Cryptographers sound warnings on Microsoft security plan

Wednesday, 16 April 2003, 4:41 PM EST

Just three weeks before Microsoft Corp. publicly details plans to create a secure operating mode for Windows PCs, two top cryptographers have raised concerns about Microsoft's approach.

Whitfield Diffie, a distinguished engineer at Sun Microsystems Laboratories, said an integrated security scheme for computers is inevitable, but the Microsoft approach is flawed because it fails to give users control over their security keys. Ronald Rivest, an MIT professor and founder of RSA Security, called for a broad public debate about the Microsoft move.

Microsoft first tipped its plans, formerly code-named Palladium, about a year ago. Since then some details have emerged about the concepts for what Microsoft now calls the next-generation secure computing base (NGSCB, pronounced "enscub").

Microsoft has detailed its plans to as many as 30 partners under non-disclosure agreements. The company plans to unveil the full technical details and partnerships behind its plans at the Windows Hardware Engineering Conference in early May.

[ Read more ]




Spotlight

Chrome extension thwarts user profiling based on typing behavior

Infosec consultant Paul Moore came up with a working solution to thwart a type of behavioral profiling. The result is a Chrome extension called Keyboard Privacy, which prevents profiling of users by the way they type by randomizing the rate at which characters reach the DOM.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Wed, Jul 29th
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //