I just got this item from SANS, and I still can't quite believe what my eyes are seeing: ==============================================
--Microsoft Bans Weak Crypto in New Code (15 September 2005) A new policy at Microsoft bans developers from using functions using the DES, MD4, MD5 and in some cases the SHA1 encryption algorithms in their code because increasingly sophisticated cyber attacks are threatening the security of these algorithms. Microsoft recommends the use of the (Secure Hash Algorithm) SHA256 encryption algorithm and (Advanced Encryption Standard) AES cipher. The decision comes as part of Microsoft's twice-a-year update to its Secure Development Lifecycle policies. The company also hopes eventually to remove the vulnerable encryption from older code. http://www.eweek.com/print_article2/0,1217,a=160307,00.asp [Editor's Note (Schultz): Microsoft deserves a proverbial round of applause for its decision concerning use of cryptography in its products. (Schneier): This will improve potential security for their products at the cost of backwards compatibility -- I call that a good trade-off.] =============================================== I have Schneier's second edition of Applied Cryptography (which is where I learned what little I know about the subject) and he does a good imitation of someone who really knows the subject. I can cite decades of bad (or ridiculous) decisions by M$ concerning anything to do with security -- but seeing Schneier's name attached to this article makes me wonder if things have changed... Anyone here agree that MD5 and SHA1 are 'weak' crypto? Any other thoughts about the subject?