
Schneier: Never use it (MS has added RNG that could have an NSA backdoor into Vista). - nickb
http://www.schneier.com/blog/archives/2007/12/dual_ec_drbg_ad.html
======
tptacek
This is really a tempest in a teacup. NSA influenced a NIST standard; MSFT
implemented the NIST standard. Dual EC is not default behavior for Vista.
There's no evidence of a deliberate backdoor, and most of the failure modes
for crypto RNGs involve a threat model you don't care about: someone who can
read/write memory from arbitrary processes or the kernel.

------
downer
Vista is proprietary. They can stick in a backdoor wherever they want. Wasn't
there recently an issue with Windows Update ignoring your settings and
updating itself anyway?

[http://www.zdnetasia.com/news/security/0,39044215,62032221,0...](http://www.zdnetasia.com/news/security/0,39044215,62032221,00.htm)

[http://www.betanews.com/article/Experts_Astonished_to_Learn_...](http://www.betanews.com/article/Experts_Astonished_to_Learn_Windows_Update_Updates_Itself/1189782200)

Not to mention all the hidden metadata and undo information in your MS Word
files. If you value privacy, using a proprietary OS (including OS X) is not
the way to get it.

