Why NSA spied on inexplicably unencrypted Windows crash reports

The National Security Agency's X-KEYSCORE program gives the spy agency access to a wide range of Internet traffic. Any information that isn't encrypted is, naturally, visible to passive Internet wiretaps of the kind the NSA and other intelligence agencies use. This in turn will typically expose such things as e-mails, online chats, and general browsing behavior.

And, according to slides published this weekend by Der Spiegel, this information also includes crash reports from Microsoft's Windows Error Reporting facility built in to Windows.

These reports will tell eavesdroppers what versions of what software someone is running, what operating system they use, and whenever that software has crashed. Windows also sends messages in the clear whenever a USB or PCI device is plugged in as part of its hunt for suitable drivers.

Read 3 remaining paragraphs | Comments