German government denies Windows 'back door' claims
The German government doles out common-sense advice on using Windows 8 and TPM 2.0 chips in conjunction, but it's distorted by some observers into wild claims of "back doors."
The German government on Thursday publicly denied a German newspaper report about an alleged "back door for the NSA."
The same newspaper has now acknowledged that the German authorities have rejected its initial reporting.
"The so-called Trusted Computing is a back door for the NSA," wrote Zeit's Patrick Beuth on Tuesday, according to a translated version, referring to recent reports pointing at the U.S. government's mass surveillance programs. "The operating system contains a back door in their view, cannot be closed. This back door is called Trusted Computing and could have the effect that Microsoft can control any computer remotely and control. And thus the NSA."
Except, that's not true.
Following the German publication's story on Tuesday, reports began to spread -- albeit a little away from the mainstream media -- suggesting that a small "trusted computing" chip embedded in many modern computers can aid the U.S. government's surveillance efforts. As a result, the report claimed -- citing an internal document from Germany's Office for Information Security (BSI) -- the latest version of Windows in certain circumstances could not be trusted in a government setting.
On Thursday, the BSI published an opinion backtracking on the report's claims (PDF), while offering advice to the federal and civilian IT community on the matter.
The Zeit report suggested that German officials are specifically concerned about the Trusted Platform Module (TPM) technology. These hardware chips contain encryption keys that are used to verify the integrity of operating system and application files, preventing physical computer tampering and some types of malware, most notably rootkits.
These TPMs, which were developed by the Trusted Computing Group, a coalition of tech companies founded about a decade ago -- including Advanced Micro Devices, Cisco Systems, Hewlett-Packard, IBM, Intel, Microsoft, and others -- require a compatible operating system in conjunction to work.
Simply put, the TPM stores encryption keys in hardware until the software does something with it, and prevents operating systems from being tampered with by malware, such as a rootkit, or by a hacker who wants to modify the system for legitimate purposes.
The new specifications, dubbed TPM 2.0, will be activated by default, according to the BSI. While older versions of Windows use the older TPM 1.0 specification, Windows 8's security contains TPM 2.0 technology. The article's author wrote that Windows 7, as an existing alternative to Microsoft's latest operating system, can "be operated safely until 2020," at which time Microsoft will no longer support the software, and will no longer issue security updates. Windows XP faces a similar fate this coming April.
An internal document from the Ministry of Economic Affairs (BMWI), dated in early 2012, states that the German government will lose "full sovereignty" of its machines, concluding that "the security objectives 'confidentiality' and 'integrity' is [sic] no longer guaranteed."
This is not the first time Microsoft and the National Security Agency have been accused of collaborating on secret back doors.
In 1999, similar allegations surfaced over an encryption key found in corporate versions of Windows, called NSAKEY. Claims were made that the U.S. government included code to assist state surveillance, a belief that is only held today in the farthest fringes of conspiracy swamps. Microsoft strenuously denied the claims.
And then it unravels a bit.
"In the light of the [NSA whistle-blower Edward] Snowden revelations accordingly, little imagination [is] required to see TPM 2.0 and Windows 8 as a back door for the NSA, just waiting to be opened," the author writes.
He uses just a "little imagination" to jump to a rather dangerous conclusion. He also notes that he "must assume" that because these TPM chips are developed in China, the Chinese government can compromise the chips -- in much of the same way the NSA presumably can.
While it's not entirely clear from the article, the German government's general feeling is that it could be a barrier toward a wholly secure solution. The piece references a review by the BSI, stating that it was not possible to receive an "unconditional, complete confidence" in the platform.
No security solution is 100 percent secure. Not one. In fact, by stating this -- whether it be an internal review, or a public statement -- is good, honest practice on the part of the German authorities.
The article points to an "update," citing the BSI's opinion, published a day after the Zeit article was published, on Wednesday.
In the opinion (translated), the BSI "warns neither the public nor the [German] government prior to any deployment of Windows 8."
"The BSI is currently facing, however, some critical aspects related to specific scenarios in which Windows 8 is operated in combination with a hardware that has a TPM 2.0," it added.
The German federal agency notes that certain groups of users can use Windows 8 and a TPM chip that offer an "increase in safety."
It does, however, also reiterate that the use of Windows 8 in combination with a TPM 2.0 is "accompanied by a loss of control over the operating system and the hardware used." It explains that federal users and computers running critical infrastructure -- such as water, electricity, and gas networks -- may face "new risks." These computers should be one of if not the most secure devices running in a country, as they control infrastructure critical to life and well being.
"Generally it should be possible [for] IT users to maintain a self-determined and autonomous dealing with information technology," the opinion read, which any IT professional will know is good, solid advice on the part of any reliable information security person or agency.
The opinion also explains that should Windows 8 or the TPM chip malfunction or become damaged in some way, it can lead to the conditions that "prevent further operation of the system."
The BSI is, essentially, talking about "bricking" computers. And it's right to. If there is a malfunction, it could lead to Windows 8 stopping working, and a situation where data may be lost. Worse, it could lead to the computer or hardware being "permanently withdrawn from use."
The opinion does state (translated): "In addition, the newly established mechanisms can also be used for sabotage by third parties."
We thought this was a little vague, so we sought independent clarification from the BSI.
BSI spokesperson Tim Griese said in an email to ZDNet: "There might be errors or bugs, originating from the OS vendor or the hardware vendor or even from the IT user itself, that by accident lead to a situation where the IT system is practically and permanently unusable. Such a situation is unacceptable for any user, as you might agree."
He added: "And if such a situation can occur by accident, it can all the same be caused intentionally by third parties."
The BSI is in this context talking about both accidental and deliberate damage, in efforts to remain fair and balanced, but also make users aware of the risks that federal and ordinary users face alike.
The German government, while mindful that its state enemies abroad and their intelligence services may wish to conduct espionage in the country, is not suggesting there are "back doors" in Windows.
The only people left who really believe that Windows has a back door to the NSA are the same kinds of people who believe Facebook, Google, Apple, Yahoo, and the rest of the named seven major companies gave "direct access" to their systems to the NSA -- which they didn't, as they continue to fight in the courts to reveal documents that they know exonerates them from any allegations made by former NSA contractor Snowden.
This story originally appeared as "German government refutes Windows 'backdoor' claims" on ZDNet.