RE: screensavers

From: Stewart John H SSSD (StewartJH@SUPSHIP.NAVY.MIL)
Date: 08/21/01


Message-ID: <76B92C2FC548D311A2DA0008C791893402A97D14@sssdexch.sssd.navy.mil>
From: Stewart John H SSSD <StewartJH@SUPSHIP.NAVY.MIL>
To: "'Andrew Kavanagh'" <andrewk@spray-quip.com>, Focus-Ms <focus-ms@securityfocus.com>, Vladimir Shtern <vladis@avicatech.com>
Subject: RE: screensavers
Date: Mon, 20 Aug 2001 15:44:59 -0700


There was a report out within the past 6 months that noted a couple of the
shareware screen savers did not implement the display timeout and lock
feature correctly. In other words, if the screen saver was running, it was
a simple keystroke that brought back the original screen. The screensaver
did advertise password locking but it didn't appear to work.

Many of the screensavers do have a "phone home" feature that would provide a
backdoor into your network.

John Stewart
Information Systems Security Manager
NAVSEA San Diego
Phone: (619) 556-2774
Pager: (877) 572-4322
PIN: 3033244

-----Original Message-----
From: Andrew Kavanagh [mailto:andrewk@spray-quip.com]
Sent: Monday, August 20, 2001 12:13 PM
To: Focus-Ms; Vladimir Shtern
Subject: RE: screensavers

-----Original Message-----
From: Vladimir Shtern [mailto:vladis@avicatech.com]
Sent: Monday, August 20, 2001 3:06 PM
To: Andrew Kavanagh
Subject: RE: screensavers

At 10:21 AM 8/20/01, you wrote:
>I also have a few users who use Webshots as a screensaver. This
screensaver
>can be used as a trojan? How so? I'm interested in finding out more about
>this issue as well.
>
>Andrew Kavanagh
>IT Manager
>Spray-Quip Ltd.
the point is not a specific "webshots", but screensavers in large, cause of
their ability
to run/execute a code
-vs

Ok... I was thinking you were talking specifically about WebShots and
vunerable code within that particular program. Doesn't hurt to make sure :)

Andrew