But WHAT, exactly, can't we trust? I've seen NO technical detail to any of these discussions, yet there are a number of sub-systems that might be compromised:
- low-level crypto APIs (the 'DLLs' referred to obliquely in the article); these are more interesting. I imagine they could be compromised for weak session key generation or other leakage of key / plaintext, or generate the session key in such a way that the mythical 'NSAKEY' can decrypt it. Huge impact, if so, but only to certain software; AFAIK Mozilla doesn't use the Windows crypto API / certificate key store (but Chrome does).
- SSL certificate generation (built-in CA for Windows Server builds); certificates stored and replicated via Active Directory; does anyone actually use this? In fact, does anyone actually use client SSL? It is likely also used for domain peer replication, which could potentially be over an external network (but why would you not use a VPN there?)
- Encrypted File System; already contains an escrow key-recovery mechanism to allow administrators (including domain admins) to recover a lost user key. Only likely to be relevant if hard disk or backup images seized, so less impact.
- BitLocker drive encryption; similar to EFS but uses a hardware TPM and is per-machine rather than per-user. Fairly sure escrow key recovery at the domain level is possible here too. Again, only likely to be relevant if hardware or backups seized.
- Office document encryption; did anyone SERIOUSLY think this was worth using anyway? There are so many key recovery services out there for this (Elcomsoft et al)
- Communications applications (Skype et al); again, did anyone SERIOUSLY think this wasn't already being monitored, even before Skype became a Microsoft product?
- Some other OS-level 'phoning-home' behaviour. I simply don't believe that no-one has spotted this happening, if it's there - we can do traffic analysis too, and there are plenty of people running Wireshark on their own networks.
How do you know Wireshark isn't compromised? Further, MS does phone home all the time to check for updates and so on. If something extra was hidden in there would we know?
As for updates, I imagine if you set up a domain you can run your own WSUS update server, MITM the connection, etc. - and then compare the behaviour with a "regular" home PC.
The problem really is how deep the hole goes - as per Ken Thompson "Reflections on Trusting Trust", 1984.
- low-level crypto APIs (the 'DLLs' referred to obliquely in the article); these are more interesting. I imagine they could be compromised for weak session key generation or other leakage of key / plaintext, or generate the session key in such a way that the mythical 'NSAKEY' can decrypt it. Huge impact, if so, but only to certain software; AFAIK Mozilla doesn't use the Windows crypto API / certificate key store (but Chrome does).
- SSL certificate generation (built-in CA for Windows Server builds); certificates stored and replicated via Active Directory; does anyone actually use this? In fact, does anyone actually use client SSL? It is likely also used for domain peer replication, which could potentially be over an external network (but why would you not use a VPN there?)
- Encrypted File System; already contains an escrow key-recovery mechanism to allow administrators (including domain admins) to recover a lost user key. Only likely to be relevant if hard disk or backup images seized, so less impact.
- BitLocker drive encryption; similar to EFS but uses a hardware TPM and is per-machine rather than per-user. Fairly sure escrow key recovery at the domain level is possible here too. Again, only likely to be relevant if hardware or backups seized.
- Office document encryption; did anyone SERIOUSLY think this was worth using anyway? There are so many key recovery services out there for this (Elcomsoft et al)
- Communications applications (Skype et al); again, did anyone SERIOUSLY think this wasn't already being monitored, even before Skype became a Microsoft product?
- Some other OS-level 'phoning-home' behaviour. I simply don't believe that no-one has spotted this happening, if it's there - we can do traffic analysis too, and there are plenty of people running Wireshark on their own networks.