Microsoft to include NSA backdoor algorithm in Windows Vista SP1

Posted Tue, Dec 18 2007 12:50 AM by Autonomist0
Various tech bloggers are reporting that Microsoft will include the NSA-recommended random algorithm suspected of containing a backdoor vulnerability in the upcoming Windows Vista service pack.  According to Microsoft, the "Dual Elliptical Curve (Dual EC) PRNG from SP 800-90 is also available for customers who prefer to use it," so this algorithm is an option, not the default.  Why would Microsoft intentionally include an inefficient and unsecure algorithm?  Very likely, because it will eventually be required in governments contracts. 

It is hard to blame Microsoft for not wanting to lose government contracts, or to alienate customers who depend on them.  The real danger is the (inevitable?) attempts by the state to force this algorithm on everyone else, including requirements that make it mandatory for government contracts, and thus attempt to influence the default configuration by virtue of the state's dominant market share.

Filed under: ,

Comments

# re: Microsoft to include NSA backdoor algorithm in Windows Vista SP1

Monday, January 07, 2008 3:30 PM by bayoujim

This has gone too far, we have to stop Microsoft and our Government, and undo the damage Bush has done.

# re: Microsoft to include NSA backdoor algorithm in Windows Vista SP1

Wednesday, January 09, 2008 5:56 AM by fuLLLOck

Ah but they got us buy the balls don't they.

what ya gonna do?

bring it all down?

# re: Microsoft to include NSA backdoor algorithm in Windows Vista SP1

Saturday, March 14, 2009 8:24 AM by Andrew

Seriously guys? you buy this crap? Microsoft products have had vulnerabilities exploited by hackers since the beginning. THATS WHY YOU HAVE CISCO ASA'S! INSPEC AND SOLICIT EVERY PACKET (NOT AT THE OS LEVEL!!!!) AND YOUR FINE. You conspiracy theorist kill me. You're ammusing none the less though