1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

PRNG bug that allows prediction of OS encryption keys

Discussion in 'Computer Security' started by ffreeloader, Nov 22, 2007.

  1. ffreeloader

    ffreeloader Terabyte Poster

    that was shown by Isreali security researchers to affect Win2K has now been extended to include XP, and will not be patched by MS until the next service pack for XP. This bug allows both future and past encryption keys to be determined.

    You can read the rest of this ComputerWorld article at the link below.

    Certifications: MCSE, MCDBA, CCNA, A+
    WIP: LPIC 1
  2. zebulebu

    zebulebu Terabyte Poster


    Requires local admin rights on the box. If an attacker has grabbed them then they have the keys to the kingdom anyway and I'd be more worried about how they did that than exploiting some pissant little bug that allows them to break EFS. My main concern would be the enormous amount of spam my machine was suddenly responsible for sending, or the kiddie porn I was suddenly hosting via a private FTP site.

    Seriously - anyone who is stupid enough to not have a firewall and run as an admin after about 85 years of warnings to the contrary flat out DESERVES to be brutalised.
    Certifications: A few
    WIP: None - f*** 'em

Share This Page