- Recommend:
- 0 Comments
Former Fed Says XP Poses a Security Threat
Expert says data scrubbing features could help terrorists hide evidence on their PCs.
A computer forensics expert and retired federal agent is trying to convince the U.S. government that Windows XP is a threat to national security and its distribution should be postponed.
Michael Anderson, president of New Technologies, says data scrubbing features in Windows XP Professional will make it impossible for federal agents and law enforcement to find and reconstruct digital evidence buried on computers, particularly those seized from terrorists.
While Anderson concedes that XP's data scrubbing and encrypted file system features are desired by law enforcement and others for keeping data secure, he says the timing of XP is bad.
"This is an intelligence issue," says Anderson, who provides computer forensics training, software, and consulting to military and law enforcement agencies. "The government and Microsoft need to think this thing through."
Going Too Far?
Some security experts are unconvinced, however.
"This may be going a little too far," says Charles Kolodgy, an analyst with market research firm IDC. "Do you ban shredding, burning of paper?" Kolodgy also says the argument is ironic given that Microsoft is often criticized for leaving so many security features disabled by default. Others say privacy is also an issue.
But Anderson, who retired in 1996 from the U.S. Treasury, where he was a special agent, says the government should force Microsoft to postpone the release of the Professional version of XP in light of the September 11 terrorist attacks. Windows XP launches October 25, ironically, at an event in New York City.
Anderson, whose business is based in Oregon, has detailed his concerns in letters to his state's congressional representatives in Washington, D.C.
Calling on Congress
A spokesperson for Senator Ron Wyden (D-Oregon), a member of the Select Committee on Intelligence, says the senator was forwarding Anderson's letter to Attorney General John Ashcroft. "We are asking the Justice Department to take a look. We think it is their issue," the spokesperson says.
Chuck Guzis, president of Sydex, which develops data conversion and emulation software, also has written to Congress.
"We just need to delay this software," he says. "We don't have the [forensics] tools or methodology in place to combat XP."
Anderson's concerns stem from the fact that even when data is deleted from a computer it still resides on the hard drive for a period of time. This is known as ambient data. Experts can reconstruct ambient data to recover files and e-mail messages. Such work was done to produce evidence in the trial of Iran-Contra figure General Oliver North and in the Monica Lewinsky scandal.
Windows XP Professional has a feature called data recovery. By default, that mechanism is turned off, meaning that ambient data is "scrubbed" from the hard drive. Anderson says that means terrorists could use it to hide their digital tracks.
"XP will slam the door on all that forensics work," Anderson says. But Microsoft says security in XP as in other Microsoft products isn't created in a vacuum.
"We work with others in the industry and government agencies to develop security policies that take into account law enforcement concerns," says Jim Desler, the corporate spokesperson for Microsoft.
He acknowledges that savvy terrorists can use third-party tools, such as Evidence Eraser by Mad Hornet, to stifle forensics work but says Windows XP makes it available by default to anyone buying XP Professional.
For more information about enterprise networking, go to NetworkWorld. Story copyright 2011 Network World Inc. All rights reserved.
Would you recommend this story? YES NO
- Recommend:
- 0 Comments
-
Speed Up Everything!
PCWorld shows you the secrets to improve performance on all your hardware.
-
Become an Android authority
Play music or games, run productivity apps and essential utilities.
-
ThinkPad Edge E420 Lenovo Style in an Affordable Package
Buy now direct from Lenovo -
ThinkPad X220 Fast and light, with great input ergonomics and battery life, this powerhouse ultraportable is best-of-breed.
Buy now direct from Lenovo -
ThinkPad X120e One of the best netbooks ever, X120e has the best netbook keyboard ever--nothing else comes close
Buy now direct from Lenovo
- As Windows XP Turns 10, It's Time to Say Goodbye
- PlayStation Network Breach: Sony Says Credit Card Info Was Encrypted
- Sony Says Data Is Protected, Attackers Say It's For Sale
- An Old Hard Drive and OS in a New PC
- What Does It Take to Get a PC With XP?
- Must I Give Up XP?
- Windows XP: Pros and Cons of Not Upgrading
- 12 Criteria for Selecting the Best ERP System Replacement An ERP system is your information backbone and reaches into all areas of your business and value chain. Replacing it can open unlimited business opportunities. This white paper explains the 12 criteria that allow you to identify and select the solution that will meet these expectations.
- Leveraging Social Computing Technologies for ERP Applications This white paper details how Web 2.0 technologies support business strategies by improving efficiency, productivity, and collaboration.
















