This is concept is surprisingly complex. Once the attacker sees the "secure" dialog, what prevents them from using the same techniques and/or code to create a visually identical spoof? There have been several OS-level designs to create hardware-supported secure dialogs. Needless to say, these schemes became exceedingly complex and had a variety of implementation issues (i.e. special graphics hardware, drivers, TCMs, etc.)
I don't see your proposals as providing 'secure' data viewing or data entry solutions. IMHO, the best bet is currently provided by layered security software where each component monitors and reports on the others. Even this approach is temporary at best as we're now seeing with malware that attacks by first disabling the currently available protection layers (e.g., anti-virus, firewalls). -Piers -- Piers Bowness "I know what I believe, and I believe what I believe is right." - G.W. Bush --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]