About the way to protect against pharming [and useful for phishing] is to check the SSL certificate of the site you've ended up at. That's all well and good except it got me to wondering: since you can "import" certificates into XP, why can't some spyware or whatever install a *fake* certificating authority, that IE will then [since it is in the CA list] be happy to use to authenticate the bogus certificate that comes along with the bogus pharming/phishing site?
It *looks* like you have to be administrator to import certificates, even personal ones, but I haven't found a site that says that explicitly one way or the other. And there's all this stuff about passwords and encryption on the import file, but if you ARE running as administrator, could a bit of malware just bypass all of that and just brute-force stick in a new certificate [I know that there's essentially no protection [other than not being foolish enough to run as administrator] for spoofing the SSH fingerprints, but I can't tell if there's additional protection for SSL certificates]. /Bernie\ -- Bernie Cosell Fantasy Farm Fibers mailto:[EMAIL PROTECTED] Pearisburg, VA --> Too many people, too few sheep <-- -- ---------------------------------------- ALL messages to the list MUST include a descriptive subject. To Change your email Address for this list, send the following message: CHANGE WIN-HOME your_old_address your_new_address to: [EMAIL PROTECTED] Note carefully that both old and new addresses are required.
