Why NSA spied on inexplicably unencrypted Windows crash reports

The National Security Agency’s X-KEYSCORE program gives the spy agency access to a wide range of Internet traffic. Any information that isn’t encrypted is, naturally, visible to passive Internet wiretaps of the kind the NSA and other intelligence agencies use. This in turn will typically expose such things as e-mails, online chats, and general browsing behavior.

And, according to slides published this weekend by Der Spiegel, this information also includes crash reports from Microsoft’s Windows Error Reporting facility built in to Windows.

These reports will tell eavesdroppers what versions of what software someone is running, what operating system they use, and whenever that software has crashed. Windows also sends messages in the clear whenever a USB or PCI device is plugged in as part of its hunt for suitable drivers.

Read 3 remaining paragraphs | Comments

via Ars Technica http://feeds.arstechnica.com/~r/arstechnica/index/~3/CCjtHJ8WSwY/

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s