Quick security question
Kelsay, Brian - Kansas City, MO
brian.kelsay at kcc.usda.gov
Wed Feb 21 11:56:42 CST 2007
Wrong.
http://en.wikipedia.org/wiki/Control-Alt-Delete
http://www.techshowflorida.com/details.html
Invented LONG before phishing. I fail to see how a USB dongle can
determine if a user is local or not. And yes, you can send a
ctl+alt+delete remotely, but it will disconnect your session as the
computer reboots. Also, Linux and Windows can be altered to not respond
to remote ctl+alt+delete.
>-----Original Message-----
>From: Luke -Jr
>Sent: Wednesday, February 21, 2007 11:27 AM
>
>Actually, IIRC, the Ctrl-Alt-Delete login process is meant to
>thwart phishing attacks. When you press Ctrl-Alt-Delete,
>Windows ALWAYS intercepts it.
>Therefore, you know Windows itself is presenting your login
>dialog, not some viral program. You can send Ctrl-Alt-Delete
>remotely since at least Win98 (though in DOS-based Windows, it
>will freeze any network processes).
>
>If you want to determine if a user is local, use a USB dongle
>:)
More information about the Kclug
mailing list