Quick security question
Luke -Jr
luke at dashjr.org
Wed Feb 21 12:06:04 CST 2007
On Wednesday 21 February 2007 11:56, Kelsay, Brian - Kansas City, MO wrote:
> Wrong.
> http://en.wikipedia.org/wiki/Control-Alt-Delete
> http://www.techshowflorida.com/details.html
Actually, it agrees with me:
The design of Windows NT is such that, unless security is already compromised
in some other way, only the WinLogon process, a trusted system process, can
receive notification of this keystroke combination (because the kernel
remembers Process ID of WinLogon process and allows only that process
registering it). This keystroke combination is thus a secure attention key.
In Windows NT, it is called Secure Attention Sequence. A user pressing
Control-Alt-Delete can be sure that it is the operating system (specifically
the WinLogon process), rather than a third party program, that is responding
to the key combination, and that it is therefore safe to enter a password.
> Invented LONG before phishing.
Before the term "phishing", perhaps, but not before the concept of tricking
the user into entering their password in the wrong place.
> I fail to see how a USB dongle can determine if a user is local or not.
Obviously, only a local user can plug in a USB device.
> And yes, you can send a ctl+alt+delete remotely, but it will disconnect your
> session as the computer reboots.
What modern computer reboots on Ctrl-Alt-Delete? Not even Windows 3.1 did
unless you repeated it at least twice.
More information about the Kclug
mailing list