Hacker News new | past | comments | ask | show | jobs | submit login

Using Bitlocker over open source software makes zero sense. Thanks to Snowden we know for a fact that Microsoft backdoored many of their products and gave access to NSA.

I would be shocked if Bitlocker doesn't have a backdoor.




I also shudder at the thought of Bitlocker being the de facto standard for the average American's crypto needs. Microsoft is consistently the first to kneel before any and every demand of the NSA at the behest of their board members. Skype is a prime example. They were willfully deceptive about their ability to collect and record calls and metadata on the Skype network. Microsoft started working on integrating the NSA's PRISM into skype 8 months before they even purchased it. Well, that or they bought it with full knowledge of the PRISM integration and active deception and never planned to mention it to the public until the Snowden leaks forced their hand. Of course they say they only ever took action in accordance with their legal obligations and only after careful review, but their actions would appear to speak for themselves IMO. Bitlocker is no different from Skype. It's probably fine if you're trying to protect yourself from the prying eyes of an average citizen but it is also probably entirely useless against someone with enough influence and/or connection to the government's secret ops.

http://www.theguardian.com/world/2013/jul/11/microsoft-nsa-c...



tl;dr:

The crypto component of Windows was discovered to have a 1024-bit public key embedded within it whose symbol name is _NSAKEY. The "obvious" assumption was that this permits the NSA to read, sign, or authenticate anything for Windows. Microsoft denies this and says that "we have not shared this key with the NSA or any other party".

I remember when this story first broke. I thought it would lead to major embarrassment and repercussions for Microsoft. Boy was I wrong. There was no news coverage; other than a small subset of techies, nobody was concerned; and as far as I know, Microsoft never gave a technical explanation of how it was intended to be used.


There was no news coverage because virtually no expert in the field believes it to have been an NSA backdoor. The arguments suggesting it is were debunked by Bruce Schneier more than a decade ago. Among them, the obvious: Microsoft held the other key, the "non-NSAKEY" key, and could do anything that the NSAKEY can do. If NSA can coerce Microsoft into adding a whole new signing key, it could just as easily have coerced Microsoft into signing things with Microsoft's own key. Given that, an "NSAKEY" backdoor is irrational.

In promoting the notion that "NSAKEY" is a backdoor, you're lining up against the likes of Bruce Schneier and lining up alongside the likes of WorldNetDaily, which is indeed among the top Google search results for [NSAKEY backdoor].




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: