http://www.ghacks.net/2015/04/02/truecrypt-audit-phase-ii-completed-4-vulnerabilities-identified/
The most severe finding relates to the use of the Windows API
to generate random numbers for master encryption key material
among other things. While CS believes these calls will succeed
in all normal scenarios,at least one unusual scenario would
cause the calls to fail and rely on poor sources of entropy;
it is unclear in what additional situations they may fail.
--
http://www.subspacefield.org/~travis/ | if spammer then [email protected]
"Computer crime, the glamor crime of the 1970s, will become in the
1980s one of the greatest sources of preventable business loss."
John M. Carroll, "Computer Security", first edition cover flap, 1977
_______________________________________________
RNG mailing list
[email protected]
https://lists.bitrot.info/cgi-bin/mailman/listinfo/rng
