Microsoft Warns Customers Away From RC4 and SHA-1

Trailrunner7 writes "The RC4 and SHA-1 algorithms have taken a lot of hits in recent years, with new attacks popping up on a regular basis. Many security experts and cryptographers have been recommending that vendors begin phasing the two out, and Microsoft on Tuesday said it is now recommending to developers that they deprecate RC4 and stop using the SHA-1 hash algorithm. RC4 is among the older stream cipher suites in use today, and there have been a number of practical attacks against it, including plaintext-recovery attacks. The improvements in computing power have made many of these attacks more feasible for attackers, and so Microsoft is telling developers to drop RC4 from their applications. The company also said that as of January 2016 it will no longer will validate any code signing or root certificate that uses SHA-1."

Re:If SHA-1 is a problem, what does that make MD4?

You sir, are an armchair quarterback. A backseat driver. An individual that has no fucking idea what he is talking about. Just because Microsoft allows the mentioned protocols to be used does not mean they are recommended. Read their best practices documentation. Perhaps you think that everyone that sets up a Windows server uses the crappy defaults rather than RTFM and making the system secure. You and all the other FUD assholes make MCSEs out to be Neanderthals. Just because they make an OS for the masses doesn't mean it cannot be easily tuned to function in a hostile environment. Do not blanket the entire system just because most are not wise enough to do their fucking job. Microsoft uses their simplicity to increase sales and it works. That does not mean they do not provide the tools to make the OS actually work. You mention PPTP. Why? PPTP is not recommended by Microsoft. Do they allow it? Yes. Can you blame them? Sure. You blame them for everything even when they alert the entire fucking community not to use it, just like TFS. Sorry, I just finished a Tripwire setup and it is a PITA.