[UPDATE] German government calls security within Windows 8 "unacceptable" – continues switching their machines over to Linux

Do you trust Microsoft’s latest operating system, Windows 8? If you are the Federal Republic of Germany, the answer to that question is "no". Last week internal documents from IT professionals within the government showed a strong rejection of the new operating system calling it "unacceptable for the federal administration and the operators of critical infrastructure".

The German government feels technology within the latest operating system create a dangerous backdoor that could allow access to confidential information. With the United States’ Nation Security Agency in the not so positive spotlight recently, concerns of keeping confidential data secure is at an all-time high.

The new trust issue is ironically due to the latest version of Trusted Computing – a technology developed to enforce behavior on a PC. The operating system works with a Trusted Platform Module (TPM) chip to coordinate and regulate what software can be run on a PC and how secure data is managed. The idea behind the Trusted Computing platform is to prevent malicious software and code from running on your machine.

The latest edition of the TPM chip included with Windows 8 will come already activated when you receive a new PC. In addition, while you can "disable" the TPM chip, there is no way to completely shut it off and insure that it won’t re-enable itself.

While this all might sound keen and dandy to the average user, the new Trusted Computing platform could possibly serve as a backdoor into the system when updates are pushed. The new TPM chip also removes complete control from the user without a firm way to opt-in and opt-out of the technology.

In an official statement, Germany’s intelligence agency stated that:

"The BSI warns neither the public nor the Federal German company prior to any deployment of Windows 8, the BSI currently provides, however, some critical aspects related to specific scenarios in which Windows 8 is operated in combination with a hardware is that has a TPM 2.0., for certain groups of users, the use of Windows 8 in combination with a TPM may well mean an increase in safety. This includes users who cannot or for various reasons do not worry about the security of their systems want, but the manufacturer of the system trust that this provides and maintains a safe solution. "(Please note the above quote was translated from German into English and therefore may not be completely accurate word for word.)

The biggest problem for Microsoft? The Munich city administration in Germany has already decided they prefer to go without Windows and take a different route for increased security in the future – Linux. The city had begun a transition to switch all of their machines from Windows to Linux; the transition began ten years ago, but to government officials today – it doesn’t seem to be a bad idea. The entire city administration for Munich expects a completion date sometime in late 2013.

Here in the United States, the government has been using Linux on its backend servers for a long time, but a strong partnership with Hewlett-Packard keep PCs running Windows XP and Windows 7 front and center.

UPDATE: We are not going as far to insinuate that the NSA or other government agencies would actually use a TPM chip to gain access to a secure machine. In addition, there have been a few reports stating that the German government may have or may not have made certain statements – either way, our focus is to discuss the current possible security faults with the second generation of the Trusted Platform hardware and Microsoft’s Windows 8 operating system.

Source: The Register (UK)

CATEGORIES
Michael Archambault