Hi,
from reading the readme-file:
"1.1.2 DCOM/HTTP Tunneling
This update allows DCOM client/server communication to cross
firewalls over the HTTP protocol port. The new protocol "Tunneling
TCP" is used like other DCOM protocols. The new moniker type OBJREF
is passed in HTML to the client. The benefits of Tunneling TCP
include high performance, use of existing open ports in the firewall,
and control of client access for proxy administrators. For more
information, see http://www.microsoft.com/com."
Does that mean that (with the integration of Exploiter into the OS anyway)
a DCOM "client" could send data (I asume via GET/POST ?) to
www.youknowwhoimean.com without the user realising that it happens ?
OK - Netscape does it allready with the smart-browsing "feature", but then
Netscape doesn't sell OSs. Just same-sized browsers.
Eitherway - somebody could write a DCOM-proggy (masked as a funny
screensaver or some other useless gadget) and using the proxy-settings
from Explorer (are they used automatic or can one find out via
API/WSH/whatever?) secretly log my typed input and look for other
interesting things like, (un)registered software ?
(I'm no expert WRT MS-API or such, that's why I ask)
I'd find this strange, to put it mildly.
Anyway, Merry Christmas, Happy New Year
cheers,
Rainer
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Rainer Duffner, Kiosk AG, Switzerland |
| [EMAIL PROTECTED] -- [EMAIL PROTECTED] |
| W3: http://www-stud.fh-konstanz.de/~duffner |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
