Peter Gutmann wrote: >Anne & Lynn Wheeler <[EMAIL PROTECTED]> writes: > > > >>The Kama Sutra worm can fool WIndows into accepting a malicious ActiveX >>control >>by spoofing a digital signature, a security company said Tuesday. >> >> > >If you track down the original Fortinet advisory you'll see that the >Information- >Week text is slightly misleading, all it does is set the "this control is all >right" flags in the registry to make Windows think it's passed a signature >check >at some point in the past. > >
Sounds like a "pseudo-Cache" attack then - is that not valid as a "spoof" though? There was an embedded SSL Cache attack a few years back, and that was considered a man-in-the-middle spoof attack. Is there a specific definition to that? >Peter. > > >--------------------------------------------------------------------- >The Cryptography Mailing List >Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED] > > > > -- Best Regards, Lance James Secure Science Corporation www.securescience.net Author of 'Phishing Exposed' http://www.securescience.net/amazon/ --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]