German IT officials reportedly deem Windows 8 too ‘dangerous’ to use


Brad Reed August 21, 2013 Technology & Electronics

Microsoft Windows 8 NSA Back Door

The National Security Agency’s snooping practices may be costing American companies a lot of money. German publication Zeit Online has obtained leaked documents that purportedly show that IT experts within the German government believe that Windows 8 contains back doors that the NSA could use to remotely control any computers that have it installed.

[More from BGR: Black iPhone 5C pictured for the first time in leaked photos]

The German officials specifically worry about how Windows 8 interacts with Trusted Platform Modules (TPMs) and are concerned that once Windows machines are paired with TPM 2.0 in 2015, they won’t be able to deactivate it on their machines if they don’t want it. Once TPM 2.0 is in place, Zeit says that German researchers fear that there will be “simply no way to tell what exactly Microsoft does to their system through remote updates.” Because of this “loss of control over [the capabilities of] information technology,” the researchers conclude that ”the security-oriented principles of ‘confidentiality’ and ‘integrity’ are no longer achievable” in machines that have TPM 2.0 installed.

[More from BGR: Mark your calendars: Apple’s iPhone 5S, iPhone 5C said to launch on September 20th]

Interestingly, the researchers say that they’ll still be able to use Windows 7 securely “until 2020,” so it seems the German government may be using the legacy version of Microsoft’s platform for years to come if it takes up its IT experts’ recommendations.

http://news.yahoo.com/german-officials-reportedly-deem-windows-8-too-dangerous-183059602.html

http://www.debatepolicy.com/showthread.php?41452-NSA-Backdoor-into-all-windows-machines&highlight=windows+microsoft

Well. We still have the postal service, right? That Ben Franklin was crazy smart.

Interesting.

I really doubt that the NSA has anything to do with Microsoft, though. And I've never subscribed to the idea that MS is an evil entity, contrary to what MacIntosh lovers would have you believe.

I really don't like Win8, I played with it a bit to set up a new laptop for Sharon's mom and it was... clunky. It took me 15 minutes to navigate to the control panel so I could nuke Norton and other BS pre-loads that new machines come with.

I may do as the Germans do and stick with Win7.

Interesting.

I really doubt that the NSA has anything to do with Microsoft, though. And I've never subscribed to the idea that MS is an evil entity, contrary to what MacIntosh lovers would have you believe.

I really don't like Win8, I played with it a bit to set up a new laptop for Sharon's mom and it was... clunky. It took me 15 minutes to navigate to the control panel so I could nuke Norton and other BS pre-loads that new machines come with.

I may do as the Germans do and stick with Win7.

your not keeping up with the news or believing the OLD news.


New leaks from Edward Snowden reveal that Microsoft helped the NSA circumvent Microsoft’s own encryption software to intercept users’ private communications. The documents, published by The Guardian (http://www.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration-user-data) Thursday afternoon, reveal more about the NSA’s secret PRISM program (http://www.ibtimes.com/nsa-prism-5-creepy-things-you-need-know-about-alleged-massive-data-mining-program-1296555) and the cooperation between tech companies and surveillance agencies.

Snowden revealed that the NSA was worried it wouldn’t be able to access private chats within a new Outlook.com portal. Just five months after it first tested the portal, Microsoft found a solution to help the NSA get around the encryption. Microsoft launched the Outlook.com portal to the public in February 2012, just two months after coming up with the solution. Microsoft also allowed PRISM to access Hotmail, Live and Outlook.com emails before they got encrypted.

Microsoft also worked with the FBI to help the NSA access the SkyDrive (https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1373576162&rver=6.2.6289.0&wp=MBI_SSL_SHARED&wreply=https://skydrive.live.com/&lc=1033&id=250206&cbcxt=sky&mkt=en-US&cbcxt=sky), a Microsoft cloud storage service with more than 250 million users. These revelations seem to directly contradict a claim by Microsoft (http://www.ibtimes.com/facebook-microsoft-release-data-nsa-surveillance-google-twitter-demand-greater-transparency-1308649) that it had no knowledge of PRISM and that it only gave up user data when legally required to.

The latest Snowden leak reveals more about how Skype was involved in PRISM, showing that the NSA was collecting video and audio conversations. This seems to be a direct violation of Skype’s privacy policy, which states, "Skype is committed to respecting your privacy and the confidentiality of your personal data, traffic data and communications content."

Perhaps most alarming, the data collected through PRISM was not limited to the NSA, but also shared with the FBI and CIA. One document called the program a “team sport.”


http://www.ibtimes.com/snowden-reveals-microsoft-prism-cooperation-helped-nsa-decrypt-emails-chats-skype-conversations


All the Families workin together, Kapeesh?

Could the NSA use Microsoft's Xbox One to spy on you?


You close a laptop when you're not using it. Your phone faces the inside of a pocket, a purse, or lies flat on a table. But the Microsoft Kinect, a camera that will come connected to every new Xbox One game console (http://www.theverge.com/2013/5/21/4350814/new-kinect-xbox-reveal), gets a perfect view of your living room. It's always listening for voice commands (http://www.theverge.com/2013/5/21/4352596/the-xbox-one-is-always-listening), even when you turn the Xbox off. It can even read your heartbeat with the right software.
<q class="right">"We aren't using Kinect to snoop on anybody at all."</q>
Microsoft says it doesn't plan to abuse that power (http://news.xbox.com/2013/06/privacy), and claims it couldn't even if it tried. The company told us that the Kinect's cameras and microphones aren't actually recording or transmitting any audio or video data back to Microsoft's servers without the user's explicit consent, and all ambiently collected data is anonymized. While some voice commands are processed at Microsoft’s servers, they’re converted to text before they ever leave the machine, and biometric data is translated into numerical values that simply indicate, say, where a player’s limbs are during online multiplayer games. While Microsoft says the Kinect is an "integral part" of the new Xbox, it also claims that sensing can be paused (http://news.xbox.com/2013/06/privacy).
"We aren't using Kinect to snoop on anybody at all," said Microsoft's Phil Harrison (http://www.eurogamer.net/articles/2013-05-21-phil-harrison-on-xbox-one-kinect-indie-games-and-red-rings).
But would Microsoft be willing to help the government snoop? We set out to answer that question.
Last week, a report in The Guardian alleged that Microsoft gave government agencies access to private Skype video and audio calls (http://www.theverge.com/2013/7/11/4514938/nsa-could-pull-email-or-video-calls-from-microsofts-servers-says-guardian/in/4167369), perhaps even going so far as to integrate Skype into the NSA's controversial PRISM surveillance system. (http://www.theverge.com/2013/6/6/4403328/leaked-verizon-nsa-surveillance-court-order)
Not unlike Kinect, Skype had assured its users that wiretaps were technically impossible. "Because of Skype's peer-to-peer architecture and encryption techniques, Skype would not be able to comply with such a request,"<q class="left">Skype had assured its users that wiretaps were technically impossible</q> the company told CNET in 2008 (http://news.cnet.com/8301-13578_3-9963028-38.html). And four years later, when hackers accused Skype owner Microsoft of changing the service's backend (http://www.forbes.com/sites/anthonykosner/2012/07/18/did-microsoft-change-the-architecture-of-skype-to-make-it-easier-to-snoop/) to facilitate government eavesdropping, the company categorically denied the accusations. (http://blogs.skype.com/2012/07/26/what-does-skypes-architecture-do/) Now, it seems like the company could have been lying, or at least had quietly changed its mind. Mind you, Microsoft is also denying last Thursday's Guardian report, but the denial (http://www.microsoft.com/en-us/news/Press/2013/Jul13/07-11statement.aspx) is a lot less clear-cut. The company disavows having providing "blanket or direct access" to Skype, but doesn't deny that it provides Skype video or audio to the government upon request.
In fact, Microsoft's statement seems to suggest that it did update Skype to comply with the law. "When we upgrade or update products legal obligations may in some circumstances require that we maintain the ability to provide information in response to a law enforcement or national security request," reads a portion of Microsoft’s response.
So even if we take Microsoft's word that the Kinect doesn't currently upload your private conversations to remote servers, can we trust that Microsoft won't change that in a future software update?
After today's NSA revelations, who in their right mind would trust an always-on Microsoft-controlled Xbox camera in their living room?

— Christopher Soghoian (@csoghoian) July 11, 2013 (https://twitter.com/csoghoian/statuses/355396360306036736)

US citizens, at least, could theoretically trust in the courts. "The Fourth Amendment has been found to be really protective of everything that’s inside a person’s home," said Faiza Patel, co-director of the Liberty and National Security program at the Brennan Center for Justice (http://www.brennancenter.org/).
Patel told The Verge that though the government might be able to argue that it can collect telephone call records because they’re simply metadata (http://www.theverge.com/2013/5/16/4336994/metadata-matters-how-phone-records-and-obsolete-laws-harm-privacy), or argue that it can collect Skype video chats between people who aren’t citizens of the US (http://www.theverge.com/2013/6/8/4409874/director-of-national-intelligence-issues-fact-sheet-on-prism/in/4167369), it would be a different story with Kinect. "If you were collecting information through this Xbox device, then clearly it's in the United States at the very least, and then the fact that it’s inside your home also makes it more difficult for them," she said....


....On that note, there are other TV-mounted cameras to consider. In 2012, security researchers discovered a vulnerability in Samsung Smart TVs (http://arstechnica.com/security/2012/12/how-an-internet-connected-samsung-tv-can-spill-your-deepest-secrets/) that allowed hackers to remotely access their cameras. We also reached out to Sony about its PlayStation Camera, an optional add-on for the upcoming PlayStation 4 game console, but have yet to hear back about any potential privacy concerns there.

"I think the important thing here," said Soghoian, "is when companies say ‘Don’t worry, we’re not recording,’ it doesn’t matter as much as whether they could record. Governments can twist the arms of companies and force them to do things, and in some cases the companies may just go along with it and even volunteer to help."....



read more. (http://http://www.theverge.com/2013/7/16/4526770/will-the-nsa-use-the-xbox-one-to-spy-on-your-family)..



http://www.theverge.com/2013/7/16/4526770/will-the-nsa-use-the-xbox-one-to-spy-on-your-family

One thing is true about Windows 8: It does have a backdoor for Microsoft to gain control of your PC. It is true of Windows 7 but users could disable it. Not so with Windows 8. Microsoft acknowledges this and claims this was done for the purpose of DRM. Microsoft wants to make sure you only run legal software on your PC. If not, they can intervene remotely.

At this point I would say that the NSA could and would take advantage of that backdoor with or without Microsoft's knowledge.

Back in the days, Microsoft was a great company. Now? Piss on 'em.

A Precautionary Note to everyone reading this forum.
In reference to Windows 8, and all versions of Windows from Microsoft since it became
the chosen Operating System by millions.

IF YOU never shut down, or de-energize your PC, LAPTOP, HOME COMPUTER, and you
are running Microsoft Windows.

Microsoft has unlimited access to your PC, LAPTOP, or HOME COMPUTER. Even without you being logged-in.

The most effective method of protecting your Home Computer of any type is.

SHUT IT DOWN COMPLETELY whenever you are not intending to use it.

Or. You can ignore my warning, and allow anyone Online, Anywhere in the World to
copy, or steal your privacy information whenever they want.

As for Windows 8. Investigate for yourself, and learn WHICH operating system the U.S. Govt also uses.

Wonder what those crazy Germans are up to now that they are so scared of a little NSA attention. :smoke: ;)

I hate Windows 8. I gave it chance after chance, but I still hate it. Some have had me do the installs of them and I've begun trying to talk some out of it and have them stay or go to Windows 7.

As for any continued NSA/MS link, only time will tell. I'm sure hacktivists out there will find any ammunition. The sad fact is, they'll get into any computer that they would want to anyway. The ONLY guaranteed way is to be completely shut off, which AT has already stated. And even if not MS, they could slowly push out software, like a bot, which creates the botnets, and have their own backdoors. BUT, in NO way does this mean I am condoning MS or any other company giving out a platform for such use.

Since it's always possible, we just need to go to better lengths to protect ourselves. There are encryption programs out there that we can get to make it much harder, if not impossible, for 3rd parties to steal and read. I keep certain lists and other contact info, and banking crap, and login names and other things for safekeeping, all wrapped up behind encryption. You can get programs strictly to send/receive encrypted emails. Same with a certain amount of surfing (somewhat anonymous).

I use 2 different programs, but have been recently looking at this one - http://www.truecrypt.org/ Anyone heard of it?

Every OS Microsoft, or Apple, etc. has every put out is hackable.

I hate Windows 8. I gave it chance after chance, but I still hate it. Some have had me do the installs of them and I've begun trying to talk some out of it and have them stay or go to Windows 7.

As for any continued NSA/MS link, only time will tell. I'm sure hacktivists out there will find any ammunition. The sad fact is, they'll get into any computer that they would want to anyway. The ONLY guaranteed way is to be completely shut off, which AT has already stated. And even if not MS, they could slowly push out software, like a bot, which creates the botnets, and have their own backdoors. BUT, in NO way does this mean I am condoning MS or any other company giving out a platform for such use.

Since it's always possible, we just need to go to better lengths to protect ourselves. There are encryption programs out there that we can get to make it much harder, if not impossible, for 3rd parties to steal and read. I keep certain lists and other contact info, and banking crap, and login names and other things for safekeeping, all wrapped up behind encryption. You can get programs strictly to send/receive encrypted emails. Same with a certain amount of surfing (somewhat anonymous).

I use 2 different programs, but have been recently looking at this one - http://www.truecrypt.org/ Anyone heard of it?


jimnyc: I wasn't just talking for the sake of talking about shutting down PC's, or Laptops.
Anyone who is convinced programs installed on your PC will prevent silent invasions while you sleep. Deserves whatever happens for not protecting yourself with the Flip of a switch, or pressing a Button.
Ask any professional IT tech, and there are supposedly plenty of them right here on DP.
Or, maybe. Just maybe. They will disagree with me, or you.
Better safe....than Sorry ring any bells?

your not keeping up with the news or believing the OLD news.


http://www.ibtimes.com/snowden-reveals-microsoft-prism-cooperation-helped-nsa-decrypt-emails-chats-skype-conversations


All the Families workin together, Kapeesh?


Guilty to the former... I've been running hard.

Good info, Rev.... now I really don't like Win8.

I hate Windows 8. I gave it chance after chance, but I still hate it. Some have had me do the installs of them and I've begun trying to talk some out of it and have them stay or go to Windows 7.

As for any continued NSA/MS link, only time will tell. I'm sure hacktivists out there will find any ammunition. The sad fact is, they'll get into any computer that they would want to anyway. The ONLY guaranteed way is to be completely shut off, which AT has already stated. And even if not MS, they could slowly push out software, like a bot, which creates the botnets, and have their own backdoors. BUT, in NO way does this mean I am condoning MS or any other company giving out a platform for such use.

Since it's always possible, we just need to go to better lengths to protect ourselves. There are encryption programs out there that we can get to make it much harder, if not impossible, for 3rd parties to steal and read. I keep certain lists and other contact info, and banking crap, and login names and other things for safekeeping, all wrapped up behind encryption. You can get programs strictly to send/receive encrypted emails. Same with a certain amount of surfing (somewhat anonymous).

I use 2 different programs, but have been recently looking at this one - http://www.truecrypt.org/ Anyone heard of it?
no. Haven't heard of that one. I'm sticking with the tried and true tinfoil technology.
http://lolpranks.com/wp-content/uploads/2011/01/foil-igloo-office-prank-easy-to-do-at-work.jpg

Take that NSA.