[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Sun, 8 Dec 2013, Philip Whateley wrote:
The issue is that there is evidence of complicity with NSA with regard to Microsoft
Are you able to point me to this 'evidence' when it comes to Microsoft's operating systems? For I don't remember seeing it. And my, I have spent a lot of time reading about the Snowden leaks.
What we do have pretty strong evidence for is that the _servers_ of Microsoft have NSA backdoors. As do those of Google, Yahoo, Facebook and AOL. (Myspace is NSA-free, I believe.) This is done because the NSA probably has the legal powers to do so. They definitely have the powers to do so in individual cases through the Patriot Act. Long before Edward Snowden jumped on a plane to Hong Kong, this was already a concern and many companies providing cloud solutions made it clear that their cloud wasn't located inside the US and thus not subject to said Patriot Act.
The NSA has a lot of means to obtain data on your computer, regardless of the operating system it is running. They involve vulnerabilities, some of which are "zero-days", i.e. vulnerabilities not publicly known. The NSA is known to buy such vulnerabilities from companies like VUPEN. They also develop them in-house.
(So do similar agencies in other countries, and in particular GCHQ, by the way. Given that the latter are rather close with the NSA, any attempt to do something about NSA-espionage that doesn't take our own spies into account, seems a huge waste of time and resources.)
It is in theory possible that the NSA works together with the OS developers to insert such vulnerabilities. I think it would be extremely unlikely that this has happened, given that it greatly increases the chances of a huge backfire.
In any case, if someone were to discover such a vulnerability (and you do _not_ need the source code to find them, although in some cases it helps), Microsoft is forced (if only through public pressure) to fix it. Regardless of how it came there in the first place.
I love free software in general and Linux in particular - and I would love to see more people use it. But I care about security and privacy even more. And the idea of people trying to use the data protection act to prevent public bodies from using Windows, based on some vague conspiracy theories, is wrong on so many levels, while not making anyone more secure.
Martijn. -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/listfaq