[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit



Nathaniel Borenstein said:
> 
> > I don't believe you.  Name six.
> 
> Sure thing, always glad to clarify my claims.
> 
> 1. (my current favorite) post it to MSN.  There, Microsoft has made
> getting infected with a Trojan Horse as easy as clicking on an icon
> embedded in a mail or news message.  (You want to try convincing the
> average consumer that it isn't safe, if Microsoft makes it that easy?)
>
> 2.  Get the sources to a public domain image viewer.  Change them
> slightly.  Claim that you've improved it by 13.7%.  Post your improved
> (and infected) image viewer to the net.

Trojan horse.  This is the same as #1. 

> 3.  Ditto for an audio viewer, a mail reader, a news reader,.... 
> (zillions right there alone)

Zillions of trojan horses...all the same.
I guess you can call the source credit.asm, sniffer.c, capture.bas or
any number of other names, too...geez, there's another few zillion.
 
> 4.  Imitate the IBM Christmas exec.  Break into someone's site and steal
> their mail aliases file.  Now send mail to everyone on their alias list,
> pretending to be them, offering them a cute animation program they can
> install.  The animation will happen, but it will also send mail to all
> THEIR aliases (like the Christmas exec) and (unlike that) install our
> malicious snooping software.

Another trojan horse.

> 5.  Write a genuinely useful program (or a game) of your own, but embed
> your attack in it.  (Caution:  Being the real author will increase your
> traceability.)

Another trojan horse.

> 6.  Write a pornographic screen saver.  Not only will zillions of people
> download it, but they will EXPECT the code to watch keystrokes.

Another trojan horse.

> 7.  [*maybe*] Spread it by Java applet.  This is a maybe because the
> level of Java security seems to be browser-discretionary.  Even a
> relatively conservative let-the-user-choose approach like Netscape's,
> however, can be defeated with a little social engineering, as in "this
> is a really cool Java applet to do XYZ, but you'll have to set
> Netscape's Java security level to minimum to run it....."

"...and type your CC# into a box that advertises itself as an 'insecure
foreign applet'" or some such thing.
Far as I can tell you can't hook the keyboard this way, just ask people to
give you the number.  And then you can only send it back to wherever the
applet came from.

> 8.  Internet-based breakin/installations, e.g. to NT or anything else
> that runs incoming services.
>
> 9.  Traditional virus techniques.
> 
> Oh, you only asked for 6, sorry.....  Feel free to ignore a few.

I count 4.

--
Paul Foley            Email: <[email protected]>