Re: Challenge: Perception of security; the reality of security

From: Jan Plastenjak (none_at_ms.com)
Date: 04/08/04


Date: Thu, 8 Apr 2004 10:15:41 +0200


Sorry for spoiling with answer.

> An example:
> http://www.jensign.com/JavaScience/www/hexdumpfile
> which is simply a handy browser-based file hex-dumper.
I couldn't use this example. Which Java VM are you using? MS?

> It you think you can identify the vulnerability/risk, DON'T SPOIL HERE.
> Let me know and I will verify.
Did you get any feedback? Please, could you share it (security bug) with us?

Thank you.



Relevant Pages

  • Re: Verifying a Java Signature using LDAP fails...
    ... Generic Java 2 and .NET generated standard bog-endian-ordered pkcs #1 signature ... bytes as above (assume you hash identical data bytes with same hash algorithm specified) ... The public key is stored in binary form on an LDAP server ... > I then create a Hash of the signed data and try to verify it with CryptVerifySignature which fails ...
    (microsoft.public.platformsdk.security)
  • Re: Web Page access
    ... Joe Makowiec wrote: ... I am using IE and having trouble seeing a particular web page. ... Scroll to the right there and do a Verify. ... That's JAVA. ...
    (soc.genealogy.computing)
  • Re: Web Page access
    ... I am using IE and having trouble seeing a particular web page. ... Scroll to the right there and do a Verify. ... That's JAVA. ... page does have some of, but again, the page works even if javascript is ...
    (soc.genealogy.computing)
  • Re: Antivirus engine check utility
    ... Please verify the Java version on those systems using: ... to determine where to generate the temp. ... Please verify what these system-property values are using this utility (which displays ALL ... > The Antivirus Status Java applet cannot run properly because either: ...
    (microsoft.public.security)
  • Re: enable java
    ... That seems to be a problem, when I download java I get this message "This ... instalation package could not be opened. ... orcontact the application vendor to verify that this ...
    (microsoft.public.windowsxp.newusers)