Microsoft denies 'spy' hole

For free real time breaking news alerts sent straight to your inbox sign up to our breaking news emails

Sign up to our free breaking news emails

Please enter a valid email address

Please enter a valid email address

SIGN UP

I would like to be emailed about offers, events and updates from The Independent. Read our privacy policy

MICROSOFT has strenuously denied that it left a secret "peephole" for America's spy agencies to read the encrypted files of computer users around the world.

Andrew Fernandes, a computer scientist in Canada, has alleged that Microsoft co-operated with the top secret National Security Agency (America's secret spy agency which is the equivalent of GCHQ) to enable its Windows programme to be exported worldwide. He believes that the NSA allowed Microsoft to include encryption technology in its software with a "peephole" that would allow its spies direct access to documents encoded with the popular Windows programme.

Encryption is vital to the expanding use of the internet for e-commerce and even private e-mails. Intelligence passed on to US businesses as a result of economic espionage by the NSA could give the companies a huge advantage.

The row is part of a growing debate in America over the rights of computers users to defend their privacy by encrypting information sent over the internet, and the right of the US government to restrict the strength of encryption used.

Mr Fernandes, chief scientist with Cryptonym, a Canadian software and consulting firm, claimed last week that the most recent Windows programs, including Windows 95 and 98, used special "keys" to check encryption programmes. The system uses two keys, one for Microsoft and another which is called the NSA key - a reference to the security agency.

Microsoft strongly denies that there is anything untoward about the key, saying that the NSA is the technical review authority for US export controls, and the key ensures compliance with US export laws. "This report is inaccurate and unfounded," it said in a statement. "The key in question is a Microsoft key. It is maintained and safeguarded by Microsoft, and we have not shared this key with the NSA or any other party."

That, however, has not stopped fevered speculation among computer users, many of whom regard Microsoft as little short of the devil, and the NSA as a prime threat to security. One recent missive on an internet forum was entitled: "How M$ [Microsoft] sold your ass to the ph3dZ [Feds]".

Mr Fernandes said the discovery was particularly worrying for foreign companies. "The US government is currently making it as difficult as possible for 'strong' crypto to be used outside of the US; that they have also installed a cryptographic back-door in the world's most abundant operating system should send a strong message to foreign IT managers," he said.