Re: TPM against XSS and Phishing

---

• From: "Dennis Li" <dennis.li.sh@xxxxxxxxx>
• Date: Thu, 15 May 2008 01:49:33 +0800

---

On Thu, May 15, 2008 at 1:43 AM, Dennis Li <dennis.li.sh@xxxxxxxxx> wrote:

Hi, Charis

I don't think any relationship between the secure boot (TPM) and XSS and phishing.

The secure boot is to prevent unauthrozied person to access your pc and privacy data on harddisk by encrpting your harddisk.

XSS and phishing attack work on web site. In some cases, the hack could access your data through the backdoor opened by trojoan which is injected by the XSS attack indirectly. (Malicious java script will be runned by XSS attack, and it may cause buffer overrun, and privilege to access your pc can be get, then backdoor will be opened). Even in that case, the TPM may not work since you already log on to your OS, and the data is decrypted.

So maybe you need state more clear about your requirement.

Dennis

On Wed, May 14, 2008 at 10:22 AM, Charis <cycharis@xxxxxxxx> wrote:

Hi,
Can anyone help me on how the use of secure boot(using a TPM) on vista could
prevent XSS and phishing attacks?
Thanks in advance
Charis

---

• References:
  • TPM against XSS and Phishing
    • From: Charis

• Prev by Date: RE: Ответ: Security of PCL and PostScript
• Next by Date: Re: TPM against XSS and Phishing
• Previous by thread: TPM against XSS and Phishing
• Next by thread: Re: TPM against XSS and Phishing
• Index(es):
  • Date
  • Thread

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > security-basics  > 2008-05