PRNG bug that allows prediction of OS encryption keys

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

that was shown by Isreali security researchers to affect Win2K has now been extended to include XP, and will not be patched by MS until the next service pack for XP. This bug allows both future and past encryption keys to be determined.

You can read the rest of this ComputerWorld article at the link below.

http://www.computerworld.com.au/index.php/id;837190152

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Yawn

Requires local admin rights on the box. If an attacker has grabbed them then they have the keys to the kingdom anyway and I'd be more worried about how they did that than exploiting some pissant little bug that allows them to break EFS. My main concern would be the enormous amount of spam my machine was suddenly responsible for sending, or the kiddie porn I was suddenly hosting via a private FTP site.

Seriously - anyone who is stupid enough to not have a firewall and run as an admin after about 85 years of warnings to the contrary flat out DESERVES to be brutalised.