-- Bowness, Piers wrote: > Once the attacker sees the "secure" dialog, what prevents them from > using the same techniques and/or code to create a visually identical > spoof? There have been several OS-level designs to create > hardware-supported secure dialogs. Needless to say, these schemes > became exceedingly complex and had a variety of implementation > issues (i.e. special graphics hardware, drivers, TCMs, etc.) > > I don't see your proposals as providing 'secure' data viewing or > data entry solutions. IMHO, the best bet is currently provided by > layered security software where each component monitors and reports > on the others. Even this approach is temporary at best as we're now > seeing with malware that attacks by first disabling the currently > available protection layers (e.g., anti-virus, firewalls).
My computer does not get malware. It regularly gets phishing and legitimate emails that are very difficult to tell apart. The techniques I discuss would make them very easy to tell apart. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG 1JOeu/66DKl9KMzOvnF83U6mD6SUSbLgXtgqAEz1 4swvP0Ni9aalk9b1QtRcmLZWW2OeWw0Z77uFyH3Pj --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]