14 November 2007

GSS warns over Windows 2000 random number generator flaw

A potentially serious flaw in Windows 2000 that can compromise emails, passwords and other details keyed on a PC keyboard has been revealed.

“The problem stems from a flaw in the random number generator in Windows 2000. The flaw allows encrypted Web data and email transmissions to be decoded,” says David Hobson, managing director of Global Secure Systems (GSS), the IT security specialist and integrator.

According to Hobson, those companies that have implemented encrypted VPN (virtual private network) connections for their remote data entry can breathe a sigh of relief that their systems are relatively secure against the problem.

“We have always advised our clients to adopt a belt and braces approach to their IT security. You should never presume that a basic software-only encryption system such as that seen in Windows 2000 prevents eavesdropping,” he says.

“Complete encryption of the datastream, as seen on a secure VPN connection, is the only way of protecting remote data entry across the Internet. It may not be as sexy as two-factor authentication, but it has a proven track record,” he adds.

Hobson also notes that some news reports suggest that the Windows 2000 encryption flaw may also affect Windows XP and Vista users. “Myself, I have my doubts, but I’ve learned that anything is possible when it comes to Microsoft security flaws. Companies really need to employ hardware-enabled encryption on all their data streams flowing across the Internet to be totally safe,” he says.

Brian Tinham

Supporting Information

Global Secure Systems Ltd

This material is protected by MA Business copyright
See Terms and Conditions.
One-off usage is permitted but bulk copying is not.
For multiple copies contact the sales team.

Do you have any comments about this article?

Add your comments




Your comments/feedback may be edited prior to publishing. Not all entries will be published.
Please view our Terms and Conditions before leaving a comment.

Related Articles

PP event

More than 20 machine builders and manufacturers were given an insight into how ...

EEF and IfM event

A seminar is due to take place next month to offer guidance on how to become a ...

InfinityQS launches Enact

InfinityQS International has launch a native-cloud Quality Intelligence ...

Reality check

Groundbreaking augmented reality headsets could beam up 5S scores in the ...

A drop of inspiration

The same old approach to ERP system selection will leave you with familiar ...

Cloud v Server

The cloud is billed as the all singing and dancing successor to running your IT ...

Related Articles

Bakehouse: Delicious and determined

Bakehouse have gone from start-up to market leaders in 15 years. They are now ...


Customers and Shareholders Benefit as Global Manufacturer Deploys Management ...

Six Steps for: Discrete Manufacturers

Columbus IT has worked with many Discrete Manufacturing organisations enabling ...

Mi3 Ltd makes an investment

Replacing an old bespoke ERP system with a modern off-the-shelf solution always ...

‘Embrace IoT' - K3 Syspro

UK manufacturers have been urged to embrace the Internet of Things (IoT) in ...