screen saver
local computer and interact with files and APIs on the local computer.
>PG> because it's moved the dancing
>PG> bunnies problem onto the Windows desktop.
>Huh ? What is different to let's say the southpark worm we saw years ago? Or
>any other normal binary that promised to be a screensaver or similar ?
They don't have a link on the Windows desktop to a legitimate Microsoft site
to download the malware.
>PG> The level of warnings is
local computer and interact with files and APIs on the local computer.
>PG> because it's moved the dancing
>PG> bunnies problem onto the Windows desktop.
>Huh ? What is different to let's say the southpark worm we saw years
>ago? Or any other normal binary that promised to be a screensaver or
similar ?
They don't have a link on the Windows desktop to a legitimate Microsoft
site to download the malware.
"New level of attack", what makes you believe that?
PG> because it's moved the dancing
PG> bunnies problem onto the Windows desktop.
Huh ? What is different to let's say the southpark worm we saw years
ago? Or any other normal binary that promised to be a screensaver or
similar ?
PG> The level of warnings is
PG> irrelevant
Euhm ok, so in your logic the program shouldn't run at all ? What do
local computer and interact with files and APIs on the local computer.
>PG> because it's moved the dancing
>PG> bunnies problem onto the Windows desktop.
>Huh ? What is different to let's say the southpark worm we saw years ago? Or
>any other normal binary that promised to be a screensaver or similar ?
They don't have a link on the Windows desktop to a legitimate Microsoft site
to download the malware.
>PG> The level of warnings is
vulnerabilities.
> PG> because it's moved the dancing
> PG> bunnies problem onto the Windows desktop.
> Huh ? What is different to let's say the southpark worm we saw years
> ago? Or any other normal binary that promised to be a screensaver or
> similar ?
Because it's not just about downloading rogue gadgets. I don't want to
overhype the gadget API - it's just another attack surface after all - but if
you look at all the PoCs so far, the greater risk comes from malware being
"New level of attack", what makes you believe that?
PG> because it's moved the dancing
PG> bunnies problem onto the Windows desktop.
Huh ? What is different to let's say the southpark worm we saw years
ago? Or any other normal binary that promised to be a screensaver or
similar ?
PG> The level of warnings is
PG> irrelevant
Euhm ok, so in your logic the program shouldn't run at all ? What do
local computer and interact with files and APIs on the local computer.
>PG> because it's moved the dancing
>PG> bunnies problem onto the Windows desktop.
>Huh ? What is different to let's say the southpark worm we saw years
>ago? Or any other normal binary that promised to be a screensaver or
similar ?
They don't have a link on the Windows desktop to a legitimate Microsoft
site to download the malware.
vulnerabilities.
> PG> because it's moved the dancing
> PG> bunnies problem onto the Windows desktop.
> Huh ? What is different to let's say the southpark worm we saw years
> ago? Or any other normal binary that promised to be a screensaver or
> similar ?
Because it's not just about downloading rogue gadgets. I don't want to
overhype the gadget API - it's just another attack surface after all - but if
you look at all the PoCs so far, the greater risk comes from malware being
text. Several options are available that will decrease or eliminate the
risks of reading your email (viruses, javascript, webbugs, etc). POP
Peeper can be run from a portable device and can be password protected.
Many notification options are availble to indicate when new mail has
arrived, such as sound alerts (configurable for each account), flashing
scroll lock, skinnable popup notifier, customized screensaver and more."
Source: http://www.poppeeper.org
---------------------------------------------------------
assumed security best practices screamed at all levels and types of
workers across the work site will continue to eat away budgets,
prevent security professionals from actually enhancing security and
distract employees from working. This includes policy tidbits and
factoids for employees to see everywhere from posters in the bathroom
to mouse pad messages on their desks to screensaver quizzes they need
to answer prior to login. Even organizations that eschew formal
security awareness for the more often seen "IT guy complaining about
security and stupid users to anyone who will listen" are also part of
this threat. The security awareness threat will cause a loss of
productivity and cost of materials to businesses worldwide that will
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: gnome-screensaver: Privilege escalation
Date: April 11, 2008
Bugs: #213940
ID: 200804-12
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
host machine, logged in as a non-admin user. I am typing this e-mail--also
as a non-admin user--in a Windows XP virtual machine dedicated to instant
messaging and e-mail. On another monitor I have a VM running Windows 2003 as
a domain controller (btw, you need the client utilities on domain
controllers to keep the clock correct) where I am logged in as an
administrator, but the screen saver is password-protected and I lock the
console anyway when I am finished using it. On that machine I have a number
of admin and networking tools installed. Finally, I have yet another Windows
XP virtual machine running with a lot of my pen-testing tools. Many of these
just don't work well unless you are an admin, so I am logged in as an admin.
That machine is "paused" and I start it up when I need it. I probably have a
A vulnerability has been found and corrected in
compiz-fusion-plugins-main:
The Expo plugin in Compiz Fusion 0.7.8 allows local users with physical
access to drag the screen saver aside and access the locked desktop
by using Expo mouse shortcuts, a related issue to CVE-2007-3920
(CVE-2008-6514).
This update fixes this vulnerability.
_______________________________________________________________________
javascript, webbugs, etc). POP Peeper can be run from a
portable device and can be password protected. Many notification options
are availble to indicate when new mail has
arrived, such as sound alerts (configurable for each account), flashing
scroll lock, skinnable popup notifier, customized
screensaver and more."
Source: http://www.poppeeper.org
-------------------------------------------------------------------------------------------------------------------------
We've found that depending on the state of capture, the passwords for
currently active accounts are stored in memory in plain text form, at
least once if not more times.
We've observed many copies of the password when the screensaver was
unlocked (but not the keychain per se). We consistently find one copy of
the password when the screen is locked. This memory is active for a
least the duration of a session and possibly longer. I believe that with
fast user switching, things could get interesting but we haven't
explored this avenue. As Declan McCullagh points out[1] - this code is
|
