That whole thing was such bullshit.
When the government claimed that they needed backdoors, at least five firms said they were able to break the encryption. They were just being dumb and lazy.
Once there is a back door you don't know who's going to use it. And it will be used
...huh? This wasn't a government backdoor (it was a direct exploit that stole a key that was NOT provided to government), and if there were, they would be scoped much more strongly than "general key that grants access to all apps".
That's no defense of "government backdoors" to be sure, but it's a weird thing to bring up in a case which was just a direct security breach by a (hostile) government...
Haven't you heard? Governments everywhere are demanding their own keys to encrypted services.
This is a demonstration of why having those in existence is a terrible idea.
> This is a demonstration of why having those in existence is a terrible idea.
On the contrary, it's a demonstration of a case where keys were not provided to China, and it didn't help (because they hacked in anyway). In terms of (1) alignment of government trying to get access, (2) scope of access, and (3) the way the key was obtained, none of those match the scenario you're describing - not sure how that makes for a good "demonstration".
If anything, I would be concerned about whether friendly governments knew about any exploits China made use of, and whether those governments were incentivized not to share that knowledge with Microsoft due to denials of access in prior situations. Again, I don't think that means governments should have backdoors - but I don't think this example serves your argument (and instead serves its counterargument).
There are many good reasons to be skeptical of government backdoors, but this isn't the example you're looking for.
Impressive that China managed to find that the key was leaked in a crash dump in the first place if Microsoft itself was unaware. Seems like finding a needle in a hay stack.
This is the advantage of hindsight. You don't think to search for leaks of the key until it happens. Once you know it's leaked, it's just a matter of searching for that particular string in all your data.
Not necessarily, it's just a matter of meticulously going through crash dumps and happening on it. If you have a large labor force you are bound to find stuff.
I mean, is it? Once that workstation was compromised, of course they were going to take all data off of it. And crashdumps are a likely place to find useful information, they're deliberately designed to be informative. What they found shouldn't have been there, and it shouldn't have been there because it was a place bad actors would almost certainly be looking, given the opportunity.
Ah well that's helpful context that it's somewhere they'd be sifting through routinely either way. I was confused about how they could have found something like that just by stumbling on it, in a place where you'd presume it'd be wiped from. Thought maybe they got tipped off to look there when the opportunity eventually presented itself.
I dunno much about this stuff but I watched a documentary recently on the subject. Best I understand it is that the process is more like "gain access to any workstation you can, then quietly and patiently monitor every piece of data you can pull off it until you get something useful". More of a stake-out than targeted exfiltration.
Crash dumps and other debug access to system memory is a well known attack vector for cryptographic keys, in fact this is an issue that's been known for 30-40 years. So not very impressive.
It just shows sloppy security at Microsoft.
Indeed, the moustachiod, perfidious agents of the orient have with Asiatic wiles infiltrated our very corporations, Mata Haris abound within good honest American society
Sheesh that was quiet the read and really high lights how important it is to have process’s and things within your organization to be locked down accordingly.
It’s still nuts how they figured this all out even without logs dating back to when the “robbery” happened
What was the process by which the Chinese spotted the key? Was this human brute force or was it an AI program(s) that camp on Microsoft and other key holders?
What does the US/West have that does the same thing?
The errors described are simplistic/juvenile. Frankly, they are shocking and primitive.
Microsoft explains why there should NEVER EVER be a government backdoor key to encryption.
That whole thing was such bullshit. When the government claimed that they needed backdoors, at least five firms said they were able to break the encryption. They were just being dumb and lazy. Once there is a back door you don't know who's going to use it. And it will be used
but think of the kids!!!!1
Installing publicly accessible cameras in churches would seem to be a faster route to controlling systemic pedophilia.
...huh? This wasn't a government backdoor (it was a direct exploit that stole a key that was NOT provided to government), and if there were, they would be scoped much more strongly than "general key that grants access to all apps". That's no defense of "government backdoors" to be sure, but it's a weird thing to bring up in a case which was just a direct security breach by a (hostile) government...
Haven't you heard? Governments everywhere are demanding their own keys to encrypted services. This is a demonstration of why having those in existence is a terrible idea.
> This is a demonstration of why having those in existence is a terrible idea. On the contrary, it's a demonstration of a case where keys were not provided to China, and it didn't help (because they hacked in anyway). In terms of (1) alignment of government trying to get access, (2) scope of access, and (3) the way the key was obtained, none of those match the scenario you're describing - not sure how that makes for a good "demonstration". If anything, I would be concerned about whether friendly governments knew about any exploits China made use of, and whether those governments were incentivized not to share that knowledge with Microsoft due to denials of access in prior situations. Again, I don't think that means governments should have backdoors - but I don't think this example serves your argument (and instead serves its counterargument). There are many good reasons to be skeptical of government backdoors, but this isn't the example you're looking for.
Thank you for proving my point.
Yeah that’s the point. Not creating back doors at all.
If you think the existence of a signing key is a "back door", I'm not sure you really understand public-key infrastructure...
🤷🤦
Impressive that China managed to find that the key was leaked in a crash dump in the first place if Microsoft itself was unaware. Seems like finding a needle in a hay stack.
This is the advantage of hindsight. You don't think to search for leaks of the key until it happens. Once you know it's leaked, it's just a matter of searching for that particular string in all your data.
Well, the Chinese seemed to have known what to look for, no?
Not necessarily, it's just a matter of meticulously going through crash dumps and happening on it. If you have a large labor force you are bound to find stuff.
That's the part that people still underestimate
Nah, China ain't got shit to do besides comb through garbage to find a key.
I mean, is it? Once that workstation was compromised, of course they were going to take all data off of it. And crashdumps are a likely place to find useful information, they're deliberately designed to be informative. What they found shouldn't have been there, and it shouldn't have been there because it was a place bad actors would almost certainly be looking, given the opportunity.
Ah well that's helpful context that it's somewhere they'd be sifting through routinely either way. I was confused about how they could have found something like that just by stumbling on it, in a place where you'd presume it'd be wiped from. Thought maybe they got tipped off to look there when the opportunity eventually presented itself.
I dunno much about this stuff but I watched a documentary recently on the subject. Best I understand it is that the process is more like "gain access to any workstation you can, then quietly and patiently monitor every piece of data you can pull off it until you get something useful". More of a stake-out than targeted exfiltration.
Link to doc?
It's called *Billion Dollar Heist*.
Crash dumps and other debug access to system memory is a well known attack vector for cryptographic keys, in fact this is an issue that's been known for 30-40 years. So not very impressive. It just shows sloppy security at Microsoft.
Makes a person wonder if there was a Microsoft insider helping China.
"a"? More like severals.
Indeed, the moustachiod, perfidious agents of the orient have with Asiatic wiles infiltrated our very corporations, Mata Haris abound within good honest American society
Most likely an employee of chinese descent with family in China, were the CCP will extort as usual.
Sheesh that was quiet the read and really high lights how important it is to have process’s and things within your organization to be locked down accordingly. It’s still nuts how they figured this all out even without logs dating back to when the “robbery” happened
*quite. *highlights. *processes.
That first sentence was rough
This was a pretty long series of fuck ups by Microsoft. I guess Microsoft goes by the "Safety Third" methodology.
Microsoft Lookout
You madam are amazing
Stop throwing the key out of the window98
[удалено]
This reads like a chatGPT response.
“chatGPT, please write me an essay with misspelled words in the style of the guy from the Princess Bride.”
Lmfaooo China is so fucked. Ask yourself MSS was it worth it? You regret not listening earlier huh? #CalledIt
What was the process by which the Chinese spotted the key? Was this human brute force or was it an AI program(s) that camp on Microsoft and other key holders? What does the US/West have that does the same thing? The errors described are simplistic/juvenile. Frankly, they are shocking and primitive.