Penetration Testing mailing list archives
Re: [PEN-TEST] SealedMedia secured content?
From: Security Related <b_c_w_g () HOTMAIL COM>
Date: Mon, 6 Nov 2000 08:45:46 CST
"Well, yeah, you cant get around that, even if you disallow execution of any other application on the clients side, the user could just take pictures of the screen." *** I am in no way what I would consider 'knowledgeable' on the subject, but offer some ideas...I'm not sure how this would work, restricting "execution of any other application on the clients side", presumably you mean initiating any NEW application / commands? I mean you couldn't very easily shut down all the running apps, as you don't ness know what apps SHOULD be running...if that's true, what about 3rd party screen capture? say, have PCAnywhere running on Machine A, view 'secure' material on machine A, have connection open on machine B which shows machine A screen and do your screen captures on B? You wouldn't need to press any keys on A except those needed to cycle through the desired content. It would seem difficult to know what every drive, app, and service running is and determine if it's 'safe'...although I'm sure it can be done, trying to make the controls more trouble to circumvent than simply getting the content ligitimately, seems very hard since there are always SOME people who's time is significantly less valuable than the people implementing said controls (students for one)...and all those controls cost money, eventually there is no profit left in that secure content... I think it's an inherantly futile battle to give someone something 'on screen' and try and restrict what they do with it, UNTIL some new technology comes along to revolutionalize the methodologies involved. I'm not saying not to try, and I'm not promoteing 'free' imformation for all, I'm all for secureing your data, and profiting from it, I just mean it's not a job I would want ;) _________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com.
Current thread:
- [PEN-TEST] SealedMedia secured content? Christian Jensen (Nov 04)
- Re: [PEN-TEST] SealedMedia secured content? GC (Nov 04)
- Re: [PEN-TEST] SealedMedia secured content? Russ Spooner (Nov 04)
- Re: [PEN-TEST] SealedMedia secured content? Crist Clark (Nov 04)
- Re: [PEN-TEST] SealedMedia secured content? Iván Arce (Nov 04)
- Re: [PEN-TEST] SealedMedia secured content? Russ Spooner (Nov 05)
- Re: [PEN-TEST] SealedMedia secured content? Crist Clark (Nov 04)
- <Possible follow-ups>
- Re: [PEN-TEST] SealedMedia secured content? Security Related (Nov 07)