NT Fails US Government Crypto Tests

Major cryptographic shortcomings in NT 4.0 have forced Microsoft to engage in major surgery on the product, according to We news service Network World. In a story earlier this week Network World revealed that NT 4.0 had failed US government cryptography tests.

In order to be sold to the US and Canadian governments products have to pass the Federal Information Processing Standard (FIPS) 140-1 certification test. NT failed, and the testing revealed problems in NT’s cryptographic processing.

Microsoft is preparing a fix pack for release this quarter, but application of this will probably result in users being able to run IE 4.0, Outlook 98 and various other applications in FIPS mode. IE 5.0 will know how to deal with FIPS, but it seems to be a moving target for Microsoft. Humorously, Netscape Communicator has passed FIPS 140-1.

According to Network World the problems are related to NT 4.0’s CryptoAPIs and were uncovered at government-certified testing lab CygnaCom. Service Pack 4, which was released relatively recently, was intended to be the last fixpack for NT 4.0, but if you’re in the US government, it looks like you’re going to have to deal with Service Pack 5 after all... ®

Source: The Register

 

FAQ Articles DirectX Plus98! Downloads Drivers News Archive
Home, Links, Awards, Help, Map, Poll, Newsgroups, Online Chat, Mailing List, Search
Tips & Tricks Guides Bugs & Fixes Themes Reviews Site Contents ActiveIE

HR Line

Copyright (C) 1998-1999 The Active Network. All rights reserved.
Please click here for full terms of use and restrictions.