March 3, 2006 6:00 PM PST

Microsoft: Vista won't get a backdoor

Windows Vista won't have a backdoor that could be used by police forces to get into encrypted files, Microsoft has stressed.

In February, a BBC News story suggested that the British government was in discussions with Microsoft over backdoor access to the operating system. A backdoor is a method of bypassing normal authentication to gain access to a computer without to the PC user knowing.

But Microsoft has now quelled the suggestion that law enforcement might get such access.

"Microsoft has not and will not put 'backdoors' into Windows," a company representative said in a statement sent via e-mail.

The discussion centers on BitLocker Drive Encryption, a planned security feature for Vista, the update to the Windows operating system. BitLocker encrypts data to protect it if the computer is lost or stolen.

This feature could make it harder for law enforcement agencies to get access to data on seized computers.

"The suggestion is that we are working with governments to create a back door so that they can always access BitLocker-encrypted data," Niels Ferguson, a developer and cryptographer at Microsoft, wrote Thursday on a corporate blog. "Over my dead body," he wrote in his post titled "Back-door nonsense."

Microsoft is talking to various governments about Vista. However, the talks are about using the new operating system and BitLocker for their own security, Ferguson wrote. "We also get questions from law enforcement organizations. They foresee that they will want to read BitLocker-encrypted data, and they want to be prepared," he wrote.

"Back doors are simply not acceptable," Ferguson wrote. "Besides, they wouldn't find anybody on this team willing to implement and test the back door."

Windows Vista, the successor to Windows XP, is slated to be available by year's end.

See more CNET content tagged:
back door, government, Microsoft Windows Vista, Microsoft Corp., Microsoft Windows

39 comments

Join the conversation!
Add your comment
But -
In todays world, we can -
1. Invade another country, without justification.
2. Hold people for years without charges.
3. Beat, humiliate & kill jailed prisoners.
4. Transport people around the world & hand them over to countries that thrive on torture.
5. Tap anyones phone without a court order.
6. Prevent a legitimate trade, on the basis of the color of the skin of the buyer.
7. Act as bad or worse than the "axis of Evil" or whatever imaginary enemy, we are supposed to be "at war" with.
8. Ignore the needs of a US city torn apart by nature.

So why should the government get a backdoor.......OH I KNOW - they don't need one. Vista will transpire to be just as riddled with security breaches that anyone can walk in, any time they want :-(
Posted by (409 comments )
Reply Link Flag
146 Patches
... that is how many patches I had to download today after downloading Ubuntu Linux from their website. So please, stop beating this drum of how insecure Microsoft is. All Operating Systems have flaws that are patches, plain and simple.
Posted by rstinnett (41 comments )
Link Flag
You left out...
that in America we find that a president lying about sexual favors while in office is impeachable, but lying about why we should go to war is OK.

Fake unrelalistic sex in a video game that kills, rapes, and promotes violence is the only reason it should be banned or given an adult rating. (I like the GTA games by the way. I just find the stink made about the hot coffee mod funny.)

Since we are on Microsoft and the government. Don't forget the Anti-Trust lawsuit the government brought against Microsoft to only then go an support that same monopoly.

At least we aren't China. And that I do mean sincerly. To live in Amercia you have to love the country. You have to love the way of life. However, you don't have to like or love the way it's run. You don't have to support a war to support those fighting in it. And you don't have to stop demanding anwsers just because our elected officals say you do.
Posted by System Tyrant (1453 comments )
Link Flag
Grow up people!
You sit back in your cozy pampered life and take pot shots at the
people actually protecting this wold. Heck, maybe if we just asked
the terrorists in a nice soothing voice to be good, all would be well.

Get real. You have no idea what it's like (other than watching feel-
good movies).

Punks!
Posted by (57 comments )
Link Flag
You can also add
Yo can also add, Junior Bush, on his latest trip to India, inked a possible deal to sell Nuclear technology and fuels to the country in contravention of the existing laws enacted by past presidents!

Now, that's what I call defending the constitution and its' right to create laws, as per his oath of office!

With current encumbent at 1600 pennsylvania avenue, unwilling to let little things like treaties, current and past laws to get in his way, anything and everything is now possible!

As Ted Tuner said "the united states has got some of the dumbest people in the world. I want you to know we know that"

Oh well, looks like emperor has already spoken! I suppose we can be grateful that this is his final term by law, but then again given his past and current form, who really knows?
Posted by heystoopid (691 comments )
Link Flag
But as usual, Microsoft will have its backdoor in to your PC
Does anyone think for a moment Microsoft isn't planning on gleaning every bit of information they can from your computer that they can get away with? Why would they change standard MS practices now?
Posted by booboo1243 (328 comments )
Reply Link Flag
Paranoid
You, my friend, are paranoid...

The US government already has all of our information (since we give it to them at taxes, etc), what do we care if MS has it. What could they use it for. They arent that stupid.

The only MS backdoor will be their ability to easily crack your password by some means...nothing new.
Posted by jjesusfreak01 (83 comments )
Link Flag
Good for them
I hope MS hangs tough on this against what will be enormous
pressure.
Posted by nicmart (1829 comments )
Reply Link Flag
Microsoft is "doing no evil"
I think this is a Powerplay charade to emulate Google by being the defender of users rights,and steal the market share if they can. lil do they realize is that they never will.This makes me vision a nerd posing as a jock to win a head cheerleader, but the nerd never had a shot from the beginning, the cheerleader is using him! When Has the big MS ever cared what we thought? Don't be fooled, the Gov will have access even if MS says they won't.
Posted by infobama (11 comments )
Reply Link Flag
Microsoft is "doing no evil"
I think this is a Powerplay charade to emulate Google by being the defender of users rights,and steal the market share if they can. lil do they realize is that they never will.This makes me vision a nerd posing as a jock to win a head cheerleader, but the nerd never had a shot from the beginning, the cheerleader is using him! When Has the big MS ever cared what we thought? Don't be fooled, the Gov will have access even if MS says they won't.
Posted by infobama (11 comments )
Reply Link Flag
Are we suppose to believe them??
Methinks the lady doth protest too much!

Now I'll have to get 3rd party firewalls to patch the back door
Posted by City_Of_LA (118 comments )
Reply Link Flag
Ummm
Read the story, the assertion was that Microsoft was colluding with the Government (in this case the Government of the UK) to include a backdoor into their file system encryption, in which case all the firewalls in the world aren't going to help you, since in practice this would be useful to someone that has physical access your machine (or just the drive), as in the Cops break down your down and seize your machine(s), they don't need to break into the OS, they just use the "backdoor" to decrypt the drive and extract the data. The OS networking stack already decrypts files that a remote user has access to (i.e. if someone gets admin access to your machine remotely file encryption isn't going to protect your data), so your firewall(s) need to protect against remote threats (just like they do now), this doesn't change their role.

The idea of BitLocker encryption is to protect your data in the event that your machine is lost or stolen, not if it's comprimised over the network.
Posted by waywardvariable (25 comments )
Link Flag
Job security
Niels Ferguson - "Over my dead body"
Bill Gates - "Security, we have a terrorist on floor 17, you have permission to shoot to kill"
Security team captain - BANG "Target silenced sir"
Steve Ballmer - "But... But... I wanted to throw a chair at him first - you never let me do anything, I hate you!" storms out, comes back, throws a chair at Gates, storms back out...
Posted by tech_junky (56 comments )
Reply Link Flag
You dont have a clue...
What an SILLY scenario youve presented... Everyone knows that when Steve Ballmer walks into Bill Gates presence,

...Steve drops down on one knee, bows his head, and asks, "What is thy bidding, ...my master?"
Posted by Had_to_be_said (384 comments )
Link Flag
You dont have a clue...
What an SILLY scenario youve presented... Everyone knows that when Steve Ballmer walks into Bill Gates presence,

...Steve drops down on one knee, bows his head, and asks, "What is thy bidding, ...my master?"
Posted by Had_to_be_said (384 comments )
Link Flag
M$ is giving up on China then?
This feature will be a showstopper in China. What praytell do they plan to do?
Posted by UntoldDreams (91 comments )
Reply Link Flag
Oh, didn't you know?
They didn't mean this to apply to the Han version of Vista. Nor the Korean version, the Malay version,the Russian version, the Pharsee version, or possibly the Texas, Missouri, or Ohio versions...
Posted by samiamtoo (31 comments )
Link Flag
Real security
Why worry about if MS is secure? Get PGP right now & use the whole disk encryption. First, you can use it now on XP, you don't have to wait for Vista, second, you don't have to worry about trusting MS.
Posted by jsmith1785 (30 comments )
Reply Link Flag
Whole disk encryption won't help
disk encryption only helps when someone steals your laptop or
tries to break in while you are gone.

If your windows box is compromised as soon as you access your
encrypted data it is also available to the hacker.

Like the NSA says, you can't trust Windows because you can't
review the code.
Posted by rcrusoe (1305 comments )
Link Flag
Now Hiring: HACKERS
Law enforcement officials should just hier hackers. They don't need Microsoft's help to break into something.
Posted by powowcow (4 comments )
Reply Link Flag
One programmer? This is news?
How about the other 18,647 programmers at MS?

Will any of _them_ incorporate a back door?

Premise of story is stupid.
Posted by 203129769353146603573853850462 (97 comments )
Reply Link Flag
Sabotage?
A programmer doesn't just check in a critical piece of code without a review by his technical leader. At least that should be.
Posted by alegr (1590 comments )
Link Flag
One programmer and corporate statement
It's not just the one programmer. The story also quotes a Microsoft corporate spokesperson:

But Microsoft has now quelled the suggestion that law enforcement might get such access.

"Microsoft has not and will not put 'backdoors' into Windows," a company representative said in a statement sent via e-mail.

Joris
CNET News.com
Posted by JorisEvers (48 comments )
Link Flag
Again...Microsoft and Backdoors
Bill Bill Bill...

When will you accept backdoors as a part of our society...

<a class="jive-link-external" href="http://www.equalrightswashington.org/action/dearmsft.html" target="_newWindow">http://www.equalrightswashington.org/action/dearmsft.html</a>
Posted by KsprayDad (375 comments )
Reply Link Flag
LMAO!!!
I fell for it and clicked the link! Hilarious!
Posted by J_Satch (571 comments )
Link Flag
Access
This feature could make it harder for law enforcement agencies to get access to data on seized computers.

Mihai
<a class="jive-link-external" href="http://newstalk.media-press-release.com/" target="_newWindow">http://newstalk.media-press-release.com/</a>
Posted by ipfresh (13 comments )
Reply Link Flag
No "Back-doors" - have we learned nothing...
...about Microsoft's business practices? First, there will be plenty of security holes due to incompetent design that the NSA et al will be able to exploit. Second, if the government exerts any real pressure for this "feature", MS will buckle. They will just name it something other than "back door", so that they can claim to have honored their commitment, and of course their horde of shills and 'ho's will bow, scrape, and sing hosannas. It's the Microsoft way.

-Samiam
Posted by samiamtoo (31 comments )
Reply Link Flag
Just plain funny...
"Never believe anything until its officially denied." -- Claud Cockburn

The more likely reality is that M$ Windows (all versions) have, from inception, been "guided" by gov't "interests" in regard to back doors for "law enforcement".

SIDE NOTE: "Remember: injustice requires enforcement; just laws need merely be policed." -- Steven M. Barry

Now, the REAL question is...

How many Linux programmers have been bribed...er..."convinced" to install back doors on THEIR distros?

Im betting most of them.

I hear the majority of mainland Chinese users like TurboLinux.

Wonder why?
Posted by Gruntington (1 comment )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.