Linked by Thom Holwerda on Thu 19th Nov 2009 23:22 UTC
Windows Earlier this week, a senior National Security Agency official told US Congress that the NSA had worked on Microsoft's latest operating system, Windows 7. This spurred a flurry of rumours about the NSA building backdoors into Windows 7, but Microsoft has today categorically denied these claims.
Thread beginning with comment 395637
To read all comments associated with this story, please click here.
People DO Get to Review the Source Code
by DriverDude on Fri 20th Nov 2009 15:03 UTC
DriverDude
Member since:
2009-11-20

Duh, you guys... Believe it or not, Microsoft has a pretty widely used source code access program that provides LOTS of corporate and (US and non-US) government users access to the Windows source code base. They even provide users with (free) short introductory on-site seminars on how the source code base is organized. See: http://www.microsoft.com/resources/sharedsource/windowslp.mspx

If there was any sort of backdoor in Windows, lots of people would know about it pretty quickly... Well, assuming ANYbody can read through millions of lines of source code "quickly", of course.

- DD

Reply Score: 2

japh Member since:
2005-11-11

It's not really that simple. If we assume that someone wanted to put a backdoor in there:
1. The code you read doesn't necessarily have to be the same as the code you're executing if you don't have the possibility to compile it yourself.
2. Even then, you're not completely safe. See this old thing for explanation:
http://cm.bell-labs.com/who/ken/trust.html
(it's about introducing a back door in the unix login program that won't show in the source code and also not show in the compiler source code (although the compiler does the introducing of the back door)

This might seem like a lot of hassle, but if a big company like Microsoft or an organization like the NSA decided that this is what they want, I'm sure they would be able to do what Ken Thompson figured out on his own in 1984.

Reply Parent Score: 1