Excerpts from mail.cypherpunks: 31-Jan-96 Re: FV Demonstrates Fatal F.. Dr. Dimitri Vulis@bwalk. (1227)
I'd like to take an exception to this description of the XMAS EXEC, since ............. I had serious doubts that the person who wrote it was malicious.
Agreed completely. I didn't mean to imply that the author was malicious, merely that it well-illustrated the "social engineering" approach to getting users to run untrusted code. What I was saying is that someone who *was* malicious could have used the same approach as the attack vector for getting our credit card snooper (or other nasty code) onto lots of consumer machines. This came up, in the discussion, because most people on this list seem to believe (correctly, I think) that the hardest part of the attack we outlined is the initial infection vector. -- Nathanielx -------- Nathaniel Borenstein <nsb@fv.com> Chief Scientist, First Virtual Holdings FAQ & PGP key: nsb+faq@nsb.fv.com