Did the Germans Catch the NSA Spying on Windows Users?

News
By
published

Is the NSA using Microsoft's Trusted Computing initiative to spy on PC users? A German newspaper made the assertion, but it's more speculation than fact.

Is the National Security Agency using Microsoft's Trusted Computing initiative to spy on PC users?

That's what an article posted Tuesday (Aug. 20) on the website of the respected German newspaper Die Zeit seemed to say. But closer analysis reveals some holes in the story.

"Federal government warns about Windows 8" is the translation of the article's headline. The story goes on to say that an internal advisory memo, published by a German government standards board, suggests that the NSA may soon have access to all PCs running the latest version of Windows.

For that reason, Die Zeit states, the German federal government considers Windows 8 an "unacceptable security risk."

However, neither the newspaper, nor the memo it purports to have, offer any proof that the NSA is, or will be, spying on Windows users.

Wo ist der Beef?

Instead, Die Zeit simply uses speculation to connect the dots between the Microsoft-led Trusted Computing initiative and NSA spying.

The piece says the NSA could be using Trusted Platform Modules (TPMs) — stand-alone encryption chips plugged into motherboards and built into many modern PCs — to spy on PC users. But it doesn't know for certain.

MORE: 7 Ways to Lock Down Your Online Privacy

Why is Windows 8 a concern, but not Windows 7? Because Trusted Computing and the use of TPMs have been optional until now, and many PC makers don't include the chips. 

But proposed new specifications for Trusted Computing would mandate the use of Trusted Platform Modules on every PC designed to run Windows. The idea is that the TPMs will control which executables run, greatly cutting down on malware and other security issues.

From a security perspective, that sounds great.  Yet Die Zeit noted that the NSA has been quietly involved in the Trusted Computing initiative — and that the surveillance agency does not seem to have raised any objections to any part of it.

To some Germans with memories of intrusive surveillance by Nazi and socialist secret police, that might imply that the NSA is putting "backdoors" — secret entryways — into every TPM, and that in a few years all new machines running Windows could be controlled by the NSA.

Something to it

Would such a view be paranoid? Perhaps. But if Edward Snowden's leaks of NSA documents have taught us anything, it's that nearly everything that we thought the NSA could possibly be doing has turned out to be true.

The NSA's silent acceptance of Trusted Computing does suggest an agreement with Microsoft and the other companies — Intel, AMD, Cisco, IBM, Hewlett-Packard and others — may exist.

The surveillance agency's acquiescence stands in sharp contrast to the "crypto wars" of the 1990s, when the U.S. government tried to stop strong encryption from being used by the general public, and to the Justice Department's current request for new rules mandating law-enforcement backdoors in instant-messaging software and other forms of encrypted Internet communications.

Spying on computer users isn't what Trusted Computing was meant to enable when it began in the middle of the last decade. Instead, it was a Microsoft-led industry effort to build standardized verification hardware into PCs.

MORE: Is It Safe to Sign Into Other Sites Using Facebook?

The Trusted Platform Modules serve as gatekeepers for software, letting "trusted" programs run and while denying untrusted ones.

Microsoft touts Trusted Computing as an essential security measure. Skeptics have seen it as a sneaky form of digital rights management that could bar pirated movies and music, not to mention pirated copies of Windows, from running.

Out of control

Other critics of Trusted Computing decry the amount of control the user cedes to Microsoft.

For years, you've been able to run anything you want on a Windows machine. But with Trusted Computing and the related Secure Boot initiative, which lets only Microsoft-approved operating systems boot up a PC, Microsoft is moving toward an Apple-like "walled garden" model, in which the hardware and software makers, not the users, decide what runs.

That loss of control seems to have been what truly irked the German government. In a polite but firm rebuttal to the Die Zeit story, the German Federal Office for Security in Information Technology (BSI in its German acronym), stressed that lack of control, not NSA spying, was the internal memo's main concern.

"For certain groups of users," the rebuttal states, "the use of Windows 8 in combination with a TPM can mean an increase in safety."

But, the rebuttal goes on to say, such a combination results in "a loss of control over the operating system and hardware," which in turn leads to greater risk of software and hardware errors.

For that reason, the BSI says, its office would like to see an opt-out built into Trusted Computing, and is in contact with operating-system and hardware manufacturers "to find appropriate solutions."

Follow Paul Wagenseil @snd_wagenseil. Follow us @tomsguide, on Facebook and on Google+.

See more Computing News
TOPICS
Paul Wagenseil
Paul Wagenseil

Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-haul driver, code monkey and video editor. He's been rooting around in the information-security space for more than 15 years at FoxNews.com, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random TV news spots and even moderated a panel discussion at the CEDIA home-technology conference. You can follow his rants on Twitter at @snd_wagenseil.

More about online security
Elon Musk holding chainsaw at CPAC

Musk's DOGE faces massive backlash and 12 data privacy lawsuits — how safe is your data?
A laptop displaying the Chrome logo

Don't click this — malicious ads impersonating Google Chrome spreading dangerous malware
LEGO Star Wars with Deal Badge

Massive Lego sale is live from $7 at Amazon — 15 deals I'm shopping now
See more latest
17 Comments Comment from the forums
  • back_by_demand
    "The NSA could be using"
    "But it doesn't know for certain"

    After that, I just kind of switched off, may as well have been saying Haley's Comet could be made of strawberry ice cream, "But it doesn't know for certain"
    Reply
  • chicofehr
    This sounds like a rumor or speculation, and not news, but if its true, I don't think anyone should be surprised. We can't trust government with anything. If one of the next presidential candidates run on getting rid of the NSA, they would win for sure.
    Reply
  • Grandmastersexsay
    I wonder if Bill Gates thought the company he took from creation to total market domination could be run into the ground so quickly?

    Look at how Microsoft had been run for the last couple years. Die hard Xbox users will be buying PS4s in droves. Windows without a start button replaced with Windows with a fake start button. Apple actually has a market share and everyday people know what Linux is.

    If Microsoft pushes this crap down the consumers throat it will signify the nail in their coffin.
    Reply
  • digiex
    So US Tech. corporations are like the Chinese then, they use their technology to spy. So what is the difference between them.
    Reply
  • rawoysters
    The latest disclosure of the NSA's mistakes in breaking it's own rules states that they were tapping into and splitting fiber optic feeds before they even get to Google, Microsoft, etc. The overseeing court (I don't think it was the FISA court, but another) ruled that it broke the 4th amendment. If this is true they don't need Microsoft or Windows to do anything.
    Reply
  • mariusmotea
    NSA must spy on USA only. I don't live in USA and now i cannot feel to have any privacy when i surf the internet. America has brake the freedom of every person that use the internet. There is no excuses for this (i don't want to hear about terrorism anymore).
    Reply
  • ohim
    I wonder if Bill Gates thought the company he took from creation to total market domination could be run into the ground so quickly?

    Look at how Microsoft had been run for the last couple years. Die hard Xbox users will be buying PS4s in droves. Windows without a start button replaced with Windows with a fake start button. Apple actually has a market share and everyday people know what Linux is.

    If Microsoft pushes this crap down the consumers throat it will signify the nail in their coffin.
    Again crying over a start button ? Did you even take time to try and see that it has no negative effect in your work with windows ? It only takes a bit of time to get used to, and the Start screen from Win8 is more efficient than than the previous one. On the other hand, could i say screw America and NSA? And though is not nice to say bad things about a country because that`s just generalizing, seriously ... the people can have the last word against their government, and yet America doesn`t, you look at communist countries and try to bring democracy and yet America fails to see it`s own problem, a paranoia government and a big army that eats all it`s fortunes in times of economic crisis.
    Reply
  • niceidea23
    you know you're screwed when THE GERMANS start lecturing you on being an over-bearing state power.
    Reply
  • vitreoushumor
    We've been told the NSA has had a back door into windows since 1999. Microsoft denied it at the time: http://www.cnn.com/TECH/computing/9909/03/windows.nsa.02/ Now since June 2013 we have another round of these same theories. There is probably some truth in all this.
    Reply
  • wdmfiber
    @ohim
    Windows 8 is a disaster. Yes, the lack of a start button... the whole "metro" interface really. Vista's market share even looks good in comparison, lol.
    Anyway... it has now taken out the CEO, Ballmer is out(retiring) and the stock is up.
    Reply