Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: Bug in Norton FireWall 2003
From: xenophi1e (oliver.laverysympatico.ca)
Date: Tue Aug 12 2003 - 12:44:02 CDT
>Is there a reliable mechanism in Windows for distinguishing between real
>spoofed events? I've never looked into the subject, as I avoid GUI-mode
>programming like the plague (which is an apt description, in my book).
>Of course, the popup window shouldn't be owned by a process running with
>elevated privileges anyway.
No, their isn't even an unreliable way.
I've talked to lots of people about this particular firewall hole that
keeps getting rediscovered. For my money the best bet is to display the
UI as a bitmap image which is difficult to decipher computationally.
The 'Allow' portion of the bitmap changes position, and a click anywhere
outside of this portion is treated as 'Reject'. Provided the bitmap is
easy for a human to decipher, yet difficult for a machine to decipher, I
think you would have a pretty good 'jury-rigged' solution.