I’m not going to suggest for one minute that any government knows what they’re talking about when it comes to technology — or any area for that matter. They just sometimes hear of possible applications of a product features and seize upon that as if it were the worst thing since… sliced brown bread.
This week the British government in their infinite wisdom have started eyeing up the upcoming Windows Vista. More specifically, the encryption systems that are used in it.
From a first glance I don’t think I could spot any difference from XP and Vista in this respect apart from the process is linked with another of my favorites - “Trusted” computing , user files are encrypted by default and there is slightly more emphasis to put files in this user store with the way Vista manages files. So asides from the increased processing overhead every time a user’s file is accessed, what’s the bother?
Well government thinks that because more users will be using a feature, that has only been around (on Windows) for 5 years, on this new operating system (by default) that it will become harder and harder to prosecute people in courts of law because evidence will become harder to obtain because of the encryption.
If a suspect decided to keep quiet about their password when the police came-a-calling, the forensic team would effectively have to brute force the password system, from within the system instead of moving the disk to another computer. I’m not sure how this would even work at such a low level on an operating system.
Naturally not wanting police to have to do any work, government are to try and push Microsoft into building in a backdoor (I think Tony’s been watching too much Swordfish) to allow the rozzers to nip in as they like.
So what’s the deal with this? I can understand for security reasons why they might like encryption not to exist at a consumer level but the problem is, its been around for years and years and years. Now they suddenly want to rip a massive security hole in the backside of the next MS operating system so they can get around one form of encryption.
Does this mean they’re going to start attacking all forms? I could be smuggling atomic bomb recipes over the internet through PGP emails and TLS secured VPNs (virtual lans)… Does this mean they will start demanding a backdoor into everything we do?
I understand at the moment, they’re only interested in this for warranted searches, but the same technology is all around us. If they start wanting to look into one system, they might start wanting them all.
Even more worrying than a government wanting access is Microsoft going ahead and giving it out. If they do make a hidden super user account, I can guarantee that the people that need worry most about their files being looked at will know where it is and how to bypass it.
The people this is going to affect most are the people that have no clue about what Windows is doing. When this backdoor is cracked by some 12 year old on the internet its going to be the non-power userland that are going to be terrorised by people snooping on their data.
There is a valid argument for and against this. The main one against is why are we all still being treated like we might suddenly download 15 terabytes of child porn while learning how to make atomic weapons online? Innocent until proven guilty.