1998-06-07 - Re: Counterpane Cracks MS’s PPTP

Header Data

From: Bill Stewart <bill.stewart@pobox.com>
To: Chris Wedgwood <cypherpunks@toad.com
Message Hash: aa92edfe2817cfd7adbeb729fc781e15e744242bf714ea896305e42e6b6fa7ff
Message ID: <3.0.5.32.19980607123650.008cf970@popd.ix.netcom.com>
Reply To: <e01acc58.35737d7c@aol.com>
UTC Datetime: 1998-06-07 19:40:45 UTC
Raw Date: Sun, 7 Jun 1998 12:40:45 -0700 (PDT)

Raw message

From: Bill Stewart <bill.stewart@pobox.com>
Date: Sun, 7 Jun 1998 12:40:45 -0700 (PDT)
To: Chris Wedgwood <cypherpunks@toad.com
Subject: Re: Counterpane Cracks MS's PPTP
In-Reply-To: <e01acc58.35737d7c@aol.com>
Message-ID: <3.0.5.32.19980607123650.008cf970@popd.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


>> << > Auto-Launch attached binaries in E-Mail <-- Can we say G**dT*mes?
>> It was my understanding, that the so-called GoodTimes virus was a farce,
>> apparently aimed at specific commercial spammers.
>G**dT*mes is a hoax.
>
>I'm talking about a bug in Outlook (Express?) that will execute code when
>email messages are opened.

G**dT*mes and its ilk are hoaxes, which infect the mind of some readers,
causing Fear and Panic, and propagating around like chain letters.
But the fear-causing part is the assertion that if you read the message,
it will execute on your computer and do Bad Scary Things.
In the case of G**dT*mes, this was bogus, but it doesn't have to be.

In a passive-mail-reader environment, this won't happen,
because there's no reason your mailreader will execute commands 
embedded in email, but if you've got a mail-reader that
executes scripts sent to it in the mail, you don't need the 
human reader's participation to spread things,
you just need to tell the mail-reader to propagate and then
do whatever payload you've sent along as well.

The IBM Christmas-Tree Virus didn't use Fear to execute -
it promised the readers an amusing animated Christmas Tree on their terminals
(back when that was still perceived as cool :-) and if the sucker ran it,
it ran its propagation phase before or during the animation.

And back when we used Real Terminals instead of emulators,
you could send a crafty escape sequence to an HP2621 or VT100
to stash material in a register or on the screen and
get it sent back to the computer.  If you made a good guess
about the environment, this was enough ("Quit mailreader, run /tmp/boom".)
There was an article in the SFChron or Oakland Trib in spring 1979
about how "hackers at Berkeley" discovered a security hole in
"the Unix, a computer made by DEC", which was really a terminal exploit.

How good is that VT100 emulator you're using to telnet to that shell account?
 .
	.
		.
			.
				.
					.
						.
							ESC[42m;
								.

									yeah, that was fake.....







Thread