rc4 – Weekly Geek

Microsoft will finally kill obsolete cipher that has wreaked decades of havoc

Microsoft said it has steadily worked over the past decade to deprecate RC4, but that the task wasn’t easy. No salt, no iteration? Really? “The problem though is that it’s hard to kill off a cryptographic algorithm that is present in every OS that’s shipped for the last 25 years and was the default algorithm… Read More: Microsoft will finally kill obsolete cipher that has wreaked decades… »

Senator blasts Microsoft for making default Windows vulnerable to “Kerberoasting”

A prominent US senator has called on the Federal Trade Commission to investigate Microsoft for “gross cybersecurity negligence,” citing the company’s continued use of an obsolete and vulnerable form of encryption that Windows uses by default. In a letter to FTC Chairman Andrew Ferguson, Sen. Ron Wyden (D–Ore.) said an investigation his office conducted into… Read More: Senator blasts Microsoft for making default Windows vulnerable to “Kerberoasting” »