[Gllug] [OT] Support model for Linux vs M$

Harry Rickards hrickards at l33tmyst.com
Sat Mar 14 16:39:03 UTC 2009 

Quoting Caroline Ford <caroline.ford.work at googlemail.com>:

>
>
> Sent from a mobile device.
>
> On 14 Mar 2009, at 15:13, salsaman at xs4all.nl wrote:
>
>> On Sat, March 14, 2009 15:48, Christopher Hunter wrote:
>>> On Sat, 2009-03-14 at 12:50 +0000, Richard Jones wrote:
>>>
>>>>> It's too Utopian to expect MS and Apple to reveal their inner
>>>> workings.
>>>>
>>>> Microsoft and Apple rely on the state for many things: their own
>>>> incorporation, the police for stability, the (C) police for their
>>>> business model, the roads to move their workers and products around,
>>>> and much more.  If we want to force Microsoft to reveal their
>>>> interfaces, you'd better believe we have the power to make that
>>>> happen.
>>>
>>> Actually, no.  We don't.  Unfortunately MS argue (so far
>>> successfully)
>>> that "their" software is sacrosanct, and the rest of the unwashed
>>> hordes
>>> had better not even think about looking at it!
>>>
>>> C.
>>>
>>> --
>>> Gllug mailing list  -  Gllug at gllug.org.uk
>>> http://lists.gllug.org.uk/mailman/listinfo/gllug
>>>
>>>
>>
>>
>> Sure. If everyone used Linux, the NSA wouldn't get to put their
>> backdoor
>> keys into everyone's computers.
>>
>> http://www.pcpro.co.uk/news/149133/vista-sp1-bringing-back-door-exploit.html
>>
>> Could that be one reason why the US .gov supports
>
> Ancient article - from 2007. Any response/ been patched? You can't
> just presume government conspiracy..
>
> Caroline
> --
> Gllug mailing list  -  Gllug at gllug.org.uk
> http://lists.gllug.org.uk/mailman/listinfo/gllug
>

It looks as though Microsoft actually sells a backdoor that allows the  
government to bypass Windows Security measures. It can be used to get  
forensic data from computers, but it doesn't seem as if anyone knows  
whether it works via a backdoor in Windows.

Anthony Fung is the manager of the project, and his profile on  
LinkedIn shows that he used to be a  Detective Senior Inspector for  
Hong Kong Police Force and Internet Safety Manager at Microsoft, and  
went to University at the University of Hong Kong. At one of these  
places, he must have surely heard that over 4% of people use GNU /  
Linux. When collecting the tools for Computer Online Forensic Evidence  
Extractor he would probably have included some, if not made all the  
tools ones that worked with GNU / Linux.

Techspot  
(http://www.techspot.com/news/29896-microsoft-helps-police-bypass-security-in-windows.html#comments) and the original Seattle Times article (http://seattletimes.nwsource.com/html/microsoft/2004379751_msftlaw29.html)  say that the one or more of the tools cracks users passwords, which would mean that there is either a backdoor in Windows and encryption utilities (although Zdnet says this is not true at http://blogs.zdnet.com/Bott/?p=435), or the tool uses a brute force attack, although that would take a long time, and some passwords would be impossible (take century’s) to crack on today’s computers. However if people used symmetric ciphers such as IDEA to protect their computers and files, 1 billion machines trying 1 billion keys per second would take longer than the universe has existed to find the correct key, although law-enforcement agencies would not have the power to  allocate 1 billion machines capable of trying 1 billion keys per second to every password they needed to crack. GNU Privacy Guard (GNUPG) is based on OpenPGP so is relatively secure, and as the source code is freely available a backdoor would have probably been found. However, as most people use the binaries of Open Source cryptography projects such as the GNU Privacy Guard, Microsoft could have somehow updated the binaries with a  
backdoor.

Although not by Microsoft, a similar commercial tool Helix  
(http://www.e-fense.com/helix/) states it’s system requirements as  
Windows 2000 or later, Mac OS X (Intel) or Linux, so if COFEE uses  
similar tools it may work on GNU / Linux. An article at CNET  
(http://news.cnet.com/8301-10789_3-9932600-57.html) links to multiple  
other free computer forensics kits, but all apart from First  
Responders Evidence Disk seem to only work with Microsoft Windows.  
First Responders Evidence Disk doesn’t give any information about  
operating system requirements.

An article on DarkNet  
(http://www.darknet.org.uk/2008/05/want-some-cofee-microsoft-computer-online-forensic-evidence-extractor/) makes a good point that if the kit is on a thumb drive, the password cracking utilities may have to use rainbow tables, which should mean that users with passwords of random characters should be fine. This article also says that a Microsoft Representative confirmed that the kit does not utilize any backdoors in Windows and does not circumvent Bit locker encryption in Vista, although I doubt that if there were backdoors in Windows Microsoft would tell us about  
it.


Many thanks
Harry Rickards







-- 
()  ascii ribbon campaign - against html e-mail
/\  www.asciiribbon.org   - against proprietary attachments
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug

More information about the GLLUG mailing list