Saturday, August 24, 2013

Is your Windows 8 computer spying on you? German government tells agencies not to use PCs with 'Trusted Platform Module', a spy chip which may be an NSA back door, courtesy of Microsoft

Business Insider says leaked internal documents from the German Federal Office for Information Security warn key entities not to use Windows 8 PCs with TPM 2.0 chips because of possible NSA links. The article says Apple phased out the surveillance chips in 2009 and Linux designers deliberately chose not to comply with the TPM scheme and therefore cannot use the spy technology.
     While TPM allowed users to opt in and out, TPM 2.0 is activated by default when the computer boots up. The user cannot turn it off. Microsoft decides what software can run on the computer, and the user cannot influence it in any way. Windows governs TPM 2.0. And what Microsoft does remotely is not visible to the user. In short, users of Windows 8 with TPM 2.0 surrender control over their machines the moment they turn it on for the first time.
     It would be easy for Microsoft or chip manufacturers to pass the backdoor keys to the NSA and allow it to control those computers. NO, Microsoft would never do that, we protest. Alas, Microsoft, as we have learned from the constant flow of revelations, informs the US government of security holes in its products well before it issues fixes so that government agencies can take advantage of the holes and get what they’re looking for.
     Experts at the BSI, the Ministry of Economic Affairs, and the Federal Administration warned unequivocally against using computers with Windows 8 and TPM 2.0. One of the documents from early 2012 lamented, “Due to the loss of full sovereignty over the information technology, the security objectives of ‘confidentiality’ and ‘integrity’ can no longer be guaranteed.”
     Elsewhere, the document warns, “This can have significant consequences on the IT security of the Federal Administration.” And it concludes, “The use of ‘Trusted Computing’ technology in this form ... is unacceptable for the Federal Administration and for operators of critical infrastructure.”
Read more.
     Rüdiger Weis, a professor at the Beuth University of Technology in Berlin, and a cryptographic expert who has dealt with Trusted Computing for years, told Die Zeit in an interview that Microsoft wanted to completely change computing by integrating “a special surveillance chip” in every electronic device. Through that chip and the processes of Windows 8, particularly Secure Boot, “users largely lose control over their own hardware and software.”
     But wouldn’t it contribute to higher levels of security? Certain aspects actually raise the risks, he said. For example, during production, the secret key to that backdoor is generated outside the chip and then transferred to the chip. During this process, copies of all keys can be made. “It’s possible that there are even legal requirements to that effect that cannot be reported.” And so the TPM is “a dream chip of the NSA.”
     Perhaps even more ominously, he added: “The other realistic scenario is that TPM chip manufactures don’t sit within reach of the NSA, but in China....”

No comments:

Post a Comment