WASHINGTON – The National Security Agency has backdoor access to all Windows software since the release of Windows 95, according to informed sources, a development which follows the insistence by the agency and federal law enforcement for backdoor “keys” to any encryption, according to a report in Joseph Farah’s G2 Bulletin.
Having such “keys” is essential for the export of any encryption allowed under U.S. export control laws to foreign users.
The NSA plays a prominent role in deliberations over whether such products can be exported, and routinely turns down any requests above a certain megabyte level that exceeds NSA’s technical capacity to decrypt it. That’s been the standard for years for NSA, as well as the departments of Defense, Commerce and State.
Computer security specialists say that the Windows software driver used for security and encryption functions contains unusual features which give NSA that backdoor access.
Then, two weeks ago, a U.S. security firm concluded that the second key belonged to NSA. Analysis of the driver revealed that one was labeled KEY while the other was labeled NSAKEY, according to sources. The NSA key apparently had been built into the software by Microsoft, which Microsoft sources don’t deny.
This has allowed restricted access to Microsoft’s source code software that allows for such programming.
Access to Windows source code is supposed to be highly compartmentalized, actually making such actions easier because many of the people working on the software wouldn’t see the access.
Such access to the encryption system of Windows can allow NSA to compromise a person’s entire operating system. The NSA keys are said to be contained inside all versions of Windows from Windows 95 OSR2 onwards.
Having such the secret key inside your Windows operating system makes it “tremendously easier for the NSA to load unauthorized security services on all copies of Microsoft Windows, and once these security services are loaded, they can effectively compromise your entire operating system,” according to Andrew Fernandez, chief scientist with Cryptonym Corporation of North Carolina.