[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: M$ CryptoAPI Question
On Sun, 17 Mar 1996 [email protected] wrote:
> At 06:27 PM 3/17/96 EST, Dr. Dimitri Vulis wrote:
> > I wonder if it's worth it to crack their approval mechanism so we can
> > add our own crypto subsystems without asking Microsoft's approval.
[...]
> Wait until Microsoft makes some oppressive decisions,
> or is compelled to make some oppressive decisions.]
>
> I do not expect that any cracking will be needed. Microsoft
> will approve a freeware module for use in America, and then,
> alas alas, someone will leak it.
If the only goal is to allow international strong crypto using the
CryptoAPI, then I agree with the above. However, exploring the CryptoAPI
internals now, while there is still a possibility that they can be
changed, is a productive undertaking to the extent that it exposes holes.
If the good guys can find a way to plug an unapproved international
strong-crypto module into the CryptoAPI, then the bad guys can find a way
plug in a no-crypto virus or trojan horse.
[email protected]
http://www.c2.org/hackmsoft/ and other cool stuff