Re: Defense Secretary Defends Microsoft

[Michael Motyka <mmotyka@lsil.com>]

Jay,

I hope you don't think I wrote the original post between the comment
markers /*...*/. When I saw it I was just musing on how you might go
about marking a drive, not if it would be a wise move from an "oops,
someone found it, how do we weasel out of this one" PR point of view.

I have a strong distrust for closed source systems. Especially if
they're on-line. Proposing viable ways in which they might be misused is
interesting.

So whether the original post was serious or not, dippy or not, myth or
not, the possibility exists to mark a drive, even to use reserved space
for keystroke logging. The number of disk drive brands and models and
their peculiarities is small enough to hide in the horde of DLLs from
Hell. So are some itty-bitty routines to manage the operations. I'm sure
the low-level drivers already have generic command routines to build on.
Consider it while conducting business on the net or off using MS
products.

I suppose it could be tested quite easily by putting an ATA bus analyzer
on a machine and loading Win98 from scratch then dialing up and
registering the product etc...

I'll have an analyzer next month but I don't know if I'll have the time
for that exercise. The simple possibility is enough to render Win98
unsuitable for certain uses.

Sorry for dragging out the thread, but I find the topic of subverted
HW/SW at least mildly interesting. It's not exactly crypto but it's a
first cousin and as a topic for discussion beats the hell out of sleazy,
stupid politicians or sleazy, smart politicians.

Mike