Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Vista Random Numbers to Include NSA Backdoor?

Posted by ScuttleMonkey on from the advice-is-to-never-enable-it.-Ever. dept.

Schneier is reporting that Microsoft has added the new Dual_EC-DRBG random-number generator to Vista SP1. This random-number generator is the same one discussed earlier that may have a secret NSA backdoor built into it.

3 of 269 comments (clear)

  1. Clever! by spun · · Score: 5, Insightful

    I see what you did there. You implied that anyone who criticizes the US or Vista is a paranoid loony. Now why would you do that? Do you just assume that people will criticize the US? Is the US that worthy of criticism that you have to defend it preemptively? I know that's a popular tactic these days, but is it entirely necessary? Nice how you posted AC, too. You sir are an all-around class act.

    --
    - None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
  2. Re:Given the known problems of Dual_EC_DRBG by morgan_greywolf · · Score: 5, Insightful

    Who even says that at an RNG has to be at the OS level? If NSA or its customers want to use Dual_EC_DRBG, there is nothing stopping them from doing so on Vista or any other OS.

    As another poster said, where in the OS is this used? Do you know? Does anyone but Microsoft?

    --
    My blog
  3. Re:Given the known problems of Dual_EC_DRBG by morgan_greywolf · · Score: 5, Insightful

    This random number generator is not used by default. Prove it. Oh, that's right, you can't because you don't have the source code. Unless maybe you're astroturfing. Even then you'd be under an NDA anyhow.

    Other governments are not going to be willing to buy a system with a NSA backdoor. And other governments have replaced Windows with custom Linux distros due to the potential of this very problem. This is a fact that cannot be denied.

    --
    My blog