Ok, here is the lowdown on screensavers: Screensavers are just normal win32 progs that are named *.scr in the windows dir (try clicking on 1). Windows runs them using commandline's to perform different things (ie. screensaver.scr /A to change the passwd). As it is a normal program, it is upto it to disable the special windows keys (ctrl-alt-del etc) and stay on top. Unfortunatly, most screensavers do not watch to see that they still have focus, and therefore, any program that makes a windows call to gain focus will recieve any keystrokes, despite not being on top/visible. In conclusion to this... it's the screensavers fault. All screensavers have this problem. :) I should be more concerned with the following possibilities: * the screensaver itself is in charge of calling the passwd auth/changing dialog box (trojan is possible i guess) * do virus scanners scan *.scr files normally? * screen savers can bind a socket and allow people in while the screensaver is active and drop connections when it's not... which means poeple can gain access, knowing your not watching. * windows screensavers are normal processes and therefore can be killed by other programs. There was a post some time ago about autorun on cd's still working when screensaver is active. in short, ordinary screensavers provide virtually no security. Don't rely on them to do so. thats my .01c Shaman2001.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:35:20 PDT