[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

XMAS Exec

To: [email protected], [email protected] (Dr. Dimitri Vulis)
Subject: XMAS Exec
From: Nathaniel Borenstein <[email protected]>
Date: Sun, 4 Feb 1996 13:12:11 -0500 (EST)
In-Reply-To: <[email protected]>
References: <[email protected]>
Sender: [email protected]

Excerpts from mail.cypherpunks: 31-Jan-96 Re: FV Demonstrates Fatal F..
Dr. Dimitri Vulis@bwalk. (1227)

> I'd like to take an exception to this description of the XMAS EXEC, since
.............
> I had serious doubts that the person who wrote it was malicious.

Agreed completely.  I didn't mean to imply that the author was
malicious, merely that it well-illustrated the "social engineering"
approach to getting users to run untrusted code.  What I was saying is
that someone who *was* malicious could have used the same approach as
the attack vector for getting our credit card snooper (or other nasty
code) onto lots of consumer machines.  This came up, in the discussion,
because most people on this list seem to believe (correctly, I think)
that the hardest part of the attack we outlined is the initial infection
vector.  -- Nathanielx
--------
Nathaniel Borenstein <[email protected]>
Chief Scientist, First Virtual Holdings
FAQ & PGP key: [email protected]

Follow-Ups:
- Re: XMAS Exec
  - From: [email protected] (Dr. Dimitri Vulis)

Prev by Date: Re: Flaw in FV process (was FV and Netscape slagging each other off :-)
Next by Date: Re: Need a "warning" graphic of some kind for CDA
Prev by thread: How do I quit list?
Next by thread: Re: XMAS Exec
Index(es):
- Date
- Thread