sayang link file-nya sudah tidak ada, di web-nya pun hanya dapet ini: " Yes, this is the website of Cryptonym Corporation (of the "NSA Key" fame). I hope to, sometime in the near future, put a brief explanation the whole story online, so stay tuned... "
googling dapetnya disini: http://mvb.saic.com/freeware/vmslt99b/net/replacensakey.zip On 10/18/07, - Cygnus - <[EMAIL PROTECTED]> wrote: > > http://www.heise.de/tp/r4/artikel/5/5263/1.html > > How NSA access was built into Windows > > Duncan Campbell 04.09.1999 > > Careless mistake reveals subversion of Windows by NSA. > > A CARELESS mistake by Microsoft programmers has revealed that special > access codes prepared by the US National Security Agency have been > secretly built into Windows. The NSA access system is built into every > version of the Windows operating system now in use, except early > releases of Windows 95 (and its predecessors). The discovery comes close > on the heels of the revelations earlier this year that another US > software giant, Lotus, had built an NSA "help information" > [local] trapdoor <http://www.heise.de/tp/r4/artikel/2/2898/1.html> into > its Notes system, and that security functions on other software systems > had been deliberately crippled. > > The first discovery of the new NSA access system was made two years ago > by British researcher Dr Nicko van Someren. But it was only a few weeks > ago when a second researcher rediscovered the access system. With it, he > found the evidence linking it to NSA. > > Computer security specialists have been aware for two years that unusual > features are contained inside a standard Windows software "driver" used > for security and encryption functions. The driver, called ADVAPI.DLL, > enables and controls a range of security functions. If you use Windows, > you will find it in the C:\Windows\system directory of your computer. > > ADVAPI.DLL works closely with Microsoft Internet Explorer, but will only > run cryptographic functions that the US governments allows Microsoft to > export. That information is bad enough news, from a European point of > view. Now, it turns out that ADVAPI will run special programmes inserted > and controlled by NSA. As yet, no-one knows what these programmes are, > or what they do. > > Dr Nicko van Someren reported at last year's Crypto 98 conference that > he had disassembled the ADVADPI driver. He found it contained two > different keys. One was used by Microsoft to control the cryptographic > functions enabled in Windows, in compliance with US export regulations. > But the reason for building in a second key, or who owned it, remained a > mystery. > > A second key > > Two weeks ago, a US security company came up with conclusive evidence > that the second key belongs to NSA. Like Dr van Someren, Andrew > Fernandez, chief scientist with Cryptonym of Morrisville, North > Carolina, had been probing the presence and significance of the two > keys. Then he checked the latest Service Pack release for Windows NT4, > [extern] Service Pack 5 > < > http://www.microsoft.com/ntserver/nts/downloads/recommended/sp5/allsp5.asp > >. > He found that Microsoft's developers had failed to remove or "strip" the > debugging symbols used to test this software before they released it. > Inside the code were the labels for the two keys. One was called "KEY". > The other was called "NSAKEY". > > Fernandes reported his re-discovery of the two CAPI keys, and their > secret meaning, to "Advances in Cryptology, Crypto'99" conference held > in Santa Barbara. According to those present at the conference, Windows > developers attending the conference did not deny that the "NSA" key was > built into their software. But they refused to talk about what the key > did, or why it had been put there without users' knowledge. > > A third key?! > > But according to two witnesses attending the conference, even > Microsoft's top crypto programmers were astonished to learn that the > version of ADVAPI.DLL shipping with Windows 2000 contains not two, but > three keys. Brian LaMachia, head of CAPI development at Microsoft was > "stunned" to learn of these discoveries, by outsiders. The latest > discovery by Dr van Someren is based on advanced search methods which > test and report on the "entropy" of programming code. > > Within the Microsoft organisation, access to Windows source code is said > to be highly compartmentalized, making it easy for modifications to be > inserted without the knowledge of even the respective product managers. > > Researchers are divided about whether the NSA key could be intended to > let US government users of Windows run classified cryptosystems on their > machines or whether it is intended to open up anyone's and everyone's > Windows computer to intelligence gathering techniques deployed by NSA's > burgeoning corps of "information warriors". > > According to Fernandez of Cryptonym, the result of having the secret key > inside your Windows operating system "is that it is tremendously easier > for the NSA to load unauthorized security services on all copies of > Microsoft Windows, and once these security services are loaded, they can > effectively compromise your entire operating system". The NSA key is > contained inside all versions of Windows from Windows 95 OSR2 onwards. > > "For non-American IT managers relying on Windows NT to operate highly > secure data centres, this find is worrying", he added. "The US > government is currently making it as difficult as possible for "strong" > crypto to be used outside of the US. That they have also installed a > cryptographic back-door in the world's most abundant operating system > should send a strong message to foreign IT managers". > > "How is an IT manager to feel when they learn that in every copy of > Windows sold, Microsoft has a 'back door' for NSA - making it orders of > magnitude easier for the US government to access your computer?" he asked. > > Can the loophole be turned round against the snoopers? > > Dr van Someren feels that the primary purpose of the NSA key inside > Windows may be for legitimate US government use. But he says that there > cannot be a legitimate explanation for the third key in Windows 2000 > CAPI. "It looks more fishy", he said. > > Fernandez believes that NSA's built-in loophole can be turned round > against the snoopers. The NSA key inside CAPI can be replaced by your > own key, and used to sign cryptographic security modules from overseas > or unauthorised third parties, unapproved by Microsoft or the NSA. This > is exactly what the US government has been trying to prevent. A > demonstration "how to do it" program that replaces the NSA key can be > found on Cryptonym's [extern] website > <http://www.cryptonym.com/hottopics/msft-nsa/ReplaceNsaKey.zip>. > > According to one leading US cryptographer, the IT world should be > thankful that the subversion of Windows by NSA has come to light before > the arrival of CPUs that handles encrypted instruction sets. These would > make the type of discoveries made this month impossible. "Had the > next-generation CPU's with encrypted instruction sets already been > deployed, we would have never found out about NSAKEY." > > -- > - Cygnus - > > 'Veritas vos liberabit' > > [Non-text portions of this message have been removed] -- www.itcenter.or.id - Komunitas Teknologi Informasi Indonesia Gabung, Keluar, Mode Kirim : [EMAIL PROTECTED] Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/ITCENTER/ <*> Your email settings: Individual Email | Traditional <*> To change settings online go to: http://groups.yahoo.com/group/ITCENTER/join (Yahoo! ID required) <*> To change settings via email: mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
