On 2009-06-10, Chris Ahlstrom <ahlstromc@xxxxxxxxxxxxxxx> claimed:
> After takin' a swig o' grog, Tim Smith belched out
> this bit o' wisdom:
>> <http://www.schneier.com/crypto-gram-9909.html#NSAKeyinMicrosoftCryptoAPI
>
> Second, NSA doesn't need a key to compromise security in Windows.
> Programs like Back Orifice can do it without any keys. Attacking the
> Crypto API still requires that the victim run an executable (even a Word
> macro) on his computer. If you can convince a victim to run an
> untrusted macro, there are a zillion smarter ways to compromise security.
These days you don't even need to trick anybody into running something.
Just send them an email and it will run itself.
--
NEWS! Drunk gets nine months in violin case
---------------------------------------------------------------
Eee PC900 16G SSD 2G RAM Ubuntu 9.04
|
|
