[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: It is time to break Authenticode



On Tue, 4 Mar 1997, John Lehmann (SSASyd) wrote:

[ ActiveX discussion snipped ]

> Perhaps an interesting "nudie screensaver" control could be made to mail   
> any Root.cer Cert.cer and Cert.spc (I guess) files lying around on the   
> target computer to a well known mailing-list...
> 
> One wonders whether it would even be illegal. *sigh* I suppose it would   
> be.

This may be feasible without resorting to ActiveX.  Microsoft IE 3.0 has a
nifty security bug that allows a malicious WWW page to run arbitrary
programs (e.g. "format c: /y").  Details (and a demo that starts the
Windows calculator locally) are at

  http://www.cybersnot.com/iebug.html

There are "uploader" programs for WWW servers; one of these should be
modifiable to look for %PGPPATH%/secring.pgp without prompting... 

The great (?) thing about this bug is that, since there is no confirmation
and the rogue programs don't use ActiveX or Java, you can't prevent a site
from trashing your PC.  (Except by trashing your copy of IE.)

Microsoft will have a fix out Real Soon Now, of course...

Cynthia

===============================================================
		   Cynthia H. Brown, P.Eng.
E-mail:     [email protected]  | PGP Key:  See Home Page
Home Page:  http://www.iosphere.net/~cynthb/
Junk mail will be ignored in the order in which it is received.

        Klein bottle for rent; enquire within.