[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: M$ CryptoAPI Question
At 12:02 AM 3/18/96 -0800, you wrote:
>
>If the good guys can find a way to plug an unapproved international
>strong-crypto module into the CryptoAPI, then the bad guys can find a way
>plug in a no-crypto virus or trojan horse.
>
You want to prove:
(A)
IF you CAN plug in an unapproved module
THEN you CAN plug in a trojan/virus.
That doesn't mean, however, that:
(B)
IF you can't plug in an unapproved module
THEN you can't plug in a trojan/virus.
The subversion mechanisms would just not use the standard API.
So what have you really proved if you can prove (A)?
>[email protected]
> http://www.c2.org/hackmsoft/ and other cool stuff
>
>