"I Write Mass Surveillance Software"

yes...........excuse me but I couldn't remain in a controlled state.....

 

If this were a real covert program they would use a name like "Secrets"? And, Microsoft's own Rootkit Revealer would tag them?

Answer is much simpler:

http://forum.sysinternals.com/forum_posts.asp?TID=8881

Google it and you'll find its perfectly safe.

 

http://www.samsimpson.com/static/pgpfaq#SubNSACAPI

This link is about the NSAKEY issue from a decade ago. Needless to say, it doesn't affect any modern encryption programs (I would hope not anyway).

 

Two come to mind right off, a keylogger and a screen capture. Anything that can capture user inputs or the information displayed back to the user. Most everything a user might do uses these two and can be captured by them.

Obviously, a machine such as you describe that's turned off can't be targeted. Those are a very small minority. A PC wouldn't be routinely sending out such data either. It would only do so on demand. If the target is arrested shortly afterwards and their PC confiscated as evidence, there's no risk at all. As for the backdoor, Windows has several ports open by default, waiting for incoming traffic. UPnP comes to mind. Very few have all the ports closed. A simple port scan can tell the difference. Windows has had remote code execution "bugs" forever that have been discovered. If such a backdoor was discovered, it would be labelled as such. Very little risk. We've seen sloppy, buggy code from MS for years and have become used to it and almost expect it. I've often wondered how a company can release code with so many vulnerabilities. Seems like no one proofreads it. Unless it's by design and they're not bugs. Not offering that as a fact, just a possibility.

Networking hardware like DSL modems often have open ports. The last 2 I used had an open port in the 40,000 range, not tied to any service that I could identify. I couldn't find any way to close them. The open port received traffic, but I have no idea for what purpose.

Not possible. A developer can understand the functions and APIs they use and make their software function properly on it. They can understand how the different systems and subsystems work and interact. There's no way anyone can understand every detail of activity that's performed by a couple gigabytes of closed source code. There's way too much code for that to be possible. No single person could understand everything Windows does even if they had the source code.

There's no proof that there is or isn't an "official" backdoor in Windows. There's only circumstantial evidence that can't prove anything conclusively. It's also entirely possible that 3rd party software could interfere with or negate them if they are real, especially on pre-Vista systems. I've long suspected that this is one of the driving forces for "planned obsolescense". No, I can't prove it. I can only look at the evolution of Windows and see the changes, starting with the steady loss of control the user had over system function, the addition of online activation, repeated by WGA. Show me someone who can document all of the data that a PC exchanges with MS via Windows Update or WGA validation. We don't know what gets sent. It has a file system that can hide anything from users not familiar with ADS and how it works. We have a company (MS) that controls, dominates, and dictates to so much of an industry that's become a necessary part of our infrastructure, yet supposedly doesn't violate any anti-trust laws. AT&T controlled much less when they were broken up, being called a monopoly. The list goes on. Any one of them can be labeled as progress, a security improvement, or a corporation trying to get every penny they think they're entitled to. When combined, I see a gradual eroding of user control over their system with planned obsolescence trying to force the issue. No, I don't trust MS or the government, (hard to keep computer technology and politics separate with a subject like this). Hardware vendors that stop making their drivers available for older systems when their hardware would work just fine on them, or falsifying the system requirements to force users to drop older systems. This might make financial sense for those who sell internal hardware but it's counter-productive for those who sell peripherals. Why tell a customer that your device won't work on their system when it does? That's lost sales. 9X users run into this all the time. Users of 2K will soon see the same thing. Call it paranoid if you want. IMO, Windows is becoming that mass surveillance software and has been for some time. That's the real driving force behind planned obsolescence.

 

Of course, I meant the components in Windows that they rely on, not every component in Windows. Another thing that was addressed in the NSAKEY link I provided above.

This was back in 1999. Things have advanced considerably since then, and this is why changes made to Windows components don't necessarily affect Truecrypt, PGP, etc. These modern programs are self-sustaining to a large extent.

 

@LockBox Sysinternals was acquired by Microsoft much later, at that time win nt/xp was already finished.

They use rootkit technology, but in some way it has a certain ridiculousness because it is so easy to detect, as well as their so secretly looking nsa hardcodes, they are there since the beginning.

I agree with noone.

They also make a lof of use of file systems especially in unused
harddisk space you can find a lot of their sh*tt* communication.
That way they can even influence offline systems.

 

I've looked at the data Windows tries to send out during various functions, though not specifically Windows Update or WGA validation (since I never use these two particular functions). An example of something that I looked at in the past is what Windows sends out when you do a search on your own computer. This was a long time ago, so some of my details may be foggy. From my recollection, something is always sent to a Windows server BEFORE any search is performed. Note the operative word "before". I don't know what is sent, but it doesn't seem to include search terms. And the transmission is really too small to be a keylogger or any type of file transmission. I think Microsoft just wants to know how often their search function is used. Microsoft can't seem to help but act this way. Even when they're not particularly invading your privacy, their tactics leave a lot to be desired. They seemingly have no respect for people who want to maintain their privacy.

I agree 100%. I talk about the same thing all the time.

Hmmmmm. I think it's money. To quote a famous saying, "Never attribute to mass surveillance that which can be adequately explained by greed." I think that's how it goes anyway.


Anyway, a Windows machine can be seriously hardened. I've been blocking all Windows communications for many years that I don't completely understand and aren't required for the functioning of my computer. I use a good firewall, AV, HIPS, Shadow Defender/Returnil, and a sandbox. I use hardeners to block a lot of the holes you discuss. I modify the services to shut off what isn't needed. Then I have some tricks up my sleeve (proprietary) that I don't think many (if any) people do.

Part of the reason I like Windows is that there's so much third-party software available for it that allow me to do things that would be much more difficult on Linux. If Microsoft wants to hack my system, be my guest. They'll have as much as they can handle .

 

You misunderstand, no one is claming that the Rootkit in the Microsoft Windows Super Registry echoed by the Microsoft Windows Registry in the Registry Key: HKEY_LOCAL_MACHINE\SECURITY\
is unsafe. An Rootkit by itself poses no threat, and only serves as an hidden container or hidden empty safe or vault. What matters is not the container itself, but whether it is used to store
malicious content. In the case of HKEY_LOCAL_MACHINE\SECURITY\ there is no malicious content, it plays as part of the Microsoft Windows File Protection system (WFP). The question is asking for
hidden backdoors in the Microsoft Windows Operating System.....this is one of them. The registry key named: \SECURITY\ under HKEY_LOCAL_MACHINE\ is the name projected by the Rootkit,
we do not know the real name of the registry key. There are also two sub keys: \Policy\ and \Secrets\ there could be more that are hidden and not revealed. This Rootkit can also control everything
that is installed into Microsoft Windows and project to the client only what is is programmed reveal, and/or store information for later use, or whatever use deemed needed or necessary.


HKEY1952

 

With the PCs themselves and operating systems, greed would explain it adequately. It doesn't explain peripheral hardware. I have several pieces of hardware including an external hard drive, a USB card, a datafax modem, and a card reader, all from different vendors. All of them claim to require a newer OS than I'm running, but every one of them works properly. If it were just a case of not mentioning this OS, I'd believe it was an omission. But the package and "read me" both make it a point to say it won't work on my OS, when it does work. Greed doesn't explain this. These companies don't make PCs so it's not cutting into sales of other products. If it was one company, I'd accept it as a mistake, oversight, etc, but 4 different vendors and 4 different products? I can't come up with another explanation for what appears to be a deliberate falsification. The same thing has been done with software, including using artificial means to make an application incompatible, like version checking in the installer. I'm running several apps that aren't supposed to work on this system. The only conclusion I can come up with that fits is that someone badly wants 9X systems out of the picture, especially the earlier ones like 98FE, and it's not for the reasons or shortcomings it supposedly has. It may be paranoid on my part, but the more the industry, the powers that be, MS, or whoever tries to push people to newer systems, the more I ask why and resist that push. I'm willing to bet that both big brother and big money have a problem with 9X systems because the user has too much control. It would be hard to hide surveillance software or an effective DRM on a 9X system in a way that it couldn't be detected or defeated from DOS.

That''s a major understatement. Who else requires their customers to repeatedly prove that they purchased something (Windows) yet never actually own it? That behavior wouldn't be tolerated from anyone else. I don't understand why people accept that treatment from MS. Another item in a long list of reasons why I won't "upgrade."

I use a very similar approach on an older system that's been stripped down, hardened, and protected by a comprehensive default-deny policy.

 

" Cryptanalysis of the Random Number Generator of the Windows OS "
http://eprint.iacr.org/2007/419.pdf

Sometimes the backdoor is what's not there .. like a real RNG
or the code that flushes the keyboard-buffer or a properly functioning user-account system . In the case of windows XP, who needs a backdoor
when most users are running the default setup, as admin with no password, with the "repair-account" and remote desktop enabled ?
To those of you who think government can monitor all of you :
East-Germany !!

 

Even if any of those were true, I see little point in posting statements along the lines of "I know how to do certain things, but I'm sorry I can't tell you about it." Assuming this is all correct, he should just get on with the job quietly in the background.

 

A large collection of off topic musings have been snipped. Let's try to stay on topic and keep the remainder unstated. Thanks in advance.

Blue