microsoft hooks

staym@accessdata.com
Tue, 07 Apr 1998 21:05:36 -0600

• Next message: AwakenToMe: "Wav Mixing"
• Previous message: Dave Del Torto: "Re: Digital Watermarking query"
• Next in thread: AwakenToMe: "Re: microsoft hooks"
• Maybe reply: AwakenToMe: "Re: microsoft hooks"
• Maybe reply: Stephen Dennis: "RE: microsoft hooks"
• Reply: Werner Koch: "Re: microsoft hooks"
• Reply: Jeff Barber: "Re: microsoft hooks"
• Maybe reply: AwakenToMe: "Re: microsoft hooks"
• Maybe reply: Peter Gutmann: "Re: microsoft hooks"
• Maybe reply: x: "Re: microsoft hooks"

I'm not sure if this is appropriate for CodherPlunks; if not, sorry. And
please don't respond just to flame microsoft.

Under windows 95, various hooks can be installed to intercept *any* kind
of message. The computer-based training hook can intercept the
WM_CREATE message. If a password-box is created, the hook procedure
could note it and poll it for its text, then write the information to
disk (or do anything else it wanted) when the window is destroyed. Same
thing goes for edit boxes in web browsers: if one contains a
sixteen-digit number, odds are it's a credit card number and the rest of
the information is in the boxes around it. All the crypto in the world
won't help if they can (effectively) watch you type in the information
in the first place.

Is there any defense to this sort of attack other than switching to
Linux?

-- 
Mike Stay
Cryptographer / Programmer
AccessData Corp.
mailto:staym@accessdata.com

• Next message: AwakenToMe: "Wav Mixing"
• Previous message: Dave Del Torto: "Re: Digital Watermarking query"
• Next in thread: AwakenToMe: "Re: microsoft hooks"
• Maybe reply: AwakenToMe: "Re: microsoft hooks"
• Maybe reply: Stephen Dennis: "RE: microsoft hooks"
• Reply: Werner Koch: "Re: microsoft hooks"
• Reply: Jeff Barber: "Re: microsoft hooks"
• Maybe reply: AwakenToMe: "Re: microsoft hooks"
• Maybe reply: Peter Gutmann: "Re: microsoft hooks"
• Maybe reply: x: "Re: microsoft hooks"