Security apps made to be hackable by the Govt?

Discussion in 'other anti-malware software' started by Horus37, Mar 8, 2007.

Thread Status:
Not open for further replies.
  1. Horus37

    Horus37 Registered Member

    Jan 4, 2007
    I was reading about how the Govt required that PGP be made hackable to the govt. Is this also required of security software vendors that they give the govt a backdoor so they could easily sneak into computers?
  2. LoneWolf

    LoneWolf Registered Member

    Jan 2, 2006
    And just where was this that you read ?
  3. The Hammer

    The Hammer Registered Member

    May 12, 2005
    Toronto Canada
  4. lodore

    lodore Registered Member

    Jun 22, 2006
    omg not another back door for the Govt again.
    the last time i heard a back door for the Govt was vista bitlocker but Microsoft denied

    TECHWG Guest

    Malware website with "Undisclosed" browser attacks that execute code and download very nasty spyware that logs everything and uses rootkit techno to contact a server node that collects the data. Also they can ask the ISP to alter the DNS server of the user by identifying the MAC address, then substitute some common server like for their hidden one that loads the malware and recirects to the real

    That i would say is the best way. Other than that they would break into your house and install hardware in your PC. and there would be no trace because the locks are picked, and you may have either a bridge interface between a hard dive or memory etc, or you may find an extra PCI card thats not suppose to be there.
  6. herbalist

    herbalist Guest

    I wouldn't expect the security apps to be made hackable for a couple of reasons.
    1. Security-ware is international in scope. A government can't force a foreign vendor to do anything.
    2. Why backboor the security apps when the windows is already one big vulnerability?
    Regarding PGP, there is no positive proof either way. Read up on the CKT versions of PGP, especially the older info if you can find it, but most of the sites promoting the CKT versions are long gone.
    Last edited by a moderator: Mar 9, 2007
  7. Justin Troutman

    Justin Troutman Cryptography Expert

    Dec 23, 2007
    North Carolina, USA / Minas Gerais, BR
    PGP and BitLocker.

    Where did you read that? If I were to trust anyone's cryptographic solutions today, it would be PGP Corporation's. I believe they're competent enough to do things right, which can't be said for the majority.

    Perhaps you recall reading the statement by Niels Ferguson (co-designer of Twofish, among other things), on the Microsoft System Integrity Team Blog. Although the presence of a good cryptographer doesn't mean something fishy can't be sneaked in afterwards, I trust Niels. He does cryptography how it should be done, and I'm confident that he wouldn't partake in a tainted design process.

    I wrote an article for Microsoft TechNet Magazine, regarding BitLocker, and why I think it deserves an honest chance; I've spoken with Niels on the design philosophies behind it, and it's pretty state of the art stuff. They, the design team, made reasonable design decisions, with solid rationale. In an arena where bad cryptography runs rampant, they deserved to be praised for good design. So, that's what I did.

    The original, unedited draft, entitled, "On Shifting 'Windows' and 'Security' from Less Antonymous to More Synonymous," can be found here, in HTML and PDF formats. The adaptation, for the Security Watch column of Microsoft TechNet Magazine's October 2007 issue, entitled, "BitLocker and the Complexities of Trust," can be found here. It features some great commentary by Phil Zimmermann.
    Last edited: Dec 27, 2007
  8. trjam

    trjam Registered Member

    Aug 18, 2006
    North Carolina USA
    Old but news worthy.

  9. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Mar 3, 2006
    Lol, maybe you also know the old avapi32.dll story as ultimate backdoor. Years ago published that microsoft could access each system via advapi32.dll.
  10. MikeNash

    MikeNash Security Expert

    Jun 9, 2005
    Sydney, Australia
    I agree (with tongue in cheek agreement on the windows part).

    People are lousy at keeping secrets. Imagine - all it would take is one disgruntled, drunk, seduced , or "seeking-15-minutes-of-fame" employee and the whole house of cards would come tumbling down.

    If a government wants access to your surfing habits, or your email it would be far easier for them to go to your ISP and toss a warrant on them for the info. Undetectable, easy, and no PC access or "grand conspiracy" needed.
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.