[cap-talk] The Limits of POLA's Utility - Social Engineering
Ian G
iang at systemics.com
Wed Jun 7 05:13:47 EDT 2006
Toby Murray wrote:
> The Computing Lab at Cambridge published Tech Report 666 yesterday
> (6/6/06).
> "A Pact With The Devil"
> Mike Bond, George Danezis
> http://www.cl.cam.ac.uk/TechReports/UCAM-CL-TR-666.pdf
> Is this sort of thing the limits of what POLA can achieve for virus
> prevention?
Not really, IMHO (on a first skimming).
POLA has some indirect relationships, but
essentially this attack is an old one that is
conducted normally in meatspace. Think of the
recruiting of spys. What the attack does is to
not pervert the system at all, it perverts the
user. The fact that some parts of the perversion
are automated doesn't change the basic attack.
iang
More information about the cap-talk
mailing list