Return-Path: <sentto-279987-5139-1028740693-fc=all.net@returns.groups.yahoo.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Wed, 07 Aug 2002 10:19:07 -0700 (PDT) Received: (qmail 4228 invoked by uid 510); 7 Aug 2002 17:16:56 -0000 Received: from n39.grp.scd.yahoo.com (66.218.66.107) by all.net with SMTP; 7 Aug 2002 17:16:56 -0000 X-eGroups-Return: sentto-279987-5139-1028740693-fc=all.net@returns.groups.yahoo.com Received: from [66.218.66.96] by n39.grp.scd.yahoo.com with NNFMP; 07 Aug 2002 17:18:13 -0000 X-Sender: azb@llnl.gov X-Apparently-To: iwar@yahoogroups.com Received: (EGP: mail-8_0_7_4); 7 Aug 2002 17:18:12 -0000 Received: (qmail 56744 invoked from network); 7 Aug 2002 17:18:11 -0000 Received: from unknown (66.218.66.217) by m13.grp.scd.yahoo.com with QMQP; 7 Aug 2002 17:18:11 -0000 Received: from unknown (HELO smtp-1.llnl.gov) (128.115.250.81) by mta2.grp.scd.yahoo.com with SMTP; 7 Aug 2002 17:18:11 -0000 Received: from poptop.llnl.gov (localhost [127.0.0.1]) by smtp-1.llnl.gov (8.9.3/8.9.3/LLNL-gateway-1.0) with ESMTP id KAA02218 for <iwar@yahoogroups.com>; Wed, 7 Aug 2002 10:18:07 -0700 (PDT) Received: from catalyst2b.llnl.gov (catalyst.llnl.gov [128.115.222.68]) by poptop.llnl.gov (8.8.8/LLNL-3.0.2/pop.llnl.gov-5.1) with ESMTP id KAA10332 for <iwar@yahoogroups.com>; Wed, 7 Aug 2002 10:18:06 -0700 (PDT) Message-Id: <5.0.0.25.2.20020807101955.04d10638@poptop.llnl.gov> X-Sender: e048786@poptop.llnl.gov X-Mailer: QUALCOMM Windows Eudora Version 5.0 To: iwar@yahoogroups.com In-Reply-To: <200208070354.g773sZx24974@red.all.net> From: Tony Bartoletti <azb@llnl.gov> Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Wed, 07 Aug 2002 10:24:44 -0700 Subject: Re: [iwar] [fc:Trojan.Horse.Technology.Exploits.IE.Hole] Reply-To: iwar@yahoogroups.com Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Spam-Status: No, hits=-101.2 required=5.0 tests=IN_REP_TO,RISK_FREE,FREE_MONEY,USER_IN_WHITELIST version=2.20 X-Spam-Level: >Trojan Horse Technology Exploits IE Hole > >Researchers show a tool that could admit hackers by pretending to be a >trusted Microsoft application. [snip] >Meer says the three hope Microsoft will soon deal with the invisible >window function. But he acknowledges that this will be difficult, since >"it will take some functionality away from IE if Microsoft tries to >limit the invisible browser." Rather than limit, why not just make the functionality "less invisible"? Force it to employ a "visible" (iconized) window, and allow the user to choose a configuration whereupon the user is "asked" every time an application attempts to make use of one. ____tony b____ Tony Bartoletti 925-422-3881 <azb@llnl.gov> Information Operations and Assurance Center Lawrence Livermore National Laboratory Livermore, CA 94551-9900 ------------------------ Yahoo! Groups Sponsor ---------------------~--> Free $5 Love Reading Risk Free! http://us.click.yahoo.com/09Lw8C/PfREAA/Ey.GAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2002-10-01 06:44:32 PDT