In <[EMAIL PROTECTED]>, on 09/04/99
at 11:41 AM, Markus Kuhn <[EMAIL PROTECTED]> said:
>Please apply a bit of simple critical thinking here:
>If the NSA wanted to have real backdoor functionality, they would much
>more likely simply steal Microsofts own keys instead of embedding
>additional keys with an obvious symbol name. Remember: The NSA is the
>world's largest key thief. They have stolen crypto variables from
>well-protected military and government agencies from all over the world
>using the usual repertoire of techniques (bribery, extortion,
>eavesdropping, hacking, infiltration, etc.). If they can do it with
>eastern military agencies, they can most certainly also do it easily with
>Microsoft, which is orders of magnitudes less well protected than the
>usual NSA target. If there is a real NSA backdoor key in Windows, that it
>would certainly be identical to Microsoft's own key.
Markus,
Have you considered the idea that perhaps the keys are being used for more
than what M$ claims (not that M$ would ever lie to us <g>)?
If you were going to build a backdoor into a system at the OS level
wouldn't it be nice to add some PK authentication into it so only you and
no one else could make use of it?
I think that this may better explain multiple keys than the weak excuses
coming from the Redmond spin doctors.
Note: for those of you who don't think a big corporation like M$ would
compromise their systems for the NSA remember Crypto AG & Lotus.
--
---------------------------------------------------------------
William H. Geiger III http://www.openpgp.net
Geiger Consulting Cooking With Warp 4.0
Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 5.0 at: http://www.openpgp.net/pgp.html
Talk About PGP on IRC EFNet Channel: #pgp Nick: whgiii
Hi Jeff!! :)
---------------------------------------------------------------
