Path: utzoo!attcan!uunet!munnari.oz.au!metro!cluster!ultima!kralizec!nick
From: nick@kralizec.fido.oz.au (Nick Andrew)
Newsgroups: comp.unix.internals
Subject: Re: Finding Passwords
Message-ID: <221@kralizec.fido.oz.au>
Date: 22 Oct 90 11:32:41 GMT
References: <8685@mirsa.inria.fr> <12438:Oct223:00:3290@kramden.acf.nyu.edu>
Organization: Kralizec Public Access Unix - Sydney, Australia
Lines: 21

brnstnd@kramden.acf.nyu.edu (Dan Bernstein) writes:

>In article <8685@mirsa.inria.fr> jlf@mirsa.inria.fr (Jean-Louis Faraut) writes:
>> What about a two-ways authentication, modifying the getty program to
>> oblige the computer to authenticate itself ?

>Fails. As I've said before, you can't reliably *avoid* a Trojan Horse
>unless you can reliably *detect* a Trojan Horse. If you don't have a
>trusted path, the intruder can masquerade as you, forwarding enough of
>the responses you supply to authenticate itself and then taking control
>of your account.

	Yes, I see what you mean. What if the trojan were basically a
filter to a proper getty routine. It could be done in the traditional
sense (using pipes  user=trojan=getty), or on a multi-line system,
the trojan could talk to the author (currently logged in on another
line) and the author's system (if it had 2 lines) could call the host
on some other line and use the output from the real getty to spoof
the fake one!  Weird, what a concept!

Nick.