Security apps made to be hackable by the Govt?

I was reading about how the Govt required that PGP be made hackable to the govt. Is this also required of security software vendors that they give the govt a backdoor so they could easily sneak into computers?

 

And just where was this that you read ?

 

Horus37 you've got two threads running on the same subject.https://www.wilderssecurity.com/showthread.php?p=959990#post959990

 

omg not another back door for the Govt again.
the last time i heard a back door for the Govt was vista bitlocker but Microsoft denied
lodore

 

Malware website with "Undisclosed" browser attacks that execute code and download very nasty spyware that logs everything and uses rootkit techno to contact a server node that collects the data. Also they can ask the ISP to alter the DNS server of the user by identifying the MAC address, then substitute some common server like ebay.com for their hidden one that loads the malware and recirects to the real ebay.com

That i would say is the best way. Other than that they would break into your house and install hardware in your PC. and there would be no trace because the locks are picked, and you may have either a bridge interface between a hard dive or memory etc, or you may find an extra PCI card thats not suppose to be there.

 

I wouldn't expect the security apps to be made hackable for a couple of reasons.

1. Security-ware is international in scope. A government can't force a foreign vendor to do anything.
2. Why backboor the security apps when the windows is already one big vulnerability?

Regarding PGP, there is no positive proof either way. Read up on the CKT versions of PGP, especially the older info if you can find it, but most of the sites promoting the CKT versions are long gone.
Rick

 

PGP and BitLocker.

Where did you read that? If I were to trust anyone's cryptographic solutions today, it would be PGP Corporation's. I believe they're competent enough to do things right, which can't be said for the majority.

Perhaps you recall reading the statement by Niels Ferguson (co-designer of Twofish, among other things), on the Microsoft System Integrity Team Blog. Although the presence of a good cryptographer doesn't mean something fishy can't be sneaked in afterwards, I trust Niels. He does cryptography how it should be done, and I'm confident that he wouldn't partake in a tainted design process.

I wrote an article for Microsoft TechNet Magazine, regarding BitLocker, and why I think it deserves an honest chance; I've spoken with Niels on the design philosophies behind it, and it's pretty state of the art stuff. They, the design team, made reasonable design decisions, with solid rationale. In an arena where bad cryptography runs rampant, they deserved to be praised for good design. So, that's what I did.

The original, unedited draft, entitled, "On Shifting 'Windows' and 'Security' from Less Antonymous to More Synonymous," can be found here, in HTML and PDF formats. The adaptation, for the Security Watch column of Microsoft TechNet Magazine's October 2007 issue, entitled, "BitLocker and the Complexities of Trust," can be found here. It features some great commentary by Phil Zimmermann.

 

Old but news worthy.

here

 

Lol, maybe you also know the old avapi32.dll story as ultimate backdoor. Years ago published that microsoft could access each system via advapi32.dll.

 

I agree (with tongue in cheek agreement on the windows part).

People are lousy at keeping secrets. Imagine - all it would take is one disgruntled, drunk, seduced , or "seeking-15-minutes-of-fame" employee and the whole house of cards would come tumbling down.

If a government wants access to your surfing habits, or your email it would be far easier for them to go to your ISP and toss a warrant on them for the info. Undetectable, easy, and no PC access or "grand conspiracy" needed.