On May 13, 2011, at 19:17, Eric Carlson wrote: >> I don't know of exploits in the wild, but I've read about >> proof-of-concept exploits that overwhelmed the user's attention visually >> so that the user didn't notice the "Press ESC to exit full screen" >> message. This allowed subsequent UI spoofing. (I was unable to find the >> citation for this.) >> > Maybe you were thinking of this: > http://www.bunnyhero.org/2008/05/10/scaring-people-with-fullscreen/.
I'm not sure if that's the exact demo I have seen before, but it uses the same idea as the demo I've seen before. -- Henri Sivonen hsivo...@iki.fi http://hsivonen.iki.fi/
