[48677] in Cypherpunks
Re: Java Sniffer (Was: Re: FV Announces That The Sky Is Falling)
daemon@ATHENA.MIT.EDU (Mike McNally)
Tue Jan 30 11:03:51 1996
From: m5@dev.tivoli.com (Mike McNally)
Date: Tue, 30 Jan 1996 09:45:03 -0600
To: Jon Lasser <jlasser@rwd.goucher.edu>
Cc: Mike McNally <m5@rwd.goucher.edu>,
Rich Graves <llurch@networking.stanford.edu>, cypherpunks@toad.com
In-Reply-To: <Pine.SUN.3.91.960130101707.24113C-100000@rwd.goucher.edu>
Jon Lasser writes:
> But the fact that Java windows are obvious doesn't seem to really speak
> to the question of can they be faked from *outside* Java.
If you need to worry about something showing up on your machine that's
capable of creating fake input dialogs on your screen, I claim you
have some serious problems.
> In fact, very distinctive windows for Java are likely to increase the
> success of an attack which duplicates the window decorations perfectly,
> because people will be used to it.
But if by being used to such windows people understand that they're
not necessarily to be trusted, I don't see why that'd be an attractive
way of slipping in a trojan horse. I mean, if you want to give
somebody a trojan horse, you don't hang a sign around its neck reading
"I am a trojan horse".
______c_____________________________________________________________________
Mike M Nally * Tivoli Systems * Austin TX * I want more, I want more,
m5@tivoli.com * m101@io.com * I want more, I want more ...
<URL:http://www.io.com/~m101> *_______________________________
