Re: Hacking a Personal Computer via E-mail

• To: "Gunnar Gramser" <f9100476@hmunix.hsmaastricht.nl>
• Subject: Re: Hacking a Personal Computer via E-mail
• From: Charlie Kaufman/Iris <Charlie_Kaufman/Iris.IRIS@iris.com>
• Date: 7 May 96 23:05:03 EDT
• Cc: Www-Security <Www-Security@Ns2.Rutgers.Edu>

>I recently saw a German tv-show that claimed that it is possible to 
>hack into someones personal computer via e-mail. Program (Computer Club) 
>said that two Dutchman from Rotterdam made them aware of this fact. To 
>prove their point they send them some password information they'd hacked of 
>the PC of one of the presentors.
>
>Since I'm fairly new to this list, I don't know if this might be old news, 
>if so please let me know. If not, I would like to know if there is someone 
>out there, who could elaborate on this and tell me if this is indeed 
>possible, and what countermesures one can take to prevent this.
>

Whether this is possible depends on the level of sophistication of the email 
system being used by the target. If the email system is text-only, there is 
little danger. Some email systems have the sophistication to recognise 
executable attachments and to run them automatically. In that case, sending 
someone mail can do anything that a program running on their system can do, 
like reformatting their hard drive or looking for non system .txt files and 
mailing them back to the attacker.

Executable attachments might not take an obvious form. Microsoft Word has a 
macro facility that allows commands to be executed as part of loading a 
document. If a mail system recognises Word documents and automatically launches 
Word, bad things might happen. Similarly, Postscript is a rich programming 
language and a full function postscript interpreter could add lines to your 
autoexec.bat or .login file as a side effect of displaying the document on your 
screen. Both of these are true whether the postscript interpreter or Word 
system are invoked automatically by the mail system or whether the user 
extracts the mail to a file and then runs them.

There is little a user can do to protect himself other than to limit himself to 
extremely primitive tools or use sophisticated ones that were designed with 
this threat in mind. As hackers discover the security flaws in various 
applications, the application designers will fix them - for example postscript 
interpreters should probably refuse to write files - at least not without an 
explicit OK from the user. It's hard for a careful user to know how secure his 
applications are.

It would also be good if operating systems had the sophistication to run 
programs in a protected mode so they can't arbitrarily scramble system 
information - just like time sharing systems in the '60s.

But for today, yes, this is a serious worry.

 --Charlie Kaufman
 (charlie_kaufman@iris.com)

• Previous: A Netscape bug?
• Next: Hacking a Personal Computer via E-mail
• Index(es):
  • Index
  • Thread