I had a friend share a blog post of a story that has been all over the Internet lately regarding Microsoft having a government backdoor in Windows. The story shared is located here, but I’m sure drudging around tech news sites run by 14 year olds or ignorant IT professionals will expose you to similar content.
Full disclosure: I’ve been using Linux for over five years regularly, and am typing this post from my laptop running Debian Linux to my server running Debian Linux, but I do use Windows on my desktop. Hopefully that sentence will cut down on comments accusing me of fanboyism, because I’m going to stick up for Microsoft here.
Actually, I don’t need to stick up for them - because the ‘backdoor’ doesn’t exist as far as anyone knows. I can’t pretend to know whether one exists (a huge reason why open source is better in cases like this), but in this instance the authors of titles are just being media whores and trying to amplify the situation for traffic. The reasons why this is true are straightforward, and numbered for your pleasure:
1. The component in question is not a part of Windows by default.
The program the article’s author is claiming has a backdoor is the Malicious Software Removal Tool, which does not ship by default with any version of Windows. Yeah, it is a component produced by Microsoft, but even if there was a backdoor in it, it isn’t a backdoor in Windows.
2. It isn’t a backdoor.
Backdoors allow an outsider unauthorized access into a system. As the article reports, the Malicious Software Removal Tool may report the IP address of the machine through the tool to a central location. Reporting an IP is nowhere near the same class as a backdoor. While I won’t argue that doing this against the user’s will is a breach of privacy, people seem to be in love with escalating issues, and it is as stupid as it is unfounded.
3. Everything is speculation.
Find a fact worth the attention these stories are getting. Everything is based on interpretation of events, and the discussion following those interpretations are once again removed before “facts” are arrived at. Sensationalist writing has always annoyed me, and that people take it seriously even more so.
So there you have it. The fabled Microsoft Windows government backdoor is a manifestation produced by someone who fails both at basic computer security and journalism. Just as the title of this post states: the Microsoft Windows government backdoor… isn’t.
doug Rosbury says:
Nice work. I agree that sensationalism is full of hidden motives.
5 May 2008, 10:10 pmPeople who engage in such tactics ought to be suspected and even
publicized so that we can know who is undermining the truth. Microsoft
Is a well established company. I am using Windows xp sp3 and I like it.
how much of the bad reports on Windows is true and how much is intentionally biased bad publicity. When I see anyone putting down another person or a company I have to say That this person is not speaking from a spiritually aware position. If you are spiritually aware, you don’t engage in such judgement. The internet is a playground
and a reflection of peoples mental persuasions. Let’s find ways to
deal with those who use it to politicize issues. They are the power seekers which makes me sick. —Fond regards and keep up the good work.—Doug Rosbury
Kenneth says:
You want a backdoor in Windows? Check out http://ophcrack.sourceforge.net/ It’s ridiculous how fast it can break admin passwords on Windows boxes. (I haven’t tested it on Vista yet, none of my friends have locked themselves out of it yet, but they claim it works)
6 May 2008, 3:33 ammarkus says:
I think the bottom line simply is that Windows is a shame as far as security is concerned.
Whether they have a backdoor or not is not so much a big issue in my opinion - everything that is lax and (more or less) careless about security is doing sub-optimal work here.
6 May 2008, 7:47 amAlaa Salman says:
Nice writeup. And i do agree with you on this point that such write-ups are often full of inaccuracies.
However, your logic can also be used in the other direction.
1- Although the component is not a default part of windows, it often is installed straight away whether by regular users or through corporate policy. And although the “backdoor” is not in Windows itself, we can’t know if there isn’t another one in there.
2- Although what they described in the article is not technically a “backdoor”, we have no idea if it really is or isn’t. Reporting your ip just invades your privacy, but how can we know that it is not reporting your activity or something else. Speaking of which, trojans that only steal your data without allowing access also are not technically “backdoors” but they are malicious software.
3- That’s the point that i agree with. Since we’re talking about a proprietary application, then no one can know for sure. But even the windows source code that you can review under a very specific license for academic purposes is probably so restrictive that no one can say anything even if they did find something.
I completely converted to GNU/Linux a bit over 2 years ago because of several issues with Windows…my freedom and privacy being only one issue out of many. I still have to use Windows sometimes(as a programmer) but i try to keep that to a minimum and often resort to free(dom) software even while on it.
6 May 2008, 7:56 amElmer says:
I have always had my doubts about rumours like these. Even a company like Microsoft would’t be able to keep it quite for very long. Eventually one of the 25,000 employees would talk…
6 May 2008, 9:55 amvG says:
I moved from windows to linux two years ago. Key Issues were security and trust. I was fed up with installing LEGAL version of windows every 3 months becouse it has so many viruses on it. Also how could I trust a product which producent pays my univercity to discourage students of using Linux and force Windows on every corner? When You use windows you are newer sure if M$ is not logging your activity , ip or what ever…
6 May 2008, 9:56 amsango says:
As demonstrated years ago by the developers of Unix, there is no true safety against backdoors etc. Equal which OS. They showed how easy it is to implement a backdoor to rlogin in unix, which cant be found even in opensource.
So dont be sure there wont be one. Equal if Mac, Linux, Unix, Win and so on.
But its nice to see someone take a objectiv point is this flame dominated area of techtalk.
6 May 2008, 10:33 ambobby says:
I agree that everything is speculation, but that exact factor undermines various claims made by the other author AND many of your claims as well.
6 May 2008, 11:35 ampeasleer says:
@bobby:
Given a set of facts, I have presented a series of results. My only speculation is that I can’t be sure whether a backdoor exists, which I disclosed in the post. Everyone should feel comfortable with the conclusions I have arrived at being neither the result of sensationalist writing or speculative in nature when the background information is taken into account.
6 May 2008, 11:51 amrakudave says:
Sadly, I have to agree with you. I would have liked such a story, but there are simply no legitimate facts in the claim in question. This is the very reason I didn’t repost the story.
8 May 2008, 3:51 pmThese rumors have been around for years, and they’ll probably never stop.
m.bartelt says:
Umm… Microsoft can update any Windows platform computer without permission, even if you have automatic updates turned off.
There is no “government back door”, but Microsoft could easily introduce malicious code to your system if they wanted.
It’s been confirmed by dozens of sources. Read for yourself.
http://www.google.com/search?q=microsoft+update+without+permission
9 May 2008, 10:11 ampeasleer says:
@m.bartelt:
A little digging revealed a Microsoft program manager’s explanation. It isn’t a backdoor, and it doesn’t update if it is turned off - it only updates the Windows update components if the service is set to anything but off. Read for yourself:
http://blogs.technet.com/mu/archive/2007/09/13/how-windows-update-keeps-itself-up-to-date.aspx
Yes, it could have been a little more transparent, but it can’t update *any* Windows computer, and it doesn’t give them remote access to your machine. It is updating through the update component to keep Windows update current. And easy on the ‘introduce malicious code through update’ comment, that is true for any and every operating system with the ability to update! There is a certain level of trust you are accepting regardless of whose software you are using, people just seem to forget about everyone but Microsoft.
9 May 2008, 1:18 pmIzkata says:
Wrong backdoor.
You forgetting about the USB Key?
10 May 2008, 12:51 pmpeasleer says:
@Izkata: That isn’t a backdoor either. Do I need to write another post to explain how the common opinion about that is terribly flawed as well?
10 May 2008, 3:00 pmRebenga says:
Doesn’t matter if one exists or not - Windows cannot be trusted with anything since there is no way of verifying. Hell, even speculating that a backdoor exists is just as much blowing smoke out of ones ass as saying that it is. Microsoft has a proven track record of not bothering much with customers opinions - why would now be any different?
In short: they won’t share there source-code and until they do I’d rather be safe than sorry assuming that they are stealing my data rather than living in some naive fantasy about corporations that don’t screw their customers over for profit or power.
10 May 2008, 3:02 pmWilliam Gunn says:
http://web.archive.org/web/20060518123848/http://linuxadvocate.org/articles.php?p=1
18 May 2008, 12:38 amWell, taking a look at that website, it shows the basic breakdown of the Microsoft EULA, and in it, by using windows or any of its programs you allow them to send anyone else your information as long as its not private, an ip address is not private so… they are allowed to without warrent