14 November 2007

GSS warns over Windows 2000 random number generator flaw

A potentially serious flaw in Windows 2000 that can compromise emails, passwords and other details keyed on a PC keyboard has been revealed.



“The problem stems from a flaw in the random number generator in Windows 2000. The flaw allows encrypted Web data and email transmissions to be decoded,” says David Hobson, managing director of Global Secure Systems (GSS), the IT security specialist and integrator.

According to Hobson, those companies that have implemented encrypted VPN (virtual private network) connections for their remote data entry can breathe a sigh of relief that their systems are relatively secure against the problem.

“We have always advised our clients to adopt a belt and braces approach to their IT security. You should never presume that a basic software-only encryption system such as that seen in Windows 2000 prevents eavesdropping,” he says.

“Complete encryption of the datastream, as seen on a secure VPN connection, is the only way of protecting remote data entry across the Internet. It may not be as sexy as two-factor authentication, but it has a proven track record,” he adds.

Hobson also notes that some news reports suggest that the Windows 2000 encryption flaw may also affect Windows XP and Vista users. “Myself, I have my doubts, but I’ve learned that anything is possible when it comes to Microsoft security flaws. Companies really need to employ hardware-enabled encryption on all their data streams flowing across the Internet to be totally safe,” he says.

Brian Tinham

Supporting Information

Companies
Global Secure Systems Ltd

This material is protected by Findlay Media copyright
See Terms and Conditions.
One-off usage is permitted but bulk copying is not.
For multiple copies contact the sales team.

Do you have any comments about this article?

Add your comments

Name

 
Email

 
Comments
 

Your comments/feedback may be edited prior to publishing. Not all entries will be published.
Please view our Terms and Conditions before leaving a comment.

Related Articles

Manufacturing view of security

The British Security Industry Association (BSIA), the trade body representing ...

Safety performance tool

Rockwell Automation has launched the Safety Maturity Index (SMI) tool, a ...

Cloud buzzword guide

Industrial automation components supplier European Automation has produced a ...

Brave new world

Remember 1985? For one company in particular, it’s a year with a special ...

A drop of inspiration

The same old approach to ERP system selection will leave you with familiar ...

Cloud v Server

The cloud is billed as the all singing and dancing successor to running your IT ...

Related Articles

Bakehouse: Delicious and determined

Bakehouse have gone from start-up to market leaders in 15 years. They are now ...

Sevcon

Customers and Shareholders Benefit as Global Manufacturer Deploys Management ...

Six Steps for: Discrete Manufacturers

Columbus IT has worked with many Discrete Manufacturing organisations enabling ...