[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] DLL hijacking with Autorun on a USB drive
- To: paul.szabo@xxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] DLL hijacking with Autorun on a USB drive
- From: Dan Kaminsky <dan@xxxxxxxxxxx>
- Date: Fri, 27 Aug 2010 01:18:48 -0400
On Fri, Aug 27, 2010 at 1:06 AM, <paul.szabo@xxxxxxxxxxxxx> wrote:
> Dan Kaminsky <dan@xxxxxxxxxxx> wrote:
>
> >> Badly setup desktops: do not "hide extensions", maybe view details
> >> (or list) not icons.
> >
> > All that matters is defaults, and icons are way more powerful ...
>
> Those defaults are wrong, change them. Anyway, icons are shown
> with "view details".
>
I think you mean application types are shown with "view details". The
problem is, there's a couple dozen application types that are all code
execution equivalent by design. Do you know all of them? Why should a
user?
>
> > The web browser and the email client are not designed to launch
> > arbitrary code. The desktop ... is.
>
> This attack may happen through the browser (UNC paths or somesuch).
> Any talk about USB sticks or desktops is bogus.
>
>
There's no path between IE and a UNC window that doesn't either security
prompt or raise an unadorned Explorer window to a remote share. I could see
an argument that the latter should prompt, given that it's a (by definition)
code execution context. But that's about it.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/