Miark wrote: >Shane and I were talking about M$ products and the government. I thought >y'all might be interested too. > >First, the Peruvian government is putting through a bill that would >eliminate closed, proprietary software (M$ software) from government >computers. The General Manager of M$ in Peru wrote a public complaint, >and a congressman wrote a response. I was most interested in what he >said about security: > >"To guarantee national security or the security of the State, it is >indispensable to be able to rely on systems without elements which allow >control from a distance or the undesired transmission of information to >third parties. Systems with source code freely accessible to the public >are required to allow their inspection by the State itself, by the >citizens, and by a large number of independent experts throughout the >world. Our proposal brings further security, since the knowledge of the >source code will eliminate the growing number of programs with spy code. >"In the same way, our proposal strengthens the security of the citizens, >both in their role as legitimate owners of information managed by the >state, and in their role as consumers. In this second case, by allowing >the growth of a widespread availability of free software not containing >spy code able to put at risk privacy and individual freedoms." > >Well said. And if that wasn't enough to stricken M$ crap, check this out >(in case you didn't already read it in Shane's sig): > >"Microsoft has knowingly and willfully concealed information regarding >security flaws in computer software from the [National Security Agency] >out of fear that revealing such flaws would reduce the number of copies >of its products that would be purchased by the government... I have >raised this issue internally with Microsoft, and in return have been the >subject of both bribes and threats." -ED CURRY, Computer Security >Specialist, in a letter to Defense Secretary William Coen > >In other words, M$ risked national security for the love of money. How >unbelievably vile! Just look at how much M$ cares about the security of >the 260+ million inhabitants of its home country. > >I didn't think I could hate M$ as much as I do right now. Anyway, I >really hope the US government starts taking notice of how other >governments are separating themselves from the evil that is Microsoft. > >Miark > > > >------------------------------------------------------------------------ > >Want to buy your Pack or Services from MandrakeSoft? >Go to http://www.mandrakestore.com > Ummm, Miark, in august 1999, cryptonym corporation was examining a Service pack release of NT4 from which microsoft had inadvertantly forgotten to strip the data tags.
Microsoft has (or had) in Win9x and WinNT cruyptographic keys for cryptographic services and no services would work without passing the appropriate key. This was to comply with export restrictions at the time (128 bit encryption was considered a weapon). Ummm no wrong, the backup key or what everyone had been led to believe was the back-up key was clearly and unequivocally labelled in the tag "NSAKey" Rapid denals were issued by NSA and microsoft that the key was used by the NSA though such a key did have the potential of allowing the installation of security (spy) software on the system without the user's knowledge. A little later a third, undocumented and definitely untagged key was discovered. A program was issued to overwrite the second key which had the side effect that exported versions could enable 128 bit encryption by installing their own keys. Civileme
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
