A story breaking in the security community but I’ve filed under “Does this surprise anyone, really? Come on!” has to do with smartphones running Windows Mobile. According to the filing from Cryptome.org reports that there is a Windows OS backdoor being used by the National Security Agency and agencies and contractors employed by the federal government that allows people to “backdoor” (extrapolate: eavesdrop, wiretap, trojan horse or fill in your own noun-verb) a system. This includes smartphone devices running Windows Mobile.
It is unclear as to whether Microsoft is a willing ally in this, as Borat put it, “war of terror”.
More info as I get it.
Added: As pointed out by commenters below, there is not enough evidence here to prove one way or another. Cryptome also has a considerable history of “waving the flag” around government crypto issues. However, in theory, the potential risk does exist as the exploit is in similar fashion as Windows Update. In WU, users allow a web service remote administrative access to their machine during the period of time surrounding an update. As this is the window of time that Cryptome alleges is the “backdoor” period, it would not surprise me if this is indeed true. Microsoft PR handling this issue has no comment at this time but promises to “look into it” – whatever that means.
Photo Attribution: Jnxyz