MENU

Reason.com

Free Minds & Free Markets

Microsoft Accidentally Provides Example of Dangers of Encryption ‘Back Doors’

An internal bypass mechanism in the Windows booting process makes it out into ‘the wild.’

golden keyYudesign / Dreamstime.comMicrosoft has helpfully provided a real-world example showing why mandating "back doors" so that authorities can bypass encryption to access digital data is a very bad idea. The fact that this example is a result of a complete mistake and apparently not staged or hypothetical should make it all the more powerful to law enforcement and lawmakers who want to compromise data security in the pursuit of crime or terrorism.

To summarize the best I can: Microsoft devices have a system that upon booting, will only function with operating systems that it authenticates. This means users cannot just install any other operating system on Windows tablets and phones and work them.

As explained by The Register, Microsoft created "golden keys" for internal use only to allow programmers to disable or bypass this authentication process, most likely to test new operating system builds and updates without having to get them approved.

But this method of bypassing Microsoft's booting process mistakenly got out of the hands of the company and into the clutches of a couple of hackers, who wrote a report explaining how it all worked here (trigger warning: MIDI music).

The hackers are very blunt about their reasons for revealing how this works: They're trying to get people at the FBI and in Congress to understand that any attempt to require a "golden key" to allow officials to bypass encryption, even with the best of intentions, can and eventually will go terribly, terribly awry. They note:

"About the FBI: are you reading this? If you are, then this is a perfect real world example about why your idea of backdooring cryptosystems with a "secure golden key" is very bad! Smarter people than me have been telling this to you for so long, it seems you have your fingers in your ears. You seriously don't understand still? Microsoft implemented a "secure golden key" system. And the golden keys got released from MS own stupidity. Now, what happens if you tell everyone to make a "secure golden key" system? Hopefully you can add 2+2..."

In the hands of those with sinister intent (either hackers or rogue authorities), a mechanism to bypass encryption can utterly devastate the privacy of citizens and expose them to criminal mischief and secret surveillance.

The larger question is whether or not lawmakers and government leaders actually care about the risks as long as it gets them the information they want. As I've noted repeatedly at Reason, surveillance-loving senators like Dianne Feinstein (D-Calif) and Richard Burr (R-N.C.) and Great Britain's new Prime Minister Theresa May seem to have absolutely no interest in whether encryption back doors actually compromise everybody's security as long as it allows the government to access whatever data it demands.

Photo Credit: Yudesign / Dreamstime.com

Editor's Note: We invite comments and request that they be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of Reason.com or Reason Foundation. We reserve the right to delete any comment for any reason at any time. Report abuses.

  • Bubba Jones||

    Obviously we need to prosecute the hackers and rest assured that only the FBI will keep copies of these keys.

  • ||

    All of your fancy informayshunz is belong to us!

  • Cliché Bandit||

    uuhhh....
    Alt-text attempt - 7.2
    Alt-text success - 3.5

    Sorry Scott not trophy just for participating...read the earlier article.

  • Diane Reynolds (Paul.)||

    Alt-text: tl;dr

  • Ken Shultz||

    The way they integrate everything into Cortana, get you to sign into your computer by way of an outlook.com email address, and then make it difficult for average users to undo that; the way they collect the things you search for on your computer and integrate it into your search results online, etc. etc.

    Their concern about encryption seems to be so companies can protect their secrets and communications--I don't think they give a damn about personal information and retail users. They've got you sharing all that personal information with them (and advertisers) by default. When I went to close all the obvious security holes in Windows 10, it was ridiculous.

    They've got like a peer to peer network set up in Windows 10 to do nothing but software updates that's on by default. I don't want to get files from anonymous users updated into my system, and I don't want anonymous users taking update files from me either. Whenever I'm dealing with Microsoft or Google products, I always feel like I should be wearing a condom.

  • Agammamon||

    If you're signing in to your computer with an Outlook address then you're doing it wrong.

    Its is possible to use a completely offline local account to log on - its what I'm doing.

    And about 99% of that spyware shit that comes pre-installed can be turned off - you just lose the 'convenience' of the 'services' offered. I've turned it all off, except Cortana which it won't let you - though its not collecting keystroke data from me anymore - and removed most of the default programs that come pre-installed, like the XBox app (WTF would you expect the general public to want this piece of garbage taking up drive space?).

  • $park¥ is totally a Swifty||

    I have Corana turned off on my desktop. I'll have to check my tablet, I thought I had heard that it only couldn't be turned off on mobile devices.

  • Diane Reynolds (Paul.)||

  • Ken Shultz||

    "It's is possible to use a completely offline local account to log on - its what I'm doing."

    You have to ignore first startup instructions and know how to setup your offline local account to do that.

    People used to never bother to set the time on their VCRs, and human nature hasn't really changed much.

    My parents care a lot about this privacy stuff, but they couldn't set up an offline local account with any confidence.

    Hell, the daddy-o unit once disabled his antivirus program because one day it started interfering with what he wanted to do.

    What he wanted to do gave him a virus.

  • Agammamon||

    Sure, but I don't exactly have a lot of sympathy for people who buy into the 'computer as appliance' paradigm and then find out that the computer they've got works exactly like every other connected appliance works - diligently reporting use information back to its real master and often with nothing in the way of security.

    I would consider myself at the upper end of 'mediocre' when it comes to IT knowledge but I still did some research on what I was installing before I pulled the trigger.

  • Agammamon||

    And you can turn off the P2P part of Windows update also.

  • Sigivald||

    Pretty sure the "files from anonymous users" still need to be cryptographically signed (a search confirms this).

    Equally, though BranchCache is a little opaque, I suspect there's also a simple hashing mechanism to ensure lack of file corruption - which would also detect almost all of the likely impersonation attempts.

    I'm not gonna worry about The Scary Dangers Of P2P File Sharing in this case.

  • Ken Shultz||

    I'm not worried about the dangers of file sharing in this case either--since I disabled it.

  • $park¥ is totally a Swifty||

    The updates thing is kind of a bitch. Everything else is simple enough to kill.

    I will grant you that 95% of home users won't even know that there is stuff that should be killed. However, these are the same people, for the most part, that will volunteer all their personal information on Facebook anyway.

  • Timon 19||

    I've all but banished Microsoft entirely from my house, but for a Win7 machine that needs to remain so for my wife to perform a job that by all rights should be entirely cross-platform, but the developers are lazy.

    Win10 will never touch any machine I own.

    It's bad enough that I have to work with Microsoft (and eventually, Win10) at work as a tech maintainer/developer/man of many hats and that the organization I work for cannot and will not ever extricate themselves from the terrible clutches of Redmond. They have a bigger legacy problem than Microsoft itself does.

  • Timon 19||

    Also, fuck Apple.

  • SmartAssX||

    If only the average use could use google? Then they would see that with in 5 min all this can be fixed. They would also see they don't need any special computer skills or certifications. Its so fucking simple. If you arnt willing to google it then you probably deserve it.

  • And you believe that why?||

    So the solution to Microsoft stealing your personal information can be found by giving Google personal information. How delightfully convoluted.

  • esteve7||

    umm excuse me, reason: it's actually a "tracker" music file. not a midi file. Common misconception ;)

    https://en.wikipedia.org/wiki/XM_(file_format)

  • Playa Manhattan.||

    Apple has had a similar feature since the iPhone first came out.

    Defeating it is called "jailbreaking".

  • Agammamon||

    Its different. Apple didn't make the hardware verify the OS that was installed - you could rollback, use an unsigned OS, use a completely different OS.

    The difference here is that the hardware was intended to refuse to run anything other than a properly signed version - unless you had a key telling it to ignore that. Even if you had gotten access and installed something else the device would have refused to run it. You would have been locked into whatever the 'official' version was - while the government could then install a modified version to spy on you if they forced MS to give them the key.

    Its similar in concept, except instead of a little walled prison you have to break out of, the whole country's a prison you now need to escape.

    Microsoft used to be the good guys.

  • Diane Reynolds (Paul.)||

    Microsoft used to be the good guys.

    Microsoft is losing marketshare. Expect them to use every tool they have at their disposal, including but not limited to Apple's walled-garden approach- on steroids- to hang on to it.

  • BYODB||

    When, in the history of ever, was Microsoft a 'good guy' in any way except by comparison to the Hitler that is Apple?

  • PS||

    Godwin! Godwin!

  • Sigivald||

    Given that neither company markets these products as "can run any OS you want", it's not much of a prison.

    (Yeah, yeah, spare me.

    I ran linux as a server platform for 15 years before realizing unix administration is something I should only do for money - and that I don't want to do it for money.

    I run OSX, I run Windows, I have Android and iOS and Windows mobile-ish devices. I'm a professional software developer; hell, I've even run BeOS on a PPC Mac.

    I could not possibly care less about a firmware level signing requirement for commodity hardware.

    And if I don't care, I assure you nobody but the most fringe enthusiasts gives the slightest flying copulation about it.

    This article is important because it reminds us that "all backdoors are exploitable", nothing more.)

  • KDN||

    So does this mean that I will soon be able to strip Windows RT off my 1st-gen Surface? Because that would be rad. I still feel guilty that I let my father talk me into buying him that wretched thing.

  • pan fried wylie||

    is that an Atom processor? do they even make non-RT windows for the Atom?

  • KDN||

    No, Nvidia Tegra-3, which is ARM. I was looking into switching out the shitty OS when I inherited it, but all of the forums I went to said it was essentially impossible because of this very issue.

    Since it's a 4 year old model and pretty underpowered (2 GB RAM, WTF?) I don't think the drive will be there for development enthusiasts to crack it open and make all of the hardware compatible with a different OS, but now there's a chance.

  • Dread Pirate Roberts||

    There's an unfounded assumption somewhere that surveillance loving politicians and the FBI actually give a shit about the little people suffering security breaches from criminals, as long as government officians can get the data they want when they want it.

  • sparkstable||

    "I don't care if Baddie McBadderson gets your info just as long as I get to look, too."

    -Every crappy politician ever

  • Agammamon||

    'Baddie McBadderson will not be able to get at the info because we'll be able to stop him before he acts' - every government security stooge ever.

  • Fat Hubie||

    They do not care if our security is compromised.
    They want our guns, too...

  • bassjoe||

    It's shit like this that should get more attention, rather than the insane yet oddly ambiguous ramblings of a certain orange-faced blowhard.

  • Empress Trudy||

    The only accident was getting caught. They've been giving the golden keys to the government for years. The upside is that even with limitless ability, funding and no legal shackles at all the government actually does a poor job of this.

  • qjkxbmwvz||

    But...that's not an encryption backdoor. That's an OS authentication backdoor.

  • dchang0||

    What, Scott, you're insulting ALL MIDI music for what is a specific, tiny subset of MIDI music called "chiptune" (8-bit) music?

    For good MIDI check out just about anything by any DJ who has ever been onstage at EDC.

  • Steve095||

    Make sure you reboot your operating system as soon as you finish installing the software pack and wait for the system to boot entirely. After that start up the application that's triggered the error. According to msvcr100dll.com it's almost guaranteed that the software program will launch normally and the error MSVCR100.dll will not be there any longer.

  • computer programs||

    Legal experts have suggested that if Congress has the power to require individuals to buy health care insurance, it may also mandate that Americans buy broccoli. Legal experts have suggested that if Congress has the power to require individuals to buy health care insurance, it may also mandate that Americans buy broccoli. Legal experts have suggested that if Congress has the power to require individuals to buy health care insurance, it may also mandate that Americans buy broccoli. - - - - برامج 2017- برامج 2017

  • donnabrighton||

    We live in a world where many managers have no knowledge of technology, but like to make decisions anyway. 192.168.0.l

GET REASON MAGAZINE

Get Reason's print or digital edition before it’s posted online