Talk:_NSAKEY

Talk

Some sites mention a third key found, although this makes no reference to it. —porges_(talk) 07:11, 31 July 2006 (UTC)

What sites would those be? ➥the Epopt 14:18, 31 July 2006 (UTC)

[1] for one —porges_(talk) 02:33, 2 August 2006 (UTC)

Dead link

Second reference "no backdoor in Windows" is dead. Rena Kunisaki (talk) 16:38, 7 July 2008 (UTC)

"All versions of Windows"

The key is still present in all versions of Windows, though it has been renamed "_KEY2."

We need to clarify what "all versions of Windows" means. Presumably we're not talking about all versions of Windows starting from Windows 1.0. - furrykef (Talk at me) 22:43, 19 May 2009 (UTC)

Does someone publish a current evaluation of the cryptographic module in recent Windows to see if the public key named "_KEY2" is still present? - AlexandreDulaunoy (talk) 08:15, 4 September 2011 (UTC)

I don't know. I presume the key can be found by doing a pure-binary match over whatever DLL is supposed to contain it.

The name of the key takes more to figure out, however: someone needs to check the Microsoft public debug symbol server, if that whatever-DLL has symbols on there. Failing that, we would need someone from some government that has seen the Windows source code "for evaluation". And failing that, we'd need anyone employed at Microsoft to take a look at their internal symbol server. Artoria2e5 🌉 13:18, 4 March 2024 (UTC)

Bobrayner sense

"doesn't make sense" 99.90.197.87 (talk) 13:24, 25 May 2012 (UTC)

Makes perfect sense. The NSA doesn't like people using Linux.... assuming that they haven't compromised that too.76.97.61.143 (talk) 18:11, 24 June 2013 (UTC)

It is a NSA backdoor

[http://www.wnd.com/2013/06/nsa-has-total-access-via-microsoft-windows/ Hi NSA. Ignore me, just a veteran that thinks y'all need to re-read the fourth amendment to the constitution.]76.97.61.143 (talk) —Preceding undated comment added 16:54, 24 June 2013 (UTC)

What about MS_DRBG?

_NSAKEY lets the NSA silently run their code on your windows machine, after they've targeted you for some reason. Unmentioned in this article, is MS_DRBG - their other 4 keys which give them a back-door into all the crypto operations you do on your windows machine (via PRNG manipulation - eg: generating keys, SSL/TLS sessions, etc) - which they can use to spy on everything you do in near-real-time. 120.151.160.158 (talk) 09:54, 3 March 2014 (UTC)

Sources please? -- intgr [talk] 10:49, 3 March 2014 (UTC)

https://eprint.iacr.org/2023/440.pdf says "MS DRBG has not, to our knowledge, been used in any real-world systems." The "MS" also does not stand for Microsoft, but instead "Micali-Schnorr". Artoria2e5 🌉 12:52, 4 March 2024 (UTC)

173.216.105.18

173.216.105.18 keeps messing with the article, can an admin ban her?78.193.86.3 (talk) 02:32, 1 January 2016 (UTC)

They would need to be warned and then reported to WP:AIV. --allthefoxes ^(Talk) 02:34, 1 January 2016 (UTC)

Not only NT4 and 2000...

NSAKEY was discovered in Windows 95 too, here is an original article which mentions it: http://web.archive.org/web/20060504051529/http://members.ozemail.com.au/~geoffch@ozemail.com.au/security/cryptoapi/cspsigs.htm

PGP keys relevance?

Hi, the significance of the PGP keys published is unexplained. What are they intended to be used for, not in general, but as in they relate to _NSAKEY? They seem irrelevant as the article is written now. 24.228.173.87 (talk) 23:29, 28 August 2021 (UTC)

Why not include the actual keys into the article? Including them as PGP keys makes it possible to play around with them, and also why not · · · Omnissiahs hierophant (talk) 07:04, 6 September 2021 (UTC)

It's useless besides "for fun and kicks". Maybe one day someone will factor the two RSA keys for fun and kicks. Artoria2e5 🌉 12:57, 4 March 2024 (UTC)