Security News

Why NSA spied on inexplicably unencrypted Windows crash reports

Why NSA spied on inexplicably unencrypted Windows crash reports: The National Security Agency’s X-KEYSCORE program gives the spy agency access to a wide range of Internet traffic. Any information that isn’t encrypted is, naturally, visible to passive Internet wiretaps of the kind the NSA and other intelligence agencies use. This in turn will typically expose such things as e-mails, online chats, and general browsing behavior.

And, according to slides published this weekend by Der Spiegel, this information also includes crash reports from Microsoft’s Windows Error Reporting facility built in to Windows.

These reports will tell eavesdroppers what versions of what software someone is running, what operating system they use, and whenever that software has crashed. Windows also sends messages in the clear whenever a USB or PCI device is plugged in as part of its hunt for suitable drivers.

It appears that this information leakage greatly amused the NSA, with Spiegel reporting that the spy organization created a comedy mock-up of the Windows error message. The fake message points at why the NSA would find the information useful, too; knowing what software someone is using makes it easier to find an appropriate security flaw with which to compromise a system. And this is all possible with mere passive monitoring.

Standard