Cut-&-Paste Attacks with JAVA
نویسندگان
چکیده
This paper describes malicious applets that use Java’s sophisticated graphic features to rectify the browser’s padlock area and cover the address bar with a false https domain name. The attack was successfully tested on Netscape’s Navigator and Microsoft’s Internet Explorer; we consequently recommend to neutralize Java whenever funds or private data transit via these browsers and patch the flaw in the coming releases. The degree of novelty of our attack is unclear since similar (yet nonidentical) results can be achieved by spoofing as described in [6]; however our scenario is much simpler to mount as it only demands the inclusion of an applet in the attacker’s web page. In any case, we believe that the technical dissection of our malicious Java code has an illustrative value in itself.
منابع مشابه
Encrypting Java Archives and Its Application to Mobile Agent Security
In this article we describe an extension of Java Archives that allows to keep data encrypted for multiple recipients. Encrypted data is accessible only by selected access groups. Java archives may be used as containers of mobile agents, which allows agents to keep confidential data unaccessible while residing on untrusted hosts. However, additional protective measures are required in order to p...
متن کاملBAOBAB: a Java editor for large phylogenetic trees
SUMMARY BAOBAB is a Java user interface dedicated to viewing and editing large phylogenetic trees. Original features include: (i) a colour-mediated overview of magnified subtrees; (ii) copy/cut/paste of (sub)trees within or between windows; (iii) compressing/ uncompressing subtrees; and (iv) managing sequence files together with tree files. AVAILABILITY http://www.univ-montp2.fr/~genetix/.
متن کاملJava with Traits — Improving Opportunities for Reuse
The Java language includes features that present significant barriers to reuse; in practice, programmers have no choice but to copy and paste code that is not accessible via inheritance. Traits improve code-sharing in Smalltalk by providing a means to reuse such behavior, and we claim that a similar mechanism for Java would overcome not just the lack of multiple inheritance but Java’s other bar...
متن کاملJava Traits — Improving Opportunities for Reuse
One goal of Object-Oriented Programming is to enable programmers to craft elegant and reusable systems. In practice however, Java programmers have no choice but to copy and paste code that cannot be shared via inheritance. The resulting duplication makes systems difficult to understand and hard to maintain. Traits are a language feature, originally prototyped in Smalltalk, that directly address...
متن کاملEthnographic Study of Copy and Paste Programming Practices in OOPL
When programmers develop and evolve software, they frequently copy and paste (C&P) code from an existing code base, or sources such as web pages or documentation. We believe that programmers follow a small number of well defined C&P usage patterns when they program, and understanding these patterns would enable us to design tools to improve the quality of software. We conducted an ethnographic ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2002