-
- MS Denies Windows 'Spy Key' By Steve Kettmann and James
Glave 10:20 a.m. 3.Sep.99.PDT
-
- Microsoft is vehemently denying allegations by a leading
cryptographer that its Windows platform contains a backdoor designed to
give a US intelligence agency access to personal computers.
-
- Andrew Fernandes, chief scientist for security software
company Cryptonym in Mississauga, Ontario, claimed on his Web site Friday
that the National Security Agency may have access to the core security
of most major Windows operating systems.
-
- "By adding the NSA's key, they have made it easier
-- not easy, but easier -- for the NSA to install security components on
your computer without your authorization or approval," Fernandes said.
-
- [More at http://www.wired.com/news/news/story/21577.html]
_____
-
- The Spy Who Encrypted Me
-
- By Joel Deane, ZDNN February 26, 1999 1:08 PM PT http://www.zdnet.com/zdnn/stories/news/0,4586,2215192,00.html
-
- WASHINGTON -- It's all very Tom Clancy.
-
- Within a few weeks civilians will be able to rig their
laptops to transmit and contain classified-level information, safe in the
knowledge that their system has the blessing of the home of high-tech spying,
the National Security Agency. But it seems most road warriors are too paranoid
to come in from the cold.
-
- The problem: Who wants the government inside their computer?
-
- The NSA is currently in the final round of tests for
two new products developed by Kasten Chase Applied Research that use the
NSA's Fortezza encryption technology. Designed to provide secure connections
to a LAN over standard phone lines, the 56Kbps Mykotronx Palladium modem
and Spyrus Talisman software are already on the civilian market and in
use by the U.S. military.
-
- Kasten Chase Regional Sales Manager Blair Semple said
the NSA tests should finish this week.
-
- Modem and crypto card With its Fortezza 80-bit Skipjack
encryption, the Palladium modem meets the NSA's PCMIA card security standards.
It also doubles as a Fortezza crypto card that guards the computer's data
against theft.
-
- Here's how the Fortezza crypto card works. Once a PC
is loaded with the Talisman software it automatically encrypts every file
that's loaded onto a computer -- and ensures that only a user with the
correct Fortezza crypto card and seven-digit password can gain access to
that encrypted data.
-
- "A Fortezza card also requires a PIN. So that even
if someone stole my computer and got my Fortezza card they have to enter
a seven-digit PIN within 10 tries or the card shuts itself down and they
can't access the data," Semple said.
-
- Military clientele The Treasury Department, Commerce
Department and Department of Energy already use Kasten Chase's secure Fortezza
products, but most customers hail from the U.S. Army, Navy, Air Force and
Marines.
-
- As yet, the products haven't won a large following in
the corporate world. That could be partly to do with the system's price
tag. Customers also have to buy the OPtiva Secure Plus, Kasten Chase's
eight-slot PCMIA RAS -- once they've outfitted 50 or more road warriors,
Semple said, the cost evens out to about $1,000 a head.
-
- But the main obstacle is -- you guessed it -- paranoia:
people just don't trust the government.
-
- "Within the corporate world there's a little bit
of fear that it's a government-developed technology and therefore the government
has a way to get into it. A backdoor," Semple explained.
-
- "At one point in time this technology did have backdoors,
the Fortezza technology did, but those have all been removed now. There's
a little bit of convincing required."
-
- Very Tom Clancy.
- ---------- Microsoft beefs up NT security By Tim Clark
Staff Writer, CNET News.com August 31, 1998, 9:40 a.m. PT Aiming to expand
its business with federal agencies, Microsoft will boost security for Windows
NT by supporting FIPS 140-1 and Fortezza, two key cryptographic standards
for federal government users.
-
- Microsoft will add support to Windows NT Workstation
and Server 4.0 operating systems later this year. Support of FIPS 140-1
and Fortezza will be achieved through security plug-ins for Microsoft's
CryptoAPI, a set of programming interfaces.
-
- [More at link]
-
- SIGHTINGS HOMEPAGE
- This
Site Served by TheHostPros
|