Re: XMAS Exec

[dlv@bwalk.dm.com (Dr. Dimitri Vulis)]

Nathaniel Borenstein <nsb@nsb.fv.com> writes:
> Dr. Dimitri Vulis@bwalk. (1227)
>
> > I'd like to take an exception to this description of the XMAS EXEC, since
> .............
> > I had serious doubts that the person who wrote it was malicious.
>
> Agreed completely.  I didn't mean to imply that the author was
> malicious, merely that it well-illustrated the "social engineering"
> approach to getting users to run untrusted code.  What I was saying is
> that someone who *was* malicious could have used the same approach as
> the attack vector for getting our credit card snooper (or other nasty
> code) onto lots of consumer machines.  This came up, in the discussion,
> because most people on this list seem to believe (correctly, I think)
> that the hardest part of the attack we outlined is the initial infection
> vector.  -- Nathanielx

In '87, many people received an unsolicited executable from a known source, and
ran it without thinking twice. (If A has B's address in his nickname file, then
B probably knows and trusts A to some extent.) I hope users today know better.

I don't see why stopping a keyboard sniffer is any harder than stopping any
other virus/trojan - and most shops manage to keep them out.

---

<a href="mailto:dlv@bwalk.dm.com">Dr. Dimitri Vulis</a>
Brighton Beach Boardwalk BBS, Forest Hills, N.Y.: +1-718-261-2013, 14.4Kbps