[ISN] Win-XP denounced as terrorism tool

From: InfoSec News (isnat_private)
Date: Thu Oct 18 2001 - 00:46:47 PDT

  • Next message: InfoSec News: "[ISN] Major security hole found in OS X 10.1"

    Forwarded from: Nelson Murilo <nelsonat_private>
    
    http://www.theregister.co.uk/content/4/22281.html
    
    Win-XP denounced as terrorism tool
    By Thomas C Greene in Washington
    Posted: 17/10/2001 at 07:43 GMT
    
    A computer forensics specialist warns that default security features
    in Windows-XP might bring civilization to its knees at the hands of
    pedophiles, tax cheats, and, of course, international terrorists.
    
    Forensics outfit New Technologies' President, Michael Anderson, a
    former Fed himself, is claiming that the secure file-wipe feature in
    Win-XP Pro is going to "make it impossible for federal agents and law
    enforcement to find and reconstruct digital evidence buried on
    computers, particularly those seized from terrorists," according to an
    article by Network World. [my emphasis]
    
    Of course there's BCWipe, Norton Wipeinfo, Evidence Eraser, the PGP
    wipe feature, and so on. But these require crooks to lift a finger;
    and as we all know, the 'science' of computer forensics depends on
    really dumb criminals who think deleting a file is the same as erasing
    it. Arguably, there would be no computer forensics industry if naive
    point-and-drool crooks didn't screw up so often.
    
    Perhaps the Network World article's touchingly un-skeptical author,
    Senior Editor John Fontana, might have troubled to take a peek at the
    New Technologies' Web site. There, in a welcome message, we're told
    up-front that the company subsists on "the exploitation of the
    security weaknesses in DOS, Windows, Windows 95, Windows 98, Windows
    NT and Windows 2000 to find computer evidence and computer security
    data leakage."
    
    That's right, the company feeds on intrinsic security weaknesses, and
    naturally is appalled that Microsoft should do anything so unpatriotic
    as mass-market a more secure OS.
    
    Clearly, Anderson's lament has nothing to do with fighting terrorism,
    and everything to do with preserving the crummy security status-quo
    that earns him and his employees a living. Like most bottom-feeders on
    the WTC atrocity, he lays on the Stars-and-Stripes anti-terror
    rhetoric with a trowel.
    
    "This is an intelligence issue....the government and Microsoft need to
    think this thing through," Anderson warns. He wants the US government
    (presumably the now-panicky DoJ) to delay the 25 October XP retail
    launch until he and his geeks can figure out a way to defeat its
    file-wipe feature.
    
    How long that might take is anyone's guess. Naturally, if the
    forensics industry has been living off the slack they've been given,
    they're in a poor position to gear up for an effective assault on
    readily-available, decent file security.
    
    Or maybe Anderson's company is simply worse than most at recovering
    data not attributable to 'security weaknesses'. Either way, he's a
    loathsome bastard for trading on the WTC outrage to muscle the DoJ
    into accommodating his cash cow.
    
    It's ironic. First we had tiring propellerhead Steve Gibson claiming
    hysterically that the inadequate security measures in Windows-XP would
    bring the Internet to its knees at the hands of sociopathic teenage
    brats. Now we've got a would-be profiteer telling us that civilization
    is in mortal danger from terrorists exploiting the superior security
    measures in Windows-XP.
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY
    of the mail.
    



    This archive was generated by hypermail 2b30 : Thu Oct 18 2001 - 02:44:17 PDT