Submitted by A Microsoft developer and cryptographer responded in his blog to a news story by the BBC about the problems strong encryption built into Vista might cause for law enforcement. “Over my dead body,” he said, regarding the possibilty of including a law-enforced backdoor in Vista.
Microsoft: Vista Won’t Get a Backdoor
119 Comments
-
2006-03-05 10:12 am
30-day-trial[i]And some people aren’t good at math.
The chance of being hit by a car is much greater in NY than in whichever desert in a remote area.
So what do these numbers say other than there are possibly more *nix based webservers. [i]
What? i read that Linux and Unix experience three times as many reported security vulnerabilities than Windows. Doesnt have anyting to do with web servers.
– Vulnerabilities 2004-2005
Windows and Windows Applications: 812
Unix/Linux and Unix/Linux Applications: 2328
* http://www.us-cert.gov/cas/bulletins/SB2005.html
-
2006-03-05 10:30 am
netpythonhowever, this does not mean that the vulnerability only affects the operating system reported since this information is obtained from open-source information.
-
2006-03-05 10:01 pm
archiesteelWhat? i read that Linux and Unix experience three times as many reported security vulnerabilities than Windows. Doesnt have anyting to do with web servers.
This has been debunked many, many times. Vulnerabilities are counted more than once for Linux/Unix (i.e. the same vulnerability on RedHat will also be counted for Debian if it happens on both distros).
Also the severity of bugs is usually higher for Windows/Windows applications bugs.
When you factor all of these in, it’s clear that Linux/Unix has a much better security record than Windows.
-
2006-03-05 10:26 pm
sappyvcvDefinitely has a better security record.
However, it doesn’t have a perfect record or even near a perfect record. There was a period in the Internet Era when distros being used on servers like Red Hat and the like were being exploited a lot. Websites were getting defaced or taken over a lot. Some of it was poorly written web code, and some of it was exploits like privilege escalation.
This isn’t so much of a problem anymore. Linux has improved its own security track record and probably regained any trust it had lost during that period.
Microsoft has been much slower to address security properly, so some people are very reluctant to trust that they even care, or will ever actually improve security.
Even if they drastically improve security, there will still be problems because of (a) large userbase. users are the weakdest link (b) large marketshare, larger target. We will still definitely still more security problems with Windows than Linux for these reasons.
Now, if they had the same market share, it might be a different story. Don’t get me wrong though, if they had the same market share this whole time, Windows would still have the worse security track record.
2006-03-05 3:35 am
proforma
It’s sad that people can take the truth, yet the truth is ignored by so many people who are religious about their OS. It’s really a shame.
A lot of people think that an Open source Operating system is more secure because people can fix things right away, but that opinion is really decieving in so many ways.
I am not against the idea of Open Source, but using it as an OS and even with passing the code around there are still huge possiblities for security issues.
-
archiesteel
A lot of people think that an Open source Operating system is more secure because people can fix things right away, but that opinion is really decieving in so many ways.
Would you care to elaborate on that, or is this the extent of your FUD?
“Security through obscurity” has not helped Microsoft, whose security record is abysmal. Linux, an open source OS, is slightly more secure, while OpenBSD, another open source OS, is a LOT more secure.
You might have missed this in the other thread, but the Department of Homeland Security seems to disagree with you:
http://www.theregister.co.uk/2006/03/03/open_source_safety_report/
-
2006-03-05 7:39 am
rayinerYes, there are possibilities for security issues, but at the end of the day, I’d much rather hook a Linux box directly to the internet than a Windows box. The last time my Windows machine strayed from behind a *NIX firewall, my computer was infected by MSBlaster in the space of two hours.
Security is not a bullet-point on a feature list, and trust is not a first-impression. People do not assume a product is secure just because the marketing material says so, and people do not trust a product until time has shown that product to be worthy of trust. Vista may very well be as secure as a *NIX, but it will be years before it can prove that security and earn peoples’ trust.
2006-03-04 5:54 pm
Edward
Law enforced is not a good reason. What kind of dumb person siad befor “windows need a backdoor”?
-
2006-03-04 6:03 pm
Thom HolwerdaWhat kind of dumb person siad befor “windows need a backdoor”?
The law might enforce it. You see, file system encryption enables you to ‘hide’ your files. The law might demand that Microsoft put a ‘backdoor’ in the encryption, so that criminal investigators *always* have access to files on suspects’ computers, even if its encrypted.
-
2006-03-05 7:33 am
unoengborgThe law might enforce it. You see, file system encryption enables you to ‘hide’ your files. The law might demand that Microsoft put a ‘backdoor’ in the encryption, so that criminal investigators *always* have access to files on suspects’ computers, even if its encrypted.
This will not work. Criminals have a tendency of not following the law. Strong encryption software will always be available to criminals regardless if it is legal or not. Of course they could make it illegal to possess encrypted files, but then how do they prove that you have an encryted file and not just a set of random data, or that your nice desktop background is asteganograpic crypto.
The people that get hurt by such legislation are ordinary law obiding citizens with legitimate needs to protect their sensitive datea. If the police can get your data, sooner or later it will leak.
The more sensitive and valuable the information is the greater the risk. E.g. how much would would it take to bribe or coerce a low salery police officer to get information about the latest car model your company is designing.
2006-03-04 6:00 pm
2006-03-04 6:37 pm
Deviate_X
Compromised sites (Today)
491 single IP
477 mass defacements
Running:
– Linux (66.8%)
– Win 2003 (18.9%)
– FreeBSD (6.7%)
– Win 2000 (6.2%)
– Unknown (0.4%)
– Win NT9x (0.3%)
– MacOSX (0.3%)
– IRIX (0.1%)
* http://www.zone-h.com/en/index
Vulnerabilities 2004-2005
Windows and Windows Applications: 812
Unix/Linux and Unix/Linux Applications: 2328
* http://www.us-cert.gov/cas/bulletins/SB2005.html
Edited 2006-03-04 18:39
2006-03-04 6:43 pm
re_re
this as an awesome move by microsoft, all personal information should be 100% secure by default, nobody needs to see that info except me and i like it that way, it’s called freedom of privacy.
I might add that I don’t use anything microsoft at home, only at work (and not much there), but i still think this is a good move, it should be the goal of every os to be 100% secure by default.
-
2006-03-04 6:54 pm
necrosisthere is no such thing (ie: in current usage) as “freedom of privacy”
encryption doesn’t imply security, in fact it only affects it in a significant way under the current broken windows security model of running as admin by default.
-
2006-03-04 9:26 pm
ThawkTHTo a degree, in the USA, yes we are entitled to a level of privacy:
“Amendment IV
The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.”
While yes, one could argue a backdoor could be legal if the police required a warrant to ‘use’ this backdoor. I’d guess, though, that this has also been addressed by years of precedent etc.
Even the Supreme Court’s decision to strike down i.e. sodomy laws held that people are entitled to privacy, period…
“Liberty protects the person from unwarranted govern-ment intrusions into a dwelling or other private places. In our tradition the State is not omnipresent in the home. And there are other spheres of our lives and existence, outside the home, where the State should not be a domi-nant presence. Freedom extends beyond spatial bounds. Liberty presumes an autonomy of self that includes free-dom of thought, belief, expression, and certain intimate conduct. The instant case involves liberty of the person both in its spatial and more transcendent dimensions.” – Justice Kennedy, Supreme Court Lawrence V. Texas.
Yes, indeed, a backdoor would be viewed as highly illegal to the court. Yes, the highest interpreters of the US constitution DO in fact deem that citizens have a right to privacy.
2006-03-04 6:57 pm
r2d2d3d4d5
So what is the user supposed to do if the worst happens and they can’t access their data any more (say they forget their password for some reason or dare I say it: there’s a bug)? I can see a lot of disgruntled users out there harassing MS for their baby pictures (etc) back.
2006-03-04 7:05 pm
2006-03-04 7:16 pm
bornagainenguin
…We’ll just take your word for it…
NOT!
–bornagainpenguin (who finds it fascinating that Microsoft would think anyone still trusted it.)
2006-03-04 7:42 pm
xushi
I remember reading once that by law any and all software products that use encryption (like encryption programs) must give a key to the U.S government, especially when such information is to be transmitted to and fro the states.
Now if Microsoft introduces encryption on their operating system by default, will the U.S government enforce another law whereas MS will have to give a key to them in order to bypass the encryption at will?
Want any reasons for that law enforcement? Erm.. say… computers (laptops) nowadays travel from one country to another, and thus data is also being transfered in an encrypted manner..
-
-
2006-03-06 5:59 am
Soulbender“Wherever you read that was wrong.”
Really?
Key escrow isn’t a fantasy.
http://www.schneier.com/paper-key-escrow.html
-
sappyvcv
I’m sorry, where does does it say there that…
“I remember reading once that by law any and all software products that use encryption (like encryption programs) must give a key to the U.S government, especially when such information is to be transmitted to and fro the states. “
? Yeah. No where.
-
xushi
Put in some effort and search in google.. you’ll find tonns of material. I didn’t put any references or links here coz i thought everyone either already did or would.
-
sappyvcv
Oh I’ve seen it all. Look at the links n4cer provided. They pretty much debunk it all.
Everything I’ve read on the net is all pure speculation and proof is NEVER provided.
2006-03-04 8:20 pm
shanecoughlan
It’s interesting that people understand encryption as meaning having something to hide. As was pointed out by one person above, it’s really about privacy. More specifically, it’s about control over access to private information. Under all of the legal systems in Europe and the USA this is currently a right of citizens and subjects.
If a person is known to break a law, it is possible to obtain a warrent to access their private information. At this juncture an individual is legally bound to give law enforcement services access to their data. There is no right for government agencies to access private information without this permission, except in exceptional situations like war (something the US President is currently using as a justification for snooping).
There are rumours that the CIA/MI5/MI6/GCHQ/[insert random agency] are always collection private data. Perhaps yes, perhaps no. It’s outside of the remit of the legal sphere anyway, and cannot (or should not) be used in any legal matter. The fact that encryption would twart such snooping is not a bad thing. It’s annoying for the agencies, but has nothing to do with breaking any laws.
Encryption is not about having something to hide. It’s about having private in the digital sphere that you can already have in the physical sphere (think about your right to have a safe at home).
2006-03-04 8:28 pm
Christiaan
MS has been colluding with the CIA and the U.S. government for decades. Who’s he trying to kid.
-
2006-03-04 8:31 pm
-
2006-03-04 8:51 pm
TBPrinceJust Google for “Windows NSA key”.
Windows having backdoors for CIA and NSA is one of the main reason why EU and China (among others) are trying to leave Windows for Open Source.
My take is Windows is not very credible about this. They did in the past and we cannot be sure they won’t do again. The Shared Source Initiative is aimed to wipe out such clouds but is not proving itself successfull.
There are fewer chances that they could win Govts trust again. And I’m a Windows user. 😉
-
sappyvcv
There is no backdoor. If there was, it would have been found and exposed already.
Try again troll.
-
Christiaan
In September 1999, leading European investigative reporter Duncan Campbell revealed that NSA had arranged with Microsoft to insert special “keys” into Windows software, in all versions from 95-OSR2 onwards. An American computer scientist, Andrew Fernandez of Cryptonym in North Carolina, had disassembled parts of the Windows instruction code and found the smoking gun—Microsoft’s developers had failed to remove the debugging symbols used to test this software before they released it. Inside the code were the labels for two keys. One was called “KEY”. The other was called “NSAKEY”. Fernandez presented his finding at a conference at which WIndows developers were also in attendance. The developers did not deny that the NSA key was built into their software, but refused to talk about what the key did, or why it had been put there without users knowledge.
http://www.techweb.com/wire/story/TWB19990903S0014
In February 2000, it was disclosed that the Strategic Affairs Delegation (DAS), the intelligence arm of the French Defense Ministry, had prepared a report in 1999 which also asserted that NSA had helped to install secret programs in Microsoft software. According to the DAS report, “it would seem that the creation of Microsoft was largely supported, not least financially, by the NSA, and that IBM was made to accept the MS-DOS operating system by the same administration.” The report stated that there had been a “strong suspicion of a lack of security fed by insistent rumours about the existence of spy programmes on Microsoft, and by the presence of NSA personnel in Bill Gates’ development teams.” The Pentagon, said the report, was Microsoft’s biggest client in the world. (Agence France Presse, February 18 and 21, 2000)
-
sappyvcv
Actually the only “proof” ever found that a string called _NSAKEY. There was no backdoor ever found.
A single string is hardly proof to support this retarded conspiracy.
-
-
n4cer
No to both questions (unless you count beta testing).
As for the NSA key nonesense:
http://www.microsoft.com/technet/archive/security/news/backdoor.msp…
By the way, everyone should stay away from any Linux incorporating source from SELinux if they count any contact with NSA as being colusion.
http://www.nsa.gov/selinux/index.cfm
Edited 2006-03-04 21:17
-
Christiaan
Haha, what the hell do you think MS are going to say? “Buy our product and we’ll help fascists spy on you!”?
-
n4cer
Believe what you want. I don’t care what OS you use, but the facts don’t support the assertions.
-
Christiaan
You’re not interested in facts. You’re interested in being comfortable with your beliefs.
-
n4cer
You’re not interested in facts. You’re interested in being comfortable with your beliefs.
Funny how I see that as exactly your stance. Talk about projecting.
Oh no, more NSA collusion
http://www.nsa.gov/snac/downloads_macX.cfm?MenuID=scg10.3.1.1
Oh no, any OS vendor seeking Common Criteria Evaluation has to deal with NSA.
http://www.nsa.gov/ia/industry/cots.cfm?MenuID=10.2.7
-
-
-
Christiaan
I’m not, you asked for the evidence and I gave it to you. At no point have you addressed the evidence I posted other than to dismiss it by quoting what the miscreant had to say about, and then you post a bunch of links that say nothing about nothing.
-
n4cer
And here you show your bias towards MS by calling them “the miscreant”.
I gave you evidence of what the so-called NSA key was and you simply dismissed it out of bias.
I also noted that contact with the NSA is required for security evaluations that MS and other vendors seek to do business with government agencies, and that if you are so paranoid as to think MS should have absolutely nothing to do with NSA, then there are other OSes, including SELinux-derived OSes that you should avoid as well.
-
Christiaan
You don’t consider them a miscreant? Well I’m sure we could agree that MS is a convicted monopolist abuser then couldn’t we?
Firstly you didn’t address all the points of evidence, secondly MS denial is hardly hard evidence. Do you really think they’d admit to it?
And I didn’t deny that other vendors may have colluded with the U.S. government with regard to back doors either. That’s just you obfuscating.
-
n4cer
You don’t consider them a miscreant? Well I’m sure we could agree that MS is a convicted monopolist abuser then couldn’t we?
No, I don’t consider them a miscreant any more than any other tech company. As to the monopoly ruling, it isn’t hard when you have direct competitors writing briefs for the government, par down the market to only x86 clients, and have an openly biased judge (Jackson) making the rulings. Read the transcripts and you’ll see that most of the arguments from competitors were about what MS could do, not what they actually did do. It’s pretty funny stuff, especially near the end (under Kotelly) where they (the plaintiffs/competitors) want to demo XP Embedded as evidence that Windows can be taken apart without functionality loss and their demo consists of a computer and something like 57 CDs which they didn’t even want to give the MS team time to evaluate.
Firstly you didn’t address all the points of evidence, secondly MS denial is hardly hard evidence. Do you really think they’d admit to it?
The evidence is based on a set of keys being found. Beyond that is conjecture about what the keys are there for. What they are for has been addressed by MS.
You assume there is anything to admit to. Multiple governments have access to Windows source. If there was anything there, most would probably not be using Windows at this point.
And I didn’t deny that other vendors may have colluded with the U.S. government with regard to back doors either. That’s just you obfuscating.
If you really believe any vendor has colluded with NSA, then what OS are you using? If it’s Linux, have you checked every line of your source, or do you just rely on binary distributions?
-
archiesteel
I gave you evidence of what the so-called NSA key was and you simply dismissed it out of bias.
Evidence? I don’t know if I would call it that, since it’s from Microsoft and they have a clear interest in people thinking that there is no backdoor.
I think you’re a bit too quick to take what MS says at face value…
-
sappyvcv
There is no evidence FOR the argument that it’s a backdoor key for the NSA in the first place. The burden of proof is not on Microsoft.
But they still explained what the key is for. If you honestly think they are lying through their teeth about what it’s for, you’re overly paranoid.
-
archiesteel
If Microsoft was a trustworth company, then perhaps I wouldn’t be so skeptical of what they said.
That being said, I’m not convinced either way. I know that China was concerned enough to ask for source code, however since they were not able to compile that code it probably didn’t prove much in the end.
As I said, the idea of a proprietary OS seems quaint to me in this day and age. All infrastructure should be open and free, of course you are free to disagree and support the obscene advantages it gives to the company owning the OS. I myself like diversity, competition and a level playing field, but if you actively support Microsoft’s domination and the roadblocks it creates for competition and innovation, that’s your right…
-
2006-03-05 1:04 am
kaiwaiRegarding the China issue; the issue isn’t about so-called ‘back doors’, its about ensuring that they aren’t ‘beholden’ to a foreign company – its the whole Ghandi/Indian complex of ‘f–k foreigners, we want to be self reliant!’ – yeah, look how great that has been in India; jump on a train in New Delhi and you’ve got people taking a dump on the train track.
The world is gloablising, getting back to what we had in the 18th century, free movement of people, goods, services and the like – the day when this era finally arrives, stupid ‘national intersts’ will be pushed to the side; Microsoft isn’t an American company, its a global player in the software market, same goes for IBM and other IT players; they may have their headquarters in the US, but that doesn’t mean they have a particular loyalty to the US; if Ireland offered them a particularly cosey deal, I’m sure IBM would move there without question.
I think Number 2 in Austin Powers put it best, “there is no world, there is only corporations” – maybe people around here should join the 2006, because 1950 calls, they want their rampent isolationism and nationalist jingoisms back.
Edited 2006-03-05 01:07
-
-
2006-03-06 12:03 am
kamperits the whole Ghandi/Indian complex of ‘f–k foreigners, we want to be self reliant!’ – yeah, look how great that has been in India; jump on a train in New Delhi and you’ve got people taking a dump on the train track.
How are current problems in India Ghandi’s fault? I’m not an historian, but it seems far more likely that they’re a result of the empire that rolled over the country and then left it without cleaning up. If anything, Ghandi saved it from being worse.
Look at all the now-independent countries that have been colonized by Europeans over the past few hundred years. I can think of only 4 that are now considered prosperous: Canada, US, Australia and Hong Kong. In 3 of those, the population is mostly of European descent and the original inhabitants are no better off than Indians today.
It’s not too hard to make comparisons between the former European empires and current American capitalists. Anyway, I’m just playing devil’s advocate; this is entirely too conspiracy theoryish…
-
kaiwai
How are current problems in India Ghandi’s fault? I’m not an historian, but it seems far more likely that they’re a result of the empire that rolled over the country and then left it without cleaning up. If anything, Ghandi saved it from being worse.
Babe, when Ghandi took over, and India was given its independence, everything was already there, in mint condition, a working parlimentry system, a rail network, health, education etc. All the Indians had to do was keep the damn things going! compared to most colonies, there were in a very good condition.
The problem with India? corruption left, right and centre, a bloated government, and rampet double standards of demanding that us ‘rich countries’ open our markets for their agricultural goods, whilst they turn around and refuse entry to legitimate businesses from the west – all spawned off from the ‘f–k off foreigner’ complex.
-
sappyvcv
If you don’t trust them, that’s fine. Don’t accuse them of putting a backdoor in though (not saying you are) without some semblence of evidence.
Myself, I like using whatever OS I have the best experience on, and for me, that is Windows. I couldn’t give a hoot about the politics behind it unless people are being killed or lifes seriously altered.
Best tool for the job, eh? My right is to use whatever I please, open-source advocates be damned. I know the advantages of open-source, and I simply don’t care that much. It’s not apathy, it’s a realization that using open source doesn’t benefit me enough to move to mostly open-source products.
-
archiesteel
If you don’t trust them, that’s fine. Don’t accuse them of putting a backdoor in though (not saying you are) without some semblence of evidence.
I’m not. I’m not convinced either way.
Myself, I like using whatever OS I have the best experience on, and for me, that is Windows. I couldn’t give a hoot about the politics behind it unless people are being killed or lifes seriously altered.
I have about the same amount of experience with Windows and Linux, so to me that is not a big factor. That said, I do care about the politics of it. Not all politics involve people dying, that doesn’t mean it’s not important. That said, you are free not to care, however you can’t fault others for caring.
I know the advantages of open-source, and I simply don’t care that much. It’s not apathy, it’s a realization that using open source doesn’t benefit me enough to move to mostly open-source products.
That’s great. However, that decision does not require you to actively defend Microsoft, you know? 🙂
-
sappyvcv
That said, I do care about the politics of it. Not all politics involve people dying, that doesn’t mean it’s not important. That said, you are free not to care, however you can’t fault others for caring.
I know other politics are important too. I don’t think this is really that important though.
I don’t fault others for caring. I fault others for telling me I should care, like I’m doing something wrong.
That’s great. However, that decision does not require you to actively defend Microsoft, you know? 🙂
No, it doesn’t. I choose to defend anything if I think it’s being unfairly attacked. Sometimes that’s Microsoft, sometimes it’s Opera, sometimes it’s Democrats, sometimes it’s George W Bush, sometimes it’s Mozilla.
Bringing up that I “actively defend Microsoft” is very weak of you.
-
archiesteel
Bringing up that I “actively defend Microsoft” is very weak of you.
I wouldn’t bring it up if your comments weren’t consistently so one-sided towards MS.
There’s nothing wrong with that, btw. I wouldn’t mind if you were to say that I “actively defend Linux”, because I’m not afraid to admit that it’s true. In fact, I believe that it will be essential to actively defend Linux for as long as Microsoft will abuse its monopoly status in order to stunt its growth.
Microsoft has a marketing department that spends hundreds of millions, Linux has vocal advocates. The fight is unfair towards Linux, and yet some people (like Tom K and the so-entertaining Barkley) feel that the multi-million dollars are not enough.
You get to choose your side, but the least you can do is acknowledge it…
-
sappyvcv
I did acknowledge it. I simply said it’s weak of you to bring it up, because it’s not relevant. It’s simply a retarded debate tactic.
-
archiesteel
I do think it’s relevant. Also, it wasn’t an argument, but a mere observation.
It obviously struck a nerve, though.
-
sappyvcv
No, it’s not relevant. It shows that you are reaching with your arguments, that you have to resort to trying to charactarize me.
It may seem like it struck a nerve, but you’d be wrong. I just saw it as very lame and pointed that out to you. No nerves stuck, sorry. Maybe next time
-
archiesteel
No, it’s not relevant. It shows that you are reaching with your arguments
I disagree. I think it’s relevant to point out that your past comments history tends to show a pro-MS bias. I mean I’m not inventing stuff here, all of our comments are available for anyone to browse.
I’m not saying that this is wrong, I was merely pointing out that the fact that you prefer Windows doesn’t require you to defend Microsoft. There is no judgement on my part, i.e. I’m not saying it’s bad to defend MS, nor am I attacking your character by saying this. I am simply reflecting on a trend, and I even said that it’d be pretty clear to anyone who’s read my comments that they tend to be pro-Linux, anti-MS and neutral on Windows (as I differentiate between the company and its products).
The fact that you feel that this is an attack on your character puzzles me. Are you saying that it’s bad to be defending Microsoft? I’m puzzled…
that you have to resort to trying to charactarize me.
I’m not resorting to anything. My arguments stand by themselves. I was merely making an observation in addition to those arguments.
It may seem like it struck a nerve, but you’d be wrong. I just saw it as very lame and pointed that out to you.
I’m sorry, but the fact that you considered a truthful observation as lame is in itself proof that I struck a nerve.
Again, it wasn’t meant as an attack, and my observation still stands. It’s not because you have chosen to use a Microsoft product that you should feel that you have to defend the company against criticism. MS has no loyalty towards you, you’re not expected to have any towards it. I use Microsoft products myself (hey, I’ve even made MS money by working on Xbox games), but that doesn’t mean I won’t be critical of the unfair tactics it uses when it conducts its business.
-
sappyvcv
I disagree. I think it’s relevant to point out that your past comments history tends to show a pro-MS bias.
And you’ve shown an anti-MS bias (as you said). What’s your point? You want to point out a trend, btu say it isn’t a bad thing and you’re not judging it. But why bother pointing it out then? Don’t you think anyone with any competance can see the trend for themselves?
The fact that you feel that this is an attack on your character puzzles me. Are you saying that it’s bad to be defending Microsoft? I’m puzzled…
No, I’m trying to say that I still don’t understand WHY you brought it up, and you’ve even kind of explained that there isn’t a reason for it either, so I am puzzled as well. The only thing I could thing of is that it was a subtle attempt at characterizing me negatively. I’m not saying that IS the case, but I don’t see any other reason right now.
Now why would I think this? Because in the past, people that have said the same thing have said it in a negative tone. It’s a pattern, and that’s the best presumption I can come up with until you show otherwise, or at least tell me that bringing it up served no purpose (yes it was an observation, but observations should serve a purpose).
I’m also thinking this way because of the way you keep feeling the need to remind me that I owe Microsoft nothing, and it seems like you’re trying to frame it like I’m making a bad choice in choosing to defend them sometimes.
I’m sorry, but the fact that you considered a truthful observation as lame is in itself proof that I struck a nerve.
Please read what I said above and maybe you’ll understand where I’m coming from better.
-
archiesteel
The only thing I could thing of is that it was a subtle attempt at characterizing me negatively. I’m not saying that IS the case, but I don’t see any other reason right now.
While, it’s quite simple: I’m trying to convince you to stop defending Microsoft, because you have no real reason to do so. I thought that was pretty obvious.
I’m also thinking this way because of the way you keep feeling the need to remind me that I owe Microsoft nothing, and it seems like you’re trying to frame it like I’m making a bad choice in choosing to defend them sometimes.
That’s exactly it. I think it’s a bad choice to defend them unless you work for them or own MS stock. Of course, I’m not disputing your right to do so, because I think that freedom of expression is sacred.
At the same time, it is my own opinion that you are wasting your time in defending an aggressive, convicted monopolist who tries to squelch any competition, and in doing so stifles innovation. It’s a waste because it’s already in the dominant position and doesn’t need your help. It would be better to support Linux development and advocate its use, because it’s the underdog and needs the help.
You’ll say “but I use Windows!” All the more reason: the more popular Linux will become, the more work Microsoft will have to put into making a better product.
That’s why we say competition is good, because the customer benefits. So if you want Windows to improve even more, don’t advocate it on the Internet, advocate Linux instead.
That was pretty much the reason for me bringing this up. Don’t read more into it than that.
-
sappyvcv
While, it’s quite simple: I’m trying to convince you to stop defending Microsoft, because you have no real reason to do so. I thought that was pretty obvious.
Why? Does it bother you? I’m not trying to convince you what to defend and what not to defend.
the more popular Linux will become, the more work Microsoft will have to put into making a better product.
You’re right, which is why I am happy when I see progress in the linux world. That doesn’t mean I need to advocate it, because I think it’s still a generally inferior PRODUCT for most users. But the more it improves, the better!
Now that you’ve clarified your reasons, I think they are still quite lame. Like I told you, I defend whoever I think is being unfairly attacked. This tends to be more products I use, as I am more familiar with them, which should be common sense.
And I’m sorry, there is no “wrong choice” in who I choose to defend (not talking a case-by-case thing here). To insist otherwise is ridiculous.
Would you tell someone defending (US) republicans “They don’t need your help, they’re already in the white house and control the house”?
I’m sorry, but I won’t stick to strictly defending the underdog simply because they are the underdog.
-
archiesteel
Why? Does it bother you? I’m not trying to convince you what to defend and what not to defend.
It does bother me a little, yes, because a) I do not think MS was unfairly attacked, b) it can defend itself quite well and c) the criticism it gets is nothing compared to the FUD it throws at Linux.
Now that you’ve clarified your reasons, I think they are still quite lame.
That’s your opinion and you’re entitled to it. I disagree, of course.
Like I told you, I defend whoever I think is being unfairly attacked. This tends to be more products I use, as I am more familiar with them, which should be common sense.
You were not defending the product, but the maker of the product. That’s the whole point. You need to differetiate between Windows and MS.
That said, I do not believe that MS was unfairly attacked. Even if it was, you have no personal stake in Microsoft, which is why I find it curious that you’d go out of your way to defend them.
I, on the other had, do have a personal stake in defending Linux because I’ve contributed to it. Also, Linux advocates don’t want Windows to cease to exist, they just want to coexist. Microsoft doesn’t want to coexist, it wants to dominate. THAT is the big difference between the two positions, and why one should not defend MS’ position.
And I’m sorry, there is no “wrong choice” in who I choose to defend (not talking a case-by-case thing here). To insist otherwise is ridiculous.
That’s your opinion. In my view, defending Microsoft is a wrong choice, for the reasons I detailed above.
Would you tell someone defending (US) republicans “They don’t need your help, they’re already in the white house and control the house”?
Yes, I would. Of course, that’s also because I disagree with the Republican point of view.
I’m sorry, but I won’t stick to strictly defending the underdog simply because they are the underdog.
It’s not a question of rooting for the underdog just because they are the underdog. It’s a question of rooting for them because they want simple coexistence, while the other side just wants to annihilate the underdog.
If Microsoft abandoned its predatory tactics, my view of them might change (in fact, I don’t have the same criticism for them in the video game console market, because, well, they are the underdog there…). Until they do, I’ll continue to criticize them, and those who choose to waste their time defending them. You’d better just get used to it. 🙂
-
-
2006-03-05 3:40 pm
abraxasBy the way, everyone should stay away from any Linux incorporating source from SELinux if they count any contact with NSA as being colusion.
It’s opensource. It doesn’t matter what they NSA does with SELinux because we have the world to audit it and in fact the NSA does very little/nothing with SELinux anymore. It is developed outside the NSA now. It just happened to be started by the NSA.
2006-03-04 9:11 pm
Anonymous
Of course, if this were a Linux story, and this were a Linux developer saying the same thing, half of you would be creaming your pants, shaking with joy, and proclaiming how Free of a platform Linux is.
When an MS developer says the same about Vista, Vista just gets bashed.
I love these double standards. Too bad that when release rolls around, people will be interested in it, and many will buy it. When the next FC/Mandrake/SuSE release rolls around, it’ll just be another flop as far as adoption is concerned. Get a life — all of you.
-
2006-03-04 10:42 pm
raver31do you have any sort of clue ????
linux is OPEN… people can look for backdoors
people here say Microsoft is fine and can be trusted on their word that there is no backdoors….
but Windows is closed, people cannot check for themselves.
Your computer could be being logged right under your nose
-
n4cer
As I stated, governments (among others) have source access.
Linux may be open, but not everyone who uses it looks at the source.
-
-
-
Deviate_X
raver31: “linux is OPEN… people can look for backdoors … but Windows is closed, people cannot check for themselves”
Actually an very large number of people have access to the windows source code.
Most of them specifically requested access (like the Chinese government, MVP’s, and the entire EU) to make sure there their were no back-doors in the software.
China: http://english.people.com.cn/200303/17/eng20030317_113428.shtml
MVPs: http://www.eweek.com/article2/0,1759,1624933,00.asp
-
2006-03-05 12:01 am
barkleyYou’re a lying nazi Raver31. Lots of people have the windows source code. That source code isn’t going to get you laid either you sniveling dweeb.
Linux loses again. Vista owns all of you Linux noobs.
-
proforma
>do you have any sort of clue ????
>linux is OPEN… people can look for backdoors
So if someone takes linux, adds a backdoor and sells it and doesn’t give the full source away they can’t add backdoors?
You are kidding right?
Open source software can have the same problems.
The main problem that I see is that trusting in open source just because it says open source is just stupid.
It’s really a false security and that is the problem with it.
Why do you think we have the US government monitoring open source software as well as closed source.
-
archiesteel
So if someone takes linux, adds a backdoor and sells it and doesn’t give the full source away they can’t add backdoors?
If someone does that they’ll be sued for copyright infringement.
Seriously, you should learn more about open-source before criticizing it.
-
proforma
>Seriously, you should learn more about open-source before criticizing it.
You should learn about life before understanding it.
If someone violates the GPL who is going to sue?
These are people without that much money.
-
2006-03-07 6:30 am
jiraiya2051the eff of course. heres a link for you. http://www.eff.org there are also a couple of millionares backing linux distributions, im pretty sure they’d love to sue microsoft on behalf of one of the many linux projects in the case that microsoft violates the gpl.
Edited 2006-03-07 06:34
2006-03-04 11:15 pm
rtfa
“Actually an very large number of people have access to the windows source code. ”
They may have access to source code, but do they have access to the source that matches the binaries that make up the OS they are using? They’re not allowed to compile to check so the code is unverifiable making it a nonsense that they can truely check for backdoors or whatever they wish to check for.
-
Deviate_X
rtfa: “They’re not allowed to compile to check so the code is unverifiable making it a nonsense that they can truely check for backdoors or whatever they wish to check for.”
The ability to compile/or not compile source code is not as important as is the ability understand code and intentions. And by code I mean high-level (C/C++) and low-level languages (Assembly) – Machine Code.
Therefore anyone examining the source code would have to have deep understanding of assembler – actually it would be a prerequisite given those significant parts of windows is written in assembly.
To such a person, talented enough, the high-level language code is just good reference material – as a matter of fact anyone with a debugger and time can walk through the assembly code and figure out whats going on now
-
2006-03-05 2:20 am
DigitalAxisBeing able to compile the code IS important, though… if you can’t compile the code yourself, how do you know the code you’ve been given is actually the code used to produce the binary you were given? I mean, outside of an ability to spot inconsistencies between the code and the binary itself…
-
30-day-trial
http://www.microsoft.com/resources/sharedsource/Licensing/OEM.mspx : The OEM shared shource license states: “Licensees may modify, assemble, compile or link the source code and execute the resulting derivative binary code on a temporary basis to assist in debugging its hardware for the Microsoft Windows operating system”
-
2006-03-05 10:40 am
Sheld“Licensees may modify, assemble, compile or link the source code and execute the resulting derivative binary code on a temporary basis to assist in debugging its hardware for the Microsoft Windows operating system”
Which means you can’t use it for production, so you have to use MS provided binaries and if you weren’t able to produce the bit-for-bit same binaries from source you still have no proof that you don’t have a back door in your production system.
It’s a bit sadening that people still don’t understand this key advantage of OpenSource over proprietary software.
-
rayiner
1) The ability to compile the code (with a trusted compiler) is a requirement for being able to verify that the binaries you deploy match byte for byte the code produced by compiling the audited source code. It’s the only way of assuring that the source code you have is actually the exact source to the binaries you have.
2) Actually, most of Windows NT is written in C, not assembler, including the “significant” portions. While the various NT ports have been eliminated over time, the code itself is still easily portable, as evidenced by the various NT versions that used to run on Alpha, MIPS, etc, and the fact that the PowerPC-based XBox360 runs a version of Windows NT as well.
-
Deviate_X
rayiner: “The ability to compile the code (with a trusted compiler) is a requirement for being able to verify that the binaries you deploy match byte for byte the code produced by compiling”
(1) Rayiner you obviously don’t understand what you are talking about – two different compilers will invariably produce two different binaries – this is because different compilers use different compilation strategies – this is obvious to any software developer.
If you then use the same compiler(s) as microsoft how will you know that the compiler hasn’t inserted bad code?
If both use GCC, then you won’t be comparing against the original binary.
If you use GCC, you binaries will be different because the compilers are different and how do you know the compiler didn’t insert bad code anyway?
The GNU project servers were compromised for 4 months undetected.
http://uk.builder.com/manage/work/0,39026594,20277728,00.htm
Truly the only way to verify a binary is to decompile and debug.
(2) Quote: “The kernel code is written primarily in C, with assembly code reserved for those tasks that require the fastest possible code or that really heavily on the capabilities of the processor” – Inside NT Kernel Architecture
Edited 2006-03-05 09:54
-
-
rayiner
The assumption is, of course, that the compiler itself is trusted. Otherwise, verifying the OS makes no sense — an untrustworthy compiler could still compile applications with back doors.
Now, decompiling will allow you to verify a binary you haven’t compiled yourself, but looking for security flaws in decompiled code is substantially harder than doing it in compiled code.
The implications of these facts, of course, are the following:
1) You cannot truely trust a binary you have not compiled yourself;
2) Programs with large code bases are hard to verify and thus bad for security.
Of course, these points reiterate the obvious — small, simple programs with open source code are the most trusthworthy programs…
2006-03-04 11:18 pm
rtfa
Just because a developer blogs that it wont happen means nothing. If he’s told to include one he will and the NDA he would have signed would protect that secret.
2006-03-05 2:23 am
setuid_w00t
Can anyone confirm my suspicion that Mac users are more open to backdoor action than Windows or Linux users?
-
2006-03-06 10:18 am
bogomipzInteresting theory, maybe they are because:
a) Apple has good karma
b) Microsoft has bad karma
c) OSS users want to have control over their systems
More scientific proof (one way or the other) would be welcome
2006-03-05 2:29 am
2006-03-05 8:33 am
jaboua
Isn’t this gonna make it difficult for other systems (like in a dual-boot) to access the windows partitions as well?
2006-03-05 9:33 am
ThunderBug
Encryption only protects content when you are not using it. If the box is otherwise compromised……. Duh.
-
netpython
Or the transport of content.
In this respect what is harddisk io?
So if you are administring a server via a vpn arent you using the content you are sending?
2006-03-06 3:30 am
proforma
The government is also using Linux. There goes your freedom.
I think it’s fine if you like linux, but you are not too bright if you don’t think the government doesn’t use linux as well as windows.
I guess its ignore anything that is negative about linux and only see the positive sunshine. Reality after all does not matter.
2006-03-06 4:07 am
proforma
>This has been debunked many, many times.
>Vulnerabilities are counted more than once for >Linux/Unix (i.e. the same vulnerability on RedHat
>will also be counted for Debian if it happens on both distros).
Well fine, even if I divide by half it’s still more than Windows. I think that is much more realistic.
Still gives 1,164 issues.
I think you also have to factor in that less people use Linux than Windows and thus there is less hype about security problems and thus it isn’t as dangerous as more people are running by obscurity.
Also, its clear that just by having security by obscurity isn’t the answer as we have seen on the Macintosh recently.
>When you factor all of these in, it’s clear that
>Linux/Unix has a much better security record than
>Windows.
Well I gave Linux the benefit of the doubt from the data, but come on the FUD coming from the Linux community is just obscene, of course a lot of it is lies and false information just so that people don’t trust Microsoft.
Can you honestly say to me that a lot of Linux folks don’t have an agenda behind their so called facts?
I honestly don’t believe anything that the Linux community says to be honest as most of it is just FUD and outright lies to get people to get against Microsoft because of their so called freedom. In my opinion it’s like believing George W Bush or Bin Laden FUD.
However, even if this is true what is your answer towards the final release of Windows Vista this year? We have not seen a new Windows release since 2001 so that is 5 years of finding all the problems and security issues. Linux isn’t attacked as much because they are religious folks.
-
archiesteel
Well fine, even if I divide by half it’s still more than Windows. I think that is much more realistic.
Still gives 1,164 issues.
If you want to be more realistic, divide by five, not two.
Also, measure the actual threat posed by the vulnerabilities.
I follow security news closely. Believe me, Windows has a long way to go to regain the confidence of users as far as security goes.
Well I gave Linux the benefit of the doubt from the data, but come on the FUD coming from the Linux community is just obscene, of course a lot of it is lies and false information just so that people don’t trust Microsoft.
Microsoft doesn’t need to blame anyone else but itself if people don’t trust it. The Linux community didn’t cause the multiple vulnerabilities in Windows software that cost more than 160 billion dollars in 2004.
You may think that there is FUD coming from the Linux community, but in reality it is dwarfed by the multi-million dollar FUD campaings coming out of Redmond. If you want to be honest in your criticism, begin by pointing the finger at Microsoft, not the Linux community.
Linux isn’t attacked as much because they are religious folks.
How do you expect anyone to take you seriously when you say things like this?
-
jiraiya2051
hi! i was wondering, do you post about something you know nothing about all the time or is this the exception?
if the same vulnerability is counted for each distro it appears on, and that vulnerability appeared on every linux distro, that would be at least 100 counts at once. there are more than 100 different distros, so there is most definitely going to be more vulnerabilities detected for linux systems as a whole compared to windows.
2006-03-06 4:16 am
proforma
About 10 percent of the linux community is actively being productive and building code and is too busy trying to do something to improve it.
The other 90 percent of the linux community is arguing about stupid things like how bad Microsoft is and how much better linux is and is overly relgious about their OS. These people have more to prove and they might be smart people, but they lack common sense.
Not only do they argue against Microsoft they also argue on other dumb issues like KDE vs GNOME and other pointless stuff of this nature.
It is really sad when it’s come down to this, instead of trying to convince people to switch you should not have to do that, the product should do that for you and I suppose the product is just not quality enough yet to make that happen.
Don’t waste your time on stupid stuff, make sure your time is more productive. Don’t get stuck with the small things in life that you can’t change (like changing someone’s mind). Life is simply too short for this kind of intollerance.
-
archiesteel
About 10 percent of the linux community is actively being productive and building code and is too busy trying to do something to improve it.
The other 90 percent of the linux community is arguing about stupid things like how bad Microsoft is and how much better linux is and is overly relgious about their OS.
Please provide your sources for these numbers please, because from where I stand it really looks as if you just pulled them out thin air.
Again, if you’re going to denounce FUD, begin with the champion of all FUD, whose BS outputs dwarfs anything the Linux community could ever achieve. Hint: they’re based in Redmond, Washington…(and no, it’s not Lycoris!!!)
-
proforma
>Please provide your sources for these numbers
>please, because from where I stand it really looks
>as if you just pulled them out thin air.
>Again, if you’re going to denounce FUD, begin with
>the champion of all FUD, whose BS outputs dwarfs
>anything the Linux community could ever achieve.
>Hint: they’re based in Redmond, Washington…(and
>no, it’s not Lycoris!!!)
There is no need for real numbers as you can clearly see this from the posts in many of the forums that I visit. Common sense will tell you this, you don’t need to be a rocket scientist or have to use numbers to figure this out.
The Linux community is doing free research and development for Microsoft. All Microsoft has to do is tap sourceforge and other websites like it and call it a day.
Well that is kind of hard to do with a lot of people providing hacks and no code reviews or security reviews or programming standards for an OS that is largely hacked together as a community and is lesser quality than what vista will be when its released later this year. doh!
-
archiesteel
There is no need for real numbers as you can clearly see this from the posts in many of the forums that I visit. Common sense will tell you this, you don’t need to be a rocket scientist or have to use numbers to figure this out.
That’s called sample bias, and it’s something you’ll see in Psychology 101. Basically, it means that you can’t trust an incomplete sample to be representative of a population at large, and that your own bias will also taint the results. In this case, trying to figure out any kind of statistics based on your personal observation of posts here and elsewhere on the net.
In other words, you did pull the stats out of your ass, and as such they mean absolutely nothing. I could state that it’s actually the contrary, that 90% of the Linux community is serious and contributes in a helpful manner, and only 10% indulge in advocacy on Internet forums, and it would be just as valid as your statement (i.e. not very).
Don’t make these kind of claims if you want to be taken seriously.
-
jiraiya2051
“The Linux community is doing free research and development for Microsoft. All Microsoft has to do is tap sourceforge and other websites like it and call it a day.”
they can’t, they would have to acknowledge the writers of the programs or they would be sued. they would also have to distribute the source code of some of the programs they made under some liscences, and they wont do that.
“Well that is kind of hard to do with a lot of people providing hacks and no code reviews or security reviews or programming standards for an OS that is largely hacked together as a community and is lesser quality than what vista will be when its released later this year. doh!”
have you even looked into linux before posting something like this? first of all, vista will be of near equal quality to linux when it releases, a bunch of its features have been in linux a long time. also by time it is released, KDE4 should be out, and linux users will have an enhanced desktop as well as 3d desktop thanks to Xgl(being developed by novell) and AiGLX. if you had any experience with linux you would know it is not some os that was thrown together by hobbyists with little in the way of programming skills. every day linux is getting new projects and software and it is at the moment able to meet the needs of a standard user.
2006-03-06 11:22 am
Windows does not need a backdoor, it is like a swiss cheese already.
You are gonna get modded down for that !
however, the whole thing confuses me…
the encryption built in will be able to stop police if they grab your PC for investigation.
They caught Gary Glitter with kiddie porn in this way.
So in this sense it is a good thing.
But, having the filesystem encrypted by default, will make things like this far harder to do….
Microsoft should not do this.. instead leave it to 3rd party programs.
So, if someone is under investigation, and their files are encrypted… then they have something to hide.
being left this way… everyone will be looked at as having something to hide.
Indeed, I think people that really did something like terrorists will use 3rd party encryption anyway and not the Vista’s tool knowinging there might be a backdoor for the governement.
So, if someone is under investigation, and their files are encrypted… then they have something to hide.
That’s a silly assumption, I encrypt a lot of my stuff just so that if someone does get a hold off my pc (it might go in for maintenance or get stolen, whatever) they can’t get at the data. It’s common sense, like locking the door.
Also the best encryption software provides plausible deniability, like including a second encrypted volume inside the first with the data undistinguishable from random data. This protects you in countries where there is no equivalent of the US’ fifth amendment (no self-incrimination).
Edit: s/stupid/silly/
Edited 2006-03-04 18:05
US’ fifth amendment (no self-incrimination).
Oh wonderful, the fifth ammendment, the ‘get out of jail free’ card for the Kenith Lays of the world; if the US did wish to use torture, wouldn’t it be best to use it on economic terrorists like Kenith Lay than trying to get some unknown goat hurder in Iraq to confess to something he knows nothing about!
The rights in the Constitution were not chosen arbitrarily. The fifth amendment derives from English common law, and like most such protections, has been included in the Constitution because it has proved useful over hundreds of years in protecting the rights of the people. Such protections are not something people should be willing to give up easily.
> So, if someone is under investigation, and their files
> are encrypted… then they have something to hide.
Right, but having something to hide is not a crime. Most people have something to hide. It’s called privacy. If privacy is ever criminalized in a country, I would advise everybody to either leave that country immediately, or start a revolution.
If privacy is ever criminalized in a country, I would advise everybody to either leave that country immediately, or start a revolution.
Must… Resist… People who know me well will know what I mean
.
Right, but having something to hide is not a crime. Most people have something to hide. It’s called privacy.
Exactly. I really wouldn’t give one bit if the law ever were to enforce this (because I really got nothing to hide), but I certainly do understand that a lot of people wouldn’t like this.
“I would advise everybody to either leave that country immediately, or start a revolution.”
Ideally that would be the case, but have you had a look at the state of affairs recently. In the UK people have cameras all over, several can also see inside people’s windows because of the direction they point. We have hundreds of companies playing legal lottery, from the recent blackberry case with pseudo-companies taking out rediculous patents and then taking advantage of a legal system comprised of incompotent ignorants, to the RIAA, MPAA and SCO, the list just goes on and on and on…. Then you have certain presidents (whom I won’t name) who like to think themselves everyone’s big brother, next thing you know you have illegal wire taps, car tracking, cell phone tracking, blackboxes in cars, internet traffic monitoring, illegal detainment and torture, every last detail about your life including a 3d nude shot in some government database, private records where people can write whatever they want about you and you don’t know about it so you can’t defend yourself. There’s just no end to the disgusting farm animal treatment we get these days.
If there were people around I’m sure there’d have been a revolution long ago, unfortunately all I see around me are sheep.
About those sheep…
http://www.aperfectcircle.com/bodies.html
“They caught Gary Glitter with kiddie porn in this way”
Gary Glitter is a clueless twit, with AOL user level computer skills.
I can only guess the smarter kiddie fiddlers and crime cartels don’t use windows at all.
Kiddie fiddler catch cry has always been the copout knee jerk by governments to get the public on side to take away peoples rights, for their own agenda.
Even encryption won’t save the Gary Glitter types of the world; Glitter was busted by tried and true police methods.
As for Microsoft’s agenda, do you think Microsoft has just a little spite with US government over a certain little court case.
Maybe Microsoft should move from Redmond to Cuba.
Edited 2006-03-04 18:39
As for Microsoft’s agenda, do you think Microsoft has just a little spite with US government over a certain little court case.
Maybe Microsoft should move from Redmond to Cuba.
I doubt that MS would ever consider moving to Cuba. Bill Gates did at the height of the anti-trust case drop veiled hints that MS would, if its business model was imperilled, consider moving to Canada. After all British Columbia is only a drive away from Seattle. Not that I would like to see MS here in Canada, any more than I suspect Fidel would want to see them in Cuba. Still MS was able to buy off the entire US political, governmental and judicial system. Why move?
“So, if someone is under investigation, and their files are encrypted… then they have something to hide.
being left this way… everyone will be looked at as having something to hide.”
On the contrary, if everyone’s Windows installation is encrypted by default, then an HD being encrypted will say absolutely nothing about its owner’s intent
But, having the filesystem encrypted by default, will make things like this far harder to do….
Microsoft should not do this.. instead leave it to 3rd party programs.
The filesystem is not encrypted by default. The user has to set this up. I disagree that MS should not include this. Besides it being a requested feature for them to include, they have already included the ability to encrypt files in Windows since Windows 2000 with Encrypting File System (EFS).
BitLocker won’t be a large hinderance for law enforceement, and no encryption technology should be artificially weakened just for them. We’ve seen how this screws up things before.
Also, there are plenty of other encryption tools available (including EFS) that criminals could use if they wanted, and if they were actually smart enough to use. Most criminals aren’t that smart when it comes to computers. 7 years after EFS’ introduction, law enforcement still recovers laptops from criminals and terrorists that are so clueless that they keep sensitive data in the clear. In many cases, they find the stuff in common folders like My Documents, My Pictures, etc., and many criminals don’t even know that when you delete, the item goes to the Recycle Bin. MS didn’t cave on EFS and is right not to do so here.
Dont tell me you lock your door while going out because you have a lot of guns and shells of ammunition in your bedroom.
Clearly alot of people on this board cannot tollerate the truth.
http://www.osnews.com/permalink.php?news_id=13873&comment_id=101318
By your logic, NT 4.0 and Win9x are superior in security to Windows 2003.
Clearly alot of people on this board cannot tollerate the truth.