GSS warns over Windows 2000 random number generator flaw

“The problem stems from a flaw in the random number generator in Windows 2000. The flaw allows encrypted Web data and email transmissions to be decoded,” says David Hobson, managing director of Global Secure Systems (GSS), the IT security specialist and integrator. According to Hobson, those companies that have implemented encrypted VPN (virtual private network) connections for their remote data entry can breathe a sigh of relief that their systems are relatively secure against the problem. “We have always advised our clients to adopt a belt and braces approach to their IT security. You should never presume that a basic software-only encryption system such as that seen in Windows 2000 prevents eavesdropping,” he says. “Complete encryption of the datastream, as seen on a secure VPN connection, is the only way of protecting remote data entry across the Internet. It may not be as sexy as two-factor authentication, but it has a proven track record,” he adds. Hobson also notes that some news reports suggest that the Windows 2000 encryption flaw may also affect Windows XP and Vista users. “Myself, I have my doubts, but I’ve learned that anything is possible when it comes to Microsoft security flaws. Companies really need to employ hardware-enabled encryption on all their data streams flowing across the Internet to be totally safe,” he says.