Re: GUI systems Ben Laurie (ben@algroup.co.uk)
Wed, 28 Jun 2000 08:19:30 +0100

"Shawn T. Rutledge" wrote:
>
> On Tue, Jun 27, 2000 at 09:34:00PM -0400, Jonathan S. Shapiro wrote:
> > > > There is another issue, which is more "purist" in nature: the number of
> > > > programs that get notified of a restart should be kept as small as
> > possible.
> > >
> > > If I get a redraw event, I don't have any idea whether it's because
> > > I've been deiconified, because Netscape has been iconified, because the
> > > screen saver has just exited, because the user has invoked the "redraw
> > > screen" command, or because the system has restarted.
> >
> > That's because you haven't applied error correction to the signal. Think
> > about it a little more from the attacker's perspective...
>
> I don't think I understand.

The point is that program A can signal program B by causing redraw events to be sent to B. Imagine sending them 1 per second for 0, 2 per second for 1, for example. This is a covert channel.

Cheers,

Ben. 

--
http://www.apache-ssl.org/ben.html

Coming to ApacheCon Europe 2000? http://apachecon.com/