It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Thank you.
Some features of ATS will be disabled while you continue to use an ad-blocker.
Careless mistake reveals subversion of Windows by NSA.
A CARELESS mistake by Microsoft programmers has revealed that special access codes prepared by the US National Security Agency have been secretly built into Windows. The NSA access system is built into every version of the Windows operating system now in use, except early releases of Windows 95 (and its predecessors). The discovery comes close on the heels of the revelations earlier this year that another US software giant, Lotus, had built an NSA "help information" trapdoor into its Notes system, and that security functions on other software systems had been deliberately crippled.
Researchers are divided about whether the NSA key could be intended to let US government users of Windows run classified crypto systems on their machines or whether it is intended to open up anyone's and everyone's Windows computer to intelligence gathering techniques deployed by NSA's burgeoning corps of "information warriors".
According to Fernandez of Cryptonym, the result of having the secret key inside your Windows operating system "is that it is tremendously easier for the NSA to load unauthorized security services on all copies of Microsoft Windows, and once these security services are loaded, they can effectively compromise your entire operating system". The NSA key is contained inside all versions of Windows from Windows 95 OSR2 onwards.
"It's not a backdoor. No data encryption is done with these keys; they are signing keys only," said Culp... Microsoft's security product manager
This "bug" in Windows is NOT a trojan horse or an attack on your system, nor can it even remotely be used by government agencies to gain access to any machine by itself. In order to gain access to your machine, a separate executable program, Microsoft _javascript, ASP script or ActiveX control must interface with the flawed libraries in order to exploit this hole.
Privacy Software Corporation has studied this issue extensively over a five day period following the release of a security alert by Cryptonym on August 31, 1999 and has come to conclusions radically different from those reached by Cryptonym and reports in various media since the report was released by Cryptonym.We have determined that the "_nsakey" discovered by Cryptonym is in fact nothing more than a second "public key" and is not in any way, shape or form a "back door."