[33591] in bugtraq
Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL from Internet Explorer
daemon@ATHENA.MIT.EDU (der Mouse)
Tue Feb 10 19:02:53 2004
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
Message-Id: <200402102113.QAA06593@Sparkle.Rodents.Montreal.QC.CA>
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
Date: Tue, 10 Feb 2004 16:10:55 -0500 (EST)
To: Darren Reed <avalon@caligula.anu.edu.au>, bugtraq@securityfocus.com
In-Reply-To: <200402100351.i1A3pT6W013720@caligula.anu.edu.au>
> Signed applications and signed DLLs and signed drivers [...] coming
> to a Unix near you SOONER rather than later.
> Or is that the kind of thing you disable upon installation because it
> gets in the way of you being able to install whatever "you" want ?
Depends. Does it include the tools necessary to sign my own code?
If not, yes, I will disable it, to the point of running a different OS
if necessary.
If so, what's to stop a malware creator from using those same tools to
sign the attack vector?
/~\ The ASCII der Mouse
\ / Ribbon Campaign
X Against HTML mouse@rodents.montreal.qc.ca
/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
