Jon Lasser writes:
But the fact that Java windows are obvious doesn't seem to really speak to the question of can they be faked from *outside* Java.
If you need to worry about something showing up on your machine that's capable of creating fake input dialogs on your screen, I claim you have some serious problems.
In fact, very distinctive windows for Java are likely to increase the success of an attack which duplicates the window decorations perfectly, because people will be used to it.
But if by being used to such windows people understand that they're not necessarily to be trusted, I don't see why that'd be an attractive way of slipping in a trojan horse. I mean, if you want to give somebody a trojan horse, you don't hang a sign around its neck reading "I am a trojan horse". ______c_____________________________________________________________________ Mike M Nally * Tivoli Systems * Austin TX * I want more, I want more, m5@tivoli.com * m101@io.com * I want more, I want more ... <URL:http://www.io.com/~m101> *_______________________________