[kictanet] Is Windows 8 a Trojan horse for the NSA? The German Government thinks so

Paul Roy roykoikai at gmail.com
Thu Aug 29 08:50:58 EAT 2013


Found this interesting as well...food for thought!

---------- Forwarded message ----------
From: Josphat Karanja <karanjajf at gmail.com>
Date: Wed, Aug 28, 2013 at 10:35 PM
Subject: [Skunkworks] FBI and DHS Concerned About Android Vulnerabilities
To: Skunkworks forum <skunkworks at lists.my.co.ke>, skunkworks at my.co.ke


found this insightful

*****************************************************************************

TOP OF THE NEWS
 --FBI and DHS Concerned About Android Vulnerabilities
(August 26, 2013)
According to an unclassified US government document, the FBI and the
Department of Homeland Security (DHS) are concerned about security flaws
in the Android operating system. Specifically, the document outlines
concerns about threats faced by law enforcement officers and officials
who are using devices running older versions of the operating system.
The document says, "Android is the world's most widely used mobile
operating system and continues to be a primary target for malware
attacks due to its open source architecture." It also offers mitigation
advice for certain types of threats.
http://news.cnet.com/8301-1009_3-57600105-83/android-
security-holes-worry-fbi-dhs/
http://info.publicintelligence.net/DHS-FBI-AndroidThreats.pdf
[Editor's Note (Murray):  Ironic.  DHS has favored Android over iOS for
exactly this reason.  That the government has consistently used its
buying power to favor "open" over "secure" is at least partially

_______________________________________________
skunkworks mailing list
skunkworks at lists.my.co.ke
------------
List info, subscribe/unsubscribe
http://orion.my.co.ke/cgi-bin/mailman/listinfo/skunkworks
------------

Skunkworks Rules
http://my.co.ke/phpbb/viewtopic.php?f=24&t=94
------------
Other services @ http://my.co.ke


On Tue, Aug 27, 2013 at 9:16 AM, Evans Ikua <ikua.evans at gmail.com> wrote:

> Well, I see all this as food for thought.
>
>
> On Mon, Aug 26, 2013 at 11:42 PM, S.M. Muraya <murigi.muraya at gmail.com>wrote:
>
>> No comments about the closed ios/ipad ecosystem being used in serikali?
>>
>> Please google "android malware".... It is about apps, not the so much the
>> operating system.
>>
>> http://www.zdnet.com/android-app-malware-rates-jump-40-percent-7000019093/
>>
>> Android smartphones with our gps coordinates are on us most of the time.
>>
>> Not to forget, very insecure apps/services powered by Linux Servers 24
>> hours ....
>>
>>
>> http://arstechnica.com/security/2013/05/critical-linux-vulnerability-imperils-users-even-after-silent-fix/
>>
>>
>> http://krebsonsecurity.com/2013/08/simple-hack-threatens-oudated-joomla-sites/
>>
>>
>>
>> Blessings
>>
>> Murigi / Stanley Muraya
>>
>> *"Better a patient person than a warrior, one with self-control than one
>> who takes a city." Prov 16:32*
>>
>>
>> On Mon, Aug 26, 2013 at 6:53 PM, Walubengo J <jwalu at yahoo.com> wrote:
>>
>>> @Muraya,
>>>
>>> I used to think Android is "open"?  Meaning the comparison to Windows
>>> would not be appropriate in that if someone sneaked in spy-software in
>>> Android, I (and many others) can sniff it out, but if someone sneaked in
>>> some spy software in Windows, only Microsoft and perhaps the US govt would
>>> know?
>>>
>>> Incidentally what @Ikua raises in not far-fetched.  In 2010, it is
>>> widely believed the US /Israeli Governments unleashed a worm called
>>> "stuxnet" that chewed up the Iranian nuclear plants to a halt. The mode of
>>> delivery is also widely believed as being through one of the many regular
>>> Windows updates that we so faithfully do every week or month over the net.
>>>
>>> In other words, most Listers here and across the globe do have the
>>> "stuxnet" worm on their machines but it is in sleep mode simply because
>>> their organisations do not run nuclear reactors with specific circuitry.
>>> This worm was clever enough to only wake up upon sensing certain
>>> "signature" frequencies originating from certain circuitry that was
>>> dominant in Iranian nuclear reactors.
>>>
>>> Obviously only Microsoft could be able to see the additional
>>> logic/payload in that particular update.  Contrast this to updates whose
>>> code is "open"...
>>>
>>> For those technically inclined, you can pick up the story @
>>>
>>> http://en.wikipedia.org/wiki/Stuxnet
>>>
>>> walu.
>>>
>>>
>>>
>>>
>>>
>>>   ------------------------------
>>>  *From:* S.M. Muraya <murigi.muraya at gmail.com>
>>> *To:* jwalu at yahoo.com
>>> *Cc:* KICTAnet ICT Policy Discussions <kictanet at lists.kictanet.or.ke>
>>> *Sent:* Monday, August 26, 2013 4:12 PM
>>>
>>> *Subject:* Re: [kictanet] Is Windows 8 a Trojan horse for the NSA? The
>>> German Government thinks so
>>>
>>> If we worry about 200 Million Windows 8.1 PCs (by 2015) how about 1
>>> Billion mobile devices running Android by 2015?
>>>
>>> Blessings
>>>
>>> Murigi / Stanley Muraya
>>>
>>> *"Better a patient person than a warrior, one with self-control than
>>> one who takes a city." Prov 16:32*
>>>
>>>
>>> On Mon, Aug 26, 2013 at 3:12 PM, Evans Ikua <ikua.evans at gmail.com>wrote:
>>>
>>> The German Government is now deeply suspicious that the Trusted Platform
>>> Module (TPM) technology built into a growing number of Windows 8 PCs and
>>> tablets is creating a gigantic back door for NSA surveillance, leaked
>>> documents have suggested.
>>> Documents from the German Ministry of Economic Affairs obtained by
>>> German title *Zeit Online*<http://www.zeit.de/digital/datenschutz/2013-08/trusted-computing-microsoft-windows-8-nsa/seite-1>uncover the alleged unease of officials at the direction of version 2.0 of
>>> the standard being developed under the auspices of the multi-vendor Trusted
>>> Computing Group (TCG).
>>> TPM has been marketed as a security and Digital Rights Management (DRM)
>>> technology since its appearance in 2006, but version 2.0 would embed a chip
>>> on every PC that has complete control over which programs can and can’t
>>> run, a setting that can’t be over-ridden under Windows 8. The chip is also
>>> where the cryptographic data is stored for Windows BitLocker and it enables
>>> remote administration.
>>>
>>> Please read more here<http://news.techworld.com/security/3465259/is-windows-8-trojan-horse-for-nsa-german-government-thinks-so/#tk.nl_win>
>>>
>>> --
>>> *----------------------------------------------------
>>> Kind Regards,
>>> Evans Ikua,*
>>>
>>> _______________________________________________
>>> kictanet mailing list
>>> kictanet at lists.kictanet.or.ke
>>> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
>>>
>>> Unsubscribe or change your options at
>>> https://lists.kictanet.or.ke/mailman/options/kictanet/murigi.muraya%40gmail.com
>>>
>>> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
>>> for people and institutions interested and involved in ICT policy and
>>> regulation. The network aims to act as a catalyst for reform in the ICT
>>> sector in support of the national aim of ICT enabled growth and development.
>>>
>>> KICTANetiquette : Adhere to the same standards of acceptable behaviors
>>> online that you follow in real life: respect people's times and bandwidth,
>>> share knowledge, don't flame or abuse or personalize, respect privacy, do
>>> not spam, do not market your wares or qualifications.
>>>
>>>
>>>
>>> _______________________________________________
>>> kictanet mailing list
>>> kictanet at lists.kictanet.or.ke
>>> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
>>>
>>> Unsubscribe or change your options at
>>> https://lists.kictanet.or.ke/mailman/options/kictanet/jwalu%40yahoo.com
>>>
>>>
>>> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
>>> for people and institutions interested and involved in ICT policy and
>>> regulation. The network aims to act as a catalyst for reform in the ICT
>>> sector in support of the national aim of ICT enabled growth and development.
>>>
>>> KICTANetiquette : Adhere to the same standards of acceptable behaviors
>>> online that you follow in real life: respect people's times and bandwidth,
>>> share knowledge, don't flame or abuse or personalize, respect privacy, do
>>> not spam, do not market your wares or qualifications.
>>>
>>>
>>
>> _______________________________________________
>> kictanet mailing list
>> kictanet at lists.kictanet.or.ke
>> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
>>
>> Unsubscribe or change your options at
>> https://lists.kictanet.or.ke/mailman/options/kictanet/ikua.evans%40gmail.com
>>
>>
>> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
>> for people and institutions interested and involved in ICT policy and
>> regulation. The network aims to act as a catalyst for reform in the ICT
>> sector in support of the national aim of ICT enabled growth and development.
>>
>> KICTANetiquette : Adhere to the same standards of acceptable behaviors
>> online that you follow in real life: respect people's times and bandwidth,
>> share knowledge, don't flame or abuse or personalize, respect privacy, do
>> not spam, do not market your wares or qualifications.
>>
>
>
>
> --
> *----------------------------------------------------
> Kind Regards,
> Evans Ikua,*
> lanetconsulting.com,
> lpi-eastafrica.org,
> ict-innovation.fossfa.net,
> Skype: @ikuae
> Cell: +254-722-955831
>
> _______________________________________________
> kictanet mailing list
> kictanet at lists.kictanet.or.ke
> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
>
> Unsubscribe or change your options at
> https://lists.kictanet.or.ke/mailman/options/kictanet/roykoikai%40gmail.com
>
> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
> for people and institutions interested and involved in ICT policy and
> regulation. The network aims to act as a catalyst for reform in the ICT
> sector in support of the national aim of ICT enabled growth and development.
>
> KICTANetiquette : Adhere to the same standards of acceptable behaviors
> online that you follow in real life: respect people's times and bandwidth,
> share knowledge, don't flame or abuse or personalize, respect privacy, do
> not spam, do not market your wares or qualifications.
>



-- 
"Change is slow and gradual. It requires hardwork, a bit of
luck, a fair amount of self-sacrifice and a lot of patience."

Roy.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20130829/9e6a4b84/attachment.htm>


More information about the KICTANet mailing list