Murphy's Law: How Microsoft Vista Helps Terrorists


February15, 2007: Laptop computers are a major asset in the war on terror. Not because our troops use them, which they do in large quantities, but because the enemy uses them as well. Terrorist organizations have records, use email and are constantly on the go. Thus a laptop is an excellent terrorist tool. At the same time, your average terrorist has not had a lot of formal training in what he is doing. That sort of specialized training is particularly useful when it comes to keeping data on a laptop secret. You can, for example, encrypt all the data on your laptop. Every time you boot the laptop, you have to enter a long password. That's a hassle, but it keeps the enemy from easily reading what is on your laptop. The pro's also know that there are many things they should not even keep on a laptop, or should put it there, if you must, using code words. While there are some terrorists who take care with their laptop based data, most don't, and that has provided much good information on who the bad guys are, what they are up to, and where they are.

The terrorists also have an opportunity to "capture" enemy laptops. While between 5-10 percent of laptop computers are lost or stolen each year, the rate at government intelligence and investigative agencies is much lower (less than a third of the civilian rate.) But that still means there is lots of sensitive gets out. Less than two percent of stolen laptops are recovered, although the recovery rate is ten times higher for lost ones. Still, odds are that once it's gone, it's really gone. On the plus side, these losses are almost entirely the result of criminal behavior, or bad luck.

Rarely does sensitive information on missing laptops find its way to the wrong people. The exception is the missing laptops in a combat zone. There, too many people know that any stolen laptops can have valuable data on them. For that reason, military and government users were glad to see Microsoft include strong data encryption (BitLocker) in the latest version (Vista) of its operating system. The bad news, at least for intelligence personnel, is that the bad guys will have convenient access to this easy-to-use encryption technology. There has been encryption technology like this available for years, but it was hard to install and use. BitLocker is designed for non-geeks. Apparently, there is no "back door" (easy way for the government to read BitLocker encrypted data). However, Microsoft may have shared technical data about Bit Locker with the NSA (National Security Agency, which handles American government and military cryptography), to make it easier to crack.

Over the last few years, American intelligence agencies (FBI, CIA, Secret Service, etc) have cut losses of laptops and weapons by about half. Given the amount of equipment out there, there will still be stuff lost. While the guns can't be rendered useless to thieves, laptops can be made less useful to the bad guys. Most of the lost laptops do not contain high value data, and those that do are apparently equipped with more security devices (like "call home" programs and encryption.) While laptop losses cannot be completely eliminated, the degree of damage can be greatly reduced. But new technologies like BitLocker also make life harder for intelligence services everywhere.




Help Keep Us From Drying Up

We need your help! Our subscription base has slowly been dwindling.

Each month we count on your contribute. You can support us in the following ways:

  1. Make sure you spread the word about us. Two ways to do that are to like us on Facebook and follow us on Twitter.
  2. Subscribe to our daily newsletter. We’ll send the news to your email box, and you don’t have to come to the site unless you want to read columns or see photos.
  3. You can contribute to the health of StrategyPage.
Subscribe   contribute   Close