More info about the vidram board

Bill Carpenter wjc at hoswjc.ATT.COM
Mon Oct 30 19:58:11 AEST 1989 

In article <1989Oct29.221139.17835 at i88.isc.com> botton at laidbak.i88.isc.com (Brian D. Botton) writes:

> In one of my early postings I did mention that the video ram is wide open
> to any process on the system.  Personally, I don't think this is an issue.
> All that can be stolen is what is on the screen right now.  The same goes
> for what can be corrupted.

I think this is worth kicking around a little, since only the bad
guys/gals think of everything when it comes to security.  Since
security is not too much to brag about on the UNIXpc, I think we
should at least conclude that we're no worse off with the board in
than we were before.  (As opposed to, "we're a little worse off, but
we don't care".)

1.  STEALING THE SCREEN:  There probably isn't much difference here.
There is an ioctl() to get a dump of the screen contents anyhow.  I
don't know if it is shrewd enough to notice if you're logged onto the
console when you run it, but I'd be surprised if it did.  So, if you
type your password onto the screen, I guess the crooks can get it
without the hardware mod.

2.  WRITING THE SCREEN: When you login, you can do "mesg y" to prevent
someone writing to your login window.  However, as far as I can tell,
other windows (and windows being used by phone manager, etc) you open
are root/sys/666 (in other words, wide open to all).  So the
difference here is that without the hardware mod, you have some
control over writes into your login window.

Does write access to a window matter, if you don't give out read
access to the keyboard for that window?  Well, in your classic spoof,
you throw up a password prompt and read the keyboard while somebody types
in their password.  With the UNIXpc, you could bitblit up a password
prompt and then (since you didn't turn echo off) bitblit the password
back off the screen.  This would take some large, but not impossible,
effort.  Also, it might not fool too many people. (For extra credit,
bitblit each character as typed and then blank it out on the screen to
simulate no-echo.)

If I were trying to pull this kind of spoof without the hardware mod,
I guess I would open a borderless window just the size of the prompt
and position it in the right place on top of the user window.  From
there, proceed as before.  So, I guess this breaks even, too.


What else?
--
   Bill Carpenter         att!ho5cad!wjc  or  attmail!bill

More information about the Unix-pc.general mailing list