NSAKEY: Who Can See Your Encrypted Data?

If the NSA had a backdoor key, they wouldn't be so dumb to call it `NSAKEY`. They would instead name it "definitely_NOT_NSA_KEY_keep_scrolling_nothing_to_see_here".

I've always thought that the NSAKey by itself wouldn't be particularly useful even if it was meant as a backdoor. However, I would like to hear what your thoughts are on Snowden's statements about backdoors, which include Microsoft

I would love to see a video about 'finding stuff' in software. Like oops we shipped debug binaries, forgot to hide/encrypt/obscure files, or just interesting places to poke around.

Thank you Dave. Very very interesting. I find your channel to be a real treasure and I look forward to every new video you post. I'm also glad you're doing this because IMO the history of computing, especially the PC, over the last 30 years will be of great interest to future historians. You lived it; that makes you an original, primary source. Please keep doing what you're doing. PS: the choice of the clip from Better Call Saul was perfect!

I figured the NSA key was a misinterpretation of the acronym. Tl;Dr version: NSAkey is a public key to help compliance with NSA export regulations. Not that it was a secret master key backdoor for the NSA. Keep up the cool stories Dave.

It’s like watching an episode of Biography for Computers. Love it! I can’t stop watching. Your videos are interesting, funny and informative. Thanks

I’ve been a subscriber for a while now. Absolutely love your content. You have been very informative and educational for me.

Thanks sir. I’ve been binge watching your Channel. Awesome stuff.

Dave ! A GG intro with early one morning in the background ! Wonderful, you made my day!

"Everything is just a Grep away" I love it Dave !!! Keep up the great work man !!

2nd key is to let NSA sign their own msgina modules, for multi factor biometric logins, without disclosing the modules. It could be used as a backdoor, but they wouldn't, because that would appear in the event log. Just use one of the RCE 0-days, there's a new one every Tuesday

It would be interesting to remove, or modify, the “NSA” key from the Windows source code and then recompile/link the Windows source code and see what executes. PS -- Great book, Dave!

love your channel, Dave. You are the best in your class. You define that class. Thanks!

Thanks for including the Mike Ehrmantraut clip! Fans will immediately know the context. The whole video is entertaining. Thanks.

Amazing content and definitely buying your book!

The key splitting that Dave mentions in this case is most likely being done with Shamir Secret Sharing (information theoretic security pretty cool cryptography)

My first guess as to why it hasn't been removed is due to "don't fix what ain't broken mentality" and maybe the people who originally put it in there aren't at Microsoft anymore.

It's always so comforting to hear that music at the end.🥰

once you know what you're looking for, everything is just a "grep" away. Love it lol. Great content keep it up!

I once worked on an SMS1.2 system that kept having failed jobs. This was long after the release of SMS2.0. There was a suspicion that someone was making jobs fail, so we logged a P1 call with MS and got access to a security engineer. We replaced 1 DLL with a new file and changed back the file date. It tracked and logged activity, albeit secretly, and we caught the fella red handed. He was breaking the jobs and being a contractor with a due expiry, he would break things only he could fix. I saw the pattern, and saw the shock on his face as he was frog-marched from the site. Satisfaction, but really quite creepy how this DLL created hidden files, registry hives and really really cool 😎