Bill Totten's Weblog

Thursday, July 19, 2007

Microsoft operating system caches secret surveillance programs on China?

People's Daily Online (June 25 2007)

On June 5th, published an article titled "Attention: Microsoft Stealing Chinese state secrets", which immediately became a hot topic for discussion. Is Microsoft's operating system, reported by Norton through the "back door", built with a secret surveillance program on China by the United States government? Here, I will call it the "Backdoor" Incident. I think Microsoft should give us an explanation.

Not long ago, Norton anti-virus software reported and eliminated two programs of Microsoft Windows systems, mistaking them for Trojan horse virus programs, which immediately led to a system collapse. Later Norton recognized that it had "misreported" the virus.

In the beginning, people, including myself, have pointed the finger of blame at anti-virus software companies, condemning their irresponsibility. However, the attitude of anti-virus software firms is really intriguing: they only recognize that they misreported the program as a virus, but did not acknowledge misreporting it as a security problem. In other words, this suggests that there might be someone (either in the United States government or Microsoft) deliberately designing unsafe programs for users that are not viruses, but still fall into the category of a security issue.

This has aroused great concern from experts. Taking a closer look at the programs, they found even more suspicious elements.

First, the program is "back door" in nature. The two programs, in particular the "lsasrv.dll", are files for local security password verification. Norton reported the two as malicious software with the features of "backdoor.haxdoor". The back door plays the same role as a "Trojan horse". Both are secretly hidden within an opponent's home base.

There are three factors that we need to consider:

First, just as Microsoft programmer, Ferguson, once mentioned: "We consulted law enforcement agencies. They said they still hope to be able to decode the encryption of the BitLocker data, and they hope that we will be prepared for this."

Second, it has been said by an American scientist once, that Microsoft built its Windows software with a secret "back door", so as to allow the United States National Security Agency (NSA) to enter a user's operating system and peek into a computer user' personal information. Microsoft also acknowledged that it received strong support and help from the above secret organization when developing Vista. The NSA said that it helped develop a new version of Microsoft's operating system in terms of security protection. We noted that Microsoft has repeatedly emphasized that they did not develop "back door" programs in their operating systems. However, it does not mean that other people are not doing so.

Third, the BBC news reported last year that the British government had a discussion with Microsoft on operating systems (design) and "back door" issues. This precedent indicates that the issue was not brought up for nothing.

Thus, there are two issues that Microsoft should clarify. First, are the two reported "back door" programs built in with other contents that are developed upon the request of the NSC or other third parties?

The People's second question: is the program designed for the mainland of China? The problem occurred in the simplified Chinese version of one program. When comparing the English with the simplified Chinese version, we discover that the two versions of lsasrv.dll are different in size - a gap of about 22K. Users in Europe, the United States, Hong Kong and Taiwan did not have this problem. So people would presume that the "backdoor incident" is targeted at the mainland of China. Some users reported that "nearly all of the computers that had collapsed were the ones that had been installed with the Shanghai version of Windows XP Professional. All others, such as Lenovo Win XP Home with OEM certificates and other Windows system software did not have the same problem."

Thus, the second issue Microsoft should clarify: are the two reported "back door" programs targeted at the mainland of China or even the Chinese government? What is their purpose then? Since software procured by the government has been involved, I do suggest that Microsoft provides the source code of these two programs to the Chinese government; so as to confirm its innocence. Before that, the government should suspend Vista upgrades in China.

The exposure of the "back door incident" was somewhat of a coincidence. With the changes in collaboration, Symantec cannot support Microsoft's kernel-level code anymore, as it did before. As a result, the "mis-slaughter" occurred. Then how many "back doors" are left? We have reason to think of the inevitability of the "back door incident".

Additionally, as one of three major manufacturers that support the US government in resolving intellectual property right issues through WTO negotiation, Microsoft should understand what kind of social responsibility it should shoulder with China as a responsible corporate citizen.

(Source: China Business News. The author Jiang Qiping is a digital industry expert)

People's Daily Online -

Bill Totten


Post a Comment

<< Home