×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

269 comments

Really... (5, Funny)

2names (531755) | more than 6 years ago | (#21730986)

I guess it's not so secret then, is it?

Re:Really... (1)

I_Heat_Sexylaid (675028) | more than 6 years ago | (#21731166)

<channels Morrison>
"The men don't know, but the little girls...understand..."

speaking of backdoors... (-1, Troll)

Anonymous Coward | more than 6 years ago | (#21731292)

So . . .

I sat naked on the bench in the health club locker room, staring at the tiles on the floor between my feet, but really looking at nothing. I was waiting for Jamal to decide to come up and talk to me. He was this muscular teenage nigger who frequented the club and had ruined my life in the last few weeks. I was ordered to sit naked on the bench without a towel or anything to cover my nakedness. I had to keep my legs spread and my cock and balls visible for the anyone In the locker room who wanted a look. I knew instantly that it had been a mistake to sign up at the inner city health club which was eighty percent black, but It was near my house and cheap which was even more important.

The harassment had started on my first visit. Dark skinned, muscular black boys bouncing around the locker room with their huge dicks and pendulous sacks of balls swinging, high fiving each other and laughing and rapping, and there I was, this moderately built white guy of thirty two.

I will never forget coming back from the shower and one chocolate skinned thug of about eighteen let out a "weeeeeeeow" kind of sound and then said very loudly to me, loudly enough for all his pals to hear, "White man, how the hell can you fuck wit such a small dick?" They all roared with laughter and I turned bright red. Before I left that first time, I med Jamal. He eased up to me while I was packing my gym bag. He is one good looking darkie, I will say that for him. He flashed me a big white toothed smile and said he hoped I wasn't thinking of quitting the club. He said he was friends with the manager and they had my address and shit, and it would be really unfortunate if I decided to quit. Then he laid one large basketball player sized hand on my shoulder and said that he would see me at the same time the next day.

Well, that's how it started. It got worse each time I went to the club. Jamal and the other niggers got me to get towels for them, had me scrub their backs in the shower, even made me pick their dirty stinking jock straps up off the floor. They sent their filthy jocks and socks home with me to wash for them.

Now let me state here once and for all, that I am in no way at all gay. I don't think I ever even had a gay thought. So all of this really repulsed me. They would brush up against me so their big fat black dicks rubbed my body. They would make constant jokes about me being a faggot.

So I had it out with Jamal. I told him I was married and in no way gay, and I wanted to quit the club. That mention of my wife was the biggest mistake of my life. Jamal demanded to see a photo of her. Her name is Kathleen. After that, all they talked about was "Kathleen the Cunt" in the locker room.

"Da mailman probably shoving his dick in her right now while you is at da club." They would say things like that. Jamal would ask, "Do you suppose she ever took black dick up the ass?" I told them she didn't like anal, and they should keep their foul mouths to themselves. They beat the shit out of me.

I didn't go to the club for a week. All the windows were broken on my car, and my newspaper was stolen, and somebody pissed all over our door. I received a package at work, and when I opened it, there was a pile of shit in a box. I was going nuts with anguish. I thought of going to the police, but I knew I would face even worse if I did. So I went back to the club. That was two months ago. A lot had happened in those two months.

Now I sat waiting for Jamal to speak with me. He walked up, stark naked. The first thing I saw were his huge brown feet next to me. I looked up at his long muscular legs. How could I miss the seven inch flaccid dick, thick as a flashlight and the ball sack that looked like it had oranges in it. It was fucking obscene. His stomach was hard and tight. His ass was one of those round tight nigger bubble butts. His chest well defined with large nipples. He had a killer smile, thick nigger lips, and dark flashing eyes that often looked drugged. He had only recently gotten out of reform school for molesting a girl on the playground.

"So, my man, how's that little dick of yours hangin'?"

I spread my legs wider so he could see my pathetic shriveled white prick and small ball sack. If I didn't keep myself on display for them at all times, they would have a wet towel snapping session where my scrotum was the target. It hurt like hell and was totally humiliating.

"So, bro, is everything set up for tomorrow?" He stood close to me...so close that his huge flaccid hunk of fuck meat brushed my shoulder. His dick was so huge, it was just fucking obscene, and that was in its flaccid state. He had not showered yet, and his body reeked of the nigger stink of his workout.

"Please. Please don't do this. I know I agreed, but that was after you had beaten me almost senseless. Please, isn't there some other way?"

He lifted one leg and put his foot on the bench next to me. His gigantic balls swung back and forth in their fleshy sack.

"Dere is no other fucking way, man. You don't wanna even think of what we gonna do to you next time you disobeys us. Dere is no other way. Now it so happens dat I needs me a new girlfriend, and your wife fills da bill."

I felt my stomach turn over. I tried to relax, to breath deeply, but I felt like I was choking. This teenage nigger thug was talking about my wife. Kathleen. He had announced to me that he wanted her to become his girlfriend! Jesus Christ!

At first I had bluntly refused, letting my anger and disgust show. All the niggers in the club gathered around me, about fifteen of them, and Jamal announced that I was racially prejudiced and didn't want him dating his wife. They started to slap and punch me.

"It's not that. Honest to God, I swear, it's not that you are black. It's that she's my wife!"

Jamal roared with laughter. "Any bitch need more dick than you got! She probably sucking da boys at work every day anyway." He looked at the photo of her which he had taken from me. "Yeah, she got real cocksucker lips, she shore do!"

"Oh God no, she doesn't like blowjobs." I was crying in front of all of them.

"No, you gots it wrong. She like dick. Dat pussy is ready for some nigger seed!" Half the niggers surrounding me were getting hard ons, and I don't there there was one under eight and a half inches.

For weeks I had argued, begged, pleaded, tried to bargain with Jamal, but he only wanted one thing. My wife's virgin asshole. Once I stood up to them and told them I would go to the police. They had dragged me naked and screaming into the health club bathroom and forced me to eat turds out of the toilet bowl. I was sick for two days. The next time I went to the club, Jamal had made me suck his dick. That was the first time I saw it erect. Over twelve inches of throbbing leaking nigger cock. I had a panic attack and literally tried to run out of the club. They held me down on a bench and Jamal fed me his black fuck meat. His balls almost suffocated me. His dick choked me. He even made me suck his ass. What could I do? I agreed to let them have my wife. I know, I am an awful man. A sinner. It is unforgivable, but I am scared out of my wits.

"So, tomorrow, I comes over to yo house dressed up real good. You introduce me to yo bitch wife. Now when I sees her, dis is how I wants her dressed. A very tight tee shirt dat says printed on it, "I Love Nigga Dick!" She will wear no bra under it so I can see the tips of her titties through the material. Den she is to wear a short skirt, only I don want her to wear no panties under it. From now on, yo wife is forbidden to ever wear any panties. We want dat sloppy cunt and ass ready and available at all times. I want you to have some really top drawer booze at yo house ready for me. I am not sure what I will want, so you better have enough to satisfy me, whatever my taste might be. Who da fuck knows, I may want a cosmo, or maybe some of dat Louis XIII Brandy dat costs three hundred dollars. You better have it all. After I has a drink, you pretty little bitch and I gonna sit on da couch and get acquainted. Dat means you as da husband get to watch me finger her cunt and play wit her titties. You gets to see her meet my big fat old dick and even lick and suck it a little. I always insists on sex on da first date, cause how else you know how a bitch perform, right? Shit, I insist on sex on every date. I mean dat is da only reason for da fucking date..to plow some pussy! Right? Otherwise I'd rather hang wit da home boys. Now she gonna be a little uptight and scared at firs...right? Specially when she see my dick and she know dat huge motherfucker is gonna plow her virgin ass! Oh yea, if she got to shave her pussy. I wanna see bald pussy."

While he said all of this to me at the health club, his dick got thicker and thicker and long strings of pre-fuck started to hang from the fat pisshole.

"Please don't hurt her...please." I was shaking in my naked agony.

"Hurt her? No why the fuck would I hurt my new girlfriend? I gonna love her. I gonna show her da pleasures of lovemaking. Shore, it gonna hurt a little da first time I ram my twelve and a half inch motherfucking dick balls deep into her asshole. Shore it gonna hurt when I pounds her as hard as I can, and den pull out and shove it as hard as I can up her cunt. Shore dat gonna hurt a little, but dat is jus' part of fuckin'. You understand dat. Right? Better to hab some nice boy like me who wants her for his girlfriend fucking her, den every pasty white motherfucker at work who don't give a shit about her.

"Now don't you worry, I gonna take her into the bedroom to fuck her cunt and ass. I think dat is private. I mean, you can watch da first time she suck my balls and lick my dick and such. But fucking is between a guy and his girlfriend. I wants you dere at the start...at the sucking part, cause she is gonna be scared like I say, and you can calm her. Tell her it is a natural part of life, and she just gotta learn to please a man.

Now I am gonna want to use your master bedroom. You can sleep on da couch. I wants a nice big bed and luxury for fucks. I gotta fuck at least three times a day, usually more. Now of course I still going to be bangin' other cunt, but I will fuck your wife regularly cause she is my number one girlfriend. My special bitch. I ain't gonna introduce her to my bros until after I fuck her for a week or so. Den when she broken in, I gonna share her with all da boys from dis here health club. Dere about twenty of us here as you know, so she gonna be pretty busy sucking nigga dick and getting ass and cunt fucked. We gonna do mos' of it over at yo house. You have lots of food dere at all times fo my brothers when dey comes over to fuck your wife. Since she be fucking most every day all day and night from now on, I suggest she quit her job. Dat way, she don't even need to think about work and she can concentrate on nigga cock all da time."

"Please, please use condoms...." I had tears running down my face.

Jamal roared with laughter. "Condoms? Shit...no. We never use condoms. It ruins da fuck. Dat bitch gonna be pregnant in a couple of weeks at mos'. You gonna be da daddy of a nigga chile! And who knows. If she stay tight enough, maybe we fuck her for three or four years, you know, pass her around, pimp her out. Shit. She could hab five or six nigga babies! We don' allow no abortions. She gonna breed. Now my brothers and daddy be comin' over lots to fuck her too, so you better have lots of keys to yo house made, or jus' leave the fucking place unlocked. She don't leave da house without permission. I would hate it for both of you if some black bro comes over for a good hard fuck, and she not dere! Now I know you worried about her. Don' be. After a few days of getting nigga dick, she gonna love it so much, dat all she gonna live for. I seen it in white bitches lots of times. Someday she gonna thank you for all dis. I mean how many girls her age so lucky to get ten to fifteen black cocks a day? Long as her pussy and asshole hold up, she be happy. One thing, she gonna hab to be a really good cocksucker, cause One thig is dat when da boys in my hood meet up wit guys from other gangs...we got dis thing. We hab our girlfriends suck da cocks of all da members of the other gangs, as kind of a peace signal, you know, a sign dat we is kewl and everything is okay. So she gonna pretty much hab a dick in her mouth twenty-four seven for da next few months. She gonna be sucking on nigga dick even when she getting fucked by my bros. Dis house gonna be pretty packed full of black boys! Now, after a bitch has sucked fifteen to twenty dicks a day, she often get a real tired jaw and swollen lips and a sore tongue, so you gonna have to tell her no matter how tired she get, da last dick of da day she suck, gets jus' as good a suck as da first one in da morning. You gotta make sure she understand that. I can't have no bad reports from rival gangs dat my bitch can't suck!

Now we gots one more problem. Da bitch gonna be so busy getting fucked and sucking dick, she ain't gonna hab no proper time to clean up da dicks after dey fuck her cunt and ass! You know it da bitch's job to clean a dick wit her mouth after a brother fuck her. I mean, you can't expect a brother to walk around wit pussy slime or ass juice on his dick. But she gonna be so busy, she ain't always gonna hab time to clean up, so you my friend is going to have to step up to da plate to help her. You gonna be the official dick cleaner. You gonna lick and suck da dicks clean after dey fuck yo bitch of a daughter. I want you naked on you hands and knees at all times around da house, ready to lick and suck dick clean. And you gonna do a fine job too, I just know it. You get all dat stink off da cock. Maybe you can entertain da brothers waiting next in line to fuck yo daughter too by lickig dere balls and assholes. I never thought of dat until just now. Hot damn, dat is a good idea, ain't it? So dey don't get bored while dey waitin. And den, to keep your wife fresh and tight, after every three or four fucks, you gonna crawl in and suck the nigga cum right outta her pussy and asshole. Think how great dat is. You gonna get to suck your wife's pussy and asshole! How lucky is dat? You gonna clean out her cunt real good with yo tongue so it is ready for da next nigga.

We gonna be da happiest family you ever seen! Now come on, white boy, suck my dick, can't you see it dripping all over da floor?"

I put my mouth over the head of the huge leaking hunk of fuckmeat, and resigned myself and my wife to our new destiny.

Re:Really... (0)

Anonymous Coward | more than 6 years ago | (#21731220)

Tag sensationalism, please.

Re:Really... (-1, Offtopic)

Anonymous Coward | more than 6 years ago | (#21731222)

It seems this article was another hoax brought to you by slashdot [myminicity.com]

Re:Really... (0, Offtopic)

sexconker (1179573) | more than 6 years ago | (#21731522)

Mod parent troll - that damned datamining site again.

Re:Really... (1)

nickyj (142376) | more than 6 years ago | (#21731302)

Wait... couldn't you just add something to the random number? Or perhaps shift the digits over? or just do anything to the number generated and then *poof* no backdoor? Or am I not understanding this?

I know in Perl's rand function you can seed it with whatever you like. I'll admit I'm not a cracker.

Re:Really... (3, Insightful)

Applekid (993327) | more than 6 years ago | (#21731676)

What you're essentially proposing is encrypting the same data twice, first with the questionable algorithm, then with another algorithm of your choice. If that's the case, you might as well just encrypt it with the second algorithm, hopefully more complicated than just shifting and adding. ;)

Re:Really... (5, Informative)

yo_tuco (795102) | more than 6 years ago | (#21731712)

"Wait... couldn't you just add something to the random number? Or perhaps shift the digits over?"

You can do what TFA said:

"It's possible to implement Dual_EC_DRBG in such a way as to protect it against this backdoor, by generating new constants with another secure random-number generator and then publishing the seed. This method is even in the NIST document, in Appendix A."

Secret Back door code is pretty easy!! (5, Funny)

spineboy (22918) | more than 6 years ago | (#21731448)

Maybe the NSA could have thought a little harder at entering a back door code. Secret sources have revealed the NSA back door code to be.

up, up, down, down, left, right, left, right, B, A

Actually it is (1)

p3d0 (42270) | more than 6 years ago | (#21731968)

There is known to be a backdoor, but nobody knows what it is. That's the part that's secret.

"may have" (0)

Anonymous Coward | more than 6 years ago | (#21732094)

So it "may have" a top-secret magic NSA backdoor. I hear it also "may have" a portal to the magical world of Stupidia, and also "may have" a contest where the winner gets adopted by Bill Gates.

I've also heard any version of Lunix using the GPLv3 "may have" a secret program which will turn us all into robotic mutant drones in the service of Richard Stallinman.

Why, oh why, do teh FOSSies continue posting rumors, speculation, and insane conspiracy theories as news?

Section Tag (1)

solar_blitz (1088029) | more than 6 years ago | (#21730994)

Wouldn't this go under "Your Rights Online"?

Block filtration by category (0)

Anonymous Coward | more than 6 years ago | (#21731436)

I assume by not putting in any category, the editors get to bypass a users filtration by preferences selections.

Re:Section Tag (5, Funny)

naapo (982524) | more than 6 years ago | (#21731652)

Don't know about our rights online, but I gladly noticed that this was tagged quite appropriately

ahhjeezenotthisshitagain
It was not exactly a dupe, but clearly an "ahhjeezenotthisshitagain".

funny (-1, Offtopic)

Amouth (879122) | more than 6 years ago | (#21730996)

why does the shashdot "The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way. " seem so approperiate for this....

Re:funny (1)

cthulu_mt (1124113) | more than 6 years ago | (#21731630)

I think this "backdoor" story would be an appropriate time for the Goatse link. Where is that dude with the ASCI picture?

Re:funny (1)

Amouth (879122) | more than 6 years ago | (#21731806)

i can't see how i got a troll for that - i was posting that with the unnoted refrence to my sig... i mean this "back door" isnt' even confirmed - it is jsut someones idea that it "might" exist.. without proof though you don't know - so MS is using it - sure give them bad press if it is "known to have" a "back door" but really without proof what do you have other than random people trolling about nothing..

come to think about it my comment isn't any better than the rest of the people's here.. feel free to read my sig and troll away..

Conpiracy theorists.... (-1, Flamebait)

Anonymous Coward | more than 6 years ago | (#21731002)

"that may have a secret NSA backdoor built into it"

Now begin being paranoid rant about how U.S. is a fascist state and how Vista is the new 'evil'

Rinse, wash, repeat....

Clever! (5, Insightful)

spun (1352) | more than 6 years ago | (#21731206)

I see what you did there. You implied that anyone who criticizes the US or Vista is a paranoid loony. Now why would you do that? Do you just assume that people will criticize the US? Is the US that worthy of criticism that you have to defend it preemptively? I know that's a popular tactic these days, but is it entirely necessary? Nice how you posted AC, too. You sir are an all-around class act.

Re:Conpiracy theorists.... (1)

Deadfyre_Deadsoul (1193759) | more than 6 years ago | (#21731568)

Yet one more reason I am glad I still use Xp and not the malware that is MS/NSA Vista Now, it begs to question, will SP3 for Xp have this same new random number generator with backdoor?

Conspiracy theorists come forth! Now it the time.. (0)

Recovering Hater (833107) | more than 6 years ago | (#21731014)

To regale us with the myriad ways in which government plots are about to unfold with this. But sincerely, this is ripe for negative speculation. There is no good reason for something of this nature. Sure, some will say it's for the kids and what about the terrorists being thwarted before they can act and all, but I still say this is BS. Closed source buffoonary if you ask me.

Re:Conspiracy theorists come forth! Now it the tim (4, Insightful)

hey! (33014) | more than 6 years ago | (#21731442)

I disagree.

This has absolutely nothing to do with open or closed source. A completely open source random number generator would have precisely the same vulnerability, because the problem isn't potential skulduggery by the vendor, it's potential skulduggery by the people who designed the standard.

What Microsoft has done is to implement a questionable standard. It makes no sense in this case to blame them for its shortcomings, especially since developers have alternative standards they can use.

Now when it comes to application software using a random number generator, then there actually is a closed/open source argument to be made. Do you know which random number generator is used by the software you use? With closed source, almost certainly not. With open source, programmers can undo the choice of the dodgy elliptic curve RNG and replace it with a more solid, equally standards compliance alternative. And get a speed boost too. You also know that you might not want to trust the source for your software if they use the inferior algorithm.

From the article (3, Insightful)

tieTYT (989034) | more than 6 years ago | (#21731034)

"It's not enabled by default, and my advice is to never enable it. Ever."

Re:From the article (5, Interesting)

Smidge204 (605297) | more than 6 years ago | (#21731296)

It's not enabled by default ... until the next Automatic Update rolls around.

=Smidge=

Re:From the article (1)

Daimanta (1140543) | more than 6 years ago | (#21731304)

That's what I think about Vista.

And if you really want to be secure, you can throw Windows on the same heap.

Article summary follows (-1, Troll)

krog (25663) | more than 6 years ago | (#21731036)

Nothing for you to see here. Please move along.

How is this offtopic? (-1)

Anonymous Coward | more than 6 years ago | (#21731416)

You may not find it particularly funny, but offtopic it isn't.

Given the known problems of Dual_EC_DRBG (5, Interesting)

morgan_greywolf (835522) | more than 6 years ago | (#21731046)

Given the known problems of Dual_EC_DRBG, which, from the Bruce Schneier article, include the fact that's slow, that it's got an obvious backdoor, and that it was inexplicably pushed for the NSA for seemingly no reason, why would Microsoft add it to Vista SP1?

Now adding the algorithm itself isn't really a backdoor per se, because no one is forcing you to use that particular random number generator. But it is also interesting to note that this isn't the first time Microsoft has been accused of inserting backdoors for the CIA or the NSA. Of course, Microsoft vehemently denies such allegations, but I would assume that they would. Given what the telcos did for the NSA, would anyone be surprised if it really did come out that the NSA actually forced Microsoft to put backdoors in Office or Windows?

Re:Given the known problems of Dual_EC_DRBG (5, Informative)

RightSaidFred99 (874576) | more than 6 years ago | (#21731202)

I know this is crazy talk, but maybe there's a simple explanation. Microsoft put it in the OS as an option so that people who want to use it (hmm...government contracts?) can if they so choose. So maybe Microsoft sees the NSA as a "customer" and decided they were important enough to include it for their use and for other government use.

Insane - I know, they must be "out to get us".

Re:Given the known problems of Dual_EC_DRBG (5, Insightful)

morgan_greywolf (835522) | more than 6 years ago | (#21731470)

Who even says that at an RNG has to be at the OS level? If NSA or its customers want to use Dual_EC_DRBG, there is nothing stopping them from doing so on Vista or any other OS.

As another poster said, where in the OS is this used? Do you know? Does anyone but Microsoft?

Re:Given the known problems of Dual_EC_DRBG (1)

rjhubs (929158) | more than 6 years ago | (#21731870)

I sure hope our government isn't encrypting their information with a RNG with a known backdoor. That seems pretty stupid. It would seem the reasonable explanation is the government is out to get us.

Re:Given the known problems of Dual_EC_DRBG (2, Informative)

CastrTroy (595695) | more than 6 years ago | (#21731270)

because no one is forcing you to use that particular random number generator
That's hard to say. What does Vista use this RNG for internally. Does it use it for generating keys for use in SSL communications in Internet Explorer? Does it use this RNG to generate random keys for connecting to a VPN? Does it use this RNG to create a salt when storing your passwords? Does it use this RNG to generate the keys for BitLocker? There's many places where one may be using this RNG without even knowing it.

Re:Given the known problems of Dual_EC_DRBG (1)

morgan_greywolf (835522) | more than 6 years ago | (#21731348)

According to TFA, this was added in SP1, so my guess to all of those would be "no", unless these components were updated by SP1 to use the Dual_EC_DRBG.

Re:Given the known problems of Dual_EC_DRBG (1)

CastrTroy (595695) | more than 6 years ago | (#21731432)

That's not the point. The point is, is that using this RNG may actually be unavoidable in any number of instances. It may not be used in the instances I pointed out, but there could be many uses of this RNG in the OS, and it would be hard to avoid it. Who's to say they didn't update the previously used RNG to just call this one?

Re:Given the known problems of Dual_EC_DRBG (1)

morgan_greywolf (835522) | more than 6 years ago | (#21731674)

You're right. And there's no way to know unless you have the source. And, well, let's just say Windows Vista ain't exactly open source.

Re:Given the known problems of Dual_EC_DRBG (0)

Anonymous Coward | more than 6 years ago | (#21731300)

Given what the telcos did for the NSA, would anyone be surprised if it really did come out that the NSA actually forced Microsoft to put backdoors in Office or Windows?

I guess the surprise would be why wouldn't the CIA just use any one of the wide-open front doors?

Re:Given the known problems of Dual_EC_DRBG (1)

davidsyes (765062) | more than 6 years ago | (#21731350)

Maybe it's because mshaft are in bed with the NSA? After all, the various US intel agencies (and probably those of many governments) want to decrypt ANYthing they think is important enough to them, and they want QUICK not painstakingly-slow access to the plain text.

By including the back doors, mshaft can further differentiate itself from Open Source, maybe to marginalize OpenSource (I wonder what Novell will say in this regard) and try to make companies and governments think OpenSource/Linux applications and operating systems are somehow tools of terrorists, anarchists, activists and so forth. After all, this IS msoft we're talking about. They don't like competition that is REAL competition.

Re:Given the known problems of Dual_EC_DRBG (1)

morgan_greywolf (835522) | more than 6 years ago | (#21731394)

I wouldn't go that far. The NSA did develop SELinux, after all.

Re:Given the known problems of Dual_EC_DRBG (0)

Anonymous Coward | more than 6 years ago | (#21731634)

The NSA has two essential mandates: to protect America's information security, and to undermine other countries'. SELinux is part of the first. This is part of the second. It has worked well, too. SELinux is only used by people who need it and know about it. Also note that SELinux is an ACL mechanism, and has little to do with random numbers or encryption.

Re:Given the known problems of Dual_EC_DRBG (1)

calebt3 (1098475) | more than 6 years ago | (#21732122)

I wouldn't go that far.
Microsoft might. You never know.

The NSA did develop SELinux, after all.
The public does not know that.

Re:Given the known problems of Dual_EC_DRBG (3, Insightful)

secPM_MS (1081961) | more than 6 years ago | (#21731388)

Sorry to deflate the conspiracy theorists. Certain governmental customers wanted the ECC random number generator. MS provided it. This random number generator is not used by default. The default random number generator is CryptGenRandom, which was revised to deal with the issues that have been discussed with rather more sensationalism than was warranted.

Customers who want to use the ECC generator can choose to use it. This is rather like turning on FIPS mode.

As for backdoors, anybody who is paranoid about this issue will ignore or disbelieve me when I say that there is no backdoor that I am aware of. The Common Criterial evaluators look for such issues and submit issues for fixing if and when they find them. Other governments are not going to be willing to buy a system with a NSA backdoor. From a more practical demonstration point of view, if there was a backdoor, governments would not need to get warrants for inserting hardware keyloggers or custom malware on systems to access system information. Governments both in the US and elsewhere do this, which suggests that no backdoor is available.

Re:Given the known problems of Dual_EC_DRBG (5, Insightful)

morgan_greywolf (835522) | more than 6 years ago | (#21731582)

This random number generator is not used by default.
Prove it. Oh, that's right, you can't because you don't have the source code. Unless maybe you're astroturfing. Even then you'd be under an NDA anyhow.

Other governments are not going to be willing to buy a system with a NSA backdoor.
And other governments have replaced Windows with custom Linux distros due to the potential of this very problem. This is a fact that cannot be denied.

Re:Given the known problems of Dual_EC_DRBG (3, Insightful)

secPM_MS (1081961) | more than 6 years ago | (#21731766)

I don't have to prove it. Not only that, but you wouldn't believe me if even if the code was released - after all, how do you know that the code corresponds to the actual binary?

Look at the FIPS and CC documentation. Governments do use these systems in security critical environments, but they configure them very carefully. There is configuration data available on how to configure system for security critical environments. Selecting your random number generator is one of the things you can do.

The staff working on this are noted cryptographers who do know what they are doing. I have been working with the cryptographers at Microsoft for some time and I have been working in crypto related areas for > 20 years.

Re:Given the known problems of Dual_EC_DRBG (1)

Haeleth (414428) | more than 6 years ago | (#21731586)

From a more practical demonstration point of view, if there was a backdoor, governments would not need to get warrants for inserting hardware keyloggers or custom malware on systems to access system information. Governments both in the US and elsewhere do this, which suggests that no backdoor is available.
If you think that kind of argument is going to convince a conspiracy theorist, you're more nuts than they are. Clearly the governments only go through the motions of getting warrants in order to make people think there isn't a backdoor. Why else would they deny it?

Bearing in mind that the bill to pay off all the people involved in the moon landings hoax is decreasing every year now they've started to die off, it's likely that the US Dept of Coverups has plenty of budget to spare for this kind of thing now.

Re:Given the known problems of Dual_EC_DRBG (1)

Applekid (993327) | more than 6 years ago | (#21731820)

I disagree about making snooping warrants obsolete. Prosecutors love (and, many times, need) redundant evidence to make sure the accused it put away for a long time.

Re:Given the known problems of Dual_EC_DRBG (4, Insightful)

dvice_null (981029) | more than 6 years ago | (#21731944)

> As for backdoors, anybody who is paranoid about this issue will ignore or disbelieve me when I say that there is no backdoor that I am aware of.

I can believe that you don't know, but would they really tell you if there were such backdoors?

> Governments both in the US and elsewhere do this, which suggests that no backdoor is available.

If you had a backdoor which allows you to access remote computers anywhere would you
a) Tell everyone that you can do it
b) Use some dummy keyloggers and malware to suggests that you can't do it

Re:Given the known problems of Dual_EC_DRBG (1)

Dr_Marvin_Monroe (550052) | more than 6 years ago | (#21731476)

To follow up on the poster's point, I've believed that there's been collusion between MS and the Government since GWB's quick settlement of the anti-trust case, and my "tin-foil hat" is not looking so silly any more. At the same time he's wrangling with the telcos to get access to domestic phone records and calls (as the NYT points out, almost immed. after he enters office), he's most likely wrangling with MS to get back doors installed. At least that's what I'd do, and I'm possibly of "normal" intelligence. It's an obvious thing to do...step 1: get access to all communications by legal means or not, step 2: make sure that the OS that runs +90% of computers has a back-door that you can easily get to.

Being the very shrewd "son-of-a-lawyer" that Bill Gates is, I'm pretty sure that he offered up back-doors in exchange for the government getting off MS's back. Quid-pro-quo.

Now that this stuff is coming out, the NYT should start digging here too. Remember that the British government PUBLICLY asked for one (back-door to BK? I can't recall exactly)... but they didn't have any leverage to force MS to respond. US had the conviction in hand and was ready to proceed, that would have caused Bill Gates to respond, especially after his poor performance on the stand.

Yep. Now we just need to find the smoking gun...

Re:Given the known problems of Dual_EC_DRBG (1)

Hymer (856453) | more than 6 years ago | (#21731726)

I dont get this... NSA is active SE Linux developer. Why would they require a backdoor to Windows ?
That may make them untrustworthy as a development team/partner... is there a backdoor in SE Linux too ?
I can't imagine NSA would be interested in that...

NSA got probably most raw computer power in the world, their building uses more electric power than a small city, they shouldn't need backdoors. I think it is DOJ/FBI requirement.

I wondered btw. why my 8 years old firewall supports AES encryption (for VPN) with 2048 bits strength but no currently available products supports more than 256 bits.

Re:Given the known problems of Dual_EC_DRBG (0)

Anonymous Coward | more than 6 years ago | (#21732042)

"I wondered btw. why my 8 years old firewall supports AES encryption (for VPN) with 2048 bits strength but no currently available products supports more than 256 bits."

If it is a US product, then possibly it is because the US puts a "speed limit" on encryption for products that get exported. So if a US vendor wants to sell their product elsewhere and keep it the same, they need to be wary of export control restrictions.

Re:Given the known problems of Dual_EC_DRBG (0)

Anonymous Coward | more than 6 years ago | (#21731892)

"why would Microsoft add it to Vista SP1?"

When one part of the Federal Government hampers one's clearly illegal business model by slapping a five-year antitrust watchdog on one and another part of the Federal Government says "Do this for us and we'll replace the watchdog's teeth with dentures" -

The NSA didn't force anyone to do anything. The directors of Microsoft keep their money in banks insured by the Federal Government, their stock shares (and the timing of the granting and exercising of same) are regulated by the Federal Government, their homes, cars, bank accounts and lifestyles are all easily seizable and auctionable by the Federal Government (never mind guilt or innocence) for a variety of apparent or real crimes, from victim-laden (securities fraud) to victim-less (taking a hit on a joint in the privacy of their own home, or even overseas on vacation, even MERELY VIEWING PORNOGRAPHY ONLINE {still a crime on the US Federal books}). Their golfing buddies all run those banks, trade those stocks, own shares of the telcos, hold open doors to no-bid government contracts and tap shoulders to meet the movers and shakers.

Play along, and you can find any number of backers for your next venture, and your retirement fund is ensured.

Don't play along, and you can easily find yourself retiring to a trailer in the Painted Desert, career over.

The same holds true for the directors of the telco companies, and their executive officers.

No one is FORCING consumers to choose Time Warner Cable in Ohio, either. No one is FORCING consumers to subscribe to ridiculously expensive cellular plans, No one is FORCING consumers to buy the latest and greatest and most expensive technological toy either.

Never mind that there's no place left in the world to go to start a new nation, no place left in the wireless spectrum and what IS available is ridiculously expensive, no other local cable provider, etcetera.

Re:Given the known problems of Dual_EC_DRBG (1)

dpninerSLASH (969464) | more than 6 years ago | (#21732076)

But it is also interesting to note that this isn't the first time Microsoft has been accused of inserting backdoors for the CIA or the NSA. Of course, Microsoft vehemently denies such allegations, but I would assume that they would.

So if Microsoft denies an allegation against them, it's inherently true? Sounds just a weeeee bit suspect.

My feelings toward Microsoft are not incredibly warm, but this is silly. I read the linked blog post and the author himself goes out of the way numerous times to point out that he had no way of knowing whether such backdoors existed or not.

The best way to "dethrone" Microsoft (if that's what you happen to live for) is to focus on the positive aspects of its competitors products, not obsess over imagined shortfalls in their's.

Concerned About Security... (4, Funny)

Nom du Keyboard (633989) | more than 6 years ago | (#21731074)

You're concerned about security, and you're using WINDOWS VISTA???

Re:Concerned About Security... (2, Funny)

rucs_hack (784150) | more than 6 years ago | (#21731240)

You're concerned about security, and you're using WINDOWS VISTA???

Thats because is is an hero..

Re:Concerned About Security... (1)

Aqualung812 (959532) | more than 6 years ago | (#21731794)

Assuming the poster is being forced to use Windows, then yeah, DUH!

There are many features in Vista (such as Bitlocker) that are great security improvements over XP. Yes, Vista is a slow, buggy P.O.S. compared to XP, but it is MORE secure than XP.

What does Microsoft say about it? (0)

Anonymous Coward | more than 6 years ago | (#21731078)

Are they touting is as secure? Do they mention the NSA backdoor? Do they have a response to it?

Much Ado About Nothing (0)

Anonymous Coward | more than 6 years ago | (#21731114)

Some US government agencies REQUIRE the ability to use this PRNG algorithm, so anyone who wants to sell a product to those agencies (IBM? RedHat? Sun?) is going to have to provide that algorithm.

And, this algorithm is NOT the default.

So... ??? This article is simple FUD.

Re:Much Ado About Nothing (4, Insightful)

Kadin2048 (468275) | more than 6 years ago | (#21731234)

Agreed. The only interesting thing about this whole story is that the NSA apparently reviewed the PRNG function and rubber-stamped it, missing the critical vulnerability. Since the vulnerability really isn't that good of a backdoor, and doesn't seem to have been all that subtle, I think this is far more likely to be incompetence rather than malice on their part.

As an American, that doesn't make me feel a whole lot better -- in some ways, I'd really like to have the secret agencies of so many spy movies rather than the massive bureaucratic pile that I know exists in reality -- but disappointment in government is something I've gotten used to. You don't last long in Washington without it.

Re:Much Ado About Nothing (0)

ashridah (72567) | more than 6 years ago | (#21731618)

Okay, have you actually studied cryptography at even a basic level?

It's basically impossible (read, an NP-hard problem at least) to *prove* that a particular cryptosystem is unbreakable. If it's an obvious flaw, then sure, give whoever missed it a thorough kicking, but in my experience, 'obvious' is just another form of scapegoating, and is just a way of passing the buck from the guy who cut testing short, to the mathematician who did the testing.

The reality is, cryptography requires years of research and peer review to be reasonably sure that it's right. Look at all of the cyphers in the past that have suddenly been broken after N years of production use. Now also consider that government standards cost hundreds of thousands of dollars to create, and probably as much again to update. Then you need to consider that if you want to play in that market, you need to adhere to those standards, no matter how boneheaded. And since they cost so much to make and change, they don't change often, so they lag behind cryptographic science.

I'm pretty sure you can find this particular random number generator in other places, if you really try.

ash

Re:Much Ado About Nothing (1)

Gideon Fubar (833343) | more than 6 years ago | (#21732052)

in some ways, I'd really like to have the secret agencies of so many spy movies rather than the massive bureaucratic pile that I know exists in reality

Have you actually paid attention to the collateral damage in your average Bond movie? I think a mass of bureaucrats are a reasonable alternative to that..

it's true (5, Funny)

circletimessquare (444983) | more than 6 years ago | (#21731122)

i seeded the dual_EC-DRBG with the following ASCII strings the and got the following output in ASCII:

missionaccomplished -> LOL

waterboard -> buckshottotheface

osamabinladen -> loofahnotfalafel

iraq -> vietnam

Is this "feature" back-ported to XP SP3, too? (2, Interesting)

denis-The-menace (471988) | more than 6 years ago | (#21731188)

Is this "feature" back-ported to XP SP3, too?
SP3 is supposed to have some of Vista's most useful features as well as all previous bug fixes.
Would a shame to ruin a good service pack that speeds up XP by 10%.

Big Deal. (0)

Anonymous Coward | more than 6 years ago | (#21731200)

I implemented this on my Linux box. Does this mean that all of Linux now has a back door too?
Slashdots anti-Microsoft alarmist bullshit is so boring.

Correct me if I'm wrong but... (1)

KillzoneNET (958068) | more than 6 years ago | (#21731282)

... can't they just include their own list of secret numbers in order for the generator to be semi-secure? The NSA has the numbers that generate the random numbers in the base code but even they say to make your own reference numbers if you are to use the code. So if Microsoft were to ultimately use the numbers the numbers would probably end up being both random and not known to anyone in the development team if they so wanted.

Why... (3, Funny)

Basilius (184226) | more than 6 years ago | (#21731342)

...does every article about Vista make me less likely to ever use it? Aren't things like this supposed to _improve_ with time?

Re:Why... (1)

plague3106 (71849) | more than 6 years ago | (#21731598)

Why would this matter to you at all, if you never enable it?

More to the point, why do /.ers continually say MS can't do anything right, then don't think at all MS could have screwed up the algorthm or backdoor?

More important question (1)

Thelasko (1196535) | more than 6 years ago | (#21731360)

The posted Microsoft website states:

The Dual Elliptical Curve (Dual EC) PRNG from SP 800-90 is also available for customers who prefer to use it.
How does Joe User know if he is using it or not? Is it a setting in the control panel? Why would anybody want to use it?

OK, this is just stupid. (4, Insightful)

rrkap (634128) | more than 6 years ago | (#21731384)

So, let's review:

1. Government introduces a new cryptography standard (which it will presumably require for some applications) that requires that systems provide a choice of 4 random number generators, one of which MAY have a flaw.
2. Manufacturers implement the new standard.
3. Grand conspiracy!!!

Come on, could it just possibly be that Microsoft wants to be able to claim to be NIST 800-90 compliant for customers who want that kind of thing and that the NSA likes the idea of there being a variety of random number generators available? The only way that making this function available is a risk is the NSA also has control of the application and can force it to call this random number generator without properly seeding it. If they have that level of control, they have enough control to do whatever else they want in a much more direct way.

Re:OK, this is just stupid. (1)

reikoshea (1160155) | more than 6 years ago | (#21731596)

Why use constants if they want it to be the standard. That just doesnt make sense. There will always be a key, but why have a back door key available as well.

It just makes no sense. I think the 'fear mongering' is justified cause this is just a stupid practice to implement.

Fuck You AmeriKKKa! (-1, Flamebait)

Anonymous Coward | more than 6 years ago | (#21731392)

I'm 24 years old. I don't want to go through the next 50 years of my life living in an international air of worry and uncertainty. I don't want to live in a permanent state of fear, generated by a megalomaniacal American government taking advantage of the majority low IQ populous' capacity for being brainwashed.

I don't want to live like Israel, fighting militant Muslims round every corner. The problem of Muslim extremists exists and needs to be dealt with, not encouraged by invading innocent countries and waging war on people who have done nothing to deserve it. I want my children to grow up in a world free from military oppression and I want a government that understands that the wars of the future are guerrilla ones which can never be won, even if they are waged for noble purposes (which theirs never are).

The world is fucked up enough as it is. The food chain has been poisoned so badly the average human is full of chemicals normally found in plastics and toxic waste. I'm sick of global warning and environmental damage to the planet and the fact the all this time the greenies were right. I'm sick of America being the biggest wilful contributor to the pollution of the planet.

I'm sick of an American school system that produces children who are brought up to believe that America IS the world and anything that goes on outside is irrelevant. Children so stupid they think America invented the Internet, computer, motor car, light bulb, telephone etc ad infinitum....

The Internet or it's successor is the future of entertainment and I'm sick of stupid low IQ, ignorant Americans infecting every corner of it with their insular, jingoistic mindsets, their whiny voices and manifestations of their low self esteem driven by the fact that despite it being their turn as the world's super power, no one actually takes them seriously or gives them the respect that the British or the Ancient Greeks got because a superpower best known for producing mass produced crap is never going to get the respect that one who gave the world Shakespeare, culture, philosophy or mathematics will get.

I'm sick of hypocrisy and two facedness. I'm sick of Gangsta Rap and hamburgers, Political Correctness and TV programmes that begin with 'When' and end in 'go bad and attack people'. I'm sick of reality TV and I'm sick of news programmes that are more censored than accurate. I'm sick of tokens, token minorities, token universities, token degrees, token attempts at the truth, tokens. I'm sick of fat people, ugly people, stupid people, gay people, coloured people, female people, whiny people all complaining they don't have the opportunities in life they would like and it must be someone else's fault. I'm sick of women that act like men and femininity being a crime, unless you're a man in which case you're a new man which nobody ever wanted because there was nothing wrong with the old one. I'm sick of people falling over and suing the ground and people watching nipples and suing the TV and I'm sick of coffee cups with 'don't pour over yourself, you may get burnt' on the side to try and counter this.

I'm sick of stupid Americans who don't know the difference between patriotism and jingoism and who think flag waving should be an Olympic event. I'm sick of Americans who cry that people hate them or are jealous of them or who are anti them because someone dares to point out that the America they've been programmed to believe in from birth bears no relation to the one that exists in real life.

Re:Fuck You AmeriKKKa! (1, Insightful)

rrkap (634128) | more than 6 years ago | (#21731456)

I'm 24 years old. I don't want to go through the next 50 years of my life living in an international air of worry and uncertainty. I don't want to live in a permanent state of fear, generated by a megalomaniacal American government taking advantage of the majority low IQ populous' capacity for being brainwashed.

Can I suggest you up your meds? Your current dosage isn't doing its job.

Re:Fuck You AmeriKKKa! (1)

DrNASA (849379) | more than 6 years ago | (#21731632)

Your options:

1. Hard Liquor
2. Pills
3. Step 1 followed by Step 2
4. Step in conjunction with Step 2
5. See Slashdot poll for today - make friends will billionaire space pilot - relocate to the moon. Die when oxygen runs out.

Re:Fuck You AmeriKKKa! (2, Informative)

DrNASA (849379) | more than 6 years ago | (#21731924)

"Children so stupid they think America invented the Internet, computer, motor car, light bulb, telephone etc ad infinitum...."

Hmmm.....America invented the:

Internet.....check
Computer.....check...holy crap...modern computing actually has it's roots in TEXAS of all places (see the integrated circuit)...so DOUBLE check
Motor Car....check again...lol - who would have thought, surely SOMETHING on this list was not invented by America
Light Bulb....check again, wow
Telephone.....and....wait for it.......check

Use the output in reverse. (0)

Anonymous Coward | more than 6 years ago | (#21731446)

My understanding is that you need 32 bytes of consecutive output.

Why not populate a buffer with the PRNG output.
Create an index to the end of the buffer. (Assuming an array)
Then.

Use as output the byte at this index value.
Decrement the index by one.
Subtract the byte value at the index, from the index value.
Use the byte value at the index as the second output value.

Keep doing this stepping backwards through the buffer in this manner, when you role off the start of the buffer repopulate the buffer with new random data.
Set the index value for the repopulated buffer to the buffers length minus the absolute value of the currently negative index.
Or simply add the buffers length the index.

Have fun.

There is no truth to the existence of a back door (1)

WillAffleckUW (858324) | more than 6 years ago | (#21731498)

Just as it is untrue that the US used printers (small 68000 series computers) to disrupt the Iraqi networks and sniff traffic, and they are not diverting telephone cable Net traffic at the main connection sites in San Francisco and other locations.

And, I never was in the shack at Yakima, and we never listened to your long-distance phone calls and made fun of you going kissy-kissy with your wife overseas.

Really.

Pay no attention to the curtain, nothing is behind it. Really. And get that dog away from it!

Could be a problem! (1, Funny)

Anonymous Coward | more than 6 years ago | (#21731644)

I hope the NSA thought to put a screen door on their backdoor, what with all the bees in the internet

The NSA exploited my backdoor liberally (-1, Offtopic)

Anonymous Coward | more than 6 years ago | (#21731680)

The NSA touched my junk liberally. They strapped me into a NSAmobile and they couldn't stop exploiting my backdoor. They were performing many red flag touches. I couldnt believe what the fuck was going on. I told Lieutenant General Keith B. Alexander the country would not approve of an intelligence agency touching an underage kid for free. Can you believe it? Lieutenant General Keith B. Alexander did all this. He picked me off the street, strapped my arms and legs down in the NSAmobile's passenger seat, and just wouldn't stop fondling my cock'n'balls.

They definately were red flag touches. The goddamn referee he had in the back seat kept on raising up this red flag every time he touched my junk but did Lieutenant General Keith B. Alexander care? NO WAY! Hejust kept on doing it. I couldn't believe what the fuckwas going on, indeed. I pleaded with Lieutenant General Keith B. Alexander but to no avail. I told him the country would not approve of such a wealthy man touching an underage kid like me (at the time I was 13) without at least compensating me for
the trauma and the use of my body as his own personal plaything.

This got to him, worrying about his image. He continued to fondle me, all the while ignoring the referee's red flags. Then he drove the NSAmobile to my house and ejected the seat I was in! It was amazing. But surprisingly, after I woke up the next morning, my bank account had $150k in it!!! Can you believe it?

there must be a ulterior motive (1)

wherrera (235520) | more than 6 years ago | (#21731732)

...because this one seems too obvious. So, perhaps the NSA crypto folks have a couple of found back doors in some of the other algorithms, and this is a bit of misdirection to keep people from noticing what they really intend to use... :)

Does anyone who uses Vista... (4, Interesting)

gillbates (106458) | more than 6 years ago | (#21731790)

Have any expectation of privacy or security in the first place?

IIRC, some of the key SCOTUS decisions regarding the Fourth Amendment have centered around a person's expectation of privacy. They've argued:

  • That someone doesn't have a reasonable expectation of privacy regarding their garbage.
  • That email doesn't have a reasonable expectation of privacy...
  • That a person's car is subject to Fourth Amendment protection.

That said, the government could persuasively argue that someone who runs Windows, especially Vista, has no expectation of privacy in the first place:

  • More malware and trojans run on Windows than Mac and Linux combined. In fact, there are more viruses available for Windows than there are editors - even applications - for Linux.
  • Microsoft has continued a trend of introducing software with gaping holes for that past 10 years. No OS vendor in the last decade has produced a less secure OS than Microsoft. Surely the user must be aware of this, and have accepted the risk.
  • Users accept the Windows EULA, which, among other things, allows Microsoft to remotely check Windows for proper activation - so they already have given up their privacy to a corporation.

Now the sad thing is that this does come across as a troll, but sadly, it's true. And it needs to be addressed. For some reason, the /. crowd thinks it is acceptable that a majority of the population uses an OS which is horribly less secure than the ones we ourselves use (Linux, Macs, etc...). We're supposed to be the technical ones who have the solution to these problems, and yet, most /.ers just choose to blame the victim and whine about Microsoft being evil. Granted, we already know that.

Is it really acceptable that our collective rights are surrendered because a major corporation finds more profit in insufficient design and testing of its software? I realize that most of you loathe Windows, but unless we actually do something to fix the social barriers to the adoption of Linux, we can expect that, because Windows is so insecure, our government will be able to convince SCOTUS that a computer user has no "reasonable expectation of privacy".

It doesn't matter so much that this PRNG is insecure. A knowledgeable cryptographer isn't going to trust the OS for random numbers, anyway - unless it is in compliance with some standard to which their code must comply. What matters is that Vista is full of holes, and we're talking about a PRNG which no software of cryptographical consequence is going to use anyway.

Instead, we ought to worry that Windows itself is easily compromised by the government. That is the real problem. Why would you break the PRNG when you can rootkit even a fully patched Vista box with an email?.

This is not Trivial... (3, Informative)

deweycheetham (1124655) | more than 6 years ago | (#21731864)

Supporting Information from Original Author:

|Cryptanalytic Attacks on Pseudorandom Number Generators

J. Kelsey, B. Schneier, D. Wagner, and C. Hall

Fast Software Encryption, Fifth International Workshop Proceedings (March 1998), Springer-Verlag, 1998, pp. 168-188.

ABSTRACT: In this paper we discuss PRNGs: the mechanisms used by real-world secure systems to generate cryptographic keys, initialization vectors, "random" nonces, and other values assumed to be random. We argue that PRNGs are their own unique type of cryptographic primitive, and should be analyzed as such. We propose a model for PRNGs, discuss possible attacks against this model, and demonstrate the applicability of this model (and our attacks) to four real-world PRNGs. We close with a discussion of lessons learned about PRNG design and use, and a few open questions. | http://www.schneier.com/paper-prngs.html [schneier.com]

If you have been keeping up with computer security, everyone should be aware of the weakness of Random Number generators and it's vast effects over large sections of the computer world. This is not trivial...

Worth Noting (2, Interesting)

Anonymous Coward | more than 6 years ago | (#21731930)

The talk [cr.yp.to] referenced by Schneier in his essay [schneier.com] as being the one that publicly disclosed the backdoor was given by two Microsoft researchers. So all the "OMG micro$oft iz so stoopid" posts might be a bit .... misdirected.

So... (1)

jav1231 (539129) | more than 6 years ago | (#21732072)

The obvious joke here is that its a lot of trouble to go after the 12 people still using Vista. Baddump-bump!

But seriously, this is a continuation of Microsoft's vendor-first, consumer-second approach.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...