lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 24 Jan 2012 18:09:32 -0500
From: Dan Kaminsky <dan@...para.com>
To: nick@...us-l.demon.co.uk
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: VNC viewers: Clipboard of host automatically
 sent to remote machine

Those who try to manage potentially malicious servers do so over IP KVM, in
which the foreign server basically gets only inbound Keyboard and Mouse and
outbound uncompressed pixels.

Anything more is untrusted, for a reason.

On Tue, Jan 24, 2012 at 5:50 PM, Nick FitzGerald
<nick@...us-l.demon.co.uk>wrote:

> Ben Bucksch wrote:
>
> > Even then, that is not sufficient, as explained in length.
>
> No -- what you "explained in length" _and_ seem impervious to
> understanding, despite a couple of respondents explaining it quite
> clearly, is that you have chosen to perform ongoing "sensitive" work in
> an environment where doing so is, at best, represents a highly
> questionable security stance.
>
> _Part_ of what contributes to that questionability is your choice to
> more-or-less continuously run an application that you should always
> have known leaks access to the clipboard of what you oddly choose to
> describe as a "trusted desktop" (odd, because you should know that
> exposing the host clipboard to the client is common -- in fact,
> probably the standard default -- functionality of VNC clients).
>
> That your chosen/preferred/whatever VNC client does not allow you to
> turn off, or otherwise modify or monitor this functionality is not a
> security vulnerability or bug, as you seem intent on portraying it.  It
> may be an undesirable feature (or, more accurately, lack of a feature)
> but don't you have other VNC clients to choose from?  Must you use this
> particular VNC client?  If so and this method of working is so critical
> to you, should you not choose a different platform for your "trusted
> desktop" and run a more suitably configurable VNC client?  Or, if your
> sensitive work is really that sensitive, should you not invest in a
> second machine for remotely monitoring/interacting with the the
> untrusted, sandboxed applications you need to run, so that they really
> are securely separated (can we all say "air gap"?) from your more
> "sensitive" operations?  It would not have to be a very heavy-duty
> machine -- a very low-end netbook style machine, or possibly even a
> cheap tablet-style device may more than suffice...
>
> ...
>
> Another part of that questionability is obvious to anyone with nous
> reading this list...
>
>
>
> Regards,
>
> Nick FitzGerald
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists