NSAKEY: Who Can See Your Encrypted Data?

Assuming debug symbols were properly removed before shipping, this wouldn't be an issue

@@capn It would for anyone doing even a cursory review of the code at MS or its partners.

@@eadweard. they have the full code then and can see everything already. Pretty pointless.

@@capn Not from a mere cursory review. This is assuming not everyone at MS etc is supposed to be "in on it".

@@eadweard. There isn't one person on the planet that can fully explain how windows NT OSs work front to back.
You'd have to literally have a near mastery/very competent understanding of WAY to many aspects of coding. From UI/UX/database/cryptographic/API setup/API manipulation/Device components/ Driver intergration/ kernels/ bios\eufi/etc.. There hasn't been one developer in history that's mastered all of those, or even come close to understanding them enough to be able to casually walk through & understand a OS codebase without help of others.

Snowden has more or less been turned in to a Russian asset now sooo I'd take anything he says with a grain of salt. Spreading FUD in the Western world is a Russian specialty after all.

@@HanMoP Ya really don't need a backdoor into the property if what you care about is often being transfered out & in of said property.

@@HanMoP oof

@@HanMoP The vast majority of what they collect through prism is out onto the internet, like in emails or on OneDrive (formerly SkyDrive). And I know from working with the products on a day to day basis, breaking the encryption would be a chore at the very least. Microsoft isn't allowed to disclose their level of cooperation in the project; so it could be as simple as providing scripts for the NSA to use on their supercomputers to start bruteforce breaking of said encryption, or maybe to the level of providing the hardware resources themselves. Still would take a lot of time, and was likely used only on POI's in terror investigations. Since according to an article I brought up on The Guardian "Apple, Google and Microsoft: weakening encryption lets the bad guys in" which was back in 2015 when Congress wanted to force all encryption algorithms in production to have backdoors following a terror attack at the time. If Microsoft wanted to backdoor for the government, they wouldn't have opposed its calls to weaken its security. And as far as Prism, that's a business decision, and those who are that concerned about it are free to use an alternative like Apple products, GNU/Linux, or FreeBSD/OpenBSD (no judgement from me, software is a tool, you're free to use your own)
Another thing to point out, many government institutions (including the public university I work at) use Windows on a day to day basis at least on client machines. If they had it backdoored, knowing since the Eternal blue scandal (where governments intelligence communities found a vulnerability, kept it secret long enough to take advantage of it before the bad guys found out and started using it, which prompted them to push to have it patched), what Apple, Google, and Microsoft had said in the prior article I had mentioned in 2015 actually came to fruition. So if they're capable of learning from the past, they likely went back to the old fashioned way of bruteforcing encryption in transit, instead of intercepting it at the client machines.
And Microsoft doesn't hand us special locked down versions of Windows for our use either. We pretty much just grab the latest Windows 10/11 Enterprise media (same as many for-profit companies use with 20+ end-user machines) as we sit down to make our own customized deployment images, tweak it to fit our specific environment best, then sysprep and capture it to our deployment environment. Also the difference between editions is a few flags which can be set by the Dism utility shipped with all versions of Windows 7 and after, activating added features like the ability to domain-join, more advanced users and bitlocker disk security options, etc. If there were too major of differences, it can create multiple different support liabilities and wouldn't be too good of a business decision.
I'm currently more concerned about them sharing metadata with advertisers, which then can be sold off to governments, both domestic and foreign. This practically solely includes data that is never encrypted, such as who you're contacting and when, which can be used to assume what you're doing and often correctly. (such as if you're contacting people who are located in terror-ridden portions of the world without family there, they can assume that you are being radicalized or already are, or if you're in contact with an agent of a talk show host, they can assume that you have shared political views and can discriminate against you because of that) For that reason I'd say use a line of contact which encrypts metadata too, like Signal.

@@tripplefives1402 Some people prefer the back door

Good suggestion 👍

Great suggestion but he always seems to keep some thing a little secret haha

@@feelincrispy7053 Dave shares a lot of juicy info, but it would be crazy if Microsoft didn't include some heavy nda's in their employee contracts with post employment stipulations

@@LongJ0hn oh I’m not saying he doesn’t share some cool info but Dave takes those nda’s very serious haha

I do recall that Windows NT SP3 Release Candidate(RC1) hit the support shelves without being a full release. It would not allow update to SP4, we have to create 80 slip installs of NT on the prod servers just to apply the sp4 update, that was rather annoying. The RC had a bunch of release notes from the test team too i believe.

Wow, thank you!

@@DavesGarage no, Dave. Thank you. From the bottom of our hearts.

"primary source" fucking aye right!

I like the idea that they could successfully infiltrate MS, hide their backdoor in the source code and get it shipped all over the world - but couldn't figure out how to avoid it logging to Event Viewer.

@@eadweard. It's not a backdoor. I'm not saying there aren't backdoors - i.e. Prism access to Hotmail, Skype, OneDrive - I'm just saying this particular thing isn't one. It uses the same APIs that the primary key does, which write to the event log. They didn't infiltrate MS, they just asked, and their key was added so they could use their own biometric login system instead of the normal password box, without having to reveal their own source code to anyone

@@alakani Event Viewer. The incorruptible oracle that cannot lie. Maybe we should ask it who D.B. Cooper really was or the location of flight MH370.

@@eadweard. Sure you can easily modify the event logs. With RCE exploits they buy off the gray market like everyone else. Just not through a completely unrelated thing

@@alakani i would assume the NSA would know that biometrics are insecure af,
but they could code there custom provider to clear the event log right afterwards lol

Well it made the Exporte Versions of windows to produced easily brut force decryptable files and datastreams.
MS basically sold its clients Private data to the NSA.
thats why Microsoft cant be trusted

Global Regular Expression... a "string" in any other meaning of the words...

@@null7581 If you’re replacing a DLL, you could honestly replace any DLL you wanted (that would always be loaded) and implement that functionality.

@@null7581 unfortunately this was back in 2005, I’m good, but I’m not that good. I do not recall. My mom has all of my old notebooks in her loft in England, so I could find out. But don’t want to get my aging mom up her loft. I think it began with “C” and had 32 in it. But even that is foggy.

@@makethingsbetter what size was DLL file was big, or just 300K or something?

@@dh2032 the DLL was less thank 400k, but it was many years ago, but I think it used registry entries to do it’s logging. I do recall having to run a .reg file to generate the sub-level of the computer hive

the thing is that nothing actually seems to reference it
it's just... there...

@@TorutheRedFox Well, you never know until you delete it and try to recompile. Then you find 1000 things that reference it and don't do anything with it.

@@Lil_Puppy And none of us would even know if they tried. I certainly wouldn't be bothered fixing it unless told to do so

I figured it was probably because any change to a module meant the module had to be sent to a testing team who aren't particularly thrilled to be given extra work over something so pointless. If nothing references it, the only harm in leaving it there is a dozen or so bytes wasted.

Think about how many other code dingleberries are still hanging around Window kermal code. Why would this one be any different?

There were patches to do just that. If you enjoyed messing around with CryptoAPI it was very neat since you could sign your own modules with the patched key.

In those earlier days, key splitting wasn't a thing yet. Remember, RSA encryption was the biggie and remained unbroken, still shiny and new. Now, we use AES, as RSA was easily enough broken.
Meanwhile, under ITAR, encryption beyond 40 bits was considered a munition, right up there next to artillery rounds. At that time, opening the source math was considered the ultimate evil and RSA's being broken opened that up, as the more eyes looking at the math and source, the tighter and less easily broken things became and even better, those eyes are free.
I do disagree with one thing, that the key, once revealed would've been exploited in three days. Nope, it'd have been exploited same day.
Then or now.
The biggest part of NSAKEY was it's also part of the NSAHOOKS system, where one can insert strong crypto DLL's at will. That was done at the behest of the NSA and other strong crypto users, so that their high end crypto could be loaded in without herculean labor.
There was one other Microsoft carve out for one government agency, service pack 7 was paid for by NASA, as upgrading and ensuring that all of their custom software wasn't exactly workable at the time, so they commissioned the last service pack and paid for it. Never did manage to get a copy of it, but I can't gripe about not getting that which I didn't purchase.
Oh, China bought the source code for NT4. At one point, I did have the source code, but those systems were lost in a move. :/
NT4 was a hell of a lot better than the initial release of W2k, which issued a busted to hell and gone LDAP system initially. Of course, Microsoft just claimed that's a new standard, just as they tried with Java with the msjava, which lost in court to the owner of Java, Sun... LDAP won in the end, as it's standard and eventually, Microsoft conformed to the damned standard.
Who knows? They may yet get quality control dialed in in a reliable fashion. ;)
On second thought, hopefully not. Job security and all!

@@spvillano Um... RSA is a asymmetric encryption method (also called public key encryption) whereas AES is a symmetric encryption method. Totally different animals.
And RSA hasn't been broken but computational power has increased so much that 1024 bit keys are considered too weak nowadays, whereas 20 years ago those were still considered strong. With 4096 bit RSA keys, it still an open question if even quantum computers can break the encryption by brute force alone. Note that when the key length is 4 times longer, it's not 4 times harder to crack.
And nobody still does have an effective attack against 128 bit AES, nevermind the 256 bit AES.
I personally consider X25519 and X448 as the current state of art for the public key encryption. And 128 bit AES in GCM mode seems strong enough for the currently known mathematics but if you want to future proof it, go with 256 bit AES in GCM mode. Note that with GCM the IV must be unique for every message ever encrypted with one secret key or your encryption will fall apart.
In short: X25519 + AES-128 GCM is secure for all currently known mathematics, X448 + AES-256 GCM are good for a lot of future improvements in mathematics.
And RSA 4096 + AES-256 GCM is still secure, too, but results in much longer asymmetic keys which reduces performance in many protocols.

Yeah, I would kind of expect NSAKEY to be used to sign Suite A (classified) crypto libraries for internal US Government use. Of course, they could also abuse that functionality to sign backdoored versions of Microsoft's standard library. Given what we know of the Dual EC PRNG shenanigans and the Juniper backdoor, I could believe they used Suite A compatibility as an excuse to also be able to introduce backdoored versions at selected targets.

@@spvillano "key splitting isnt a thing yet"
nothing stopping me just taking half the bytes of the key and giving it to someone, and then giving the other half to someone else. literally nothing.,

I don't know that they would need to have a method to revoke the old key on any given system if the goal was only to be able to be able to hide something in the installed OS (ie; keystore for locally stored private keys). They only reported the Code Symbol for the key, not any other related code that might have made use of it.

talk about ms and then suddenly, a wild grep appears.... thats heresy!

@@urjuhh If you findstr, let us know. ...tee-hee!

You have a brilliant handle on here! When will you be posting some content? Puh-leeeeeeeeze!

@@pseydtonne I've thought about doing some content revolving around overclocking low end hardware when needed and which OS would get the best out of lower end pc builds but nothing as of yet lol

@@gorak9000 yes, Windows 2000 was great when it rolled around a few years later, and I switched to that quickly.
I mostly run Linux now as well.

I remember deploying Entourage on some Macs quite a few years back. It was replaced by Outlook though so no longer exists under that name

I still remember the huge PR mess that was the release of Windows 2000 after a memo was leaked somehow that revealed that the source code contained 65000 known issues and bugs.
The media feasted with the revelation, which gave the product really bad reputation.
Fortunately for Microsoft, Windows ME was released during the same time period, which didn't suffer from the bad reputation, so at least there was an escape route for the consumer market.

@@_chrisr_ I would love to hear from somebody who was involved with the original development of Outlook. I could *swear* that the app he showed me called itself "Entourage," but nothing under that name was ever released for Windows.
I noticed that there was a Mac product with that name when I went looking for info. I wonder if they later borrowed the name for the Mac product for some reason.
What he showed me was definitely the product that would eventually become Outlook. Same look and feel with the accordion on the left and all of that.

@@mattj65816 It would sound plausible that the early name for Outlook might have been Entourage. Back in those days Microsoft Mail was the predecessor to Outlook.

Possible , Microsoft are pathologic to a fault about backwards compatibility.

@@andljoy you can’t blame them. Most of corporations are very frugal about spending for updated software.

@@tudalex a lot of times it's tied to hardware. I've heard of old cad machines running 95

@@tudalex Microsoft really does take it to the next level though. Linux has the whole "Don't break userspace" thing, but Microsoft made the choice of exposing a bit too much of the internals at one point. So, now they're stuck supporting things that really should be provided by optional emulation packs.

My guess, knowing systems guys and developers: It's in there because nobody has the huevos rancheros to delete it, and be The One who deleted the thing that broke that other thing.

It used to be serious business. It was like exporting machine guns, tanks, or bombs. In some countries encryption is still treated that way. France comes to mind though I'm not sure about them now.
I used to work for digital. Back in the 1980s they sold a Vax 11/785 to a company. We set it up in their building. They paid for support. Not even a hint that it was for anything other than their use. It looked like a normal deal. A few months later it was being loaded on a truck I think to go into East Germany. digital ended up being fined over that. Even though they did everything they could think of to prevent any of their machines from going to the eastern block. So the government did the pictures, had a big deal about it and said how great law enforcement was to stop this. Even back then we're wondered what the big deal is. Maybe they were going to front end it to a Cray. That would make sense though I never heard of them seizing a cray.
In 1995 one of the last things GHW Bush did was sign over the Internet from Government to public use. Something in the works for many years. In 1996 I guess they realized it was useless to even think about stopping encryption code from getting out. Up to that point all you needed was a 3.5" disk and a suitcase.

this is what happens when lawmakers are Luddites (Like the governor that accused and charged a journalist for hacking because he viewed the source of a web page and found SIN numbers of the whole department of education (I think that's what it was) and the journalist appropriately reported that security breech to the correct people)
32 bit encryption, even 15 years ago might as well not be encrypted at all having only 4.3 billion options to check, and 64 bit even at the time was still weak

@@robertthomas5906 I recall it actually being the NSA that finally made the government change its policy regarding strong encryption. They argued that the benefit to the U.S. economy of changing the policy was greater than the risk since other countries had also developed their own encryption schemes and it was likely those countries that we were afraid of would have simply stolen it anyway. With commerce finding its way to the internet, strong encyption was needed everywhere and it needed to be common standards for it to work and to enable more economic activity.

@@babybirdhome No doubt they had a very large role in that change. I should have mentioned that.
They're great guys. My undergraduate work was at the University of Maryland in College Park. We had a few days where the crypt guys came down from the Fort and talked to us about cryptography. The main take away - there is no such thing as totally secure encryption. If someone tells you that their encryption can't be broken they're either lying to you or they're not smart enough to know any better.
So far they're right. Even with the so called hack proof Quantum encryption. "Secured by the laws of physics." I thought - uh huh. I didn't buy it. It didn't take long before an IEEE engineer broke it.

@@babybirdhome I really want to believe you - but I struggle to put that much faith into the government, especially the NSA lol

Don't think Windows Update existed at the time.

My opinion is that governments don't need backdoors, we already know they use zerodays and social engineering. I would bet that's enough to get access to most things, especially if you have no legal repercussion

People also overestimate just how many people look at code, and that's even before dependency hell that many languages nowadays introduce. For example: A simple, "Hello World" GUI in Rust via eframe, a wrapper around egui pulls in 170 other packages. Who has the time to seriously vet all of those?
It's the same in Python or JS, or really any other language that uses outside packages.
And who is going to compile an open source project from the source directly just to use it? People in most cases don't even compare checksums of the precompiled binaries.
Is open source software more secure? In theory? Yes; In practice? It doesn't matter. There are other ways of getting to your target that are often also much less time intensive.

@@Ruhrpottpatriot Rust .. 170 packages ... CPUs get faster and faster, the software get bloateder and bloateder and the user experience remains about the same.

@@Ruhrpottpatriot Yeah the BSD projects got burned by that I seem to remember when it was shown that some of their crypto had been sponsored by some creepy gov outfits and massaged. Open Source means nothing if only a handful of people in the world understand and bother to read the code. All projects, even so called Open Source ones are vulnerable to rubber hoses and other forms of leverage. Whatever the NSAKEY was used for it is now long since out of date and many other vulns targeted instead. For instance on die crypto where the die manufacturer may have been coerced. Samsung may be a world leader in tech, but I suspect that some of that has to do with the cosy relationship the US has with South Korea. Samsung can no doubt be made to bend to certain demands, the Chinese, less so, though they're no doubt doing their own stuff. The US are paranoid about the Chinese because they know the Chinese will be doing exactly what they themselves do.

@@myothersoul1953 It's more a case of the "do one thing and do it good" *NIX philosophy. You won't find a parser in rust that parses json, xml, protobuf and other weird formats in one package. There exists serde, but that by itself is format agnostic and you need to get other crates for your data format.
Same with the .tar then gz compression approach.
This approach allows you to be very flexible, but it can easily introduce dependency hell.

i wonder was that some prototype thats not lost or can you still get it? or was it some 3rd party thing made to look official?

@@NightmareRex6 pretty sure it was a hacked version

Wow, thanks!

I ran into this when my best friend died unexpectedly last year. He was only in his 40s and was generally healthy other than type 2 diabetes and being a little overweight. Thankfully he stored a few passwords in his browser and didn’t have great password hygiene and reused the same password or easy variations in a few places. That wound up being enough for us to break into all of his devices and his password manager to get all the rest of the passwords for his family who needed to gather the information to figure out how to handle his estate.
Before that, it had honestly never occurred to me that you need to plan in advance for your electronic life after your real life ends. If he hadn’t been a geek and been friends with a couple of geeks in the cybersecurity field, his family never would’ve been able to get access to all of his digital life after he died. All his photos and videos, the things he worked on, his legacy, all of it would have been lost forever even though it was sitting there in perfectly good condition.
It’s a pretty serious problem that’s only going to get worse if people don’t get made aware of how things can go bad and take precautions if they want their loved ones to still have access to what they leave behind.

_"A key that opens a lock that lockdown nothing, is worth nothing."_
The key signs updates, including the the Cryptographic Security Providers DLLs themselves. Whether it can DIRECTLY access your sensitive files is utterly irrelevant, as it can allow an attacker to update the software which handles your crypto... using a regular-looking _(and properly signed)_ windows update... pushed at you from an upstream location.
This key may not lock down your data, but it DOES manage the integrity of your entire operating system, including its cryptographic routines. Routines which you happily feed your private keys into (oops!) ... along with your crypto streams... and which is responsible for giving you back the plaintext. (and, vice versa)
No... access to such a private key ain't benign... in fact, it's a hackers wet dream!

@@garychap8384 well that key you describe do actual lock down something, so it's worth something.
I meant that a key is worth what it locks down. The value is not the key itself but what it lock down.
The world most expensive key isn't worth anything if it locks down nothing. It's like having the most secure, expensive and sophisticated bank vault with nothing in it.

Glad you enjoyed it!

Crytopgraphy services.

I think this is the most likely explanation. Of course, it could also be used to sign backdoored crypto libraries that were slipped onto target systems. It's not like the NSA hasn't hoodwinked US industry before (*cough*RSA*cough*)

@@supersat You'd have to have admin access to install any CSP, even one signed by the NSAKEY; any attacker which could could also simply load a kernel patch to bypass the signature check.

@@MrNerdHair its just a DLL somewhere right it doesnt run in kernel mode?

@@LiEnby Off the top of my head (it's been a while since I disassembled that particular file), the code does run in the kernel, but it's harmless. The NSAKEY itself only ever used by one routine, where it provides an alternative to a Microsoft signature for loading a CSP. (And the tightened signing requirements for CSPs aren't really a useful security measure; they look to me a lot more like an attempt to satisfy US export regulations of the time the system was designed. Anyone who could even try to load a CSP that might be signed by the NSAKEY would also by definition have the privileges to do a million way more evil things.)

Yes, that was awesome. Bureaucrats can't help but create laws; so we just ignore the law. It was the elegant solution to a non-problem.

Spot on m8

Or a better non compromised crypto provider for internal use

Exactly my thought

I believe it was a boking accident.

ha ha ha, Frankly if it had happened, it is likely that most the devs on the team wouldn't know shit about it because ... they flat out didn't look for it, nor would it be habit to casually or regularly dig through the code without cause.
(which is a large part of the reason to the argument OpenSource is safe because you can browse through it).. They would think to do it.
ALso, who literally searches the words 'NSA' or other government terms in a code base for an operating system meant for the public? (Kinda interesting that we haven't seen developer claiming to do this, no matter the results) Just saying.... People know those searches, checkouts, & interactions with said database are tracked & monitored... why would someone go poking around other parts of the OS code they aren't working on, or using search terms that could come off as conspiracy minded, if they wanted to keep their jobs.

@@DePhoegonIsle what do you think about Dominion voting source code being closed source, hidden from view of the voters? Do you think Dominion has the possibility to fudge numbers?

It's in his best interest as a microsoft shareholder to help the NSA and the US government to make sure of nothing coming in the way of him getting his dividends. He doesn't need to be coerced.

no, use ascii to blink Cntrl-C

As someone with ISO's for almost any OS from NT4.0, to MAC OS 12.4, and windows 11, same.
I hate having to search for that one off time I need a piece of software. Would rather just keep my own repository on my NAS at home

Good news (or bad news, depends on who you are) is that AI decompiling and de-obfuscation are becoming a thing. All those compiled dlls in the past will, inevitably, become opened-source (not open-source). Currently training NN to do just this with millions of lines of source code and the corresponding compilations, including coding standards (making source predictions even better) and along with obfuscation techniques, live execution (for encrypted code that has to be decrypted on the fly), and well, you can see where this is going.
I recall, about a decade ago, a research team was able to "see" through a piece of frosted glass (with a regular pattern), that is, reconstruct the light to reveal what was behind it via training a neural net (with only a few thousand knowns) in just a few days. The final model had incredible accuracy - good enough to discern facial feature from behind the glass.
It's no different with code. Other scarier things are coming (pre-crime prediction).

The update mechanism is hardly hidden. Plus you assent to it in the EULA.

If the NSA made a backdoor, they would give it some whimsical all-caps name and hide it as some subtle thing that security researchers would assume is a bug in the code.
But if the NSA ordered Microsoft to create a backdoor, it could well end up as a function called "ZwActivateBackdoor", with the assumption that the debug symbols would always get stripped before release.

The only reason to remove a feature from software is if it actually poses some risk. Be it security or soundness risk.

I think Microsoft feels that way about certain bugs that can still be found in Word, Access, and Excel, decades later.

What could you drag and drop before that you can't now?

idk. am using a mouse since my first comodore 64 naver got used to use drag and drop, seams always so un precise to me on any windows i ever used i used ctrl+c and ctrl+v instead whenever possible.
that said modern UI's sucxxx big times just not because thay lack drag and drop

@@XanatosDavid But where is it lacking? I drag and drop things all the time in various forms and never get denied. In fact, sometimes I'm annoyed because it wants to drag and drop something when I want to do something else. Like if a photo is extra large in Firefox and I use the mouse to navigate it, it wants to drag the photo out to copy. Obviously once I remember that its mechanics are different I hit shift to horizontally scroll, but I would prefer it not have that weird behavior.

Drag'n'drop is being phased out of Windows?
Oh you sweet pre-22H2 child....

@@Mario583a Probably referring to the Windows 11 taskbar being complete trash. You can no longer drag and drop something into the taskbar to make the application pop back up. Amongst the other issues with the Win11 Taskbar.

Ralph Brown's interrupt list is probably what your looking for.

*false

@@hrgwea 0 is false

@@nissl7742 0 is falsy, not false.

@@hrgwea It's both, youngling. Always has been.

@@interstellarsurfer Then you've been confused your whole life. False is a boolean whereas zero is a number. Data type matters.
"is_alive" is meant to be a boolean property, so assigning a number to it can result in an error depending on the language.
Do you have the habit of assigning zero to boolean variables?
If you do, please correct that bad habit.

I've looked at this specific code in a disassembler before and can confirm it's only ever used for signature checks -- specifically, for checks of crypto provider DLLs, where it couldn't be used for any nefarious purpose I can imagine -- and not for encryption.

"that means the key is derived from the NSA's key-chain and not Microsoft's. I think that alone is fairly good proof that Microsoft is not willing to allow the NSA access to it's own secret key."
This part didn't exactly ease my mind. Let's assume, just for a moment, that they are DLL/EXE signing keys. Say "_KEY" was Microsoft's signing key and "NSAKEY" the NSA signing key. Say Microsoft makes Windows require just one of them to accept whatever binary is loading. Sure, the NSA doesn't have access to Microsoft's keychain, but they don't need it. They *can* just sign binaries in this case, they have a working key.

*2012 Radio Hippie Intensifies*

2024 : " MSFT Recall System "

same here :)

he worked on all Windows, up to and including XP

The problem is that 'back door' is a misnomer in it's use. They would need the data the system had, not a backdoor into the system.
There are more ways to get the stored data that just make the idea of a 'OS securing it' a laughable joke... from physical drive access, to session invasion & copying.
always remember, the data a thief/hacker would give a shit about in regards to the user & their activities, is the insanely, vastly, majority, almost always .... User accessible files, and don't need elevated rights most the time to get those files.

@@DePhoegonIsle yes and no. In all cases, physical access eventually negates all other protection. But for remote attacks - in the case of Windows, there are well documented ways to further harden it and defeat common methods of unauthorized access or privilege escalation. The tradeoff is that you can easily break the software running on top of it too. And like all good security, the best defense is a layered one.

@gilkesisking apple after the Boston bomber's iPhone was found

@gilkesisking Or they may also have agents on the inside inserting bugs. Look for Logjam for a MS 'bug' that allowed the NSA to defeat internet encryption for years. For more recent of the same, look for the following article that explains how a random number 'bug' that is actually more like a feature is affecting internet secure communications: "A Critical Random Number Generator Flaw Affects Billions of IoT Devices"

The NSA doesn't need a backdoor in the OS.. it is in the hardware.. Google VPro by Intel.. also there are videos of a Via x86 CPU that has a backdoor risc CPU to bypass all security

Back in 2013 the NSA proposed a budget request for a Sigint enabling program. By which the NSA would "insert vulnerabilities into commercial encryption systems and IT systems."
This is one of the main benefits of open source. Sure, hackers may be able to exploit vulnerabilities in the code before anyone realizes the vulnerabilities exist. But at least I can verify for myself, that the code isn't secretively sending packets of information off to big glowing government agencies. Not that it matters much if NSA has hardware backdoors that completely bypass the OS.
It's very unfortunate that the NSA exists.

@@tikabass A bolus of confused and half-understood nonsense.

Nah... music in the video is pretty cool. He just needs to try to be a little bit more clear and articulate when he talks. It's a natural progression of every popular youtuber to sound better than before as the time goes by (try to find very old Doug DeMuro videos and compare them to the current ones - huge difference). And Dave already sounds better than before, just look at his older videos and how fast he was talking before.

@@Im_too_old_for_this_shit
There’s never any music behind the news on TV or on talk shows. The message should be enough.
If you want to hear background music, you can turn on anything in your own confinement but if I prefer to listen to Dave without music, I can’t turn it off.
Background music will turn off some people and I doubt that it will attract people. I mean, people watch the videos because they want to hear Dave, not the music.

You'd need to be more specific really.

What cypher did you use? Was it asymmetric, how long was the key and message. BTW, it is was a Caesar cipher or simple xor with a symmetric key… it wouldn’t take much to get pat the encryption. And sometimes “secured messaging” just required you to be authenticated… I might not have any encryption at all.

@@mwwhited I didn't specify anything. At the time Outlook included protected message. But that big lie. Microsoft's claim was the only the recipient would be able to decrypt my message. Turned out to be not true.