Original title: Built-in backdoor: German govt warns of significant Windows 8 security dangerLeaked documents from the German Federal Office for InformationSecurity (BSI) indicate that the organization has become suspicious ofTrusted Platform Module (TPM) technology built into an increasing numberof Windows 8 PCs and tablets.Documents uncovered and leaked by German news outlet Zeit Onlinefound that the German Ministry of Economic Affairs was displayingsignificant unease with the combined technologies, suggesting thepossibility that a backdoor could be created for further covertNSA surveillance operations.The backdoor in question would allow Microsoft to control thecomputer remotely. “Trusted Computing,” a method developed andpromoted by the Trusted Computing Group, is nothing new - fearswere being aired over its capabilities and potential as early itsfounding in 1999.TPM appeared in 2006 as security technology. However, version 2.0would implant a chip on every single PC, allowing it to controlwhich programs could and couldn’t be executed because underWindows 8, there is no override. The users thus basicallysurrender control over their computers.One of the documents retrieved by Zeit Online found that BSIstated that “unconditional, complete confidence” inTrusted Computing by stipulations of TPM 2.0 was not possible.Trusted Computing cultivated specifications for how the chipwould work with operating systems.Another document from early 2012 mourned the fact that “due tothe loss of full sovereignty over the information technology, thesecurity objectives of ‘confidentiality’ and ‘integrity’ can nolonger be guaranteed.”While not fully clear on the specifics, the documents appear toindicate that the NSA had some form of representation at the TCGmeetings – during which German officials were also present -saying that they were in favor of leaving the technology in itsexisting state, without any changes being necessary. Thissuggests that the NSA does not see TPM 2.0 as hindering itsoperations.A Snowden leak from July this year showed how Microsoft workedhand-in-hand with the United States government in order to allowfederal investigators to bypass encryption mechanisms meant toprotect the privacy of millions.Penton’s Windows IT Pro trade publication pointed out that ZeitOnline “seem[ed] to be using a bit of imagination to connectthe dots and maybe the German government has other ideas.”In a press statement released late Wednesday, the BSI insistedthat “From the perspective of the BSI, the use of Windows 8 incombination with a TPM 2.0 is accompanied by a loss of controlover the operating system and the hardware used.”Source: rt.com/news/windows-8-nsa-germany-862/ Further reading: en.wikipedia.org/wiki/Trusted_Platform_Module Personal comment:The chip in itself would permit "secure" remote access (among many other things), potentially without consent. This also requires the cooperation of the "trusted" application and/or OS. So this can be somewhat mitigated by use of an open platform that you know is secure (Linux, BSD, etc.). But the underlying problem is that the chip has a unique private key signed into it when manufactured, but youdon't know that key, only the chip (because it uses it) and the manufacturer know the key.So in more layman terms this is an appropriate analogy: Imagine you buy a new lock for your door, but the only one that has access to the key is the manufacturer and just have to trust him to not make copies or give it away.Hence the "Trusted" part, but not exactly secure. The only case in which you have true security is when you and only you have the keys. So stay away from TPM devices that run on machines with closed proprietary OSes and are known to *cough* Snowden *cough* *cough* share information freely with three letter agencies everywhere OR don't, if you have nothing to hide and haven't done anything wrong and you are ok with standing naked in front of the window (or whatever the digital equivalent of that is).