Vista: Bitlocker provides easy crypto for outlaws

Jeff unfortunately fell for the old argument that cryptography helps outlaws (or terrorists) hide criminal activity.

The article he cites says:

“The bad news, at least for intelligence personnel, is that the bad guys will have convenient access to this easy-to-use encryption technology. There has been encryption technology like this available for years, but it was hard to install and use. BitLocker is designed for non-geeks. Apparently, there is no “back door” (easy way for the government to read BitLocker encrypted data). However, Microsoft may have shared technical data about Bit Locker with the NSA (National Security Agency, which handles American government and military cryptography), to make it easier to crack.”

I’m surprised to see that discussion pop up yet again – after all we’ve gone through this in great consideration with PGP and the suit against Phil Zimmermann.

I guess Phil is also the best guy to argue this case:

“The question of whether strong cryptography should be restricted by the government was debated all through the 1990’s. This debate had the participation of the White House, the NSA, the FBI, the courts, the Congress, the computer industry, civilian academia, and the press. This debate fully took into account the question of terrorists using strong crypto, and in fact, that was one of the core issues of the debate. Nonetheless, society’s collective decision (over the FBI’s objections) was that on the whole, we would be better off with strong crypto, unencumbered with government back doors. The export controls were lifted and no domestic controls were imposed. I feel this was a good decision, because we took the time and had such broad expert participation. Under the present emotional pressure, if we make a rash decision to reverse such a careful decision, it will only lead to terrible mistakes that will not only hurt our democracy, but will also increase the vulnerability of our national information infrastructure.”

The EFF has even more to say about this.

Vista fosters creativity

At least amongst bloggers: Chalain tells us what it feels like to upgrade

“I wake. For a moment, I stare at the ceiling trying to remember something. Something important. Something important happened last night, but the details escape me. Something fascinating yet sinister, like touring the CIA offices. Something exotic yet somehow familiar, like putting hot sauce on meatloaf. I wonder if I have a hangover. I wonder why I am thinking about the CIA and meatloaf. I roll onto my side.”

Read on…

Vista security

Jim Allchin says “buy Vista for the security”.

Microsoft seems to have put a lot of effort into making Vista the most secure Windows OS ever, they even asked the NSA for help.

I have been following the blogs over the first few days after the official launch now, and there’s one common theme I can identify so far: several blogs recommend disabling one of Vista’s key security features, User Account Control (UAC).
You can check Technorati for the number of blogs that recommend doing this (at the point of writing: at least 125).

It looks like they have made this such an annoying feature that Vista is next to unusable with security turned on. This tells me one thing: they have have an understanding on the technolgy level, but they are still clueless about how to build in security in a way that’s compatible with users.

Way to go, Microsoft.