WingNews logo WingNews
top | item 19322296

(no title)

woodman | 7 years ago

> I'm sorry, but this seems a little naive.

https://en.wikipedia.org/wiki/NSAKEY.

I thought everybody already knew that US corporations serve as an extension to the surveillance apparatus. Remember all the corporations fighting against the government's mandate at an artificially crippled maximum keysize of 40 bits, in order to allow continued surveillance in the 90s? Yeah, neither do I.

discuss

order

geofft|7 years ago

The claim is not "naive" as in "of course the NSA wouldn't want to exploit things, they're innocent angels", the claim is "naive" as in "they have better ways to exploit things."

Interpreting _NSAKEY as an NSA backdoor is similarly naive. First, it's named _NSAKEY. Surely they could name it something else. Second, its purpose was reverse-engineered, and it's capable of signing cryptography modules, same as the existing Microsoft key named _KEY. Anything that could be done through _NSAKEY could also be done through _KEY, so it would be easy for the NSA to just ask for a copy of _KEY such that nobody would notice. The conspiracy theory makes no sense - it's like saying "$politician is trying to take away our freedoms by pouring mind-control agents into the water" when $politician is just straight-up signing bills to take away your freedoms.

woodman|7 years ago

It was a debugging symbol that a Microsoft developer either negligently or heroically included in a public release... so that explains away the "nobody would be so stupid" argument. You are aware of how the Intel ME killswitch was located right? A commented xml file included with the flashing software helpfully informed anybody willing to look that a field was related to the NSA's High Assurance Platform program. This was after ten years of security researchers pointing at the fact that this was a backdoor. For whatever reason both Intel and the NSA were happy to let the public remain needlessly vulnerable all that time... But yeah, I'm just like one of those water fluoridation loons. The NSA wasn't at all hamfisted in the intentional weakening of elliptic curves and blatant RSA bribery, this isn't an obvious pattern emerging.