windows update access for NSA

The Obama Administration is trying to find ways how secret services could unlock encrypted user data. An official report shared by the Washington Post reveals they are considering to spread government spyware via OS update channels.

Until recently the discussion about NSA spying methods and counterterrorism was dominated by the so called “golden-key” approach. The controversial idea suggested that all user data would generally stay private and secure. However, for cases of legal or state-security emergency, secret services and prosecutors should be able to get privileged access to personal devices and user data.

Big OS Software makers like Microsoft, Apple and Google could invent a kind of “secure golden key” which then would be used just in very specific cases.

The report shared by the Washington Post unveils how this golden-key approach has now evolved. It summarizes four different possibilities how access to user data could be established.

Encrypted hardware-ports with unlock keys held by companies would enable decryption on request by court order.

Split encryption keys held by different parties as suggested by NSA director Michael S. Rogers. Keys would be cut into pieces and combined only by court order. No single party would be able to decrypt.

Forced unencrypted backups by court order, where companies are forced to upload data stored on an encrypted device to an unencrypted location.

Exploiting automatic software updates like Windows Updates or similar services from Apple, Google and others to install spyware onto targeted customers’ phones or tablets which means basically hacking the device.

The last idea would be technically the easiest to implement as the job to access user data would be fully done by government agencies. The companies would “just” help to infect user devices.

Software makers could maintain their position of never handing over any personal user information, while at the same time granting full access to user data – implicitly.