You can't run a trusted client on an untrusted machine. A hostile user has complete access to the machine state, including memory, stack, and register values. He/she can log all communication between the client and the server and create a fake client that duplicates the "authentification" procedure of the real client, but without displaying ads. It's a lost cause, but luckily for the people running the free Internet access programs, most users won't do this. __________________________________________ NetZero - Defenders of the Free World Get your FREE Internet Access and Email at http://www.netzero.net/download/index.html
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:28:47 PDT