On August 29 German newspaper Zeit reported on leaked documents from a federal agency that advised the German government and the country’s critical infrastructure against upgrading to Windows 8, alleging that the operating system facilitates remote spying. The article implied deliberate placement of the security hole and cooperation between Microsoft and the NSA. Various online outlets and Reddit picked up on the story, and a muddle of conspiratorial information about the threat spread across the Internet. The situation turns out to be more complicated. Although that particular vulnerability may not be exactly as the newspaper relayed it, the concern behind the report is not unfounded. Those intent on hacking or spying do not need to rely on Windows 8 to access valuable data.
The German Federal Office for Information Security (BSI) issued a warning advising the German government as well as its critical infrastructure, which includes its financial, telecommunications, and public health institutions, against upgrading to Windows 8. Their statement claims that the new operating system is more vulnerable to remote spying and that it takes away control over the machine from administrators, transferring it instead to vendors.
The Zeit article concluded that the document referred to a “back door for the NSA and the Chinese,” and other secondary sources echoed this inference (before the emergence of the NSA scandal, the Chinese government was the more prominent cyber-villain in the media). However, here the newspaper took some liberties with its interpretation of the agency’s message, which never explicitly mentions these entities, to capitalize on the current tide of anger at Edward Snowden’s leaks.
The BSI issued a second press release on the topic following the article’s publication, clarifying that Windows 8 together with the Trusted Platform Module (TPM) chip creates the vulnerability. The chip is actually meant to heighten security, and is one of Microsoft’s selling points for Windows 8 PCs and tablets. It is responsible for full-disk encryption, password protection, digital rights management, and software license enforcement. Ross Anderson of Cambridge University, who wrote extensively about the TPM chip back in 2003, explained that one of its original purposes was to prevent people from copying copyright materials or running unlicensed software. TPM also decreases the odds of a hacker accessing data through software, browser, and email on PCs and Tablets running Windows 8. The Trusted Computing Group, which includes Microsoft as well as IBM, HP, Intel, and several others, sets the specifications for the chip. The group’s goal is to create more secure machines, though the meaning of “secure” is debatable.
BSI conceded in its second statement that the chip does make data safer for some-those users who would rather leave the security of their devices and data up to the manufacturer. The agency seems to think that this is not good enough for government and critical infrastructure, and stated that manufacturers should be more transparent about the possible limitations and consequences of its hardware. BSI warned again that Windows 8 with TPM takes control away from the users over the operating system and the hardware, and is conducting its own ongoing investigations into the ramifications of Windows 8 together with TPM.
This stance on the TPM is not new. Anderson criticized the TPM at length a decade ago, making various predictions for how vendors will use the chip. Spying was not foremost among his concerns, but ceded control certainly was.
Microsoft was in a similar situation back in 2009, accused of building a backdoor for the NSA into Windows 7. The NSA itself stated at that time that it worked with developers of the operating system in its security. TPM is not mandatory for Windows 7, and the BSI claims that Windows 7 can be safely used until 2020.
Some online commentators argue that reports of the Zeit and other outlets are alarmist, saying that the TPM chip itself has no inherent networking ability that would allow it to communicate with anyone back home on its own, while others maintain that it may have some secret and more nefarious uses that are not reported outright in its specifications. Most importantly, many agree that the NSA and other interested and motivated parties do not need the chip if to access coveted data.
As for the NSA in particular, a recent New York Times article titled “N.S.A. Able to Foil Basic Safeguards of Privacy on Web” asserts that does the NSA in fact work hard at creating backdoors for itself to access any information it could possibly want, influencing security standards and working with vendors. The article states
“The N.S.A. has been deliberately weakening the international encryption standards adopted by developers. One goal in the agency’s 2013 budget request was to ‘influence policies, standards and specifications for commercial public key technologies,’ the most common encryption method.”
Furthermore,
“The N.S.A. worked with company officials to get pre-encryption access to Microsoft’s most popular services, including Outlook e-mail, Skype Internet phone calls and chats, and SkyDrive, the company’s cloud storage service.”
The BSI is not so paranoid in thinking that the NSA would attempt to put a backdoor for itself in a piece of hardware, though it does seem to underestimate the agency’s prowess. If the New York Times article is to be believed, the NSA does not need Windows 8 for spying, as it has mastered bypassing most privacy measures.
Though the article exposes its pre-encryption cooperation with the NSA, Microsoft itself has actually publicly called for more transparency to the public about how their data is kept and released, in a rare shared cause with Google. Both companies have been suing the government for the right to share information with users (though granted that these litigations only began recently).
The German public has been notably more outraged by the NSA revelations than have most Americans. Edward Snowden is viewed in a much more positive light in Germany, and the U.S.’s cross-border spying has incited a public debate, putting pressure on the government ahead of upcoming elections. Germans are highly conscious of privacy, government spying and opaqueness, accounting somewhat for their suspicion of the imported Windows 8. In the past weeks, German officials traveled to Washington to attempt an agreement to ban spying on each other, though not much public information has been released regarding the negotiations.
In an Op-Ed in the New York Times on the differing attitudes of the two countries on surveillance and privacy, Jochen Bitter wrote, “Somewhere between German paranoia and American naïveté lies the proper degree of concern. But where?” It is hard to say at this point, but assigning that much power to the chip may be both paranoid and naïve.