[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Micro$oft and Java




Another interesting post.  The list is really heavy.  I end up killing
most of the articles.  There are some real gems in there though.

>>>>> "Joel" == Joel McNamara <[email protected]> writes:

    Joel> I was at the Microsoft presentation.  Crypto-relevant info:
    Joel> A patch will be published in the next few days to address
    Joel> the weak .PWL encryption.  I got a rather lame excuse about
    Joel> how the encryption was first implemented in 1991, and how it
    Joel> was sufficient then.  They will supposedly be changing the
    Joel> seed.

    Joel> I asked about what MS was doing in regard to future strong
    Joel> crypto.  Got an interesting response in that that "the
    Joel> government was going to let them implement 768 bit keys."  I
    Joel> later asked an MS person if these were RSA session keys or
    Joel> what.  He said yes, but I really don't think he knew what he
    Joel> was talking about based on some of his other comments.

    Joel> Visual Basic Script will be MS's response to JavaScript.
    Joel> The interesting thing here is a plan to use digital
    Joel> signatures on controls and scripts as a means of
    Joel> authentication.  The comment was made "you'd trust something
    Joel> signed by Lotus or some other big name, but you probably
    Joel> wouldn't be that trustful of a piece of shareware."  Hmmm...

    Joel> MS will be releasing a "safe" runtime version of Visual
    Joel> Basic that will supposedly prevent nasty virii and trojan
    Joel> horses from being implemented on Web pages.  IMHO, Perry's
    Joel> previous comments on the security of Java apply.

    Joel> Servers and some clients will support end-to-end encryption.
    Joel> No details...

    Joel> I didn't ask about GAK.  Bill said there was a white paper
    Joel> explaining Microsoft's position on encryption.  Maybe I'll
    Joel> test the search capabilities of the MS Web site later
    Joel> tonight.

    Joel> Overall, the presentation was interesting (but obviously
    Joel> lacking in technical details as the audience was mostly
    Joel> press).  MS is going to throw a lot of resources at this in
    Joel> order to maintain its industry dominance.

    Joel> Thought for the day.  Bill on the relevance of the briefing
    Joel> being held on Pearl Harbor day quoted Admiral Yamamoto after
    Joel> the 1941 attack, "we have awoken a sleeping giant."  Draw
    Joel> your own conclusions on that one...

    Joel> Joel

    Joel> --
David Wayne Williams		[email protected]
Software Engineer		http://www.cet.co.jp
Catena Enterprise Technologies	Linux, PGP, the Web: I love this Net!