Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Orwell's country wants Big Brother backdoor in Vista cipher!
From: Simon Smith <simon () snosoft com>
Date: Fri, 17 Feb 2006 10:11:58 -0500

Yet another premature reliance on an unproved technology.

This chip is yet another premature reliance on an unproved technology.
This chip will not protect computer users, or their respective data.
This chip will cause problems for legitimate users and potentially
protect black hats.

Examples

   1. Forensic research: This chip will cause harm to any company who's
      primary service offering is forensic research (Encase).
   2. If my motherboard fails, how the hell am I going to replace it if
      my damn hard-disk is encrypted and I can't get at the key (all of IT)?


Hinder legitimate research?
"The system is aimed at preventing tampering with computers but it would
also help prevent people from downloading unlicensed films or media."

Forensic research moot or just hindered?
"An unfortunate side effect from law enforcement is it would be
technically fairly seriously difficult to dig encrypted material out of
the system if it has been set up competently."

nuff said

-simon


Feher Tamas wrote:
Hello all,

http://news.bbc.co.uk/1/hi/uk_politics/4713018.stm

According to the above article from BBC News, the british
parliament is urging Blair government to negotiate with
Microsoft to implement a backdoor into the strong hard disk
encryption module of upcoming Windows Vista from day one.

The interior affairs committe of MPs heard testimony by
Cambridge security design expert Ross Anderson. The
academican said new TPM-based "BitLocker Drive Encryption"
schemes in Microsoft Vista would be too difficult to break
in the short timeframe terror suspects can be held without
charge and thus cases could collapse for lack of evidence as
detainees avoid self-incrimination by inventing tales of
lost keys and passwords.

The expert's answer is to put a backdoor into the BitLocker
program code to bypass password and key checks. Critics
argue this move would be hypocrisy, since the TPM based
encryption method was invented to protect the interests of
music and movie industry in the first place, who wanted to
base their DRM schemes on encrypted files, which cannot be
modified, ripped or shared meaningfully. Thus encryption is
strong when used against the users, but would become weak or
non-existent when people could use it for personal legal
defence.

Regards: Tamas Feher from Hungary.

___________________________________________________________________________
[origo] klikkbank lakossági számlacsomag havi 199 Ft-ért, bankkártya éves díj nélkül!
www.klikkbank.hu


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
  


-- 


Regards, 
        Adriel T. Desautels
        Harvard Security Group
        http://www.harvardsecuritygroup.com


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]