[117492] in Cypherpunks
Re: NSA key in MSFT Crypto API
daemon@ATHENA.MIT.EDU (Steve Mynott)
Sat Sep 4 08:41:13 1999
Date: Sat, 4 Sep 1999 12:23:29 +0000
From: Steve Mynott <steve@tightrope.demon.co.uk>
To: "William H. Geiger III" <whgiii@openpgp.net>
Cc: cypherpunks@cyberpass.net
Message-ID: <19990904122329.C24928@tightrope.demon.co.uk>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
In-Reply-To: <199909031623.MAA07890@domains.invweb.net>; from William H. Geiger III on Fri, Sep 03, 1999 at 11:19:05AM -0500
Reply-To: Steve Mynott <steve@tightrope.demon.co.uk>
Surely all your comments below equally apply to OS/2 Warp and
indeed MacOS and any closed source OS?
OpenBSD is a multiplatform, open source OS which is audited for
security and is shipped (out of Canada) with strong crypto.
On Fri, Sep 03, 1999 at 11:19:05AM -0500, William H. Geiger III wrote:
> In <D104150098E6D111B7830000F8D90AE8E62A42@exna02.securitydynamics.com>,
> on 09/03/99
> at 11:49 AM, "Trei, Peter" <ptrei@securitydynamics.com> said:
>
>
> >The ability to replace the NSA key with another
> >is an extremely serious vulnerability. This means that
> >*anyone* - not just the NSA - can write a compromised
> >module and install it on the target, as long as they
> >also replace the NSA key with the one they used to
> >sign the weakened module.
>
> >Tripwire, anyone?
>
> It's very simple, DO NOT USE WINDOWS!!
>
> This is a compromise in only one API. God only knows what they have done
> to compromise security in the millions of lines of code that no one
> outside of Redmond has ever seen.
>
> Windows is compromised!! Microsoft is in bed with the Federal Government.
> There is *no* security on a system running their software. Those who
> continue to do so get exactly what they deserve.
>
> --
> ---------------------------------------------------------------
> William H. Geiger III http://www.openpgp.net
> Geiger Consulting Cooking With Warp 4.0
--
1024/D9C69DF9 steve mynott steve@tightrope.demon.co.uk http://www.pineal.com/
"egotist: a person more interested in himself than in me." - ambrose bierce