Author Topic: Windows 'SysKey' app, and MORE !  (Read 1948 times)

0 Members and 1 Guest are viewing this topic.

Offline GlennSprigg

  • Frequent Contributor
  • **
  • Posts: 829
  • Country: au
  • Medically retired Tech. Old School / re-learning !
Windows 'SysKey' app, and MORE !
« on: August 15, 2018, 01:21:51 pm »
Sorry if this seems LONG, but many people need to understand, even though I hope most people here do.
It is not so much a 'question', but a discussion about 'Security' levels accepted in the U.S.A.

syskey.exe is a part of windows, and is/was there to allow Users to encrypt their system,
at least at a basic level. At the risk of being corrected, probably 99.9% of people have never used it, (let alone
those that know about it). UNFORTUNATELY, the MOST time that this is utilized, is by HACKERS!...

Now YOU, the computer owner, husband, father, workmate, friend... may REALIZE that a phonecall, or online
request to HELP you fix your computer is a load of CRAP, but you can't always educate 'others' in time...
These ArseHoles usually start by getting you to download something 'like' Team-Viewer, and to run it with
certain supplied information, which allows 'them' to take control of your PC/Laptop. They THEN run syskey.exe
themselves, and basically lock you out of your own computer. The answer ????  ( to stop anyone else who may
ignorantly be using your computer),  then please see the explanation in the following link, how to circumvent that...

https://www.youtube.com/watch?time_continue=513&v=xX-75WJV-lg

OK, so you WANT to use Encryption on files/folders/HDD's/Partitions/Computers...  then read on...

Do you trust Microsoft ?... (I don't).  Why ?, because the American Government now 'forbids' the use of
encryption software from 3rd parties, that does NOT have a BACK DOOR for their infiltration !  Case in point!...
What USED to be a free Open-Source encryption package known as 'TrueCrypt', was shut down in 2014.
They were forced into 'retirement' and removed their GitHub links/software, stating that 'they' suggest
everyone change to Microsoft's "BitLocker"...  This is incorporated in the 'higher-end' Windows versions like
the 'Pro' or 'Ultimate' versions. (But NOT the 'Home' editions).  No guesses that Microsoft's 'BitLocker' has
been 'approved' by the United states National Security !!! But do they need this...  NO !!!!!!

Since the 'demise' of 'TrueCrypt', (Open-Source), there have been new advancements !
Various groups tried to take it over. (At an open source level), and NO LONGER with hidden developers.
FIRSTLY, a site labeling themselves as 'TCnext'   https://truecrypt.ch/  started by releasing the last known
good version of "TrueCrypt", being version  7.1a  (Still available for download).  BE WARNED though, that
the 'supposedly' final release, version 7.2, is NOT a USEABLE version !!  It purely 'DECRYPTS' your files, in
readiness for '"BitLocker" !!  You can STILL safely use TrueCrypt 7.1 with NO problems !!!!
Any 'reported' problems are due to no further followups, and NOT because it has been 'hacked'.....

SO, one follow through for 'TrueCrypt' was "CypherShed" which released a Version 7.4.0 in 2016.
This now seems to be "Dead in the water" with no work done on it for 1 1/2 years.
The BEST, current & maintained follow-on from 'TrueCrypt' was/is "VeraCrypt", which can be found here....

https://www.veracrypt.fr/en/Downloads.html

You may have your own reasons for file/system-encryption, and if 'I' wanted/needed that, then I
would be pissed off if my 'government' here in Australia 'demanded' that a back-door be built into
all such systems so that they could get in, when/if they please...  NOPE !

I guess I understand that terrorist organizations need to be brought to light, in no uncertain terms!
And although the global authorities had been caught with their pants down in the past, they have
a multitude of other methods to track them now, and hold them accountable, & eradicated !
 

Offline Halcyon

  • Global Moderator
  • *****
  • Posts: 3951
  • Country: au
Re: Windows 'SysKey' app, and MORE !
« Reply #1 on: August 15, 2018, 09:23:02 pm »
Let me just clarify a few points because I'm not quite sure what you're going on about and who has been in your ear, there is quite a bit of misinformation here.

Syskey was/is a Windows component which encrypted the SAM database. It was designed to keep password hashes etc... secure. It has been around since the Windows NT days and by the time Windows XP came around, it was on by default and couldn't be turned off. Latest versions of Windows no longer have the syskey utility (but still implement security features with regards to the databases).

Secondly, I don't pretend to be up-to-date on US laws and government but I find it hard to believe that even America would pass laws to forbid encryption without back doors. I call bullshit on that, so perhaps you can cite some references to back up your claim?

Bitlocker encryption is fine for the casual home user but is not suitable for storing sensitive data, but then again, it was never designed to do so. TrueCrypt 7.1a is still relatively safe to use, but it is still possible to obtain encryption keys under certain circumstances based on well known attacks. It's not a flaw in the encryption itself, rather how TrueCrypt implements it. It's not a back door nor is it a secret.

You seem angry, but I'm not quite following the point you're trying to make?
 
The following users thanked this post: Bassman59, gnif, tooki

Offline gnif

  • Administrator
  • *****
  • Posts: 1160
  • Country: au
Re: Windows 'SysKey' app, and MORE !
« Reply #2 on: August 16, 2018, 02:50:11 am »
Bitlocker has a backdoor, as does TrueCrypt, as does LUKS and md-crypt... It's called Firewire.

Until it was noticed that Firewire allowed DMA transfers to be initiated by the client Bitlocker had no known vulnerabilities, and even then you need to be able to unlock the HDD for the vulnerability to be a problem. Still today Bitlocker is considered by security experts world wide to be secure. Microsoft allows security research companies to audit the source code of components like Bitlocker under a NDA, and they do. It would be very hard to hide a backdoor in code that is audited by so many people.

Working in the field of Security as a Security Researcher myself I also call this out as a complete crock. If you want modern supported non Microsoft encryption the best free option is a md-crypt volume, or LUKS which makes it a bit more idiot proof.

As for TLS/SSL, in the past government agencies were able to store encrypted sessions to break the keys later, but in recent years with the added cipher modes with forward secrecy this is no longer possible. Even if they break one TLS session, they will still have to brute force the next (provided the server admin has been competent enough to configure this).

You could consider my network a gold mine of top secret sensitive information containing access details, encryption keys, etc. for large enterprise organisations and as such you would think I would be a prime target for "covert" agencies. Since I have never been targeted by any such organisation, why would they even look at you unless you're doing something illegal? If I ever was legally ordered to produce access details for my client's by the government I would comply, not because I am scared of what might happen, but because it is the law. Once they have your keys/access details, they don't need a backdoor... it's that simple.
« Last Edit: August 16, 2018, 03:05:16 am by gnif »
HostFission - Full Server Monitoring and Management Solutions.
https://hostfission.com/
https://twitter.com/HostFission

Note: I am NOT a moderator or arbiter of disputes, my Admin level of access is so that I can perform management of the server on behalf of Dave. Do not contact me over such issues
 

Offline GlennSprigg

  • Frequent Contributor
  • **
  • Posts: 829
  • Country: au
  • Medically retired Tech. Old School / re-learning !
Re: Windows 'SysKey' app, and MORE !
« Reply #3 on: August 17, 2018, 01:03:54 pm »
Firstly, 'Halcyon' said......
Syskey was/is a Windows component which encrypted the SAM database. It was designed to keep password hashes etc... secure. It has been around since the Windows NT days and by the time Windows XP came around, it was on by default and couldn't be turned off. Latest versions of Windows no longer have the syskey utility (but still implement security features with regards to the databases).

Exactly... and was only mentioned as I said, as a warning to people 'who' uses it now, and how to protect yourself.

Bitlocker has a backdoor, as does TrueCrypt, as does LUKS and md-crypt... It's called Firewire.

-------------------------------------

Working in the field of Security as a Security Researcher myself I also call this out as a complete crock. If you want modern supported non Microsoft encryption the best free option is a md-crypt volume, or LUKS which makes it a bit more idiot proof.

-------------------------------------

You could consider my network a gold mine of top secret sensitive information containing access details, encryption keys, etc. for large enterprise organisations and as such you would think I would be a prime target for "covert" agencies. Since I have never been targeted by any such organisation, why would they even look at you unless you're doing something illegal? If I ever was legally ordered to produce access details for my client's by the government I would comply, not because I am scared of what might happen, but because it is the law. Once they have your keys/access details, they don't need a backdoor... it's that simple.

Well, please don't get me wrong. I absolutely trust the integrity/sincere-belief of your words, and the importance of the information that you say you protect. And obviously you have a lot of knowledge & utilization's of it, in the work that you perform, in the security 'arena'.
I'm not suggesting that 'my' personal info etc, would even compare to that, or most anyone elses... but am talking about personal choice.

Is it possible, that even you, (and I do NOT mean that facetiously), are unaware of certain Governments/Security-Depts control ??
You say....  "Bitlocker has a backdoor, as does TrueCrypt, as does LUKS and md-crypt... It's called Firewire..."...
I'm obviously not talking about 'that' sort of problem/breach....
I don't want to get into a whole bunch of 'dialog' about it, as anyone can research the vast multitude of websites/forums etc
specifically about government intervention, past & present, and REAL 'backdoors', to keep anyone busy for weeks !!  :-)
 

Offline Buriedcode

  • Super Contributor
  • ***
  • Posts: 1283
  • Country: gb
Re: Windows 'SysKey' app, and MORE !
« Reply #4 on: August 17, 2018, 06:31:34 pm »
I don't want to get into a whole bunch of 'dialog' about it, as anyone can research the vast multitude of websites/forums etc
specifically about government intervention, past & present, and REAL 'backdoors', to keep anyone busy for weeks !!  :-)

You can also read thousands of web-pages discussing Alien abduction, homeopathy, fake moon landings, government (almost always American government because, you know, it always is) agendas trying to brainwash (which isn't even a thing) or control the population etc..  the trouble is the internet isn't neatly separated into "verified fact", "opinion", "satire" and "madness".  We just tend to read what we already believe to be true and ignore the rest.

I don't doubt there are ways to access ones information given enough time and resources, the question is, why do you need the best possible encyption?  Just because "government agencies" potentially have the capability to access any of your personal information - doesn't mean to say they want to.  These things require precious time, man-power and use of expensive tech which is put to much better use for national security.  I understand that intentionally weakening security to make it easier to break it when needs be is troubling, but this was never hidden - you are free to choose what security methods you use, and having backdoors/exploits being discovered only serves to improve matters.

I'm not sure what your thread is about.. is it a paranoid rant about conspiracies?  Have you recently been hacked and tracked the method down to some intentional weakening of security? (its true that so-called "hackers" will use whatever backdoors are available to them including ones put in place intentionally).  Are you trying to warn us about a new potential security threat, either a new method, or that it is more common? (baring in mind, very few people are actually targeted, almost all "hacks" are scattergun or phishing in the hope of getting something useful).  I'm trying to not be mean, I genuinely don't know.

Also, whilst it shouldn't matter, capitalizing words for emphasis, as well as making them bold just makes you look like a loon. Sorry, it shouldn't be the case but its true - just look at the British new paper "The Daily Mail" who regularly scream bizarre headlines about various "chemicals", there's just no need for caps and bold every few words.
 
The following users thanked this post: Halcyon

Offline bitseeker

  • Super Contributor
  • ***
  • Posts: 8534
  • Country: us
  • Lots of engineer-tweakable parts inside!
Re: Windows 'SysKey' app, and MORE !
« Reply #5 on: August 18, 2018, 07:26:39 am »
Summary:

Use VeraCrypt. QuarksLab performed a security audit of the code and found vulnerabilities, which were fixed in 1.19. Subsequent versions had bug fixes, many for Windows. So, TrueCrypt, although excellent in its day, is pretty much outdated, now.

And, of course, don't forget to back up your important files regularly (and verify that the backups work).
I TEA.
 
The following users thanked this post: GlennSprigg

Offline Mr. Scram

  • Super Contributor
  • ***
  • Posts: 9248
  • Country: 00
  • Display aficionado
Re: Windows 'SysKey' app, and MORE !
« Reply #6 on: August 18, 2018, 03:23:18 pm »
Third party encryption software isn't prohibited by the US government. Comments like that are rather inflammatory and should be considered FUD.
 

Offline GlennSprigg

  • Frequent Contributor
  • **
  • Posts: 829
  • Country: au
  • Medically retired Tech. Old School / re-learning !
Re: Windows 'SysKey' app, and MORE !
« Reply #7 on: August 19, 2018, 02:14:50 pm »
Summary:

Use VeraCrypt. QuarksLab performed a security audit of the code and found vulnerabilities, which were fixed in 1.19. Subsequent versions had bug fixes, many for Windows. So, TrueCrypt, although excellent in its day, is pretty much outdated, now.

And, of course, don't forget to back up your important files regularly (and verify that the backups work).

That's all I'm saying :-)  Since the original "Open-Source" stuff, "VeraCrypt" is the way to go now if one wishes to follow
the 'Open-Source' community!!  Nothing to 'read' into that !!. If you choose to use 'BitLocker', then good for you !
MY point was that 'BitLocker' is NOT built into the Windows 'Home' editions, that the VAST amount of users have.
I'm just informing them about their CHOICES now  :-)

As for the Government (Departments!!)  intervention thing... people have their belief and I have mine. I didn't 'ridicule'
people for 'their' beliefs, but they chose here to try and belittle me with ref to sites about 'aliens' & other nonsense.
If that gives them a sense of 'Power', then more power to them...  I won't sink to their level.
 

Offline rstofer

  • Super Contributor
  • ***
  • Posts: 7301
  • Country: us
Re: Windows 'SysKey' app, and MORE !
« Reply #8 on: August 19, 2018, 06:55:55 pm »
Third party encryption software isn't prohibited by the US government. Comments like that are rather inflammatory and should be considered FUD.

There was an issue where we in the US couldn't EXPORT encryption and that's why OpenBSD is hosted in Canada.

I have no idea what this says but apparently export is still restricted:
http://web.stanford.edu/group/export/encrypt_ear.html

Here is a document re: OpenBSD
https://www.openbsd.org/goals.html

 
The following users thanked this post: GlennSprigg

Offline Halcyon

  • Global Moderator
  • *****
  • Posts: 3951
  • Country: au
Re: Windows 'SysKey' app, and MORE !
« Reply #9 on: August 19, 2018, 09:31:40 pm »
Exports/import of products using strong encryption isn't uncommon. https://en.wikipedia.org/wiki/Restrictions_on_the_import_of_cryptography

I do actually see a point to it.
 

Offline Mr. Scram

  • Super Contributor
  • ***
  • Posts: 9248
  • Country: 00
  • Display aficionado
Re: Windows 'SysKey' app, and MORE !
« Reply #10 on: August 19, 2018, 10:10:18 pm »
There was an issue where we in the US couldn't EXPORT encryption and that's why OpenBSD is hosted in Canada.

I have no idea what this says but apparently export is still restricted:
http://web.stanford.edu/group/export/encrypt_ear.html

Here is a document re: OpenBSD
https://www.openbsd.org/goals.html
Note that only applies to specific forms of strong encryption. Even encryption algorithms deemed safe and thus strong enough for government use can be exported freely. Something like Bitlocker wouldn't exist if it weren't.

It's a bit silly to restrict nowadays too. Encryption used to be rare black magic, but it's much more public nowadays and the internet makes thinking in terms of import and export cumbersome.
 
The following users thanked this post: GlennSprigg

Offline bitseeker

  • Super Contributor
  • ***
  • Posts: 8534
  • Country: us
  • Lots of engineer-tweakable parts inside!
Re: Windows 'SysKey' app, and MORE !
« Reply #11 on: August 20, 2018, 12:53:20 am »
And one could get around the export restriction the Phil Zimmerman way: publish the source code in a book, à la PGP.
I TEA.
 

Offline GlennSprigg

  • Frequent Contributor
  • **
  • Posts: 829
  • Country: au
  • Medically retired Tech. Old School / re-learning !
Re: Windows 'SysKey' app, and MORE !
« Reply #12 on: August 21, 2018, 02:38:23 pm »
I don't want to get into a whole bunch of 'dialog' about it, as anyone can research the vast multitude of websites/forums etc
specifically about government intervention, past & present, and REAL 'backdoors', to keep anyone busy for weeks !!  :-)

...(Blaa blaa... a whole lot deleted...)...

I'm not sure what your thread is about.. is it a paranoid rant about conspiracies? ....

...(Blaa blaa... a whole lot deleted...)...

Also, whilst it shouldn't matter, capitalizing words for emphasis, as well as making them bold just makes you look like a loon....


Wow...  Talking about the proverbial "Waving a red rag at a bull"  8)
Where should I begin, to address you on your mighty pedestal of 'greatness'...

What ever your 'knowledge' about life, the universe & everything... you are obviously an Angry man. Calm down !

Regarding what this Thread is about... (much to your obvious disgust), I firstly did not know that 'one' can only
ask 'Questions', as opposed to merely 'discussing' a topic ? Which I started only to discuss the latest, & useable
 "Open Source" options for cryptography, if interested, for ALL Windows users, as apart from the limited BitLocker.
My 'Bad'... (I guess  :) ) ...

You then decided to go on, in your "Holier than thou" way, discussing my  "capitalizing words for emphasis..."
obviously with no other intent but to make myself...    "Look like a Loon"...
Well YOU, sir, are a typical self opinionated 'forum' BULLY. (Excuse the NEED for capitals there !!).
You must feel so proud....

Thank you to all the others who passed on their thoughts/knowledge... Glenn.
 

Offline mdszy

  • Supporter
  • ****
  • Posts: 291
  • Country: us
  • somehow has an ee degree
    • szy.io
Re: Windows 'SysKey' app, and MORE !
« Reply #13 on: August 21, 2018, 02:58:20 pm »
I don't want to get into a whole bunch of 'dialog' about it, as anyone can research the vast multitude of websites/forums etc
specifically about government intervention, past & present, and REAL 'backdoors', to keep anyone busy for weeks !!  :-)

...(Blaa blaa... a whole lot deleted...)...

I'm not sure what your thread is about.. is it a paranoid rant about conspiracies? ....

...(Blaa blaa... a whole lot deleted...)...

Also, whilst it shouldn't matter, capitalizing words for emphasis, as well as making them bold just makes you look like a loon....


Wow...  Talking about the proverbial "Waving a red rag at a bull"  8)
Where should I begin, to address you on your mighty pedestal of 'greatness'...

What ever your 'knowledge' about life, the universe & everything... you are obviously an Angry man. Calm down !

Regarding what this Thread is about... (much to your obvious disgust), I firstly did not know that 'one' can only
ask 'Questions', as opposed to merely 'discussing' a topic ? Which I started only to discuss the latest, & useable
 "Open Source" options for cryptography, if interested, for ALL Windows users, as apart from the limited BitLocker.
My 'Bad'... (I guess  :) ) ...

You then decided to go on, in your "Holier than thou" way, discussing my  "capitalizing words for emphasis..."
obviously with no other intent but to make myself...    "Look like a Loon"...
Well YOU, sir, are a typical self opinionated 'forum' BULLY. (Excuse the NEED for capitals there !!).
You must feel so proud....

Thank you to all the others who passed on their thoughts/knowledge... Glenn.

My guy, you're absolutely going on like a raving lunatic at this point...
somehow allowed to be a Pixie Wrangler in Training
eBay Store | My site | Hackaday.io Projects | my mastodon.technology profile
 

Offline GlennSprigg

  • Frequent Contributor
  • **
  • Posts: 829
  • Country: au
  • Medically retired Tech. Old School / re-learning !
Re: Windows 'SysKey' app, and MORE !
« Reply #14 on: August 24, 2018, 02:03:12 pm »
Ahh... there's another name to look out for now  8)
'Buriedcode' and 'mdszy'... for the Forum Bullies database...

I can see the "Error of my ways" now... for daring to 'reply' to a verbal (hidden)  BULLY...
That's the problem with some of these so-called Forums, that SOME consider themselves
so 'Elite', that they actually believe they are better than everyone else !!   :-[

I can 'see' them, in their Digital "Ivory Tower", looking down over their "Minions"... Oh GOD!!!
Funny... there was nothing constructive either of you have said, other than to 'flex' your
digital muscles, (in your anonymity) and feel 'power' by putting someone down ???

I STILL thank the 'others' for their answers/contributions.  :) :)
 

Offline Buriedcode

  • Super Contributor
  • ***
  • Posts: 1283
  • Country: gb
Re: Windows 'SysKey' app, and MORE !
« Reply #15 on: August 24, 2018, 08:36:14 pm »
I apologise if my reply came across as "bullying"m whilst perhaps my tone was rather tongue-in-cheek, it was never meant to be malicious.  I wasn't really sure what your post was about, which is why I asked for confirmation.  I gather from the title it is about syskey.exe and general user encryption applications, but was it promoting certain applications, or warning against their use?  I understand the frustrating at forum replies that don't conform to your expectations,  but please try not to assume everyone is trying to talk down to you - otherwise that is all you will see.
 
The following users thanked this post: GlennSprigg

Offline mdszy

  • Supporter
  • ****
  • Posts: 291
  • Country: us
  • somehow has an ee degree
    • szy.io
Re: Windows 'SysKey' app, and MORE !
« Reply #16 on: August 24, 2018, 08:37:50 pm »
Ahh... there's another name to look out for now  8)
'Buriedcode' and 'mdszy'... for the Forum Bullies database...

I can see the "Error of my ways" now... for daring to 'reply' to a verbal (hidden)  BULLY...
That's the problem with some of these so-called Forums, that SOME consider themselves
so 'Elite', that they actually believe they are better than everyone else !!   :-[

I can 'see' them, in their Digital "Ivory Tower", looking down over their "Minions"... Oh GOD!!!
Funny... there was nothing constructive either of you have said, other than to 'flex' your
digital muscles, (in your anonymity) and feel 'power' by putting someone down ???

I STILL thank the 'others' for their answers/contributions.  :) :)

Seriously man. Using caps, quotes, ellipses, emotes everywhere and wording things like you do makes you come off as a crank. Your "forum voice" sounds no different from someone trying to convince me the moon landing was a hoax, or that politics are filled with lizard people.
somehow allowed to be a Pixie Wrangler in Training
eBay Store | My site | Hackaday.io Projects | my mastodon.technology profile
 
The following users thanked this post: PointyOintment

Offline gnif

  • Administrator
  • *****
  • Posts: 1160
  • Country: au
Re: Windows 'SysKey' app, and MORE !
« Reply #17 on: August 24, 2018, 09:30:54 pm »
I am locking this thread as it seems to be devolving rather fast.
HostFission - Full Server Monitoring and Management Solutions.
https://hostfission.com/
https://twitter.com/HostFission

Note: I am NOT a moderator or arbiter of disputes, my Admin level of access is so that I can perform management of the server on behalf of Dave. Do not contact me over such issues
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf