Comments: Authenticated sender is From: "Alaric B. Williams" To: "Mike A. Harris" Date: Fri, 21 Mar 1997 07:09:15 +0000 MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Subject: Re: [opendos] OpenDOS Startup logo [brannanp] Reply-to: alaric AT abwillms DOT demon DOT co DOT uk CC: opendos AT mail DOT tacoma DOT net References: In-reply-to: Message-ID: <858927993.1021740.0@abwillms.demon.co.uk> On 20 Mar 97 at 4:58, Mike A. Harris wrote: > HAHAHAH!! I love pulling tricks like that on unsuspecting > victims! Well you should see what people do with the Acorn machines at school! Their OS is nice and flexible, to a certain extent, but TOTALLY insecure. Eg: Click on a drive icon to get a menu, drag the menu, tap Escape, stop dragging; disk driver crashes, we lose a disk drive until the next reboot (yippee!) Eg: Today, a friend and I uprooted a cache of porn on one of the system. The application itself was just a stub that invoked a DLL-type thing that hooked the filer, turning an innocent file deep within a certain application into a directory full of pornographic JPEGs, and invoking an HTML browser in that directory (through a chain of environment variables to hide the pathname) to scroll the pages (they were quite professionally done, actually!). Thing is, the silly idiot had left the "Username:" field in the browser's configuration file filled in when he made the copy. Oh yeah, it was stored on a part of the disk that's password protected, BTW. He'd written a program that scabbed the password from the CMOS as well. Anyway, we have his name. FLAMED!!! ABW -- Alaric B. Williams (alaric AT abwillms DOT demon DOT co DOT uk) ---<## OpenDOS FAQ ##>--- Plain HTML: http://www.delorie.com/opendos/faq/