An attack on paypal --> secure UI for browsers

Adam Lydick adam.lydick at verizon.net
Mon Jun 9 11:02:15 PDT 2003


Take this with a grain of salt. I'm no expert.

However: I'd guess that no applications (besides the secure nexus) would
have access to your "list of doggie names", just the ability to display
it. The list just indicates that you are seeing a window from one of
your partitioned and verified applications. I would also assume the
window would get decorated with the name of the trusted application (not
just your secret list). Thus you only need a single secret list to
handle all of your "authorized" applications.

-AdamL

On Mon, 2003-06-09 at 22:00, Nomen Nescio wrote:

<snip>

> I don't see how this is going to work.  The concept seems to assume
> that there is a distinction between "trusted" and "untrusted" programs.
> But in the NGSCB architecture, Nexus Computing Agents (NCAs) can be
> written by anyone.  If you've loaded a Trojan application onto your
> machine, it can create an NCA, which would presumably be eligible to
> put up a "trusted" window.
> 
> So either you have to configure a different list of doggie names for
> every NCA (one for your banking program, one for Media Player, one for
> each online game you play, etc.), or else each NCA gets access to your
> Secret Master List of Doggie Names.  The first possibility is unmanageable
> and the second means that the trustedness of the window is meaningless.
> 
> So what good is this?  What problem does it solve?
-- 
Adam Lydick <adam.lydick at verizon.net>





More information about the cypherpunks-legacy mailing list