[49187] in Cypherpunks

home help back first fref pref prev next nref lref last post

Re: XMAS Exec

daemon@ATHENA.MIT.EDU (Dr. Dimitri Vulis)
Sun Feb 4 14:39:20 1996

Errors-To: cpadmin@toad.com
To: cypherpunks@toad.com
From: dlv@bwalk.dm.com (Dr. Dimitri Vulis)
Date: Sun, 04 Feb 96 13:58:58 EST
In-Reply-To: <ol5DPvGMc50eR2cD0x@nsb.fv.com>

Nathaniel Borenstein <nsb@nsb.fv.com> writes:
> Dr. Dimitri Vulis@bwalk. (1227)
>
> > I'd like to take an exception to this description of the XMAS EXEC, since
> .............
> > I had serious doubts that the person who wrote it was malicious.
>
> Agreed completely.  I didn't mean to imply that the author was
> malicious, merely that it well-illustrated the "social engineering"
> approach to getting users to run untrusted code.  What I was saying is
> that someone who *was* malicious could have used the same approach as
> the attack vector for getting our credit card snooper (or other nasty
> code) onto lots of consumer machines.  This came up, in the discussion,
> because most people on this list seem to believe (correctly, I think)
> that the hardest part of the attack we outlined is the initial infection
> vector.  -- Nathanielx

In '87, many people received an unsolicited executable from a known source, and
ran it without thinking twice. (If A has B's address in his nickname file, then
B probably knows and trusts A to some extent.) I hope users today know better.

I don't see why stopping a keyboard sniffer is any harder than stopping any
other virus/trojan - and most shops manage to keep them out.

---

<a href="mailto:dlv@bwalk.dm.com">Dr. Dimitri Vulis</a>
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps

home help back first fref pref prev next nref lref last post