|
 |
Orchid XP v8 <voi### [at] dev null> wrote:
> I am almost 100% certain that no product before Windows 2000 actually
> uses a hash function devised by cryptographers. AFAIK, right up until
> Windows NT4, M$ were using their own custom-designed [and horribly weak]
> hash functions for passwords. The only reason Windows 2000 and later
> don't is that [finally!] they use an industry standard - Kerberos.
Microsoft has been notoriously late for basically everything, and
security is not an exception.
During the entirety of the 80's and 90's Microsoft's policy about security
was basically "it's not our fault, it's the fault of all those criminal
hackers, they are the ones who should be dealt with". And I'm seriously
not making this up. It's almost exactly their official statement on the
subject.
It was not until the 2000's that Microsoft finally understood the
importance of security. Of course since they are new in the security
business they are still making babysteps (for example when they finally
added a firewall to their OS, it wasn't very lauded for its quality),
but I suppose they are getting there slowly.
With Vista they tried to make things even better, even at the cost of
hampering backwards compatibility with software. It's to be seen if this
will work out or if it will backfire on them. (Not to talk that all the
other problems with Vista only aggravate the situation.)
--
- Warp
Post a reply to this message
|
|
