SoylentNews is people
SoylentNews
The Intercept's Micah Lee wrote a guide explaining how to encrypt a hard drive but was criticized for recommending Microsoft's BitLocker disk encryption utility for Windows users. Microsoft has responded to some of the criticisms by providing more details about how BitLocker works:
The company told me which random number generator BitLocker uses to generate encryption keys, alleviating concerns about a government backdoor in that subsystem; it explained why it removed the Elephant diffuser, citing worries over performance and compatibility that will appease some, but certainly not all, concerned parties; and it said that the government-compromised algorithm it bundles with Windows to generate encryption keys is, by default, not used at all.
Significant questions remain about BitLocker, to be sure, and because the source code for it is not available, those questions will likely remain unanswered. As prominent cryptographer Bruce Schneier has written, "In the cryptography world, we consider open source necessary for good security; we have for decades." Despite all of this, BitLocker still might be the best option for Windows users who want to encrypt their disks.
Microsoft cryptographer Niels Ferguson gave a presentation in 2007 suggesting that Dual_EC_DRBG might have a backdoor. These suspicions were confirmed by the Snowden documents. Microsoft says that the default pseudorandom number generator for Windows is CTR_DRBG, and that BitLocker uses it when it generates a new key.
BitLocker uses an encoding engine, AES-CBC, and originally used the "Elephant diffuser" to protect encrypted files from being modified to become malicious by an attacker with physical access. Microsoft removed the Elephant diffuser because it hurt performance and is not compliant with Federal Information Processing Standards. Linux systems using LUKS disk encryption are vulnerable to the same kind of attack.
Microsoft says that it does not build backdoors into its products, but that it doesn't consider building methods to bypass their security in order to comply with legitimate legal requests "backdoors." It also shares its source code with governments so that they can check for backdoors... or for vulnerabilities which they could use as backdoors. A Microsoft spokesperson would not answer whether Microsoft could comply with a lawful request to unlock a BitLocker-encrypted disk.
TrueCrypt and its VeraCrypt and CipherShed forks do not play well with post-Windows 8 UEFI and GPT partition tables. Bruce Schneier recommends the proprietary BestCrypt full-disk encryption for Windows users. How does he reconcile this recommendation with what he wrote in 1999? "I do recommend BestCrypt because I have met people at the company and I have a good feeling about them. Of course I don't know for sure; this business is all about trust. But right now, given what I know, I trust them."
Original Submission
(Score: 3, Insightful) by K_benzoate on Saturday June 06 2015, @07:13AM
"We don't put back doors into our products; we simply give the government a spare key to the front one."
Climate change is real and primarily caused by human activity.
(Score: 4, Interesting) by anubi on Saturday June 06 2015, @08:16AM
I wonder if, given their track record, Microsoft could ever release a product people would actually trust, no matter how rigorous the code actually is?
I believe their image has gone the same way the perceptions of quality of American cars went in the 70's.
All this talk of NSA backdoors, "working with" selected technology partners for yet more backdoors, disappointments like "plays for sure" and "trustworthy computing", while still having a dozen companies in their wake working to patch up their code isn't helping their image much.
From what I see, Microsoft is not going to survive by the soundness of their product, but I believe they will survive on their legal ability to enforce monopoly with patent.
I would not be surprised at all to see Google come up with and release something that works, even if the MAFIAA's have a royal hissyfit over it. You know, payback for all the headaches that group has given Google over YouTube.
I believe the main thing Linux has going against it is that has become fragmented across too many variants, leading to a lack of knowledgeable people who know Linux well enough to administer it. Its almost like trying to codify law, but each region has a different dialect and slightly different meanings for words.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: -1, Offtopic) by Anonymous Coward on Saturday June 06 2015, @08:54AM
Hey! Cool, bro! Could you, like, post a selfie of the Anti-Microsoft Bunker you are standing in front of? That would make your post soo much cooler and believable, in a social media kinda way.
(Score: 0) by Anonymous Coward on Saturday June 06 2015, @11:31AM
A basement is now a bunker?
(Score: 3, Informative) by gidds on Monday June 08 2015, @01:21PM
I think the bigger problem is not whether we can trust a Microsoft product; it's that people aren't asking that question — either because they don't know enough to ask it, or because they don't think the answer could ever affect them personally.
It's true that Microsoft has a bad reputation, but for most people, that's solely based on their annoyances with the Windows interface, with the cost of MS Office, or (slightly more relevantly) hassle and damage caused by Windows viruses. The possibility of 'authorities' gaining access to their data simply isn't on their radar. And for many people, there's an implicit assumption that, even if that happens, they'll be OK as they're not a terrorist or hacker.
That assumption is the next major barrier.
First, it was "The technology doesn't exist to access my private data/communications." That's been known to be false for a good while now.
Then, it was "The Powers That Be don't have that sort of technology." Recent revelations have shown that to be false.
Then, it was "If TPTB have that technology, they only spy on eeevil terrrrists/hackers/furriners." We now know that to be false too.
We're now at "TPTB may have all this data from spying, but they only use it against eeevil terrrrists/hackers/furrniers."
We'll need to demonstrate that to be false, too — giving people a personal stake in the matter — for them to care.
[sig redacted]
(Score: 5, Insightful) by Gravis on Saturday June 06 2015, @11:05AM
Microsoft spokesperson would not answer whether Microsoft could comply with a lawful request to unlock a BitLocker-encrypted disk.
that seems to say it all right there.
(Score: 1, Interesting) by Anonymous Coward on Saturday June 06 2015, @02:01PM
I thought the same thing. I wish I knew who to blame though. Is Microsoft gladly helping the government or are they being forced to do this by some judge or secret court order? Maybe it's a little of both?
(Score: 2) by kaszz on Saturday June 06 2015, @02:39PM
The pseudorandom number generator (PRNG) may very well be what Microsoft says. The problem is that there may be another function altering the inputs and output of that function. And doing so only in specific cases and that will allow it to evade testing. Then the function of the encryption system is dependent on all the code being done right and the code quality is something they have been proven to fail even for trivial things. Below that there's an operating system that simple is coded like crap and it's a black box with who knows what inside.
Either you can audit a tool or you can't. In this case you can't because there's no meaningful way to assess to how it really works.
(tip: use something [soylentnews.org] that at least have some chance of working correctly, and that using an operating system that isn't broken by definition)
(Score: 2) by Gaaark on Saturday June 06 2015, @05:10PM
Is there anything that says they don't use CTR_DRBG or PRNG or whatever to "generate random numbers" that are then ignored and replaced with "BCKDR_CTR_DRBG_FCKMYASS" generated 'random' numbers?
Man... if i want to keep my data safe from whomever, why would i use windows to do it with, when i can't even completely feel safe using open source that i haven't compiled myself with a compiler i've built myself using a compiler i've examined and used to compile my compiler before compiling...........
Gaaahhh!
Now, back to Minecraft!.... i mean... work! Yeah, that's the ticket.... work.....
--- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
(Score: 0) by Anonymous Coward on Saturday June 06 2015, @05:15PM
On a CPU you've designed and constructed yourself, don't forget that.
(Score: 3, Funny) by DECbot on Saturday June 06 2015, @05:46PM
Yeah, I keep all my important data stored into Redstone torch arrays in Minecraft too. I'm working on my RNG so I can encrypt that data too.
cats~$ sudo chown -R us /home/base
(Score: 2, Funny) by Mike on Saturday June 06 2015, @06:58PM
So to summarize, Microsoft's response to claims that Bitlocker is insecure is, we don't use the term 'backdoor'.
awesome
(Score: 3, Informative) by Anonymous Coward on Saturday June 06 2015, @07:45PM
_NSAKEY [wikipedia.org].
(Score: 2) by Hairyfeet on Saturday June 06 2015, @10:50PM
So let me get this straight....you are butthurt that MSFT actually followed the laws in their home country [techcrunch.com] instead of telling the government "fuck you we can do what we want"....is THAT your position?
Well then you should be completely against the MSFT antitrust ruling or any kind of restrictions on any backroom dealing by ANY corp, since they are only doing as you want and flipping the bird to the law of the land.
ACs are never seen so don't bother. Always ready to show SJWs for the racists they are.
(Score: 2) by NCommander on Sunday June 07 2015, @02:28AM
That was acceptable when the United States disallowed export of secure encryption (Lotus Notes did something similar, 64-bit key, with the top 24 bits given to the NSA. Wikipedia has a reference about it [wikipedia.org]). However, since encryption is no longer export prohibited (for the most part), there's no reason that this needs to exist anymore. I was actually unaware of the NSAKEY in Windows before this post, so ++ to OP.
Still always moving
(Score: 2) by juggs on Saturday June 06 2015, @08:21PM
I believe LUKS uses aes-xts-plain64:sha256 by default now rather than aes-cbc. As I understand it, aes-xts is not vulnerable to the same plain text attack that aes-cbc is.