In a continuous stream of NSA spying revelations, the latest news are that NSA has backdoors to all Microsoft Windows systems – and had it since at least 1999.
There have been many questions raised in the past about the suspicious parts of Windows operating system, particularly the _NSAKEY, a variable that was found in Windows NT. At the time, Microsoft denied it had anything to do with the NSA. Well, now we know otherwise.
According to an article from 1999 by a leading European computer publication Heise, NSA has built-in backdoors to all Windows software:
A careless mistake by Microsoft programmers has revealed that special access codes prepared by the US National Security Agency have been secretly built into Windows. The NSA access system is built into every version of the Windows operating system now in use, except early releases of Windows 95 (and its predecessors). The discovery comes close on the heels of the revelations earlier this year that another US software giant, Lotus, had built an NSA “help information” trapdoor into its Notes system, and that security functions on other software systems had been deliberately crippled.
The first discovery of the new NSA access system was made two years ago by British researcher Dr Nicko van Someren [an expert in computer security]. But it was only a few weeks ago when a second researcher rediscovered the access system. With it, he found the evidence linking it to NSA.
…
But according to two witnesses attending the conference, even Microsoft’s top crypto programmers were astonished to learn that the version of ADVAPI.DLL shipping with Windows 2000 contains not two, but three keys. Brian LaMachia, head of CAPI development at Microsoft was “stunned” to learn of these discoveries, by outsiders. The latest discovery by Dr van Someren is based on advanced search methods which test and report on the “entropy” of programming code.
Within the Microsoft organisation, access to Windows source code is said to be highly compartmentalized, making it easy for modifications to be inserted without the knowledge of even the respective product managers.
You can read the full ground-breaking article here.
Do you use Microsoft Windows? If yes, there are a few things you can do to prevent being spied on.
Encrypt Your Files
NSA’s admitted concern is file encryption, so using encryption software is something you can do to protect important files on your computer. My personal find is AxCrypt – an open-source software (that means its encryption implementation is for everyone to see), which is easy to use and deploys powerful an encryption algorithm (AES 128bit). The program is very easy to use, and allows you to encrypt and decrypt your important files on the fly. Learn more here. Note: Only encrypt your personal files, and never encrypt system files or it will crash your system. Also, if you forget the password with which you encrypted your files, there is no way to decrypt them without it.
Use a portable Linux distribution
Linux is a popular open-source operating system, and for that reason there is virtually no chance for NSA to have backdoors to it. It’s considered an enemy of Microsoft Windows, and is sufficient to run all every-day user tasks. If you don’t want to go through the whole process of installing a new operating system on your PC, get a portable Linux version, like Slax, which is designed to be used from a USB drive. So if you don’t want to manage your files or work with sensitive information in a compromised operating system, this is the way to go.Installation of Slax is very easy. You can read more about it here.
