1996-01-30 - Re: Java Sniffer (Was: Re: FV Announces That The Sky Is Falling)

Header Data

From: m5@dev.tivoli.com (Mike McNally)
To: Jon Lasser <jlasser@rwd.goucher.edu>
Message Hash: 6a9f72eb494e9371ec5b8318a22914fb1d94b68cb64c3729156084fc217af6ec
Message ID: <9601301545.AA07088@alpha>
Reply To: <9601301358.AA14772@alpha>
UTC Datetime: 1996-01-30 18:29:00 UTC
Raw Date: Wed, 31 Jan 1996 02:29:00 +0800

Raw message

From: m5@dev.tivoli.com (Mike McNally)
Date: Wed, 31 Jan 1996 02:29:00 +0800
To: Jon Lasser <jlasser@rwd.goucher.edu>
Subject: Re: Java Sniffer (Was: Re: FV Announces That The Sky Is Falling)
In-Reply-To: <9601301358.AA14772@alpha>
Message-ID: <9601301545.AA07088@alpha>
MIME-Version: 1.0
Content-Type: text/plain



Jon Lasser writes:
 > But the fact that Java windows are obvious doesn't seem to really speak 
 > to the question of can they be faked from *outside* Java.

If you need to worry about something showing up on your machine that's
capable of creating fake input dialogs on your screen, I claim you
have some serious problems.

 > In fact, very distinctive windows for Java are likely to increase the 
 > success of an attack which duplicates the window decorations perfectly, 
 > because people will be used to it.

But if by being used to such windows people understand that they're
not necessarily to be trusted, I don't see why that'd be an attractive
way of slipping in a trojan horse.  I mean, if you want to give
somebody a trojan horse, you don't hang a sign around its neck reading
"I am a trojan horse".

______c_____________________________________________________________________
Mike M Nally * Tivoli Systems * Austin TX   * I want more, I want more,
       m5@tivoli.com * m101@io.com          * I want more, I want more ...
      <URL:http://www.io.com/~m101>         *_______________________________

Thread

• Return to January 1996

• Return to February 1996

• Return to “dlv@bwalk.dm.com (Dr. Dimitri Vulis)”
• Return to ““Ed Carp, KHIJOL SysAdmin” <erc@dal1820.computek.net>”
• Return to “futplex@pseudonym.com (Futplex)”
• Return to “Jon Lasser <jlasser@rwd.goucher.edu>”
• Return to “m5@dev.tivoli.com (Mike McNally)”
• Return to “Mike Fletcher <fletch@ain.bls.com>”
• Return to “Nathaniel Borenstein <nsb@nsb.fv.com>”
• Return to “Paul Foley <paul@mycroft.actrix.gen.nz>”
• Return to ““Paul M. Cardon” <pmarc@fnbc.com>”
• Return to “Rich Graves <llurch@networking.stanford.edu>”
• Return to “Rich Salz <rsalz@osf.org>”
• Return to ““Richard Martin” <rmartin@aw.sgi.com>”

• Return to “Tim Philp <bplib@wat.hookup.net>”

• 1996-01-30 (Tue, 30 Jan 1996 17:12:29 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - Rich Salz <rsalz@osf.org>
  • 1996-01-30 (Tue, 30 Jan 1996 19:42:59 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - Nathaniel Borenstein <nsb@nsb.fv.com>
    • 1996-01-31 (Wed, 31 Jan 1996 12:22:49 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - Paul Foley <paul@mycroft.actrix.gen.nz>
      • 1996-02-01 (Thu, 1 Feb 1996 10:16:17 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - dlv@bwalk.dm.com (Dr. Dimitri Vulis)
        • 1996-02-04 (Mon, 5 Feb 1996 02:34:33 +0800) - XMAS Exec - Nathaniel Borenstein <nsb@nsb.fv.com>
          • 1996-02-04 (Mon, 5 Feb 1996 04:23:18 +0800) - Re: XMAS Exec - dlv@bwalk.dm.com (Dr. Dimitri Vulis)
  • 1996-01-30 (Tue, 30 Jan 1996 21:08:44 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - “Paul M. Cardon” <pmarc@fnbc.com>
  • 1996-02-01 (Fri, 2 Feb 1996 02:16:15 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - dlv@bwalk.dm.com (Dr. Dimitri Vulis)
  • 1996-02-01 (Fri, 2 Feb 1996 02:19:42 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - Tim Philp <bplib@wat.hookup.net>
    • 1996-01-30 (Tue, 30 Jan 1996 13:45:13 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - “Ed Carp, KHIJOL SysAdmin” <erc@dal1820.computek.net>
      • 1996-02-01 (Fri, 2 Feb 1996 01:59:49 +0800) - Re: Java Sniffer (Was: Re: FV Announces That The Sky Is Falling) - futplex@pseudonym.com (Futplex)
        • 1996-01-30 (Tue, 30 Jan 1996 23:03:11 +0800) - Re: Java Sniffer (Was: Re: FV Announces That The Sky Is Falling) - m5@dev.tivoli.com (Mike McNally)
          • 1996-01-30 (Wed, 31 Jan 1996 01:48:05 +0800) - Re: Java Sniffer (Was: Re: FV Announces That The Sky Is Falling) - Jon Lasser <jlasser@rwd.goucher.edu>
          • 1996-01-30 (Wed, 31 Jan 1996 02:29:00 +0800) - Re: Java Sniffer (Was: Re: FV Announces That The Sky Is Falling) - m5@dev.tivoli.com (Mike McNally)
            • 1996-01-31 (Wed, 31 Jan 1996 11:40:37 +0800) - Re: Java Sniffer (Was: Re: FV Announces That The Sky Is Falling) - futplex@pseudonym.com (Futplex)
            • 1996-01-31 (Thu, 1 Feb 1996 03:47:19 +0800) - Re: Java Sniffer (Was: Re: FV Announces That The Sky Is Falling) - m5@dev.tivoli.com (Mike McNally)
        • 1996-01-30 (Tue, 30 Jan 1996 23:42:02 +0800) - Re: Java Sniffer (Was: Re: FV Announces That The Sky Is Falling) - “Richard Martin” <rmartin@aw.sgi.com>
        • 1996-01-30 (Wed, 31 Jan 1996 00:49:47 +0800) - Re: Java Sniffer (Was: Re: FV Announces That The Sky Is Falling) - Mike Fletcher <fletch@ain.bls.com>
        • 1996-01-31 (Wed, 31 Jan 1996 16:55:46 +0800) - Re: Java Sniffer (Was: Re: FV Announces That The Sky Is Falling) - Rich Graves <llurch@networking.stanford.edu>
    • 1996-01-30 (Tue, 30 Jan 1996 23:10:58 +0800) - Re: FV Demonstrates Fatal Flaw in Software Encryption of Credit - m5@dev.tivoli.com (Mike McNally)