-------- Original Message -------- Subject: UK gov wants MS to give them a backdoor into Windows Vista ?!? Date: Wed, 15 Feb 2006 09:16:15 -0500 From: Richard Forno <rforno@infowarrior.org> To: Blaster <rforno@infowarrior.org> CC: Dave Farber <dave@farber.net> UK holds Microsoft security talks By Ollie Stone-Lee BBC News political reporter http://news.bbc.co.uk/go/pr/fr/-/1/hi/uk_politics/4713018.stm UK officials are talking to Microsoft over fears the new version of Windows could make it harder for police to read suspects' computer files. Windows Vista is due to be rolled out later this year. Cambridge academic Ross Anderson told MPs it would mean more computer files being encrypted. He urged the government to look at establishing "back door" ways of getting around encryptions. The Home Office later told the BBC News website it is in talks with Microsoft. Professor Anderson, professor of security engineering at Cambridge University, was giving evidence to the Commons home affairs select committee about time limits on holding terrorism suspects without charge. He said: "From later this year, the encryption landscape is going to change with the release of Microsoft Vista." The system uses BitLocker Drive Encryption through a chip called TPM (Trusted Platform Module) in the computer's motherboard. It is partly aimed at preventing people from downloading unlicensed films or media. "This means that by default your hard disk is encrypted by using a key that you cannot physically get at... "An unfortunate side effect from law enforcement is it would be technically fairly seriously difficult to dig encrypted material out of the system if it has been set up competently." Professor Anderson said people were discussing the idea of making computer vendors ensure "back door keys" to encrypted material were made available. The Home Office should enter talks with Microsoft now rather than when the system is introduced, he said. He said encryption tools generally were either good or useless. "If they are good, you either guess the password or give up," he said. The committee heard that suspects could claim to have lost their encryption key - although juries could decide to let this count this against them in the same way as refusing to answer questions in a police interview. A Home Office spokesman said: "The Home Office has already been in touch with Microsoft concerning this matter and is working closely with them." Increased awareness about high-tech crime and computer crime has prompted the Home Office to talk to IT companies regularly about new software. Government officials look at the security of new systems, whether they are easy for the general public to hack into and how the police can access material in them. Preventing tampering On its Windows Vista website, Microsoft says Bitlocker Drive Encryption "provides considerable off-line data and operating system protection for your computer". "BitLocker ensures that data stored on a computer running Windows Vista is not revealed if the machine is tampered with when the installed operating system is offline," it says. The system, part of what is called "trusted computing" mechanisms, is designed to stop malicious programs being installed surreptitiously on computers. The Trusted Computing Group has been working for some years on a hardware-based system which is built into the motherboards of many Intel-based computers. But most people will not be able to use its features until Microsoft Windows Vista is launched. Critics say the companies behind most trusted computing want to use digital rights management to ensure users cannot use programs they have not approved. Story from BBC NEWS: http://news.bbc.co.uk/go/pr/fr/-/1/hi/uk_politics/4713018.stm ------------------------------------- You are subscribed as eugen@leitl.org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/ ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]