| TIP: Click on subject to list as thread! | ANSI |
| echo: | |
|---|---|
| to: | |
| from: | |
| date: | |
| subject: | Locking Windows |
Hi Bob. 18-Apr-04 22:23:12, Bob Lawrence wrote to Rod Gasson >> I meant that cookies come unsolicited and end up god knows where. RG>> Yes, god, and everyone else on the planet except you apparently. RG>> The fact is, cookies aren't stored just 'anywhere' - they are all RG>> stored in the same place (as defined by whatever browser you are RG>> using). It's not as though the sender of a cookie can tell it to RG>> save anywhere else other than the designated cookie folder. BL> How many in your folder, Rod? A thousand? Which one is the trojan? BL> The *one* person who knows (besides God) is the guy who sent it. BL> That worries me. there is no way to run a trojan without access to the computer that makes it pointless to want to run it. >> To me, it seems rather simple to write a false "cookie" that runs >> automatically. describe how. BL> It seems to me, that if I sent you a cookie that was actually an BL> executable named wrongly, you'd never find it. It also seems to me BL> that if I am able to *name* the cookie on you machine that I might BL> be able to re-name it not enough to call it *.exe BL> and then by opening it, Windows would run it, but I can get at it in BL> other ways. I can send you a "harmless" readme.doc that WORD woudl BL> open with an Autoexec macro that opened the "cookie." It'd be easier to just have the autoexec macro just drop an .exe file that was stored in the macro (or elsewhere in the doc) BL> The fact that no one has done it yet doesn't faze me. the cookie attacks you describe seem similar in concept to a cat burglar mailing some of his tools to your place... They're no use to him until he's already inside and it'd be easier for him to just carry them in his pockets. BL> But what worries me most about cookies is that big companies like BL> M$ (or the CIA) might decide to shut us down for the "best" of BL> reasons, without consulting us. In fact, I'm sure that Windows has BL> such a capability built in. They'd be crazy not to. why blame cookies for that speculated feature? -=> Bye <=- ---* Origin: Success is a journey, not a destination. (3:640/1042) SEEN-BY: 633/104 260 262 267 270 285 640/296 305 384 531 954 1042 690/734 SEEN-BY: 712/610 848 774/605 800/221 445 @PATH: 640/1042 531 954 633/260 267 |
|
| SOURCE: echomail via fidonet.ozzmosis.com | |
Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.