The True Story of the Windows _NSAKEY

Показать описание

Microsoft _NSAKEY is a signing key found in Microsoft's CryptoAPI since Windows 95. Many claimed this was the ultimate backdoor for the National Security Agency. But is this a hoax, or is the _NSAKEY a real backdoor in Microsoft Windows?

A British researcher discovered that Microsoft was cryptographically signing its CryptoAPI with two keys. This means two separate entities could approve software running inside Windows. One of those entities was Microsoft. The identity of the other one remained a mystery.

But then Microsoft shipped a Service Pack 5 for WindowsNT4. Somebody down the chain of command at Microsoft forgot to remove information revealing the true identity of both of the signing keys. Chief security scientist at Ontario-based Cryptonym Andrew Fernandes found the names of the two keys. One was simply called “_KEY”. And the other was “_NSAKEY”.

Sources
News coverage

Security experts & opinions

Other

Microsoft NSA cooperation on mass surveillance

Credits:

Bitcoin:
1C7UkndgpQqjTrUkk8pY1rRpmddwHaEEuf

Follow me:

The footage and images featured in the video were for critical analysis, commentary and parody, which are protected under the Fair Use laws of the United States Copyright act of 1976.

Комментарии

This video was demonetized. Requested a manual review. If the demonetization gets manually confirmed, I will re-upload this.

TheHatedOne

As a teacher once told me "don't believe something unless its been officially denied"

kydrikezagrint

NSA = "No Such Agency". An old joke that tells you everything you need to know about how trustworthy they are.

Elliandr

Programmers say : "Make sensefull variables"

Microsoft : "_NSAKEY"

barkeeper

I was an Windows user for over 15 years... Now I understand the importance of open source OS and even softwares. That's why I changed to Linux mint some months ago.

manuelb__r

I seriously hope the _NSAKEY thing isn't true, not because of privacy, but because that's the dumbest name for trying to keep the NSA's presence secret. That's literally like putting up a sign saying "Totally not being monitored by NSA" and not being the least bit suspicious.

nicegy

Preventing terrorism.... by enabling cyber terrorism. (╯°□°）╯︵ ┻━┻

LeeSpork

I think everyone should backup this channel, just in case if youtube delete it...

lukakovach

It was an NSA key - just that a sane employee gave it that name in hopes it would be found.

cybervigilante

The public has only seen the tip of the iceberg.

siriusgd

I remember when Skype was supposedly the safest thing out there. I was secretly thinking, "That has to be because they _want_ me to use it. And that's _exactly_ why I shouldn't trust it."

kebman

The new backdoors are in the hardware.. the best backdoor ever? Intel vPro..

tempersne

NOT NEWS, this was leaked back in 1999/2000, when MS forgot to strip out the the symlinks in the Windows NT code.

TheDgdimick

Just in case you don't know, schizophrenia has nothing to do with having several/split personalities, it's a common misconception that's hurting patients worldwide

silenrocc

>windows
>privacy and security
Choose one

TheGodEmperorOfMankind_

First rule of computer security : if you don't want anyone to access your data, don't have any network interface on your computer. Especially these days, it's very easy to have a dedicated machine (like a netbook) if you can't live without the internet.

TheNefastor

how to "fix" a security "vulnrability":
sudo mv "_NSAKEY" "_KEY2"

ThePiGuy

I wouldn't be surprised if the NSA did help with the key2. They have more mathematicians and crytogrophers than any us company. They also use Windows and probably want to make sure their internal systems secured.

derkaderkamohamadallaackbarnut

IDK at this point I feel like I should only use Windows for gaming.

actualnotanewbie

Hope there'll be videos like this about MacOS, iOS and Android.

ChrisisWWC