We have the american government with echelon and now the british government wants the right to walk into my computer system at a whim under the pretence that it's protecting my best interests? yeah right. While the british government says that the backdoor will be used for counter terrorism, which I'll concede is a fair point, what they don't tell people is thier definition of terrorism. I.E. anything that conflicts with governmental policy. So technically, as a marxist, I'm a terrorist.

Yeah. Screw that. Good for microsoft for building a good product

I see it now...Microsoft grants the British Governent special rights to by-pass "BritLocker". Then, several months into the future, a, dare i say it, terrorist (AHHHHH!!!) snatches a Government laptop that not only has vital information within, but also has special rights to bypass "BritLocker". He/She/It then writes the most distructive virus Great Britain has ever seen and the world as [Great Britain] know it ends.......So sad...

Some people will write a virus that exploits the backdoor, true... but I bet ya some hacker will also write a patch that BLOCKS the backdoor :P

I don't get it. Other countries force MS to give up or show some of the code to Windows, they claim that media player and MSN are concerns. Then MS comes up with a good idea and they want to basically compromise it before it even sees the light of day. Why? Don't they know that the code will leak? The backdoor will also. Has there ever been a program or code a hacker could not crack? Get a grip people, its going to be cracked and probably by a 14 year old kid. --Just my $0.02

This is all just blowing up sensations and emotions.
Has nobody ever heard of "coercive detention"? So what is all that fuss about this?! They can bust you if you encrypt your hard drive(s), in order to force you to open them access to it. And they can shut you up in jail unto the moment you have enough of being shut up and will give them the access they demand from you.
So all this blahbla shouldn't be necessary.

When it then comes to the discussion of terrorists - well, then it's simply ridiculous to lead it the way it is done by those Brits, and in open public.

I, for one, won't trust anybody - whatever their names might be. I am convinced, they have all their backdoors, anyway, in everything.

As for honest persons not getting involved in this kind of sling - well, life is not so straight forward and there have been many, many errors, due to humans or failing technology.

What has any person other than myself to look into anything I own, I do or I have on my hard drive(s)? This has nothing to do with having nothing to hide - it's a simple matter of human nature's pride and dignity - - and, yes, and TRUST. Why is it that I am not trusted to be a decent citizen? Do you throw away your money just because there is counterfeit money, too?

What's happening here is simply: they tell everybody: "You are not trustworthy - nobody is, in our eyes. So we're searching for a way to stick our nose into everybody's pants." Always it's this "we must have the possibility to supervise you all".

It is this attitude I do hate and which makes me feel as a unworthy person, not worthy of any trust, not worthy of any respect.

Accual... Unless they can prove I commited the crime, they have to let me go. Over here anyway... I dunno how stuck up US laws are. (Got a stuck up leader, so it wouldn't be a surprise)

I agree with the rest of your post through.

I like that the USA read everyones e-mails looking for 'terrorist activity'. It's lucky that terrorists have never heard of PGP; it's nice of them to just send all their plans in plain text. Keep reading our e-mails boys!

As for the MS encryption... again, if terrorists can't figure out how to use PGP they probably won't be able to use the BitLocker anyway.

"I like that the USA read everyones e-mails looking for 'terrorist activity'. It's lucky that terrorists have never heard of PGP; it's nice of them to just send all their plans in plain text. Keep reading our e-mails boys!"

Terrorist activity my b***.

What I fail to understand is... why do people assume the "terrorist" that was smart enough to blow up the world trade center, is dumb enough to store all the details on a laptop.

The immense stupidity of the European, Canadian, and 3rd world nations, never cease to amaze me.

They attack us for our beliefs, and yet when it comes to things like this, they look like bungling idiots.

The subway disaster for one, still raises an eyebrow. USA was attacked what, 4 years before? And they were "shocked" it happened in London. What the F%$K did they think were doing in Iraq, conducting boy scout drills? We were trying to find the terrorists responsible. All Bush haters aside, the UK has no clue WTF they are doing, they don't understand simple logic and defy intelligence.

The UK continues to snatch defeat from the jaws of victory... Hooray for the queen, long live the queen..

NOT!

what? what does this have to do with the article? as an American i feel perfectly comfortable telling you that, if you want to go on a political tirade about "European, Canadian, and 3rd world nations" go do it elsewhere.

Bear in mind this is just people from a Select Committee (like a government focus group) talking. All they can do is make recommendations to the government, which anyone else can do also.

you pirate you:-)

you are correct.

Do I know you?!

"Give us a great encryption, but put a back door in it and defeat it's own purpose if you will please! What? The backdoor information will never get leaked and no one will ever be able to find it." Same kinda things with Skype's Crypto and the US Fed Govt. "This technology is too good, give us a backdoor A.K.A. give everyone a backdoor eventually". Makes me sick.

DumbDumbDumbDumbDumb....

The UK Government are now making a major mistake. By publicly talking to Microsoft and telling BBC News about it, they have a PR disaster on their hands. There are hundreds of other strong encryption tools available free on the internet (try TrueCrypt if you're interested) that would be far more reliable in terms of security than any Microsoft offering. Besides, do you know ANYONE that thinks it's a good idea to use a Microsoft program to control all of your documents, files and operating system components?

"Error 69572.1: You have replcaed your monitor, so you no-longer have your original PC configuration. Microsoft have now locked all your files and if you want to use the PC again, you will need to buy a new copy of Vista and reformat your drive."

A competent home user, never mind a competent terrorist will know not to rely on the system.

The problem with these kind of requests, is that those who want to hide thing will hide them, and most certainly wouldn't rely on MS encryption backdoor or no Backdoor.
The more I look at the requestes from the UK police the more I think that the Stasi are alive and kicking.

They better not take away that encrption protection.. that is dumb to say that terrorists would use it.

- Josh

Wow…just wow. Lets look at this idea for a second. You want a backdoor in every copy of the operating system that will bypass the built in security encryption so that you can access the information of maybe 1% of rogue “terrorist” users? Gee, that makes plenty of sense.

This “War on Terror” is starting to go way too far. Perhaps I am alone on this one, but I’d rather maintain just a little bit of my freedom and privacy even if it means that terrorists might occassional do some horrible things. That doesn’t mean I support terrorism or support helping them, it means I like my freedom and it shouldn’t not be taken away to possibly maybe hopefully (sarcasm) prevent something that in all likelihood is going to happen anyways because our security services are inept as they have demonstrated so many times before.

This is not even bringing up the point that if the goverment gets there magic backdoor into the operating system what is stopping virus writers and blackhat hackers from using the exact same backdoor to cause all kinds of havoc to your computer. Other points of interest: OSX has been using disk encryption for several years now. Why has no one complained to them about the need of a secret backdoor key for that? Also, it’s not like disk encryption is a new technology my friends. There has been software available for a few years now that can do this relatively easy, but suddenly when Microsoft is going to include a very useful security feature into it’s operating system people start to scream bloody murder. Oh yeah, THE FEATURE WON’T EVEN BE ON BY DEFAULT. So Chill. I am sorry my British friends, but that request is ridiculous and unacceptable.

not to mention them using it for things they shouldn't like to monitor innocent people's files and all that.

This isn't something the British public wants. This is the British government which has become something of a borderline dictatorship.

He suggested that the British government talk with Microsoft and computer vendors assure that there is some type of "backdoor key" in order to allow law enforcement access.

That's a grand idea. If Microsoft did that, why don't they just scrap the whole freakin' encryption idea.

The British Police need to take a class in computer security to realize this has been around forever.

Get a clue you donkeys.

rofl

Thank you.

Ah, I was already wandering why I didn't hear the NSA, CIA and FBI complaining. ;)

I dont think they should be allowed a "key", its only a matter of time before more sophisticated tools are developed by gov'ts to bust into computers. A backdoor would be a serious security risk, I don't think something like that should be left unlocked, that information will be leaked to the net hours after the release of the software, if not before.

The British Police must be incredibly stupid:
Encryption is available on windows for years, although not a very strong one, and OSX has strong encryption of disk(images) for years. I don't remember them asking Apple for a backdoor.

And another thing: If there's a backdoor for anybody, everybody can get in eventually.
How ignorant can they be. Sheesh!

Anyway, windows is bad, and OSX is good. Now go away!

So Windows Vista is now a threat to security?

Considering how many government, secret service and military laptop computers have been left on buses and trains by forgetful personnel in recent years, perhaps they should install Vista right away.

It's an odd paradox that two weeks ago terrorist supporters marched through London waving banners calling for bombings and massacres without a single one of them being arrested (in fact they had a police escort).

If they'd been using Vista we'd never be able to find which ones were the terrorist supporters! Doh!

Microsoft has always been a threat to someone. First Apple, then Real... Netscape, Sun... all then... NOW the government?!?!?!?...

"It's an odd paradox that two weeks ago terrorist supporters marched through London waving banners calling for bombings and massacres without a single one of them being arrested (in fact they had a police escort)."
For real? Or sarcasim?

The march was real, and the protestors did have a police escort. It was a big scandal here in UK at the time. However, I was being sarcastic about it. Many of my comments on BetaNews use a sarcastic angle to make a serious point. That's a risky way to express opinion as not everyone gets the full meaning.

I personally have no objection to there being a back door to Vista encryption. What I do have a problem with is being denied effective security for my personal information - such as my accounts, my journals, my work, my bank accounts and so on. My laptop PCs have my whole life on them, so of course I want them to be secure. Privacy and secrecy are not the same thing, but security agencies don't distinguish between the two.

It's been fairly standard for years to build in a back door to commercial encryption software. This is one reason why opensource code such as PGP has been one of the safer ways to go, and why the US tried to prevent its export and hounded its inventor (Philip Zimmermann) as a threat to national security.

EVERYONE STOP!

Please understand that just because the UK Government has petitioned such a request, it does not (yet) mean that Microsoft will honor such a request. This article is about the UK request, not MS agreeing to the request.

You can SPECULATE all you want about whether MS will agree to it or not, just don't say that it's already agreed to.

OK, continue your rantings and ravings now... I just wanted to provide a brief moment of sanity to the discussion.

Microsoft AU and USA hopefully will not comply with this request...

Ya know, I was thinking...One day an idiot goverment is going to say "It is illegal to make CPUs faster then 3ghz cause it's a security breach" "It is illegal to make home internet faster then 3mbps cause it'll allow hackers to do their hacking faster" "It's illegal to..."

Note: that I don't have any idea how fast modern CPUs or internet is, but you get the general idea.

Well, you know it's happened before in Europe... In fact, I believe it was called the Dark Ages. Kings and Queens ruled absolutely and ignored the will and needs of the people.

Fortunately, being the 21st century and all, and many of us living in democracies... we all have the ability to vote for changes every election period. Granted, many of us are too incompetent to make informed decisions about who or what to vote for, but I think that's our fault for listening to the media instead of looking at things objectively and deciding for ourselves.

Of course, there's always the chance that more people will think that our leadership is doing as best they can given the circumstances and will choose to disagree with changing it.

Remember when the Mac G4 came out and by US government standards is was "weapons grade"?

I didn't pay much attention to the Mac back then, care to explain?

All the policians in this country (AUs) are as bad as any other, so I dun see the point in voting :P

Great, I love having my rights taken away one at a time. I don't know what they just don't force everyone to keep all data on government servers so they can just control it all.

________
AHampton2K
http://www.fits.cc - IT Community

What rights? in todays world, We have NO rights.

I bet if I were to ask the question, "Which rights does this violate?" Your response would be that it gives the government access to violate your privacy.

My answer, of course, would be that:

A) If you're a terrorist, you lost those rights the day you committed a crime against humanity.

B) If you're not a terrorist, then chances are most unlikely that the UK government would ever wish to know the contents of your hard drive... unless you're a criminal of other type, and then in that case, see A.

If you argue that your rights are being taken away, the it must be true that you are claiming to have the rights in the first place... you might want to research whether you do, in fact, have the right to encrypt your data so that law enforcement isn't able to look at it... ever. Chances are very high that if they have probable cause to arrest you for a crime, they also have the right to investigate your crime, at which point they can sieze and search the contents of your computer. The lack of a backdoor key for Windows doesn't stop them from doing this... it just hinders their progress in doing so... it slows them down.

On the contrary... all citizens in democratic nations have rights granted to them by whatever constitutional document governs the nation. They are rights that are abused by citizens every day, such as-- in your case-- the freedom of speech. (Remember that although we have a freedom of speech, we also have the right to remain silent because what we say can and will be used to make us look stupid.)

If you can legitimately prove that one of your constitutional rights is being abused by the government or any other entity, then you have the right to protest and challenge it in a court of law. Of course, doing so requires that you be able to actually PROVE that such a violation is occurring, AND you must be able to convince a court that your evidence does in fact prove it... but that's your problem.

If you believe your rights are violated because you grossly misinterpret the laws and rights given to you, then you are, in fact, an idiot... not oppressed. On the other hand, if you believe your rights are violated and you fully understand the rights given to you, make your case and I'm sure people would jump to your side to agree.

> ...and I'm sure people would jump to your side to agree.

Why would they do that? It is much more comfortable to pretend you live in a free country then actually make sure you do.

There is no such thing as a free world.

They say "Freedom of speech" This applies to the press, not to me.

Also, I don't think Australia has an amendment like that.

"If you argue that your rights are being taken away, the it must be true that you are claiming to have the rights in the first place... you might want to research whether you do, in fact, have the right to encrypt your data so that law enforcement isn't able to look at it... ever. Chances are very high that if they have probable cause to arrest you for a crime, they also have the right to investigate your crime, at which point they can sieze and search the contents of your computer. The lack of a backdoor key for Windows doesn't stop them from doing this... it just hinders their progress in doing so... it slows them down."

Oh yeah. I blew up the world trade center... ALl the details are stored on my LT's hard drive. Wanna look?

Seriously, only an idiot would store terrorist details on a hard drive.

I have the right to encrypt my hard drive with 512 bit encryption, if I desire... after all, I got a not so honest sibling who likes to snoop when he gets the chance... and I wouldn't be surprised if he used a Linux or Windows on CD program to by pass my encryption. My Bank details are stored on this computer

Hmm, an interesting point... is it more comfortable, or is it a matter that some people are too incompetent to understand the difference.... lazyness or stupidity, which is the greater problem?

"Seriously, only an idiot would store terrorist details on a hard drive."
>>> There are a LOT idiots in the world... besides, where else would they store it? Surely you don't think every terrorist is a genius that can memorize terrorist plots to the exact detail. Hmm, I suppose there's always removable media that could be tossed into a fire and destroyed... but there's also a huge risk of that falling into the "wrong" (or is it right?) hands.

"They say "Freedom of speech" This applies to the press, not to me."
>>> Not sure where you're at, but if you're in the US. the first amendment guarantees that **Congress** shall make no law that limits the right to assemble, limits freedom of speech, or establishes a state-mandated religion. Granted, it says nothing about businesses or non-Congress entities taking such actions, but other entities we have the opportunity to ignore.

> If you're not a terrorist, then chances are
> most unlikely that the UK government would ever
> wish to know the contents of your hard drive.

And what is that believe based on?

History is full of examples where governments (even in democratic countries) abused power.

">>> There are a LOT idiots in the world... besides, where else would they store it? Surely you don't think every terrorist is a genius that can memorize terrorist plots to the exact detail. Hmm, I suppose there's always removable media that could be tossed into a fire and destroyed... but there's also a huge risk of that falling into the "wrong" (or is it right?) hands"
I was accually thinking of external storage when I wrote that :P A CD RW would be perfect for this.... I can write to it and read from it... but I can also store it in a safe or toss it in a fire...

">>> Not sure where you're at, but if you're in the US. the first amendment guarantees that **Congress** shall make no law that limits the right to assemble, limits freedom of speech, or establishes a state-mandated religion. Granted, it says nothing about businesses or non-Congress entities taking such actions, but other entities we have the opportunity to ignore."
I don't live in the US, so I dunno how your laws work to the letter. But an admin of a forum told me how Free Speech is really "Freedom of press"

First off, I don't think that this should apply to criminals of this nature. However, my utopian view will not work. The British and my view will effect us all. On one hand, you want security. Then on the other hand, you don't want it for those that threaten us or our way of life.

Privacy and encryption is black or white - all or nothing. There should be ways in which to prevent malicious software from installing, but preventing P2P programs from being installed is an extreme and only serves the fears of a select group. Don't get me wrong, if you are sharing movies and music with these programs, that is illegal and you should be held accountable to the law of the land - whether you agree with it or not.

I would also think that MS has a way in which to unlock such an encryption due to the enormous amount of situations that would warrant the hacking or recovering of a system that has been damaged. However, to whom this knowledge should be given is another matter. It will ultimately(always) fall in the hands of the person who does not have your best interest in mind.

IMO

You are correct my friend!

Everything else is paranoia. Maybe even the thinking of some that 'if they ever were to commit a crime', I don't want them to see what I have on my computer. Of course, we are assuming that the person is stupid enough to save the information on their computer to begin with.

People are afraid of friends and family finding out they were surfing and jacking-off to Internet porn, then helping the fight against terrorism. So what that you surf porn, or like animals - this is not a crime. Surfing child porn and terrorism is.

Lastly, we are assuming that MS has not developed a backdoor to begin with. Though this technology sounds very promising for protection, there are many circumstances we can think of when we need to hack our own systems to recover data damaged in some way. I would hope they thought of this or they just got rid of many IT jobs.

It's a little thing I like to call refusal of paranoid delusions. It's not an official scientific term, despite it's official sounding name. You see, I have been going through life for 26 years now, and I have neither had nor given reason for any government to pay attention to me in a scrutinous way... I suppose it's possible that they have, but it hasn't limited my life in any way shape or form, so if they have the manpower and resources to look at me instead of you... well then I guess that should be reason for you to be happy.

EDIT: Now that I think about it... I'd kind of enjoy it if they DID pay attention to me, at least I'd know that someone really does CARE, lol... with luck, they'll really like my work ethic, moral values, and responsibility and give me a better job and more money.

I don't think the evidence is for him to prove, but can you come up with a case that a person had their computer contents searched for no reason what so ever, other than just for fun. I am sure that the governments had good reason to do so, or so they thought, due to the behaviors of the individual.

Might I suggest that you look up your country's constitution and read the law for yourself? :) It might enlighten you in a way that no admin ever could.

pr0n!!!!!!1 ;0

Never underestimate the power of stupid people... they drag us down to their level and beat us with experience...

You can never live free if you want to live around others. Because everyone has a different rationale or definition for words and actions.

If you truly wish to be free, buy an island(not free) and move there. You will not be able to enjoy the fruits of any other society like a phone, TV, hamburgers, wife and kids.

Phone - because no one to talk to
TV - no one works for free; no money, no funny
Hamburgers - cows want to be free too - they have rights
Wife - assumes ownership(she belongs to you), not in a free society
Kids - wont want to live by your rules - they want to be free. Most likely they would die young due to malnutrition or lack of health care

So, live free!

You stole my favorite quote, you bas****!

"Never argue with an idiot. They'll drag you down to their level and beat you with experience."

And of course, my corollary:

"Never argue with me. I'll drag you down to my level and beat you with a sledgehammer."

Or, they might just be really good at not being noticed. Maybe they have paid attention to you and you just dont know. It is because of them that you have not secured a better job and more money. ;-) JK. Some people take this stuff very seriusly, like I know of some people that do not have social security numbers and have not gotten numbers for their children because the gov is out to monitor them. Think about it, can you really live an easier life knowing the government hasnt got your number...and since they dont you cant have a credit history, apply for social security later...etc. Uh oh, watch out they are reading this forum and it will red flag if you say "eagle" or "Whitehouse" or "bomb".

Feel free to give me a copy of the locked tight constitution.

> but can you come up with a case that a person
> had their computer contents searched for no
> reason what so ever, other than just for fun.

Of course most of the time reason is other then fun. One popular reason is pressure to have a crime solved. If police can't find the real criminal they would often try to pin the crime on someone else. Happens all the time.

What are you trying to say?
That absolutely free society is impossible?

No one disputes that. But that fact doesn't invalidate concept of freedom in any way. Just because no society can be absolutely free doesn't mean that some societies can't have more freedom then others.

I am sorry, I seem to have not gotten your proof through all the bull**** you were talking.

Ok, we probably are on the same page and what you said, I took wrong.

The fact that everyone is taking the concept of freedom way too far, and in one instance are willing to give it up, but cry in another circumstance espcially like in this case.

I believe that if you are doing something wrong, you give up those rights and as much as you violate others by breaking the law, then it is acceptable for the governing body to violate yours in an attempt to preserve the freedoms of others. A terrorist or criminal that cries that their freedoms are violated should be laughed at.

I sure hope I stated that right.

Don't be hard on yourself, you seem to have a general problem getting anything.

> I believe that if you are doing something
> wrong, you give up those rights...

But who decides if you are indeed doing something wrong? You are talking about it as if it is somehow automatically known without any doubt when someone is doing something wrong.

The fact is, we need a court trial with adequate defense to establish the guilt, and very often courts find people innocent (wrongly accused by police).

And you are talking about taking people's rights away BEFORE trial in court, simply because police say they did something wrong.

Taking away rights of someone proven to be guilty in court is one thing, taking away his rights BEFORE the trial, simply because someone says "he did it" is very different.

Terrorist lose their rights?

What about sadaam hussein, who's currerntly being granted a fair trial? or slobodan milosevic, who's still escaping justce because he wont recognise the court? No. It's subjective, just like everything else in the Bush and Blair administrations. They don't care about our rights, they care about THEIR rights, and how these things directly affect them. We're just lambs to the slaughter.

This isn't about terrorism. This is about inalienable human rights being denied us by the people who are meant to be looking after our best interests, but have been found wanting severely.

I don't understand why we need this as we already have laws stating I must give up my password/passphrase/secret key if requested by the authorities or face being charged with contempt of court. This is just another way for the government to want to spy on innocent citizens while they claim it is to fight terrorism and paeophiles when the real problems (ie the ones that affect the majority) are still not being dealt with.

Also only a petty criminal will trust built in, closed source encryption, whereas terrorists and paeophiles will look for much more sophisticated means of protecting themselves (TrueCrypt and PGP come to mind) so again this backdoor will offer to real benefit to what the government claims it will.

Lastly, how long until it is leaked? Out government is *awful* when it comes to IT. They can't do anything right when it comes to a new IT system so I have no faith in the governments management of this. The key they use will be leaked before the RTM copies it the shelf and then Vista will offer no protection at all.

This is funny,back in the day the government tryed to keep everyone sacared about Communism and nuclear bombs. Today they like to throw around the word terrorism. I wonder what they will try to scare us with tomorrow. Owell, in the mean time it gives them enough excuses to invade our computers, our search histories ,tap our phones, and detain anyone they want for any amount of given time for as long as they want.
So i fell off the subject, I cant help it sometimes.

actually they seem to be trying to scare us about china now

BitLocker ? Oh ! They thought it was BritLocker.

It may set back the attempts of the government to terrorize people ? Not to worry brit guys ! MS 'works' with the government of China - they will "work' with you also.

The bomb was not defused in time.
"TERRORISTS... WIN."

I wonder how this BitLocker technology will affect cough:::degrade:::cough system performance. I personally can see noticable differences with on the fly encryption methods currently in use by various other operating systems, and avoid them because of that reason. Anyone have any thoughts on this?

uhm...well obviously when encrypting something the system will take some cycles to decrypt it...I don't think this is intended to be used on performance sensitive systems. Maybe encrypt your finance server...leave your market data server as is....:)

If you have alot of sensitive apps on your computer or laptop...encrypt it, otherwise why bother? Not sure of the performance hit with bitlocker. We'll see...I'm sure there will be some.

This is stupidity;

Terrorists are many things, but they're not stupid, there are vast amounts of software that encrypt files that they're no doubt already using.

People who want to hide stuff from authorities can, and will.

Exactly, what good will it do to give it a backdoor, only will catch the dumb ones who really aren't as much of a threat as the smarter ones. While we're at it why don't we make anti-virus with backdoors, so they can infect the terrorists computers with trojans. I mean where does this kind of thinking stop?

No, Terrorist are stupid. They are all too eager to tell you what they did, when they did it, and how they did it; now they even tell us when they are going to do it.

Stuff terrorism, I want my LT's files to be secure. Microsoft has my backing
*grabs a gun and shoots the british police*

Is it just me, or do people in that part of the world complain too much?

More BS!!! Damn I am so sick of anyone saying that they need to take away our security in the name of terrorism. It is just too much!

Damn right. The price of freedom is freedom.

Absolutely! Where does the loss of freedom stop? So far, the loss of privacy for American citizens has been far greater than the threat of terrorists. Personally, I live in a town so small that terrorists would be hard pressed to waste a single stick of dynamite. I fear tornado strikes far more than terror attacks.

No matter how much money is allocated, government programs are inept, at best. Hurricane Katrina is a classic example of government response to an actual emergency.

I've used PGP with a 4096 bit key and an encryption phrase of over 35 alpha numeric characters for many years and felt secure with it. If I were really concerned, I would then package the encrypted file with steganography, just so the encrypted file was not quite so obvious.

It's not a matter of "I don't do anything illegal, so I have nothing to hide." It's just a matter of my choosing to secure such information as financial records and the like. It's a matter of a free people to choose to protect their personal information if they opt to do so, without a government having the right to "window shop."

Here's any idea, since they are so worried about the encryption, don't put it in the British version. Let em fend for themselves. I'm no fanboy but ll the whining obout Microsoft is getting really old.

You the same guy with the coal fusion plans? Or the dood on the Guiness commerical... cause you is BRILLIANT!

OH YES!!! WHY DON'T WE JUST CODE IN A BACK DOOR KEY? If their's a backdoor key that's a security hole. Why even bother to put encription into Windows. If its counterterrism they have supercomputer access. They can brute force the encrytion.

Yeah, but depending on the encryption, even brute force by a supercomputer could take weeks.

good

TERRORISTS ARE CLEARLY HIDING IN EVERY CORNER OF THE EARTH! WE ARE DOOMED! (nocaps)

On a more serious note, car accidents take more lives than terrorists. Where's my War Against Car Accidents?

0.0
The War Against Car Accidents involves people getting their licence at age 28 and banning the elderly from using the road.

Or anyone that has ever ingested alcohol. Can't be too cautious.

Let's not forget to ban those with known health problems such as epileptic fits too! :)

And speeding tickets should be punishable by death...don't want to be too careful.

LMAO

well i think people over the age of 55 should have to take a reaction/driving skill test every 5 years or so, and once over 65 or 70 take one every year

Seriously?

Driving tests every year, for everyone. On the Road and written.

Vehicles should be forced to comply to federal regulations every year to check lights, emissions, damage, etc to prevent on-the-road vehicle failure.

Driving is *not* a right. It's a privledge, and a dangerous one at that. 1 DUI should cause one to be banned for life from operating a motor-vehicle.

The number of people who die in car-accidents every year in this country is absurd.

Oh, and we should be able to go vigilante on people talking on the cell phone or reading/eating while driving. Run 'em off the road and shoot them in the head. Execution-style. Trust me, the world would be better off without them.

And no, I'm not bitter, dammit.

Just don't spill your coffee!!

Why? Then I could sue [insert name of coffee vendor here] for millions!

Not that again!!

well i was trying to look a little less of a radical then i am, but i have to agree with you on almost all of that, except the shooting people thing. i think it should be done with croquet mallets after tea....

First windows is too insecure...now it's TOO secure...what is MS to do...

"British officials are concerned about encryption in Microsoft's forthcoming Windows Vista release, saying the technology could prevent law enforcement from reading suspects' computer files."

Isn't that the point of encryption?

The Brits are also concerned of people getting good locks on their doors keeping officials from ransacking people's homes at any impulse.

Note: Whole Disk Encryption has been around for a long, long time. Vista will make no change in the encryption landscape.
Example: http://www.pgp.com/produ...skencryption/index.html

"He suggested that the British government talk with Microsoft and computer vendors assure that there is some type of "backdoor key" in order to allow law enforcement access."

If that happened, it wouldn't be long before the information was leaked rendering Vista encryption utterly useless, forcing businesses to spend millions on alternative encryption methods.

"Note: Whole Disk Encryption has been around for a long, long time. Vista will make no change in the encryption landscape.
Example: http://www.pgp.com/produ...ryption/index.html";
Windows XP includes Disk Encryption too, doesn't it?

But, from what I can see, all you need to do with a stolen computer is take the bios battery out long enough to wipe the rom, then put it back in, boot, and reinstall Windows... then you over come any and all passwords on a system... Thats my current take on the computer world...

Any *very* strong encryption in an operating system would be welcome...

"Vista will come with a feature called BitLocker, which enables users to encrypt all the data on a system including the OS and boot secto"

Encryting the boot sector would prevent boot sector virus' wouldn't it? Through it would probably also prevent legit changes, such as Linux.

No, you are confusing NTFS permissions with EFS. Reinstalling Windows (or otherwise regaining Administrator access to the file system) does NOT allow you to decrypt EFS files. Once you lose the encryption keys, then brute force is the only option left. XP uses 128-bit 3DES which isn't the most secure, but it will still take you a few decades with the fastest hardware commercially available today. Even if you were able/willing to spend a few million bucks on massively parallel hardware, it's still going to take weeks if not months.

In fact, this is one of the reasons why people DON'T use EFS today. Typically, people will try EFS on a file they seldom use. XP generates the private key automatically and quietly, and does not force the user to export a copy for safekeeping. So then something happens to the FEK stored by the system, and now those encrypted files can't be accessed because nobody has a key. User then vows never to use EFS again. If the XP machine is a member of an Active Directory domain running its own CA (i.e. Certificate Services in Windows Server), it is possible to establish EFS Recovery Agent keys, but this must be done by the organization's administrators ahead of time, and the sad reality is that the majority of Windows admins in today's workforce are either ignorant or apathetic on this point.

The main advantage of volume-level encryption is that it's in-your-face 100% of the time, not like having one obscure file on your hard drive that you encrypted 6 months ago and forgot about. People are going to be forced to deal with basic PK concepts.

Not true.

As far as I know, the encryption keys are associated with the user account and its password. Don't have the password for the user account owning the EFS you want access to? No problem! Use Ophcrack 2 (http://ophcrack.sourceforge.net/) and you'll have access to the files in about 5 minutes time.

Sure, 128-bit encryption can take years to break, but it isn't the weakest link in the chain.

Another method is to use an Emergency Boot CD to reset the Windows password and you now have full access to everything! http://ebcd.pcministry.com

have you tried this: the EFS key is encrypted using the password: when resetting the apssword, you render the Key worthless. Cracking the password's the only option here.

Just wanted everybody to know that there's a free alternative to PGP Disk. Read more at http://www.truecrypt.org and give it a try.

Thank you! I'll give that a try.

I meant if the disk is "encrypted" with NTFS permissions. Sorry if I confused you.

EFS is something I haven't tried.... I might give it a go :P

" XP generates the private key automatically and quietly, and does not force the user to export a copy for safekeeping."
I'm sure it would be possible to export a copy if you wanted to... Wouldn't it?

I've been using TrueCrypt for a year now without any dataloss what-so-ever. I'd suggest making a relatively big file partition. Mine is 512 MB. A really good idea is to make regular backups of the file in case that something does go wrong because if the file gets corrupted there's no chance of getting your data back again. I've never had any problems with the program but because it's my most valuable private data I'm not risking anything.
Only drawback is that you can't resize the file so make it bigger than necessary so you have extra space in the future. Else you need to copy data out, create a new file, and copy data back again.

i say we make a backdoor and give it to everyone but the police just to spite them

or maybe make a regulated backdoor and charge the police to use it. something around 2 million euros a day should cover it....

This is not how it works. Vista security (BitLocker and SecureBoot) uses the TPM (Trusted Platform Module) chip on the motherboard (only some newer computers have this). The TPM stores cryptographic keys, generates them etc, i.e. it's no longer stored on the hard drive (cannot be hacked). So even if you reset the BIOS you can't read the hard drive contents (it remains encrypted). This also makes it easy to recycle a system, just clear the TPM and all data is unreadable (saves you the time of formatting the hard drive).

It's so hard being Microsoft. Whatever they do, it's always wrong....

yeah i'm going to shed a tear.

Although I have my complaints about some of their practices (this goes to say for a lot of other companies as well), this comment is very true. Regardless of what they do, comply and conform, fight requests, go above and beyond requests, there is no way to make everyone happy. This unforutnately is what any large international business eventually is faced with. Although it will be interesting to see the outcome of this dispute...

*nods* Esp if your product is as popular/important as Windows.

Certain *Nix filesystems include encryption too, AFAIK... but no ones had a go at them... And I can easily use WinZip to compress AND encrypt "planstoblowuptheworld.txt". If you get my meaning... Why aren't they going after these guys? Cause it's Microsoft. :(

Yeah, broke into your machine and read it. I find it pure coincidence we both think Raisin Bran will sufficiently overtake the minds of humanity.

Zip encryption is very weak, unless you use a special implementation.

Encrypted Zip files can be broken. I gather this somehow shuffles bits to create completely unique data structures that are impossible to recreate without the key(which presumably is stored on a hardware chip). I've toyed a lot with bits and know how powerful they are for compressing images(3bit image anyone? 5bit? :P ). I can only imagine how insane it would be to crack something with bit shuffling using randomized patterns of randomized lengths.

Not that that's what this technology is...I haven't actually checked.

Encryption is not related to quantization and optimizing palettes (what you describe), nor does any "bit shuffling using randomized patterns of randomized lengths" - it has to be reversible and therefor can not be random.

Mmm...well, images affected my thoughts, so I'm not surprised I'm wrong. I also don't know the terminology, so I only know what I came up with, not what it was already called when someone figured it out before me. :P

Curious about something...could a hardware chip(more than a chip) be built to generate a variable-length random 'cipher?' upon OS installation(I'm using that wrong...I guess I should say "mask"?) between 32mb and 256mb long, store it until OS reinstall, and use the data to determine if a bit should be toggled or not? I wonder if a hardware chip could handle all that transparently for laptops by being positioned somewhere on the mobo between the SATA/IDE controller and wherever the data needs to go?*

*I know nothing about motherboard internals.

It could store OS data to prevent booting from anything but the installed OS without wiping the computer. It strikes me that that would be fairly secure as all data would have to go through that chip, though a pain for DSL users... If you take another chip, then it has a different key on it, and hacking hardware like that isn't nearly as easy as just formatting and pawning the laptop off on someone, especially if it's only possible to generate keys internally(ie, no software way to read/write them). Your stolen computer would still be fairly secure, plus that leaves the back-door that hardware could be made that reads the data off the chip in a crunch, though no common thief would have it.

In other words, more pain than it's worth to hack it. Since the Chip is between the controller and other things, the HD would have completely useless data on it without that ???-MB length mask.

By "mask" I mean a really long randomized key stored on the chip that affects every bit up to NNmb before repeating.

But you seem to know more about this stuff than me, so if you refute that then everyone will be glad I'm not managing their security. =)

you mean there are more of us?