[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Microsoft CAPI

To: [email protected]
Subject: Re: Microsoft CAPI
From: "Peter Trei" <[email protected]>
Date: Wed, 9 Oct 1996 15:54:05 -6
Comments: Authenticated sender is <trei@popserver>
Priority: normal
Reply-to: [email protected]
Sender: [email protected]

> Ravi Pandya wrote:
> > ... You can't load an encryption engine into Windows 95 or 
> > Windows NT unless that engine has been specially signed by 
> > Microsoft's corporate key.
> 
> And so what happens when the Microsoft key is compromised?  It might
> be hard to break by purely cryptographic means, but surely there are
> some people at Microsoft who aren't millionaires.

Much easier would be to patch the OS to disable the signature check
by the CryptoAPI. A patching program, once written, would require no
particular skill to run.

Sort of like 'rechipping' a high-end sportscar.



Peter Trei
Senior Software Engineer
Purveyor Development Team                                
Process Software Corporation
http://www.process.com
[email protected]

Prev by Date: Microsoft Millionaires and Billionaires
Next by Date: Re: Microsoft CAPI
Prev by thread: Re: Microsoft CAPI
Next by thread: RE: Microsoft CAPI
Index(es):
- Date
- Thread