[10026] in bugtraq
Re: IE5 Feature/security hole
daemon@ATHENA.MIT.EDU (Juha =?iso-8859-1?Q?J=E4ykk=E4?=)
Mon Mar 29 14:09:15 1999
Date: Mon, 29 Mar 1999 09:44:52 +0300
Reply-To: Juha =?iso-8859-1?Q?J=E4ykk=E4?= <juolja@UTU.FI>
From: Juha =?iso-8859-1?Q?J=E4ykk=E4?= <juolja@UTU.FI>
To: BUGTRAQ@NETSPACE.ORG
> According to Microsoft, the database (call it what you like) where al=
l this
> information is stored is encrypted, so you cannot just go to a random
> machine and grab all the data - you must go to a form that has the pr=
oper
> field names in order to get the information.
Blast it! Where does the pass phrase come from? Does IE5 ask the user
for encryption password when this autofill feature is first used? Does
IE5 ask the user for decryption password every time this feature is use=
d
during different sessions? (By session I mean running a program and
shutting it down. The important thing here is it thus effectively erase=
s
any memory cache it might have been using - if it remembered the
password (as programs NEVER must)...) If you answered "no" to any of th=
e
above, then the password is stored somewhere and it can be retrieved an=
d
the "secure" encrypted storage decrypted by anyone who has access to th=
e
machine. This brings us back to square one: anyone with access to your
IE5 has access to anything you have ever typed in any form.
By the way: where exactly are the entries stored? Are they secured
with proper NTFS permissions or are they just left somewhere in
%SystemRoot% with Everyone:F permissions so every user would use the
same file or does every user have a distinct file (not that this would
help with non-NT windows)?
I just wonder, when will we see security in MS products, other than
NT? I'm becoming really worried... now that NT5 is renamed, I'd not be
surprised if security had been also lost with the name...
--
Juha J=E4ykk=E4, juhaj@iki.fi
