From: Ted Garrett <teddygee@visi.net>
Date: Mon, 11 Nov 1996 20:09:35 -0800 (PST)
To: Rabid Wombat <wombat@mcfeely.bsfs.org>
Subject: Re: two bogus messages to this list
In-Reply-To: <Pine.BSF.3.91.961111182838.3985C-100000@mcfeely.bsfs.org>
Message-ID: <Pine.LNX.3.95.961111230028.1242C-100000@tgrafix.livesys.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="Boundary..3948.1071713639.multipart/signed"

--Boundary..3948.1071713639.multipart/signed
Content-Type: text/plain
Content-Transfer-Encoding: 7bit


On Mon, 11 Nov 1996, Rabid Wombat wrote:
>On Mon, 11 Nov 1996 attila@primenet.com wrote:
>
>> In <199611111238.GAA17346@manifold.algebra.com>, on 11/11/96 
>>    at 06:38 AM, ichudov@algebra.com (Igor Chudov @ home) said:
>> 
>> -.I did not write the two messages below. I did have a small party
>> -.yesterday, probably some of my guests did that...
>>         just goes to proof it:  Microslop and Intel boxes are secure
>>     only when most of their parts are stored under lock and key.
>
>Um, not to disagree with you re Intel/Micro$loth, but most UNIX systems 
>can be brought up in single-user mode and the root password changed by 
>anyone with physical access to the system. You could end up with even 
>more trouble than if someone messed with your M$ box.

Microsloth has, at the heart of it's system, a call which traps ALL
KEYSTROKES and EVENTS.  This call exists from Win32s on, and can be
placed inside of a DLL which most users would have no idea was loaded.
Even under NT, this DLL can be made to remain resident and trapping
Keystrokes, events, and window contents.

Does this just BEG to be exploited?

If you give me normal user access to ANY microsloth machine, I can
have most of the system's security broken down to NOTHING within a
week.  And I'm not even a good MS programmer!  <Are my prejudices
showing?>

At least under UNIX, you damned well know you have to secure your
system.  Microsloth attempts to sell itself as a secure platform.

---
"Obviously, the US Constitution isn't perfect, but
it's a lot better than what we have now." - Unknown
PGP key id - 0xDEACDFD1 - Full key available from
pgp-public-keys@pgp.mit.edu




--Boundary..3948.1071713639.multipart/signed
Content-Type: application/octet-stream; name="pgp00000.pgp"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="pgp00000.pgp"
Content-Description: "PGP signature"

LS0tLS1CRUdJTiBQR1AgU0lHTkFUVVJFLS0tLS0KVmVyc2lvbjogMi42LjNp
CgppUUVWQXdVQk1vZjRhYzErbDhFS0JLNUZBUUh5SFFmN0JwVjhHQkI3RUVh
emZsRkhvVGpzVWdCcmF5SDlpYkNiCklCWVdVcWlmdHV2aUc3VGRLTWcvU2oz
ZWg2OU85aU1xYWg1bFpSMGJ2cEtacUZiZU5nYk1SR0hueXRqR3ZrNXoKY21K
VVFhUGdOWXVwWmxMZGcwYmZibmFOeWpKelVZVHBOSXVOWC9mdndVd1lRREt0
WHF1VHFjb012V2wwdEZTSQpOMFBhaVpFajVnc1JiTkNpSjE1VXV6cHd4bitG
dFlod3E5MmJXQ1dtU3FMa3BnbjFGYkMwUHd6bUtvRWNySHBXCmhZSUNtMExM
UzVQcDl5ODQ2U05FY0FOT1A2Ni9WZkFMMXBNc2lCQ0wwdEx4QmErSy9VY0I2
eG51dEFwUTRLMFAKRGVNa2hxdzNaNmZRVkJBbkpGR3NyVkphWE92dnRQZEgx
TGJ3bzFlSXV0YnF5QWFGVTJGVkdRPT0KPWRydS8KLS0tLS1FTkQgUEdQIFNJ
R05BVFVSRS0tLS0tCg==
--Boundary..3948.1071713639.multipart/signed--