NSA has total access via Microsoft Windows
'They can effectively compromise your entire operating system'
Published: 11 hours ago
F. Michael Maloof, staff writer for WND and G2Bulletin, is a former senior security policy analyst in the office of the secretary of defense.
Editor’s Note: The following report is excerpted from Joseph Farah’s G2 Bulletin, the premium online newsletter published by the founder of WND. Subscriptions are $99 a year or, for monthly trials, just $9.95 per month for credit card users, and provide instant access for the complete reports.
WASHINGTON – The National Security Agency has backdoor access to all Windows software since the release of Windows 95, according to informed sources, a development which follows the insistence by the agency and federal law enforcement for backdoor “keys” to any encryption, according to a report in Joseph Farah’s G2 Bulletin.
Having such “keys” is essential for the export of any encryption allowed under U.S. export control laws to foreign users.
The NSA plays a prominent role in deliberations over whether such products can be exported, and routinely turns down any requests above a certain megabyte level that exceeds NSA’s technical capacity to decrypt it. That’s been the standard for years for NSA, as well as the departments of Defense, Commerce and State.
Computer security specialists say that the Windows software driver used for security and encryption functions contains unusual features which give NSA that backdoor access.
These security specialists have identified the driver as ADVAPI.DLL. It enables and controls a variety of security functions. These specialists say that on Windows, it is located at C:\\Windows\system directory of anyone’s computer that uses Windows software.
Nicko van Someren says the driver contains two different keys. One was used by Microsoft to control cryptographic functions in Windows while another initially remained a mystery.
Then, two weeks ago, a U.S. security firm concluded that the second key belonged to NSA. Analysis of the driver revealed that one was labeled KEY while the other was labeled NSAKEY, according to sources. The NSA key apparently had been built into the software by Microsoft, which Microsoft sources don’t deny.
This has allowed restricted access to Microsoft’s source code software that allows for such programming.
Access to Windows source code is supposed to be highly compartmentalized, actually making such actions easier because many of the people working on the software wouldn’t see the access.
Such access to the encryption system of Windows can allow NSA to compromise a person’s entire operating system. The NSA keys are said to be contained inside all versions of Windows from Windows 95 OSR2 onwards.
Having such the secret key inside your Windows operating system makes it “tremendously easier for the NSA to load unauthorized security services on all copies of Microsoft Windows, and once these security services are loaded, they can effectively compromise your entire operating system,” according to Andrew Fernandez, chief scientist with Cryptonym Corporation of North Carolina.