| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 10 Jun 2012 11:29:42 -0400
From: valdis.kletnieks@...edu
To: Georgi Guninski <guninski@...inski.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Obama Order Sped Up Wave of Cyberattacks
Against Iran
On Sun, 10 Jun 2012 08:58:31 +0300, Georgi Guninski said:
> What about legal windows backdoors (NSA key)?
It was never confirmed whether the infamous NSAKEY was an actual backdoor, or
just a hilariously poorly named variable. In any case, even if it was a
backdoor, it's certainly not the same "legal" status as CALEA, where Federal
law said "ISPs Will Provide A Law Enforcement Tap". A lot of universities
which had just finished positioning themselves as ISPs in order to qualify for
the 17 USC 512 copyright "safe harbor" provisions, ended up doing a 180 degree
turn and said "Not An ISP - Private Network" so they wouldn't have to meet the
CALEA requirements. (An amazing number of .edu's ended up a "private net' for
CALEA purposes, but kept things in place for the safe harbor stuff as well.
Fortunately, nobody's ever pushed the issue).
If NSAKEY was a backdoor, it was at best a quasi-legal one, and I'm positive
that everybody at both Microsoft and the NSA would prefer that their roles in
the story never came to light.
Content of type "application/pgp-signature" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists