Re: ActiveX security hole reported.

• To: Alan Olsen <alano@teleport.com>
• Subject: Re: ActiveX security hole reported.
• From: lyal collins <lyalc@ozemail.com.au>
• Date: Thu, 15 Aug 1996 22:32:11 -0700
• CC: Gary Meltzer <garym@softshore.com.au>, Stephen Cobb <stephen@iu.net>, trei@process.com, www-security@ns2.rutgers.edu
• References: <2.2.32.19960814181833.00fb0c90@mail.teleport.com>

Alan Olsen wrote:
> 
> At 11:27 AM 8/14/96 GMT, Gary Meltzer wrote:
> >On Tue, 13 Aug 1996 17:57:52 -0400, stephen@iu.net wrote:
> >
> >>>Some guy has written an ActiveX control which crashes windoze95... I don't
> >>>use windoze so can't try it, but if someone else is brave, I'd love to know
> >>>if it works...
> >>>
> >>
> >>Yes, it works, turns off the machine...quite impressive.
> >
> >Which part do people find the most impressive? -
> >that the Win95 shutdown API works as documented
> >or that all these security experts are downloading and running
> >software designed to do something they don't want?
> >
> >How does this control differ from an HTML page that tells
> >readers to turn the power switch off?
> 
> Quite a bit.
> 
> The question I have is "If this had been signed by an "authoritative source"
> (such as Microsoft), would these dialogs pop up in the first place?
> 
> An example would be if I worked for company X, wrote an app that read off
> all the names on your PGP keyring and had it signed by the appropreate app
> signing service, would there be any waring for the "victim"?"  Probibly not.

PGP keys - why not go for money through the private key associated with a SET certificate (linked to your 
credit card et al)?
Or the private key you sign your million dollar contracts with ?
or the private key....
If you do password protect your private key, there is always the (relatively) reliable dictionary attack.

Another instance where digital signatures (which depend upon the private key) not being worth the paper they 
are printed on, IMHO.

> 
> The problem with the ActiveX security model is it assumes that you can trust
> the company who is doing the signing to be operating in your best interest

Trust is the correct term.

> and be vigilant for dangerous and bad apps.  I do consider pleas to
> authority to be a good security model.  There are far to many people with
> far to many motivations to have this model add to my level of security.
> 
> At least Java tries to prevent these apps from being able to be written in
> the first place.  Active X says trust an app signed by Microsoft and
> anything they want goes.  (I trust Microsoft about as far as I can throw a
> General Protection Fault.)
> 
> The ActiveX security model is not a security model.  It is an act of
> religious faith.
> ---
> Alan Olsen -- alano@teleport.com -- Contract Web Design & Instruction
>         `finger -l alano@teleport.com` for PGP 2.6.2 key
>                 http://www.teleport.com/~alano/
>   "We had to destroy the Internet in order to save it." - Sen. Exon
>                 "Microsoft -- Nothing but NT promises."

Lyal
-- 
All mistakes in this message belong to me - you should not use them!

• Re: ActiveX security hole reported.
• From: Alan Olsen <alano@teleport.com>

• Previous: RE: ActiveX security hole reported.
• Next: How to get OFF this list?
• Index(es):
  • Index
  • Thread