by Peter Gothard
22 August 2013
from
Computing Website
The German government has recommended that Federal Administration and other
high profile public sector departments in the country do not use Windows
8 because, it warns, it contains security backdoors that cannot be
controlled or trusted, and that may be easily accessible by the NSA.
The warnings are present in leaked documents obtained by German daily
newspaper
Zeit.de:
"Due to the loss of full sovereignty over
the information technology, the security objectives of ‘confidentiality'
and ‘integrity' can no longer be guaranteed.
"This can have significant consequences on the IT security of the
Federal Administration," the documents say.
The focus of the security concerns is the
Trusted Computing technology standard, which has been in existence for more
than a decade.
It was developed by major US hardware and
software manufacturers, including,
The German government's documents allege that
the group's core hardware element - a chip called the Trusted Platform
Module (TPM),
which appears in hardware built by Trusted Computing Group companies -
interfaces directly with Windows 8 and enables Microsoft remote, unfettered
access to any computer on which the operating system runs.
The leaked document is dated from early 2012 - pre-dating the release of
Windows 8 - and explains how IT experts at the German Federal Office for
Information Security (BSI) made these supposed discoveries.
They claim that they found out that the TPM chip's digital rights
management (DRM) capabilities can decide which software on a computer
can be enabled or disabled, and is fully remotely controlled by Microsoft.
The TPM 2.0 hardware interface - launched in late 2011 - is activated by
default when a computer boots, and cannot be turned off.
The German government fears that access to these backdoor systems could
easily be passed to the National Security Agency, the US spying agency, and
its so-called Prism group, which is known to be involved in secretly
recording internet data, such as emails and voice calls.
The scope of its activities were exposed when whistleblower
Edward Snowden last month leaked
several thousand documents to The Guardian newspaper.
The German government warns that use of Windows 8 - with such a believed
risk from TPM - is,
"unacceptable for the Federal Administration
and for operators of critical infrastructure".
It calls Windows 8 "already" unusable because of
TPM 2.0, but that Windows 7 can be "operated safely until 2020".
Finally, the documents complain that German companies tried to get involved
in the formation of TPM 2.0's standard, but were snubbed by the hardware
companies involved.
However, the document asserts that the NSA was involved and enjoyed an
influential role.
Shortly after Snowden sought refuge in Russia, the Russian government
revealed that it was dumping all its PCs for sensitive work - and using
typewriters instead.