As the astonishing news that the NSA spent $250M/year on a sabotage program directed against commercial security systems spreads, more details keep emerging. A long and interesting story on Mashable includes an interview with Peter Biddle, an ex-Microsoft security engineer who worked extensively on BitLocker, a full-disk encryption tool with a good reputation that was called into question by the latest leaks. Biddle (disclosure: a friend of mine) describes how he was approached to add a backdoor to BitLocker, and how he rebuffed various government agencies.
In the case of Microsoft, according to the engineers, the requests came in the course of multiple meetings with the FBI. These kinds of meetings were standard at Microsoft, according to both Biddle and another former Microsoft engineer who worked on the BitLocker team, who wanted to remain anonymous due to the sensitivity of the matter.
"I had more meetings with more agencies that I can remember or count," said Biddle.
Biddle said these meetings were so frequent, and with so many different agencies, he doesn't specifically remember if it was the FBI that asked for a backdoor. But the anonymous Microsoft engineer we spoke with confirmed that it was, in fact, the FBI.
During a meeting, an agent complained about BitLocker and expressed his frustration.
"Fuck, you guys are giving us the shaft," the agent said, according to Biddle and the Microsoft engineer, who were both present at the meeting. (Though Biddle insisted he didn't remember which agency he spoke with, he said he remembered this particular exchange.)
Biddle wasn't intimidated. "No, we're not giving you the shaft, we're merely commoditizing the shaft," he responded.
Did the FBI Lean On Microsoft for Access to Its Encryption Software? [Lorenzo Franceschi-Bicchierai/Mashable]
(Image: BitLocker Drive Encryption, a Creative Commons Attribution (2.0) image from jeffwilcox's photostream)
Historically, US companies have been able to get around the (relatively stringent) European data-protection rules thanks to a “Safe Harbor” agreement between the US and the EU — but Max Schrems, an Austrian privacy activist, has successfully argued that the NSA’s mass surveillance programs violate European law and invalidates the Safe Harbor.
Intelexit is an activist group whose mission is to get spies to quit their jobs; they’ve recently installed billboards around spy complexes in the US and UK.
In a new episode of the BBC’s Panorama, Edward Snowden describes the secret mobile phone malware developed by GCHQ and the NSA, which has the power to listen in through your phone’s mic and follow you around, even when your phone is switched off.
The Lytro Illum dares to be different, boasting even more robust features than its first generation predecessor and a sleek design reminiscent of professional DSLRs. What’s so cool about it? Most cameras capture the position of light rays, producing a statoc 2D image.
SitePoint Premium is the ultimate e-learning library for web developers, designers, and digital professionals. Famous for their web development books written by industry leaders, they’ve expanded their content library to include in-depth video courses and short, handy screencasts partnering with A Book Apart and UX Mastery. Whatever you want to achieve in your web career, […]
Skip the technical jargon and get right to taking amazing, professional-quality photos with this complete training. The Hollywood Art Institute Photography Course includes 22 modules filled with tutorials on how to profit off of your photography, or simply capture your memories in the manner they deserve.Accredited by the Photography Education Accreditation CouncilDive into this 22 […]