Information Security News mailing list archives
Microsoft .net slammed over smartcard security
From: InfoSec News <isn () C4I ORG>
Date: Thu, 6 Jul 2000 02:26:30 -0500
http://www.computerweekly.com/cwarchive/daily/20000706/cwcontainer.asp?name=C4.HTML&SubSection=6 ComputerWeekly.com 6 July 2000 Only two weeks after its announcement, Microsoft's .net strategy vision has been slammed by IT analysts for having a poor security model. Microsoft sees smartcards based on Windows technology as an essential component to its .net software services. "Smartcards are an enabling technology in Microsoft's .net vision, providing an affordable and effective way to increase the security of computing," said Microsoft President and CEO Steve Ballmer. But Alexander Kopriwa, programme director international at Ovum said, "Windows for Smart Cards does not have high security. Cards can easily be hacked into and third party security is needed." Microsoft's security model would be sufficient for photocopying cards, but would not provide strong enough security for financial applications, he said. Kopriwa believes that rival smartcard operating systems MultOS and Java Card offer greater security. Microsoft also released Windows for Smart Card Toolkit 1.1 that includes support for GSM (Global System for Mobile Communication). But Renaath Himp, Microsoft Windows development manager defended the security system. He said Windows for Smart Cards would include cryptographic functions as well as using secure chips. Microsoft will submit the smartcard system to security standards bodies within six months, he said. ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- Microsoft .net slammed over smartcard security InfoSec News (Jul 06)