Before anyone emails me about today's tech reporter-induced stupidity, I'll let Ed Bott clear the air:
Techdirt’s Mike Masnick is usually pretty reliable, but he completely blew it today, hitting the publish button on one of the sloppiest, most inflammatory stories I’ve seen in a long time:
Microsoft Gives Vista Backdoor Keys To The Police
It's long been assumed that Microsoft has built in various "backdoors" for law enforcement to get around its own security, but now reader Kevin Stapp writes in to let us know that the company has also been literally handing out the keys to law enforcement. Apparently, they’re giving out special USB keys that simply get around Microsoft’s security, allowing the holder of the key to very quickly get forensic information (including internet surfing history), passwords and supposedly encrypted data off of a laptop. While you can understand why police like this, the very fact that the backdoor is there and that a bunch of these USB keys are out there pretty much guarantees that those with nefarious intent also have such keys.
OK, now go read the linked story from the Seattle Times. There's not a word - not one word - about back doors or encryption. Sadly, the usual suspects in the Techmeme echo chamber are whipping the inaccuracy around the infield at major league speeds. CrunchGear says Microsoft has "developed a thumb drive that helps Johnny Law quickly extract information, encrypted or otherwise, from computers." And Valleywag talks about "a USB dongle that plugs into a computer, bypasses any Windows passwords or encryption, and quickly downloads sensitive data such as your Web browsing history."
I've heard of jumping to conclusions, but these are some truly giant leaps.
All three stories reference the same Seattle Times story, which never says or even implies that the tools on this USB drive could break any sort of encryption, including Microsoft's BitLocker Drive Encryption.
Update: Ben Romano of the Seattle Times, who wrote the original story, has published an updated post (Looking for answers on Microsoft’s COFEE device) that also tries to clear away some of the FUD. "Via email, a Microsoft spokeswoman said COFEE is a compilation of publicly available forensics tools, such as 'password security auditing technologies' used to access information 'on a live Windows system.' It 'does not circumvent Windows Vista BitLocker encryption or undermine any protections in Windows through secret "backdoors" or other undocumented means.'"
Folks, this stuff just gets tiring. What's next? Is someone going to suggest that Vista is a gigantic failure and we should all go back to a seven-year-old OS that debuted to the worst security vulnerabilities in the history of computing? Problems that were so bad that Microsoft actually halted new OS development for almost an entire year?