17 Dec
2003
17 Dec
'03
11:17 p.m.
Mike McNally <m5@tivoli.com> writes:
Ravi Pandya wrote:
... You can't load an encryption engine into Windows 95 or Windows NT unless that engine has been specially signed by Microsoft's corporate key.
And so what happens when the Microsoft key is compromised? It might be hard to break by purely cryptographic means, but surely there are some people at Microsoft who aren't millionaires.
But who may want to be, eh? :) Actually it is also possible to use a much more overt route and just patch around anything which is doing the signature checking (possibly on just a temporary basis if the checks are only made when the engine is first loaded.) jim