[funsec] More stuff to worry about random number generators:
Dude VanWinkle
dudevanwinkle at gmail.com
Tue Dec 18 15:44:16 CST 2007
On Dec 17, 2007 8:32 PM, Paul Ferguson <fergdawg at netzero.net> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> - -- "Dude VanWinkle" <dudevanwinkle at gmail.com> wrote:
>
> >via bruce:
> >>http://www.schneier.com/blog/archives/2007/12/dual_ec_drbg_ad.html
> >
> >Dual_EC_DRBG Added to Windows Vista
> >
> >Microsoft has added the random-number generator Dual_EC-DRBG to
> >Windows Vista, as part of SP1. Yes, this is the same RNG that could
> >have an NSA backdoor.
> >
> >It's not enabled by default, and my advice is to never enable it. Ever.
> >
>
> Windows Vista? What's that? ;-)
Microsoft workstation products are only semi-viable as an option after
SP2. This theory of mine held up for 2k and XP. We will see how well
it holds up for Vista, but by the look of things, NSA backdoors and
all, I might have to come up with another theory..
SP2 usually means over 600 MB of fixed code, but thats with a ~450MB
operating system. I wonder if Vista service packs will be relative...
-JP
More information about the funsec
mailing list