NSAKEY: Who Can See Your Encrypted Data?

If the NSA had a backdoor key, they wouldn't be so dumb to call it `NSAKEY`. They would instead name it "definitely_NOT_NSA_KEY_keep_scrolling_nothing_to_see_here".

I've always thought that the NSAKey by itself wouldn't be particularly useful even if it was meant as a backdoor. However, I would like to hear what your thoughts are on Snowden's statements about backdoors, which include Microsoft

I would love to see a video about 'finding stuff' in software. Like oops we shipped debug binaries, forgot to hide/encrypt/obscure files, or just interesting places to poke around.

Thank you Dave. Very very interesting. I find your channel to be a real treasure and I look forward to every new video you post. I'm also glad you're doing this because IMO the history of computing, especially the PC, over the last 30 years will be of great interest to future historians. You lived it; that makes you an original, primary source. Please keep doing what you're doing. PS: the choice of the clip from Better Call Saul was perfect!

I figured the NSA key was a misinterpretation of the acronym. Tl;Dr version: NSAkey is a public key to help compliance with NSA export regulations. Not that it was a secret master key backdoor for the NSA. Keep up the cool stories Dave.

2nd key is to let NSA sign their own msgina modules, for multi factor biometric logins, without disclosing the modules. It could be used as a backdoor, but they wouldn't, because that would appear in the event log. Just use one of the RCE 0-days, there's a new one every Tuesday

It would be interesting to remove, or modify, the “NSA” key from the Windows source code and then recompile/link the Windows source code and see what executes. PS -- Great book, Dave!

It’s like watching an episode of Biography for Computers. Love it! I can’t stop watching. Your videos are interesting, funny and informative. Thanks

"Everything is just a Grep away" I love it Dave !!! Keep up the great work man !!

My first guess as to why it hasn't been removed is due to "don't fix what ain't broken mentality" and maybe the people who originally put it in there aren't at Microsoft anymore.

I once worked on an SMS1.2 system that kept having failed jobs. This was long after the release of SMS2.0. There was a suspicion that someone was making jobs fail, so we logged a P1 call with MS and got access to a security engineer. We replaced 1 DLL with a new file and changed back the file date. It tracked and logged activity, albeit secretly, and we caught the fella red handed. He was breaking the jobs and being a contractor with a due expiry, he would break things only he could fix. I saw the pattern, and saw the shock on his face as he was frog-marched from the site. Satisfaction, but really quite creepy how this DLL created hidden files, registry hives and really really cool 😎

Thanks for including the Mike Ehrmantraut clip! Fans will immediately know the context. The whole video is entertaining. Thanks.

once you know what you're looking for, everything is just a "grep" away. Love it lol. Great content keep it up!

I remember getting a version of Windows that was label Windows 96 I seem to remember it having some extra tools or programs in it! Fun times those were. I also used a hex editor to change the start button to my first name since my first name has 5 letters ! Thanks for sharing this great content/history!

I was a computer science student working at a small rural Wisconsin convenience store in the summer of 1996. One of our regulars had a daughter and son-in-law who worked at Microsoft. One evening they invited me to their home and the son-in-law showed me a pre-release of NT 4 running on his laptop. There was some kind of precursor to Outlook or something running on it as well--might have been called Entourage? It was all pretty mind blowing. I asked him how much memory the laptop had in it. He responded, a little sheepishly, "80 megabytes." That was a lot of memory for a laptop back then. But it made for a smooth NT 4 experience. As an independent software developer in my free time, I moved to NT 4.0 as soon as it was available to me. Sucked to lose plug & play after being on Windows 95 for a year, but everything else was great.

Given the DLL restrictions, I would have expected TheKEY to be used for Microsoft signed libraries and TheNSAKEY to be used for NSA blessed libraries without need to contact Microsoft. The idea that Microsoft was afraid of losing the original key doesn't sound reasonable. It would have been more sense to print the original key in hex on paper and distribute enough copies of it to many enough bank safes, than to add another key to the system. Especially without a method to mark the old key as revoked.

It's always so comforting to hear that music at the end.🥰

the key is probably still in there in case a 3rd party crypto system used it at some point and left in for backwards compatibility for those 3rd party applications.

The key splitting that Dave mentions in this case is most likely being done with Shamir Secret Sharing (information theoretic security pretty cool cryptography)

I had NT 4.0, and liked it better than Win 95. I tried to get on the very new Linux bandwagon already back them, but I being more of a hardware guy was clueless and lost, so saw NT as a better way to go. When I heard this story, having moved up to NT 5, I tried Linux again and was still nowhere near being able to make use of it. Then I read from a few independent computer security groups, similar explanations to yours, and since they have not only dispelled other myths before, as well as exposed plenty of actual shenanigans, especially what Google was up to with collecting user information, I trusted them over the insane conspiracy theorists rantings that were all over the place. I Loved the added security, stability, and efficiency of NT, as well as the file system.