staym@accessdata.com
Tue, 07 Apr 1998 21:05:36 -0600
I'm not sure if this is appropriate for CodherPlunks; if not, sorry. And
please don't respond just to flame microsoft.
Under windows 95, various hooks can be installed to intercept *any* kind
of message. The computer-based training hook can intercept the
WM_CREATE message. If a password-box is created, the hook procedure
could note it and poll it for its text, then write the information to
disk (or do anything else it wanted) when the window is destroyed. Same
thing goes for edit boxes in web browsers: if one contains a
sixteen-digit number, odds are it's a credit card number and the rest of
the information is in the boxes around it. All the crypto in the world
won't help if they can (effectively) watch you type in the information
in the first place.
Is there any defense to this sort of attack other than switching to
Linux?
-- Mike Stay Cryptographer / Programmer AccessData Corp. mailto:staym@accessdata.com
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:16:51 ADT