The Guide

Home

Search

Forum

Feedback

Credits

About Raj

Security Issues with MS Windows


*
Introduction
*
The Problem
*
Why is this Misleading?
*
So How is security breached?
*
Can Things get shoddier?
*
Other Resources
*
Analysis and comparsion with NSA guidlines
*
World Class Authority
*
Conclusions
*
Further links for Reference


Why is this misleading?

The biggest problem has nothing to do with whether or not the US Government might have the actual "_NSAKEY". There are legal and illegal means that US spy agencies could gain access to the "_KEY", too. But if "_KEY" were replaced, anything that depended upon it would fail. With the second key, anything that depends on "_KEY" can continue working, and anything that fails a required check with "_KEY" is still allowed if it can be certified with whatever is currently installed in "_NSAKEY". Andrew Fernandes presented demonstration code that showed how "_NSAKEY" can be replaced with any correctly formed key, created by anyone without any signs on the system that this has been done. It doesn't matter if Microsoft even has kept a copy of the original key to fit that "_NSAKEY"!

The Microsoft "_KEY" allows resetting other keys that maybe used for personal, java or activex signatures, while a "PRIVATE KEY" is your key used to sign E-Mail, Financial Transactions, Network Logins (that use CryptoAPI), and if you are a software developer, to sign your own ActiveX, Applets, and the like. For certain functions both of these are required (example: signing) and some functions need only the first (most authoritative) key (example: for establishing it is safe to run). The "_NSAKEY" key or what Microsoft refers to as the "backup key" is the newly discovered key that must be the cause for concern.

So How is seurity breached? [Next]



Copyright 1999 Dr. Raj Mehta. All rights reserved.