lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <004e01c81cce$ff7f1b60$fe7d5220$@com>
Date: Thu, 1 Nov 2007 17:34:35 -0400
From: "Kurt Dillard" <kurtdillard@....com>
To: "'Juha-Matti Laurio'" <juha-matti.laurio@...ti.fi>,
	<bugtraq@...urityfocus.com>
Subject: RE: Cryptome: NSA has access to Windows Mobile smartphones

While the list of IP address ranges is interesting, there's no evidence
provided that Microsoft OSes allow 'backdooring,' are the researchers
planning on providing any?

-----Original Message-----
From: Juha-Matti Laurio [mailto:juha-matti.laurio@...ti.fi] 
Sent: Thursday, November 01, 2007 2:16 PM
To: bugtraq@...urityfocus.com
Subject: Cryptome: NSA has access to Windows Mobile smartphones

A widely known Web site Cryptome has released information about backdooring
Microsoft Windows machines today.

According to the post National Security Agency has access both stand-alone
systems and networks running Microsoft products.

The post states the following:
"This includes wireless wiretapping of "smart phones" running Microsoft
Mobile.
Microsoft remote administrative privileges allow "backdooring" into
Microsoft operating systems via IP/TCP ports 1024 through 1030."

According to the Cryptome's source this is typically triggered when devices
visit Microsoft Update servers.

Cryptome.org:
http://cryptome.org/nsa-ip-update11.htm

SecuriTeam Blogs:
http://blogs.securiteam.com/?p=1028

- Juha-Matti

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ