[67706] in Cypherpunks


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Microsoft CAPI

daemon@ATHENA.MIT.EDU (Peter Trei)
Wed Oct 9 16:25:39 1996

From: "Peter Trei" <trei@process.com>
To: cypherpunks@toad.com
Date:          Wed, 9 Oct 1996 15:54:05 -6
Reply-To: trei@process.com

> Ravi Pandya wrote:
> > ... You can't load an encryption engine into Windows 95 or 
> > Windows NT unless that engine has been specially signed by 
> > Microsoft's corporate key.
> 
> And so what happens when the Microsoft key is compromised?  It might
> be hard to break by purely cryptographic means, but surely there are
> some people at Microsoft who aren't millionaires.

Much easier would be to patch the OS to disable the signature check
by the CryptoAPI. A patching program, once written, would require no
particular skill to run.

Sort of like 'rechipping' a high-end sportscar.



Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
http://www.process.com
trei@process.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[67706] in Cypherpunks

Re: Microsoft CAPI

daemon@ATHENA.MIT.EDU (Peter Trei)Wed Oct 9 16:25:39 1996

daemon@ATHENA.MIT.EDU (Peter Trei)
Wed Oct 9 16:25:39 1996