Unforgeable dialog.
Jaap-Henk Hoepman
jhh at cs.ru.nl
Fri Feb 3 04:06:51 EST 2006
That is a nice trick, but that still may not work entirely: if i make sure
my untrusted app always opens in maximized mode, the untrusted decoration (in
your case a big black border which actually _disappears_) may be unnoticed
along the edges of the screen; if my app then simulates the whole desktop
as it was before it started, it can draw a trusted-looking dialog anywhere on
the screen...
Jaap-Henk
On Thu, 2 Feb 2006 18:20:21 -0500 "Trei, Peter" <ptrei at rsasecurity.com> writes:
> Piers Bowness wrote:
>
>> This is concept is surprisingly complex. Once the attacker sees the
> "secure" dialog, > what prevents them from using the same techniques
> and/or code to create a visually > > identical spoof?
>
> (Hi Piers!)
>
> I actually dealt with this in a former job, where I wrote a proxy
> for Xwindows which did similar decoration for trusted and untrusted
> X clients.
>
> The trick is to invert the indicators - your rendering engine (whether
> an Xwindows server, browser, or a windowing OS) has final say over
> the outermost frame of all windows.
>
> You mark the *untrusted* ones in the outer frame - a malicous client can
> do whatever it wants inside its windows, but it can't overwrite and hide
> the untrusted indicators in the outer frame. (We put a fat black border
> around them).
>
> Of course, if you run on an OS where any app can modify any binary,
> you're SOL.
>
> Peter Trei
>
> ---------------------------------------------------------------------
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
>
>
--
Jaap-Henk Hoepman | I've got sunshine in my pockets
Dept. of Computer Science | Brought it back to spray the day
Radboud University Nijmegen | Gry "Rocket"
(w) www.cs.ru.nl/~jhh | (m) jhh at cs.ru.nl
(t) +31 24 36 52710/53132 | (f) +31 24 3653137
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list