M$ CryptoAPI Question
geeman at best.com
geeman at best.com
Mon Mar 18 12:17:49 PST 1996
At 12:02 AM 3/18/96 -0800, you wrote:
>
>If the good guys can find a way to plug an unapproved international
>strong-crypto module into the CryptoAPI, then the bad guys can find a way
>plug in a no-crypto virus or trojan horse.
>
You want to prove:
(A)
IF you CAN plug in an unapproved module
THEN you CAN plug in a trojan/virus.
That doesn't mean, however, that:
(B)
IF you can't plug in an unapproved module
THEN you can't plug in a trojan/virus.
The subversion mechanisms would just not use the standard API.
So what have you really proved if you can prove (A)?
>-rich at c2.org
> http://www.c2.org/hackmsoft/ and other cool stuff
>
>
More information about the cypherpunks-legacy
mailing list