[11836] in cryptography@c2.net mail archive
Re: Microsoft marries RSA Security to Windows
daemon@ATHENA.MIT.EDU (Joseph Ashwood)
Thu Oct 10 17:12:07 2002
From: "Joseph Ashwood" <ashwood@msn.com>
To: <cryptography@wasabisystems.com>
Date: Wed, 9 Oct 2002 14:59:36 -0700
----- Original Message -----
From: "Roy M.Silvernail" <roy@scytale.com>
> And here, I thought that a portion of the security embodied in a SecurID
> token was the fact that it was a tamper-resistant, independent piece of
> hardware. Now M$ wants to put the PRNG out in plain view, along with its
> seed value. This cherry is just begging to be picked by some blackhat,
> probably exploiting a hole in Pocket Outlook.
Unfortunately, SecurID hasn't been that way for a while. RSA has offered
executables for various operating systems for some time now. I agree it
destroys what there was of the security, and reduces it to basically the
level of username/password, albeit at a more expensive price. But I'm sure
it was a move to improve their bottom line.
Joe
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
