View Single Post
  #2 (permalink)  
Old 23rd January, 2009, 07:34 PM
Aedan Aedan is offline
Chief Systems Administrator
Join Date: September 2001
Location: Europe
Posts: 13,075

To be honest, I don't see a lot of benefit in most of the supposed security features there. Smartcard logins have been supported for a long time. Fingerprint readers are interesting - but only because people usually leave their fingerprints all over their keyboard, mouse and computer.

As far as the "You don't need a VPN" of DirectAccess, guess what, according to Microsoft DirectAccess uses IPv6-over-IPsec. That's called a VPN.

However, they STILL haven't implemented Secure I/O! They make a big deal out of all these features, and leave secure I/O out of it. For those who are wondering, Secure I/O creates a trusted channel between devices like a suitable keyboard (or another input device) and computer. When it needs to be secure, the whole system encrypts keystrokes all the way from the computer to the application that needs them (like online banking), so that keyloggers can't get their hands on the keystrokes!
Reply With Quote