[4452] in WWW Security List Archive
Re: ActiveX Bank-Quicken Exploit
daemon@ATHENA.MIT.EDU (Racer X)
Fri Feb 14 20:15:24 1997
Date: Fri, 14 Feb 1997 17:37:21 -0500 (EST)
From: Racer X <shagboy@world.std.com>
To: David Kennedy <76702.3557@compuserve.com>
cc: John Johnson <novatech@nectar.com.au>,
WWW Security List <WWW-SECURITY@ns2.rutgers.edu>
In-Reply-To: <970210161504_76702.3557_CHN70-1@CompuServe.COM>
Errors-To: owner-www-security@ns2.rutgers.edu
On 10 Feb 1997, David Kennedy wrote:
> As to solutions? Microsoft, Intuit and the users have to come to grips with
> this. At a macro level this is almost a virus like issue. You don't run
> untrusted code on your machine, as you. Probably why unix viruses never took
> off.
Personally, I think the USERS need to come to grips with this. I don't
know about you, but I don't leave MY CC numbers lying about my hard disk.
PC financial programs have not been around nearly as long as the American
banking system has - they are still bleeding-edge even though they are
10-15 years old (or older). And those who live on the bleeding edge are
bound to get bloody noses now and then...
shag
Judd Bourgeois PGP key ID 0xEDC21CA1
shagboy@world.std.com 25DDE4AF C5AFEF51 6905DC77 360F0387
To all my friends - It's not the end
The earth has not swallowed me yet - 311, "Freak Out"
