This is one of the scariest things I’ve seen yet about Windows Vista. According to Bruce Schneier, who literally wrote the book on cryptography, it seems that Microsoft has added a new standard random-number generator, which very possibly has a built-in backdoor, whose ‘keys’ are held by parties unknown, and which would open any material encrypted using random numbers generated by Windows to scrutiny by said unknown parties.
This is so scary, I’d happily dismiss it as mere paranoia, were it not that Schneier is definitely not prone to wild statements, and is certainly one of the greatest current experts in cryptography and security. What’s more, he’s published a detailed analysis of the math that suggests the presence of a backdoor, so if you’ve got the background to make sense of it, you can check his argument for yourself.
Of course, this random-number generator is not something that will concern most users. It’s a facility that application software can take advantage of, or ignore. However, at the very least, this allegation suggests a rather slipshod approach to security in The Most Secure OS the World Has Ever Seen. And at worst, it suggests the possibility that it’s not me the OS is trying to safeguard.