The Dell Community has contributed: 9387 ideas | promoted 642641 times | 71698 comments

How IdeaStorm Works:

Post Promote Discuss See
Operating Systems Comments | Operating Systems Ideas | Sales Strategies Comments | Sales Strategies Ideas
80

Are Backdoors in Windows the reason Ubuntu isn't sold in Europe?

80 points posted to Operating Systems, Sales Strategies by jmxz 06/25/07

The Idea part depends on the answer to the question in the title (hence the non-idea title)
Some Ideas:
1) If there really are national security reasons for shipping backdoor'd software to Europe - as described in the Lotus article quoted below - why not just say so like Lotus did.
2) If there aren't national security reasons for shipping backdoor'd software to Europe - just make those Ubuntu systems available for Europe.

I read a rumor on in a chat room that Dell ships Windows to Europe because it's rumored to contain back doors deemed useful for National Security.

Lotus Notes had acknowledged NSA backoors in it's European versions:
http://www.heise.de/tp/r4/artikel/2/2898/1.html


US software manufacturer Lotus has been lowering the profile of information about how they have installed an NSA-only trapdoor into e-mail and conference systems used by many European governments, including the German Ministry of Defence, the French Ministry of Education and Research and the Ministry of Education in Latvia. ... Lotus claims that its systems are inherently more secure than those from its main rival, Microsoft....details of how the NSA trapdoor works can still be found in some corners of the web
...
Lotus's answer was a system that let NSA easily read foreign users' e-mail, while improving security against other eavesdroppers. In a paper distributed to the RSA conference, Security Project Leader Charles Kaufman explained in detail how the system worked....

Similar software "features" (deliberate bugs) have been used with devastating effectiveness against the Soviet Union: http://www.damninteresting.com/?p=829 , http://www.msnbc.msn.com/id/4394002 , http://www.taipeitimes.com/News/editorials/archives/2004/02/04/2003097438/print

and there's continued speculation on deliberate backdoors in Windows (http://www.heise.de/tp/r4/artikel/2/2898/1.html ; http://en.wikipedia.org/wiki/NSAKEY http://www.cnn.com/TECH/computing/9909/03/windows.nsa.02/ http://news.com.com/Microsoft+Vista+wont+get+a+backdoor/2100-1016_3-6046016.html )

And in January we read about how the NSA is "helping" with Vista.
http://www.schneier.com/blog/archives/2007/01/nsa_helps_micro_1.html
Sure, other OS vendors worth with the NSA as well; but with Solaris and Linux customers can look for themselves if there are backdoors there.

So with that context, the ideas again are:
1) If there really are national security reasons for shipping backdoor'd software to Europe - as described in the Lotus article quoted below - why not just say so like Lotus did.
2) If there aren't national security reasons for shipping backdoor'd software to Europe - just make those Ubuntu systems available for Europe.

jorge
06/25/07		 Hence why you need to put in a screen door to help with your security. It keeps the flies out.
jorge
06/25/07		 Humm... I don't understand that language, babble fish died when I entered that.
clocks
06/25/07		 Oh you mean like the NSA's involvement in SE Linux? They practically wrote the first rev, hosted conferences and symposium, still take an active role in leadership and direction, but thats somehow different, right?

The NSA has a charge of improving the security of the nations communications, information networks being one of the 13 identified critical infrastructure segments in the United States. As part of that effort, the NSA has been partnering with private organizations and individuals to promote security in software and operating systems.

I would not dispute the NSAs involvement in working with certain private programmers and indivudals to build weaknesses into the encryption routines of various communications software which has been allowed an export license from the US for various federal purposes. In this case, I would definitely take issue because I know some of the guys who did some of the windows vista security guide stuff. This go-round with MSFT, all of the developers on Vista were halted in mid development and forced to attend training on the SDLC to continue on the project.

This is the kind of conspiracy theory nonsense that really shows some of the idiocy stuck to the underbelly of the internet.
jmxz
06/25/07		 @clocks: "SE Linux? ... thats somehow different, right?"

Yes. Very different.

As mentioned in the Idea and the linked articles -

what the NSA did with Linux is available for the customers to see in detail
what the NSA did with Lotus is well documented - including the back door.
what the NSA did with Windows is secretive, and when things like the Windows NSA key scandal was publicized answers from Microsoft were evasive.
clocks
06/25/07		 its not secretive. Hell much of the output from the NSA collaboration is published digitally and in print. Read the Windows Vista Security Guide, that was one of the deliverables that came out of that collaboration.

And my intention with SE Linux to point out that when the NSA gets involved with technology, its often a positive thing. Your position of conspiracy laden default hostility is aggessively misguided.
gunnywalker
06/26/07		 Yeah, that's it. You figured it out. That's why it's not available in Europe, Africa, Malaysia, or Kiribati. Especially Kiribati. Those guys have got government secrets up the ying-yang. I mean it's not like some one in Kiribati couldn't just go to http://www.ubuntu.com/ and download it for themselves. I mean for some reason the government can completely control Dell AND Microsoft, but can't block a simple website from getting out of the US. Wrap the tinfoil a little tighter guys.
(I think all these Linux posts are starting to make me a little edgy.)
jmxz
06/26/07		 clocks: "its not secretive"

Then can you show IdeaStorm the patches they contributed so they can code review them? The Solaris and Linux people can.
jmxz
06/26/07		 gunnywalker: "I mean it's not like some one in Kiribati couldn't just go to http://www.ubuntu.com/ and download it for themselves."

It could be considered a national security benefit as long as many systems have the deliberate bugs. Consider the articles cited: http://www.msnbc.msn.com/id/4394002 - you didn't need all pipeline computers to have the components with bugs - just some of them. Since many users who pay for Windows won't re-install a different OS, if this is the strategy, it would still be effective.
clocks
06/26/07		 jmxz, there werent 'patches'. The NSA did not directly write code on the windows code base, they worked with the dev team (well technically certain components of the dev team. most people dont realize that the dev team on vista was thousands of developers all over the world developing accross a multi-tier VSTF infrastructure) to assist Microsoft with secure coding practices and examining ways of protecting the OS at the architectural level.

Also, if you really knew anything about the NSA's involvement in windows, you would know they were involved in providing guidance in XP and W2k, just this time around Microsoft got the

http://support.microsoft.com/kb/885409/
http://www.nsa.gov/techtrans/< for that matter, the NSA was involved in security certification (at the time, based on C levels as common criteria wasnt really in use much yet) of the Windows NT OS!

If you are worried about the increased work with the NSA at microsoft, then dont use SQL Server SP2, Visual Studio "Orcas", update your .NET framework 3.0 in a few months, or use the next version of ISA Server.

By the way, one of the most common algorythms for hashing, SHA-1 was NIST and NSA, oooo be careful on linux!

Research how integral the NSA really is to a VARIETY of programmers, resellers, and private businesses before you trigger on one new product from Microsoft. Uneducated paranoia comes off as little more than ignorance and invective.
jmxz
06/26/07		 clocks:

I totally agree that the NSA does incredibly valuable operating systems security research that benefits many products including Linux and Windows and Lotus Notes. The NSA also works with companies (like Lotus) to provide back doors for national security reasons. There have been numerous allegations from a wide range of security researchers that such backdoors existed in Windows. I have not seen any serious suggestions of similar allegations against Linux.

Do they have the means of getting such hooks into Windows - yes; both through technical collaboration and business relationships as shown with Lotus.
Do they have reasons for getting such hooks into Windows - yes; as shown by the links above how software bugs were used against the soviet union.
Would it be reasonable to conclude such hooks are in Windows - I'd expect so, since there are valid national security reasons to do so, and they certainly seem able to do so; and it certainly seems like part of their job.
aikiwolfie
12/17/07		 Ok. I read the article in the first link to the point where it said "no body knows if the NSA has the secrete numbers". Then I stopped reading. Ubuntu is available world wide. Anybody can download and install Ubuntu. Why Dell have decided to roll out Ubuntu in only a few countries is a mystery only Dell has the answers to.

Perhaps it's something to do with demand or infrastructure or the details of support agreements. Who knows? It's not however anything to do with secrete back doors. The UK is part of the European Union. A major player in fact. Ubuntu is sold in the UK.

As for Microsoft. Microsoft are evasive about anything that remotely sounds like a criticism. This is not a symptom of crafty cloak and dagger dealings with the government. This is a symptom of a company that has grown too big. It's posterior doesn't know what it's elbow is doing. The left hand is now a different species from the right hand. To avoid saying the wrong thing, they say nothing or keep it very general.
zanlok
Feb 1		 interesting view of MS. rather, I'd assess their constituent parts as knowing exactly what they are doing.. all marching to the same sinister drum.. hence nonsense like these backdoors
aikiwolfie
Feb 1		 Ubuntu is sold in Europe. Particularly in the UK. Which has more CCTV cameras per square meter than any other country in the world. Ordinary Windows based Dells can't be bought in all European countries. The conspiracy nuts are way off the mark on this.

Ubuntu based Dells can be bought in the UK, France, Germany and I think there's one or two others. Why these countries? Because they are the economic powers in Europe. Dell is well set up in these countries. UK PCs are manufactured in Ireland though. So why Dell can't deliver Ubuntu to Ireland is beyond me. Maybe Ireland just isn't profitable enough?
Please log in to post a comment
recently promoted by: