JB> It seems the cookie files are engineered so that they don't
JB> start with "MZ" Anyway stick a .EXE filename extension on
JB> aything and the system will try to run it, as a .COM format
JB> file (raw binary) if it doesn't start with "MZ" but unless
JB> something starts renaming the files or makes a special effort
JB> cookies won't run.

 Are you saying it's not possible to send a cookie without the
header (or lack of)? How hard would itbe to write a script that
remanes the first two bytes of a file?

BL> I said "cookies and other crap" or words to that effect. I know
BL> cookies don't run, but they do have access to the system and
BL> are loaded anywhere the cookie-sender chooses to put them.

JB> anywhere???

 Aren't they under the control of the sender?  

 BTW, there is another thing that worries the shit out of me... the
Registry. It's a plain text file, but if you enter stuff in there, it
can make the computer do almost anything.

BL> I don't think *you* understand, Rod. What is the difference
BL> between a self extracting ZIP file and an EXE file? From
BL> memory, six bits in the header. Not a lot of protection... is
BL> it?

JB> a self-extracting zip file is an EXE.

 As I said... 6 bits in the header. The only thing that distinguishes
text from an executable is the header.

Regards,
Bob





--- BQWK Alpha 0.5