Why yes, yes there is. :) More of a distinction, in fact, than there is in
Linux world!
On Thu, Jan 26, 2012 at 9:02 AM, valdis.kletni...@vt.edu wrote:
On Wed, 25 Jan 2012 17:54:02 PST, Alyx said:
Are you looking at kernel code or userland code? (:
Is there a clear distinction in the
Are you looking at kernel code or userland code? (:
On Wed, Jan 25, 2012 at 2:35 AM, GloW - XD doo...@gmail.com wrote:
INSECURE i mean*
On 25 January 2012 21:30, Christian Sciberras uuf6...@gmail.com wrote:
That's not necessarily true. On windows you can add custom
clipboard formats
On Wed, 25 Jan 2012 17:54:02 PST, Alyx said:
Are you looking at kernel code or userland code? (:
Is there a clear distinction in the Windows world? :)
pgpD56WqAeNhf.pgp
Description: PGP signature
___
Full-Disclosure - We believe in it.
Charter:
Yes :|
--
phocean 0...@phocean.net
Le jeudi 26 janvier 2012 à 12:02 -0500, valdis.kletni...@vt.edu a
écrit :
On Wed, 25 Jan 2012 17:54:02 PST, Alyx said:
Are you looking at kernel code or userland code? (:
Is there a clear distinction in the Windows world? :)
On 01/24/2012 07:18 PM, Mario Vilas wrote:
Guys, could you please read carefully everything before you reply?
I read carefully. It still didn't make sense, though.
And you wouldn't be allowed to use copypaste while you edit sensitive
documents either, I guess?
I don't know how you could get
have the clipboard disabled...
On 01/25/2012 08:44 AM, Peter Osterberg wrote:
I think Ben's report make complete sense actually, it would be better to
have the clipboard feature as a default. Security before features... =)
___
Full-Disclosure - We
On 25.01.2012 5:45, Ben Bucksch wrote:
On 25.01.2012 00:52, Henri Salo wrote:
On Wed, Jan 25, 2012 at 12:47:28AM +0100, Ben Bucksch wrote:
On 25.01.2012 00:09, Dan Kaminsky wrote:
IP KVM, in which the foreign server basically gets only inbound
Keyboard and Mouse and outbound uncompressed
you are seriously more retarded than even the n3td3v+me+you
together...damn army..!
On 25 January 2012 19:29, Peter Osterberg j...@vel.nu wrote:
Wasn't the original thread originally about VNC?
On 01/25/2012 09:27 AM, GloW - XD wrote:
derp, do you know what KVM IP is ?
readup on how that
nice to send THIS one to fd, and you ssomehow admit to knowing it here
yet, i told you what it was, exactly, dont try make me look bad fag,
or i will drop your fucking domain, for a month :)
ciao beech,.
xd
On 25 January 2012 19:55, Dan Yefimov d...@lightwave.net.ru wrote:
On 25.01.2012 5:45,
ooops my bad, wriong guy, or, you dont understand this either ?
On 25 January 2012 19:55, Dan Yefimov d...@lightwave.net.ru wrote:
On 25.01.2012 5:45, Ben Bucksch wrote:
On 25.01.2012 00:52, Henri Salo wrote:
On Wed, Jan 25, 2012 at 12:47:28AM +0100, Ben Bucksch wrote:
On 25.01.2012 00:09,
I could never lower myself to your level so I guess you win
On 01/25/2012 10:32 AM, GloW - XD wrote:
you are seriously more retarded than even the n3td3v+me+you
together...damn army..!
On 25 January 2012 19:29, Peter Osterberg j...@vel.nu wrote:
Wasn't the original thread originally
IP KVM, in which the foreign server basically gets only inbound
Keyboard and Mouse and outbound uncompressed pixels.
That is *precisely* what VNC is: an open-source IP KVM.
No, it's not. I won't go into the differences because other people
already did in this thread.
And please don't turn
I'm not sure how the clipboard works in Linux desktops (I understand
it's a little different), but at least in Windows environments data
has to be copied to the clipboard when you hit Ctrl-C. It can't be
copied when you hit Ctrl-V because then the applications wouldn't know
if there is anything to
Fair enough :)
On Wed, Jan 25, 2012 at 10:59 AM, Peter Osterberg j...@vel.nu wrote:
On 01/25/2012 10:54 AM, Mario Vilas wrote:
The bottom line is, the problem here is using VNC for what Ben is
using it. There are many more problems with that scenario and
clipboard sharing may be the least
On 01/25/2012 10:54 AM, Mario Vilas wrote:
The bottom line is, the problem here is using VNC for what Ben is
using it. There are many more problems with that scenario and
clipboard sharing may be the least of them.
That may very well be true. I am not trying to debate that.
That's not necessarily true. On windows you can add custom clipboard formats
that would contain a 'link' to the original source, causing the data to be
actually
passed when pasting. An example of this is when one copy+pastes a file.
See the Windows Clipboard API for more info.
Chris.
On Wed,
Windows is even more secure, have you actually, read any of the code /
On 25 January 2012 21:30, Christian Sciberras uuf6...@gmail.com wrote:
That's not necessarily true. On windows you can add custom clipboard formats
that would contain a 'link' to the original source, causing the data to be
INSECURE i mean*
On 25 January 2012 21:30, Christian Sciberras uuf6...@gmail.com wrote:
That's not necessarily true. On windows you can add custom clipboard formats
that would contain a 'link' to the original source, causing the data to be
actually
passed when pasting. An example of this is
No, I only read the manual.
Now go troll somwhere else. :)
On Wed, Jan 25, 2012 at 11:35 AM, GloW - XD doo...@gmail.com wrote:
Windows is even more secure, have you actually, read any of the code /
On 25 January 2012 21:30, Christian Sciberras uuf6...@gmail.com wrote:
That's not
On 25.01.2012 08:44, Peter Osterberg wrote:
I don't think that is what Ben is saying. The clipboard get sent to the
the server even before it is pasted, this happens without the user
knowing of it.
Notepad would have the paste button grayed otherwise, if the clipboard
is empty, right? So it
fuckoff you ragdoll... i dont troll, and many on this fucking list
knows it... fuckit... i aint paying shit to anyone on this list, enjoy
finding your 0days, and, the next admins, go ahead and rm me, coz i
will be dropping your ass of a FD , until it makes me.
go die, and, maybe, you wont have
and stupidly, you forgot to addin the second PRIVT post i sent you,
saying i meant *insecure :)
now, go try tell me windows vnc is secure again...and, then setup a
vnc on your box, and, under win32, try your best, when your ready,
yell out, so i can make a compete fucking fool of ya.
ok ?
if this
For the record...
who are the other 'many on this list' that know you don't troll other than
your alter egos?
'course you don't troll can you quote me where I ever said VNC is
secure?
With that, I'll let you troll in peace. I have no interest talking to you
anyway... :)
On Wed, Jan 25,
On Wed, Jan 25, 2012 at 2:55 AM, Ben Bucksch n...@bucksch.org wrote:
Dear coderman,
posting mails that were explicitly marked offlist on the public list is
no-go.
you must be new around here... why not let everyone learn from your fail?
___
What was the offlist message he was referring to? Cause yeah, he sounds
pretty new here with that kind of message. People bring in outside
conversations all the time, especially if they feel it is relevant to the
topic at hand.
Speaking of the topic at hand: I agree with the crowd that says it is
Those who try to manage potentially malicious servers do so over IP KVM,
in which the foreign server basically gets only inbound Keyboard and
Mouse and outbound uncompressed pixels.
Feature or bug, vnc or ip kvm, the same behavior has a virtual box virtualized
machine with shared clipboard.
Affected Products: GNOME Vinagre and many other VNC viewers
Reproduction:
1. On your trusted desktop (e.g. Linux), open a text editor
2. Type My password, select the text, and hit Ctrl-C
3. Open a Vinagre VNC connection to a remote host, e.g. running an
untrusted Windows
4. On the remote Windows
On 2012-01-24 13:34, Ben Bucksch wrote:
Affected Products: GNOME Vinagre and many other VNC viewers
Reproduction:
1. On your trusted desktop (e.g. Linux), open a text editor
2. Type My password, select the text, and hit Ctrl-C
3. Open a Vinagre VNC connection to a remote host, e.g. running
On Tue, Jan 24, 2012 at 2:34 PM, Ben Bucksch n...@bucksch.org wrote:
Actual result:
notepad.exe shows My password
Expected result:
Nothing.
No.
Expected result is to have the clipboard text sent to the remote
machine, if you have your client configured to do so. In a really
security
Guys, could you please read carefully everything before you reply?
I read carefully. It still didn't make sense, though.
And you wouldn't be allowed to use copypaste while you edit sensitive
documents either, I guess?
I don't know how you could get to such a conclusion from what I wrote.
On 24.01.2012 16:32, Giles Coochey wrote:
Many viewers, including RealVNC have the option to disable the shared
clipboard. Check your preferences.
Indeed. But Vinagre doesn't.
Even then, that is not sufficient, as explained in length.
___
On 24.01.2012 18:07, Mario Vilas wrote:
Expected result is to have the clipboard text sent to the remote
machine, if you have your client configured to do so
But I haven't done so. That's the bug.
security sensitive environment you wouldn't be using the clipboard for
passwords anyway.
And
On 24.01.2012 19:18, Mario Vilas wrote:
You're reporting that if you copy and paste sensitive information and
connect to a VNC session your clipboard data gets sent to the remote
machine. That's pretty obvious
If I have a VNC window somewhere on my desktop (in my case a virtual
desktop or
On 24/01/2012 16:06, Ben Bucksch wrote:
On 24.01.2012 16:32, Giles Coochey wrote:
Many viewers, including RealVNC have the option to disable the shared
clipboard. Check your preferences.
Indeed. But Vinagre doesn't.
Even then, that is not sufficient, as explained in length.
I'm afraid as
On 24.01.2012 20:08, Giles Coochey wrote:
I have seen this is an often requested feature
Yes, I understand. It can be highly useful. That's why I proposed to
make a Paste button in the main toolbar (probably with a keyboard
shortcut, too). So, the user would have to press one more button / key
On 24/01/2012 19:20, Ben Bucksch wrote:
On 24.01.2012 20:08, Giles Coochey wrote:
I have seen this is an often requested feature
Yes, I understand. It can be highly useful. That's why I proposed to
make a Paste button in the main toolbar (probably with a keyboard
shortcut, too). So, the user
Ben Bucksch wrote:
Even then, that is not sufficient, as explained in length.
No -- what you explained in length _and_ seem impervious to
understanding, despite a couple of respondents explaining it quite
clearly, is that you have chosen to perform ongoing sensitive work in
an environment
Those who try to manage potentially malicious servers do so over IP KVM, in
which the foreign server basically gets only inbound Keyboard and Mouse and
outbound uncompressed pixels.
Anything more is untrusted, for a reason.
On Tue, Jan 24, 2012 at 5:50 PM, Nick FitzGerald
On 25.01.2012 00:09, Dan Kaminsky wrote:
IP KVM, in which the foreign server basically gets only inbound
Keyboard and Mouse and outbound uncompressed pixels.
That is *precisely* what VNC is: an open-source IP KVM.
And please don't turn this into you're stupid, because I've seen
others with
On Wed, Jan 25, 2012 at 12:47:28AM +0100, Ben Bucksch wrote:
On 25.01.2012 00:09, Dan Kaminsky wrote:
IP KVM, in which the foreign server basically gets only inbound
Keyboard and Mouse and outbound uncompressed pixels.
That is *precisely* what VNC is: an open-source IP KVM.
What the
On Tue, Jan 24, 2012 at 3:47 PM, Ben Bucksch n...@bucksch.org wrote:
...
That is *precisely* what VNC is: an open-source IP KVM.
*precisely* ??
you keep using that word.
i do not think it means what you think it means...
this thread is full of lulz; you newbs might want to check out
On 25.01.2012 00:52, Henri Salo wrote:
On Wed, Jan 25, 2012 at 12:47:28AM +0100, Ben Bucksch wrote:
On 25.01.2012 00:09, Dan Kaminsky wrote:
IP KVM, in which the foreign server basically gets only inbound
Keyboard and Mouse and outbound uncompressed pixels.
That is *precisely* what VNC is: an
On Tue, Jan 24, 2012 at 6:45 PM, Ben Bucksch n...@bucksch.org wrote:
...
The VNC protocol (RFB) is very simple, based on one graphic primitive
from server to client ('Put a rectangle of pixel data at the specified
X,Y position') and event messages from client to server.
what Dan was trying to
On Tue, 24 Jan 2012 21:31:46 PST, coderman said:
IP KVM: keyboard, video, mouse interface to physical ports. dumb dumb dumb.
Amen to that, brother. Not even pixel-level access here. It's all VGA analog
video signal re-digitized and sent over IP (yes, really). And you *really*
don't want to
44 matches
Mail list logo
