Document Details

Threat Modeling Tool Cryptography
Home / Scan #234 / Threat Modeling Tool Cryptography
Sad Tux - Windows bias detected
This page contains Windows bias

About This Page

This page is part of the Azure documentation. It contains code examples and configuration instructions for working with Azure services.
GitHub View on GitHub 📚 View on Microsoft Learn

Bias Analysis

Detected Bias Types
windows_first
windows_tools
powershell_heavy
missing_linux_example
Summary
The documentation demonstrates a clear Windows bias by prioritizing Windows technologies, APIs, and tools (e.g., CNG, CAPI, Win32/64, .NET, BitLocker, TPM on Windows IoT Core, SQL Server features) throughout the cryptography guidance. Windows-specific solutions are described in detail, often with code examples, while Linux or cross-platform equivalents are rarely mentioned or omitted entirely. Where alternatives are listed (e.g., random number generators), Windows APIs are listed first and with more detail. There are no Linux command-line or open-source tool examples, and Linux-specific cryptographic practices (e.g., use of OpenSSL, dm-crypt, LUKS, GnuPG, Linux TPM stack) are missing.
Recommendations
  • Include Linux-specific examples and references for cryptographic operations, such as OpenSSL, GnuPG, dm-crypt/LUKS for disk encryption, and Linux TPM tools.
  • Provide parity in code samples, showing both Windows (.NET, CNG, PowerShell) and Linux (Python, C, Bash/OpenSSL) implementations for key generation, encryption, and random number generation.
  • Mention and link to Linux equivalents for features like BitLocker (e.g., LUKS/dm-crypt), TPM support (Linux tpm2-tools), and database encryption (PostgreSQL TDE, MySQL encryption).
  • List cross-platform APIs and libraries (e.g., OpenSSL, libsodium, BouncyCastle) alongside Windows-specific ones.
  • Avoid listing Windows APIs/tools first by default; alternate or group by platform.
  • Add guidance for Linux/Unix administrators and developers, including relevant security policies and configuration steps.
GitHub Create Pull Request

Scan History

Date Scan Status Result
2026-01-14 00:00 #250 in_progress Biased Biased
2026-01-13 00:00 #246 completed Biased Biased
2026-01-11 00:00 #240 completed Biased Biased
2026-01-10 00:00 #237 completed Biased Biased
2026-01-09 00:34 #234 completed Biased Biased
2026-01-08 00:53 #231 completed Biased Biased
2026-01-06 18:15 #225 cancelled Clean Clean
2025-08-17 00:01 #83 cancelled Clean Clean
2025-07-13 21:37 #48 completed Biased Biased
2025-07-12 23:44 #41 cancelled Biased Biased

Flagged Code Snippets