Breaking Vista's filesystem encryption

[Armin]

You obviously misinterperated what I said. Reread it.

[Sidoh]

Not really.

If you're going to claim this isn't true, find articles proving it or disproving it.  Otherwise, your claim is just as bogus.

[Warrior]

http://www.x86labs.org:81/forum/index.php/topic,5073.0.html

It isn't happening.

[Sidoh]

http://www.x86labs.org:81/forum/index.php/topic,5073.0.html

It isn't happening.

These are two different issues.  Yours is dealing with implementing backdoors in shipped versions of Vista.  This one is teaching government (specifically law enforcement officials) how to break the filesystem encryption.

[Warrior]

If you'd read:

Microsoft may begin training the police in ways to break the encryption built into its forthcoming Vista operating system.

and

Government officials look at the security of new systems, whether they are easy for the general public to hack into and how the police can access material in them.

from the BBC article

They seem pretty much related to me.

[Sidoh]

If you'd read:

Microsoft may begin training the police in ways to break the encryption built into its forthcoming Vista operating system.

and

Government officials look at the security of new systems, whether they are easy for the general public to hack into and how the police can access material in them.

from the BBC article

They seem pretty much related to me.

From the sounds of the second article, Police are going to be getting into Microsoft's filesystem encryption, whether they like it or not.

Government officials look at the security of new systems, whether they are easy for the general public to hack into and how the police can access material in them.

[Armin]

Not really.

If you're going to claim this isn't true, find articles proving it or disproving it.  Otherwise, your claim is just as bogus.

You still obviously misinterpreted what I said. I never said anything about it's not true, I just said it's a horrible, incredibly specific guess comming from an incredibly general statement. Please read this more closely so you actually understand what I'm trying to say, because your posts have nothing to do with my main idea.

[W]e are working with law enforcement to help them understand its security features and will continue to partner with governments, law enforcement and industry to help make the internet a safer place to learn and communicate.

Microsoft may begin training the police in ways to break the encryption built into its forthcoming Vista operating system.

Microsoft said absolutely nothing about training the police in ways to break Vista's encryption. Now, I'm not saying that Microsoft isn't working with police and that it's a false statement, but if that's where the author got all of his sources from, that's one hell of an assumption.

[Sidoh]

Not really.

If you're going to claim this isn't true, find articles proving it or disproving it.  Otherwise, your claim is just as bogus.

You still obviously misinterpreted what I said. I never said anything about it's not true, I just said it's a horrible, incredibly specific guess comming from an incredibly general statement. Please read this more closely so you actually understand what I'm trying to say, because your posts have nothing to do with my main idea.

[W]e are working with law enforcement to help them understand its security features and will continue to partner with governments, law enforcement and industry to help make the internet a safer place to learn and communicate.

Microsoft may begin training the police in ways to break the encryption built into its forthcoming Vista operating system.

Microsoft said absolutely nothing about training the police in ways to break Vista's encryption. Now, I'm not saying that Microsoft isn't working with police and that it's a false statement, but if that's where the author got all of his sources from, that's one hell of an assumption.

What's wrong with drawing a conclusion like that when you see Microsoft publish an article like that?

 -- Microsoft explicitly stated they are working with law enforcement to understand security features.

They're teaching law enforcement officials to "understand" security features.  Why would law enforcement officials want to understand security features?  So they can get around them; so they can get to potentially case-breaking information stored on a hard drive or some similar media.  What security measures do they need to get around this?  Encryption.

I just don't think you're seeing what I'm seeing in the article.

[Armin]

Yeah, I guess I was just looking at it at just a literal level, and not really thinking about what it means. Makes sense when I look at it like that.

[iago]

I haven't read this whole thread, but ohwell

In terms of the backdoor idea, one Microsoft developer has confirmed that he won't do it.  I believe he said, "over my dead body" (I just glanced over it at /.).  Of course, that doesn't stop the corporation as a whole from doing it, but it doesn't seem likely. 

I'm glad that Microsoft is training law enforcement on how the filesystem encryption works.  I know that I've had to deal with encrypted harddrives in a forensic situation before.  We had to decrypt them without modifying them, based on the user's password which we had.  This could be an example of where the situation differs between what Sidoh and Metal are saying.  We don't know how to BREAK the encryption, but we know how to work with it. 

[Warrior]

That's probably the best approach, inform them enough to know how to play with it but don't put in a deadset backdoor.
Information like that is probably harder to spread than whatever backdoor they may have put in.