‘There are no back doors into Vista’


Niels Ferguson, developer & cryptographer within Microsoft’s System Integrity team posted earlier this week:



“Two weeks ago BBC News published an article speculating about a possible “back door” in BitLocker (http://news.bbc.co.uk/1/hi/uk_politics/4713018.stm). The suggestion is that we are working with governments to create a back door so that they can always access BitLocker-encrypted data.


Over my dead body.”


David Berlind at ZDNet picks up on a VNU report and Niels’ post today. David makes the following point:



“Referring the Microsoft’s encryption technology known as BitLocker (the technology that could keep law enforcement agencies from getting at the contents of a hard drive or thumb drive), Ferguson also wrote “Like any security technology BitLocker has its avenues of attack and law enforcement should know about them.” 


I’m not making this up.   So, if it has avenues of attack, why bother?  Or is it just to keep casual hackers at bay? (in other words, why bother?)”


Let’s get one thing straight before I make my point. I’m not a ‘security expert’ and I do not represent Microsoft’s security team. Niels can respond for himself (and I’m sure he will). So, the following is my response, not his.


And my response is this:


Let’s say I have a door. And that door has a key.  And that when that door is locked, it can be assumed – for the sake of argument – that the room behind the door is ‘secure’ (and that the door is ‘unbreakable’). Secure in that there is no way to get inside that room without using the (only) key to unlock the door.


Now, at this point you might think that that’s that. But, as the user of the door, I should know that there are things I should do / not do in order to ensure that my room really is secure once I’ve locked it.


Like:


1. Not to leave my key lying next to the door


2. If the door were secured by a combination lock, don’t leave the combination on a Post-It Note stuck to that door.


In other words, in using the analogy above, I need to secure my key in order to secure my room.


Without taking sensible and informed precautions, I can therefore leave myself open to these ‘avenues of attack’. In the security world, these above examples are called ‘avenues of attack’. No matter how obvious they might seem.


So, two points that David entirely overlooks. The first is that any practicable security technology has ‘avenues of attack’. Fact.


The second point David misses, and this goes back to the analogy above, is that if ‘I’ – as the user of the lock – know what the avenues of attack are and that ‘law enforcement’ and everybody else has exactly the same knowledge about what these ‘avenues of attack’ are as I do, then by definition there are no secrets and is no back door.

 


Comments (2)

  1. Dean Harding says:

    David obviously didn’t even finish reading after that "avenues of attack" sentence, because Niels gave examples of the kinds of "avenues of attack" he meant – like leaving your key on a USB stick next to the computer – right after it.

  2. And there’s one other big assumption he’s making about the reference to "law enforcement": that it means "law enforcement" wants to break into BitLocker-encrypted data.

    Couldn’t it be the other way around? That "law enforcement" is interested in BitLocker as a way to protect their own data? They should know about the avenues of attack so they understand the what the technology can and cannot do for them?