Windows NT Security Under Fire

Robert Harley (
Mon, 1 Jun 1998 14:33:42 +0200 (MET DST)

>Listen to security expert and consultant Bruce
>Schneier and he'll tell you that Windows NT's
>security mechanism for running virtual private
>networks is so weak as to be unusable.
>Schneier, who runs a security consulting firm in
>Minneapolis, says his in-depth "cryptanalysis" of
>Microsoft's implementation of the Point-to-Point
>Tunneling Protocol (PPTP) reveals fundamentally
>flawed security techniques that dramatically
>compromise the security of company information.
>"It's kindergarten cryptography. These are dumb
>Schneier emphasized that no flaws were found in
>the PPTP protocol itself, but in the Windows NT
>version of it. Alternate versions are used on other
>systems such as Linux-based servers.
>Microsoft's implementation is "only
>buzzword-compliant," Schneier said.