Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Is Windows 8 a Trojan horse for the NSA? The German Government thinks so

Leaked documents lay bare TPM 2.0 worries

Article comments

The German Government is now deeply suspicious that the Trusted Platform Module (TPM) technology built into a growing number of Windows 8 PCs and tablets is creating a gigantic back door for NSA surveillance, leaked documents have suggested.

Documents from the German Ministry of Economic Affairs obtained by German title Zeit Online uncover the alleged unease of officials at the direction of version 2.0 of the standard being developed under the auspices of the multi-vendor Trusted Computing Group (TCG).

TPM has been marketed as a security and Digital Rights Management (DRM) technology since its appearance in 2006, but version 2.0 would embed a chip on every PC that has complete control over which OS software can and can’t run, a setting not designed to be over-ridden under Windows 8. The chip is also where the cryptographic data is stored for Windows BitLocker and it enables remote administration.

Windows 8 security going forward will be founded on TPM 2.0 and the ability to access or break it would be of huge value to any intelligence service.

During TCG meetings, German officials appear to have expressed concern about the potential for abuse but were “rebuffed,” Zeit claims. The documents also refer to the NSA having representation at the meetings and the statement “the NSA agrees” in the context of leaving the technology in its current (presumably unreformed) state.

The full context of this reference is not clear from the Zeit article but the implication is disturbing; the NSA thinks that TPM 2.0 does not offer a barrier to its operations.

German officials, including members of the Federal Office for Information Security (Bundesamt für Sicherheit or BSI) concluded that "the use of trusted Computing technique in this form ... is unacceptable for the federal administration and the operators of critical infrastructure," and would represent a “loss of full sovereignty over information technology."

A second document expresses the belief that TPM 2.0 under Windows 8 is no longer usable while Windows 7 “be operated safely until 2020,” after which alternatives will need to be sourced.

Is the story overblown Teutonic paranoia or a valid concern about the growing power of state surveillance? Until recently, the presumption might have been to the former - TPM offers a number of security benefits after all - but the Snowden affair changed the dimensions of the debate.

The NSA has if not the capability then certainly the ambition to eavesdrop on every communication event on the Internet, and the willingness of large US firm to go along with that, or not, has generated huge controversy. Meanwhile, allegations that Microsoft has co-operated with the NSA to bypass the encryption used in some of its services are a matter of public record.

For cost reasons, TPM is rarely built into consumer PCs although the advent of Windows 8 is supposed to extend version 2.0 to all PCs over time. Newer devices such as Windows 8 tablets and some phones are likely to have a TPM although getting precise data on this is not easy. Linux supports Intel’s TPM 1.0, although unlike 2.0 this can be loaded and unloaded from the endpoint.

Ironically, an expert quoted in the Zeit article goes on to worry that the Chinese Government as well as the NSA might be able to access data through TPM 2.0; many TPM chips are manufactured in the country.

After years of low-level discussion among security experts, worries over surveillance backdoors have suddenly become a mainstream topic. Last month an Australian report claimed that intelligence services in the ‘five eyes’ alliance (the US, UK, Canada, Australia and New Zealand) had refused to use PCs made by Chinese-founded Lenovo over concerns about “backdoor hardware and firmware vulnerabilities.”

Update 25 August: The German BSI subsequently published a statement significantly downplaying the claims made in the Zeit Online article, referring merely to worries over a potential techncial loss of control. 


More from Techworld

More relevant IT news


Noah Wood said: The point I was making was that there are multiple ways for someone to gain access to your information and the NSA would likely

IllyaSolin said: No there are too many things in the way I understand how it Works but to get from A to B was much shorter on earlier versions of Windows

IllyaSolin said: Your language is like that of a teenage Bieber fan I suggest you grow up The haters indeed Sorry I use Windows for work and its highly inconvenient MS have tried to copy Apple which is fine for portable terminals but not for those of us who do our work on Its full of applications I dont need and Skype wont oprate in the background

Geoff Powell said: Just use key phrases such as Press the had key Must get some COKE for the fire Dont foget to BLOW-UP some balloons for the party in every email If enough of us included phrases such as these in every email the system would soon be so overloaded they wouldnt know who to dispose of

Juan said: Ever hear of low level addressing from the userspace

Juan said: Horse manure Good is relative Someone who likes looking at pictures of Kittehs and wasting hours on Facebook and wants someone else to control everything else it may be the best thing to ever come down the pikeIf youre a security conscious person or like to have more control over your computing environment Windows is a foul tyrannyHow many people would look or ask for Linux Why is that How many TV ads do you see for Linux How many for Windows Its not a matter of quality but rather how the marketing has steered the flocks of sheep that chase after the latest trendy item

Juan said: X isnt bloated In fact you can customize it and use lightweight desktop environments to run faster than Windows 2000 if you took the timeYou cant customize and optimize any of the closed source Windows code And if theres a backdoor or trojan slips in you have no recourse to protect yourself if they dont give you one As with all closed source OSes youre at the mercy of Microsoft for security holes

Farouq F. Alobaidi said: It is so sad that throughout this process you will face an overwhelming retardation from some entities that are not supposed to be called people

Clumsier said: Every thing shocks them always has always will

David Cage said: I dont like it mainly because windows seven did not run many devices any longer and windows eight has added to that list Some of these devices like some specialist scanners or data acquisition cards are not even available in modern form and have been replaced by mediocre general purpose scanner printers or cheap film scanners for the general market Also look at the size of windows eight compared to windows XP considering that not a single extra feature is of use to me but backups are that much bigger and slower

GROOV3ST3R said: You know what I suddenly feel very happy and content with Windows 7 Whatever was wrong with that system that they had to bring out 8 so soonI tried it out on a tablet and its not bad actually But it isnt something that you would like to use every day for work - its too pretty too focused on distracting you with graphics Current mainstream pcs cant really handle that Im not talking about i7 hyper threaded quad cores Im talking about i3 pretend dual cores and old pentium hardware and its AMD equivalent Often pretty graphics and clutter like that slows the system down a lot and frustrates the users - and the users dont know they have a crap pc so they blame the system Maybe Micorsoft should focus on making a small clutter-free system that would actually BE fast as they seem to describe everything they have done so far even though its not true

Spiffy said: Simple rule for this world we live in now - NEVER trust any corporation or big business with your privacy or data Its as simple as that They promise and reassure one thing but you can bet your life they are doing exactly the opposite As for this fake outrage at the NSA by all the big snoopers such as Google Twitter and FaceBook - thats just PR to try and save their own skins They have become for all intents and purposes an integral part of the NSA Big deals - big business - big money A control grid is being built around us yet most people are completely oblivious to it thanks to distractions such as celebrity trash and peoples obsession with sport

Binary Recoil said: WIndows Operating Systems Pay me or fall behind legacy so far MS-DOS Windows 10 101 102 103 104 201 203 210 211 30 31 NT 31 For Workgroups 311 32 NT 35 351 Windows 95 95 SP1 OSR1 OSR2 USB Supplement to OSR2 OSR 21 OSR 25 Windows NT 40 Windows 98 98 Second Edition Windows 2000 2000 Professional Edition Windows ME Windows XP Starter Home Home Edition N Professional Professional N Professional x64 Tablet PC Edition Media Center Edition 03 04 05 XP-64 bit Edition XP Tablet PC Edition yeah another one Fundamentals for Legacy PCs Windows Vista Starter Home Basic Home Premium Business Enterprise Ultimate Windows 7 Starter Home Basic Premium Professional Enterprise Ultimate Service Pack 1 Windows 8 8 Pro 8 Enterprise and Windows RT That is 61 Operating Systems in 32 years No one can tell me that theyve magically made a secure or better system when Id guarantee that theyre already busy working on Windows Get on your knees and pay me more money or lose the competitive edge in the business world 9 or whatever they choose to call it

Farouq F. Alobaidi said: Totally agree Have you heard about Windows 82 update They are bringing Start Menu back I do not know if this is true yet

peterb02 said: Change is usually difficult for many to adopt but then after a while users will get familiar with it and adopt it

alvinsmyth said: With all this talk about Ubuntu people are forgetting that its becoming more popular because its being marketed as commercial like and its idea may become commercial at some point even though at its core it uses an open source kernel like what unix is to mac os x but if you really want to feel safer GNULinux Debian is the way to go The Prism-Breakorg website is all you need Just use Linux and encrypt your drive and use tor if you really need to I wouldnt put anything past the governments but lets be realistic here and not be silly about the possible conspiracies

Mo Abdullahi. said: Switch to Linux Screw windows

Jaz said: Youre a retard Thats all Im going to say for now Oh the irony

Farouq F. Alobaidi said: What a waste of brains on an entity that can type You are so shallow and petty I even regret replying to you this far but it has to be done and this is my last comment You are just another swine on the internet no more no less Enjoy your debt and pathetic life

888noxxi said: i wont be sleeping tonight anyway your mums round

Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *