1998-06-02 - RE: Counterpane Cracks MS’s PPTP
Header Data
From: “Iain Collins” <icollins@scotland.net>
To: <cypherpunks@toad.com>
Message Hash: 7bb8b931fd9d274997ee3029db10128d46c59b567d679ee807646ff3e023e8c4
Message ID: <002301bd8e39$c8b18880$c7f3b094@webadmin.sol.co.uk>
Reply To: <19980602152326.B32084@caffeine.ix.net.nz>
UTC Datetime: 1998-06-02 15:20:43 UTC
Raw Date: Tue, 2 Jun 1998 08:20:43 -0700 (PDT)
Raw message
From: "Iain Collins" <icollins@scotland.net>
Date: Tue, 2 Jun 1998 08:20:43 -0700 (PDT)
To: <cypherpunks@toad.com>
Subject: RE: Counterpane Cracks MS's PPTP
In-Reply-To: <19980602152326.B32084@caffeine.ix.net.nz>
Message-ID: <002301bd8e39$c8b18880$c7f3b094@webadmin.sol.co.uk>
MIME-Version: 1.0
Content-Type: text/plain
As reguards:
> Previous security foobars by M$:
>
> NT C2 <---- LOL!!!
I beleive that no operating system has ever been given a C2 certification,
and that only indiviual installations can be certifed.
This requries that each installation be transported and conducted under
armed guard, which is case with certain US government Microsoft NT
Workstation installations.
It is also stated (somewhere, but I don't have the details to hand) that no
C2 rated system should be plugged in to an external network connection (i.e.
the internet), and that only connections to secure LAN's/WAN's are permitted
(otherwise the C2 certification is meaningless, hence why NT Sever has never
been C2 certified IIRC).
I would be grateful if anyone can categorically deny or in any way support
this.
> Auto-Launch attached binaries in E-Mail <-- Can we say GoodTimes?
The GoodTimes virus was, according to the DOE's CAIC a hoax. This is also my
personal opinion. This is what DOE's CAIC have to say:
http://ciac.llnl.gov/ciac/CIACHoaxes.html#goodtimes
Or, more amusingly.
http://ciac.llnl.gov/ciac/CIACHoaxes.html#goodspoof
However All E-mail readers that support HTML & JavaScript/Java/Active-X are
inherantly insecure. This inlcudes Netscape Navigator and Microsoft Outlook,
where mearly the act of previewing a malicious message can cause adverse
effects.
If anyone were to include a embed a malicious Java or Active-X control then
the supposed sandbox in Windows 9X/NT would be ineffectual as one could
conceviably create a control which could execute software anywhere on the
hard disk (this has already been done using both Active-X and IE under
Windows 95). Thus it follows that it could determain what viewer it is being
read under and execute any other attachments in the same e-mail from where
the are stored (in Netscape/Outlook) which could then... <please complete
this sentence using your own words>
Iain Collins, icollins@sol.co.uk
Thread
Return to June 1998
- Return to “Alan <alan@ctrl-alt-del.com>”
- Return to “Brad Kemp <kemp@indusriver.com>”
- Return to “Chris Wedgwood <chris@cybernet.co.nz>”
- Return to “Dark Knight <DarkKnight@Elitehackers.org>”
- Return to ““Iain Collins” <icollins@scotland.net>”
- Return to “Jim Tatz <jtatz@chemistry.ohio-state.edu>”
- Return to “John Young <jya@pipeline.com>”
- Return to ““Paul H. Merrill” <paulmerrill@acm.org>”
- Return to “Ryan Anderson <ryan@michonline.com>”
- Return to ““William H. Geiger III” <whgiii@invweb.net>”
Return to “Xcott Craver <caj@math.niu.edu>”
- 1998-06-01 (Mon, 1 Jun 1998 10:33:08 -0700 (PDT)) - Counterpane Cracks MS’s PPTP - John Young <jya@pipeline.com>
- 1998-06-01 (Mon, 1 Jun 1998 14:38:44 -0700 (PDT)) - Re: Counterpane Cracks MS’s PPTP - “William H. Geiger III” <whgiii@invweb.net>
- 1998-06-02 (Mon, 1 Jun 1998 17:42:49 -0700 (PDT)) - Holy QPRNF, part II (Re: Counterpane Cracks MS’s PPTP) - Xcott Craver <caj@math.niu.edu>
- 1998-06-02 (Mon, 1 Jun 1998 22:23:25 -0700 (PDT)) - Re: Counterpane Cracks MS’s PPTP - Alan <alan@ctrl-alt-del.com>
- 1998-06-02 (Tue, 2 Jun 1998 04:16:03 -0700 (PDT)) - Re: Counterpane Cracks MS’s PPTP - Chris Wedgwood <chris@cybernet.co.nz>
- 1998-06-02 (Mon, 1 Jun 1998 20:24:24 -0700 (PDT)) - Re: Counterpane Cracks MS’s PPTP - Chris Wedgwood <chris@cybernet.co.nz>
- 1998-06-02 (Tue, 2 Jun 1998 08:20:43 -0700 (PDT)) - RE: Counterpane Cracks MS’s PPTP - “Iain Collins” <icollins@scotland.net>
- 1998-06-02 (Tue, 2 Jun 1998 09:37:48 -0700 (PDT)) - Re: Counterpane Cracks MS’s PPTP - “Paul H. Merrill” <paulmerrill@acm.org>
- 1998-06-02 (Tue, 2 Jun 1998 16:10:10 -0700 (PDT)) - WinNT C2? - Jim Tatz <jtatz@chemistry.ohio-state.edu>
- 1998-06-02 (Tue, 2 Jun 1998 16:51:48 -0700 (PDT)) - Re: WinNT C2? - “William H. Geiger III” <whgiii@invweb.net>
- 1998-06-03 (Tue, 2 Jun 1998 17:14:27 -0700 (PDT)) - Re: WinNT C2? - Jim Tatz <jtatz@chemistry.ohio-state.edu>
- 1998-06-03 (Tue, 2 Jun 1998 18:22:02 -0700 (PDT)) - Re: WinNT C2? - “William H. Geiger III” <whgiii@invweb.net>
- 1998-06-03 (Tue, 2 Jun 1998 17:42:52 -0700 (PDT)) - Re: WinNT C2? - Dark Knight <DarkKnight@Elitehackers.org>
- 1998-06-03 (Tue, 2 Jun 1998 18:46:20 -0700 (PDT)) - Re: WinNT C2? - “William H. Geiger III” <whgiii@invweb.net>
- 1998-06-03 (Tue, 2 Jun 1998 21:32:09 -0700 (PDT)) - Re: WinNT C2? - Dark Knight <DarkKnight@Elitehackers.org>
- 1998-06-03 (Tue, 2 Jun 1998 18:46:20 -0700 (PDT)) - Re: WinNT C2? - “William H. Geiger III” <whgiii@invweb.net>
- 1998-06-03 (Tue, 2 Jun 1998 17:14:27 -0700 (PDT)) - Re: WinNT C2? - Jim Tatz <jtatz@chemistry.ohio-state.edu>
- 1998-06-02 (Tue, 2 Jun 1998 16:54:58 -0700 (PDT)) - Re: WinNT C2? - Ryan Anderson <ryan@michonline.com>
- 1998-06-02 (Tue, 2 Jun 1998 16:51:48 -0700 (PDT)) - Re: WinNT C2? - “William H. Geiger III” <whgiii@invweb.net>
- 1998-06-02 (Tue, 2 Jun 1998 08:20:43 -0700 (PDT)) - RE: Counterpane Cracks MS’s PPTP - “Iain Collins” <icollins@scotland.net>
- 1998-06-02 (Tue, 2 Jun 1998 06:09:55 -0700 (PDT)) - Re: Counterpane Cracks MS’s PPTP - Brad Kemp <kemp@indusriver.com>
- 1998-06-02 (Tue, 2 Jun 1998 16:31:53 -0700 (PDT)) - Re: Counterpane Cracks MS’s PPTP - Xcott Craver <caj@math.niu.edu>
- 1998-06-01 (Mon, 1 Jun 1998 14:38:44 -0700 (PDT)) - Re: Counterpane Cracks MS’s PPTP - “William H. Geiger III” <whgiii@invweb.net>