
>There is one called Linux - see http://www.distrowatch.com - but you
>probably won't want to use that either, because it has hooks in the
>code for something called SELinux - maybe if you used a search engine,
>you might even find out what that is - or I could save you a few seconds
>at google by giving you a URL to look at: http://www.nsa.gov/selinux/
> Old guy
| 
XML site map