No More Secrets
Security Expert Says Microsoft Placed NSA Backdoor In Windows.
2350 Hrs 3 September 1999
According to Andrew Fernandes, Chief Security Scientist for Cryptonym, Microsoft placed an NSA backdoor in Windows 95/98/2K and NT.
The backdoor was discovered when Fernandes was investigating Microsoft's CryptoAPI architecture which underpins the cryptographic security architecture of Windows.
Sloppy programming by Microsoft had left annotation identifying the security elements in NT4's SP5. It is a standard procedure to strip the labels and annotation when compiling for public release. However Microsoft's programmers obviously did not do this.
The first public key belonged to Microsoft and the second belongs to the NSA. It was identified with the symbol _NSAKEY. A third key is present in the Windows 2K release and is believed to be that of the FBI.
The backdoor could allow the US's National Security Agency to load unauthorised CryptoAPI applications on any computer with the Windows operating system. It is not a pleasant thing for any non-US user to discover that the operating system they are using is potentially accessible in such a manner.
The problem lies in the Microsoft Crypto Applications Interface. (CryptoAPI). The keys are used to check whether a Cryptographic Service Provider (CSP) is valid. While the first key is used by Microsoft, the other keys have been largely an unknown quantity until now. The second key is clearly identified during debugging as _NSAKEY.
A press release from Cryptome details the how Microsoft went about installing the backdoor and explains how it works. The site also has a sample program that can replace the NSA key with a test key while leaving the rest of the API intact. The ramifications of this backdoor are staggering. It means basically that Microsoft has included a backdoor for the NSA in all copies of the Windows operating system since Windows 95 and that all implementations of Windows are potentially insecure.
Update To Follow 04 September.