Niels Ferguson of the Security Integrety Team had this to say about the idea of a backdoor being implemented in Windows Vista’s new Bitlocker security system:
Over my dead body.
Well, maybe not literally—I’m not ready to be a martyr quite yet—but certainly not in any product I work on. And I’m not alone in that sentiment. The official line from high up is that we do not create back doors. And in the unlikely situation that we are forced to by law we’ll either announce it publicly or withdraw the entire feature. Back doors are simply not acceptable. Besides, they wouldn’t find anybody on this team willing to implement and test the back door.
Very good to hear. If there is anything of the sort in Vista, it’s only a matter of hours before someone (bad cop, someone on vista team) leaks enough info for hackers to figure stuff out. That changes the product from a “security” product to an “obscurity” product.
Security is important in computing. “Backdoor” is just a public relations spin on “security hole”. Nothing less.