Wed, 28 Jun 2000 08:19:30 +0100
"Shawn T. Rutledge" wrote:
> On Tue, Jun 27, 2000 at 09:34:00PM -0400, Jonathan S. Shapiro wrote:
> > > > There is another issue, which is more "purist" in nature: the number of
> > > > programs that get notified of a restart should be kept as small as
> > possible.
> > >
> > > If I get a redraw event, I don't have any idea whether it's because
> > > I've been deiconified, because Netscape has been iconified, because the
> > > screen saver has just exited, because the user has invoked the "redraw
> > > screen" command, or because the system has restarted.
> > That's because you haven't applied error correction to the signal. Think
> > about it a little more from the attacker's perspective...
> I don't think I understand.
The point is that program A can signal program B by causing redraw
events to be sent to B. Imagine sending them 1 per second for 0, 2 per
second for 1, for example. This is a covert channel.
Coming to ApacheCon Europe 2000? http://apachecon.com/