Absolutely not a joke.

Phillip H. Zakas pzakas at toucancapital.com
Tue Jan 30 21:11:10 PST 2001 


I'm not sure re: the 'trusted download applications' scenario.  I have not
stepped-through the microsoft capi code material, but I believe a more
reasonable assumption is that law enforcement is more interested in
"dummying-down" the strength of ssl (and e-mail, and .pst file key) sessions
rather than trying to mask a trojan.

Here's why I think this: your isp is capable of delivering a trojan, already
provides updates to dialer apps, etc. and isp downloads are generally
unchecked by end users.  And, your isp is very likely to respond to a
warrant to download a trojan to a user machine (this happens every day.)  In
contrast, Microsoft is unable to comply with a warrant to enable such a
download on demand...the alternative is to purposefully lie to the entire
world about pre-weakend 128-bit key strength, easily attracting lawsuits...I
seriously doubt any rational us company would accept this level of exposure
just to comply with a warrant (don't forget the #1 opponents of us crypto
export laws are us companies, not individuals...shows us companies are more
money driven than 'gee lets help law enforcement at the expense of our
business' driven).  Plus, microsoft doesn't have a huge session-tracking
system which enables them to detect when a particular user logs into the
net, etc....an isp does have this kind of info though and could target
specific users in response to a warrant.  I think the scenario I've outlined
above is probably a legal and reasonable explanation (though I'm not a
lawyer).

As for multiple keys in the microsoft crypto stuff, don't forget about
server-gated crypto.  that particular technology, created by microsoft,
relies on a different set of key generation/management rules than normal
ssl.  this is probably where the 'extra keys' come from.

Phillip



-----Original Message-----
From: owner-cypherpunks at Algebra.COM
[mailto:owner-cypherpunks at Algebra.COM]On Behalf Of Ray Dillinger
Sent: Tuesday, January 30, 2001 8:56 PM
To: Declan McCullagh
Cc: Me; cypherpunks at einstein.ssz.com
Subject: Re: Absolutely not a joke.





On Tue, 30 Jan 2001, Declan McCullagh wrote:

>On Tue, Jan 30, 2001 at 11:45:43AM -0800, Ray Dillinger wrote:
>> Windows is also built to be insecure; there are backdoor keys for
>> law-enforcement types to stick "trusted" trojans on the system,
>
>Everything else is true, but I'm not sure about the above.
>You're talking about the NSA key, I assume.

Yes:  Windows has one documented public key that it uses to
check software that gets, eg, mailed to it via outlook, or
downloads in a webpage via Explorer, or etc, to decide whether
it is "trusted" software or not.  If it is trusted software
(presumably from Microsoft) then it can be run without
popping up a dialog box and getting the user's attention/
permission. Otherwise, "normal" security methods apply.

People with debuggers long since discovered that there is more
than one key ( though there are conflicting reports about
whether there are two or three), but had no idea why there
would be more than one unless  Microsoft wanted to enable
some third party to create "trusted" applications without
Microsoft's knowledge or review.

Recently when a windows system was made available in a debug
build (ie, with the symbolic names etc still in the code), it
was discovered that one of the "extra" keys was named NSA_key,
which gives at least a strong hint as to who else is allowed
to create "trusted" downloadable software.

				Bear

More information about the cypherpunks-legacy mailing list