Bugtraq mailing list archives
Re: Logitech Keyboard Insecurity
From: Paul Cardon <paul () moquijo com>
Date: Thu, 02 May 2002 18:15:54 -0400
keyboardhacker () hotmail com wrote:
Logitech has been contacted about 1 month ago and they have confirmed it is indeed a problem with their software, but a fix is not yet out. A 'locked' computer should indeed be locked, and not accessible via any means. While this bug is a low risk, it shows how *obvious* flaws go undetected. It totally bypasses GINA (Graphical Identification aNd Authentication), which is supposed to keep the PC secure (to the extend of requireing Ctrl-Alt-Delete to login).
Hrrm... Is the driver signed by Microsoft? If it is, that seems to be something that Microsoft should be checking from now on before they certify keyboard drivers.
-paul
Current thread:
- Logitech Keyboard Insecurity keyboardhacker (May 02)
- Re: Logitech Keyboard Insecurity Paul Cardon (May 02)
- Re: Logitech Keyboard Insecurity KJK::Hyperion (May 03)
- <Possible follow-ups>
- Re: Logitech Keyboard Insecurity richard . fuser (May 02)
- Re: Logitech Keyboard Insecurity big bon (May 03)
- Re: Logitech Keyboard Insecurity Paul Cardon (May 02)