Fake login screens
Thomas Jaeger
thjaeger at gmail.com
Sat Feb 14 21:26:25 UTC 2009
Vincenzo Ciancia wrote:
> However, it seems to me that nobody is getting the point about fake
> login screens: if I am an *user* of somebody else's network, how can I
> protect myself from another *user* faking a login screen, used as the
> only running X application, and stealing my password?
C-A-B offers no protection against this attack, as users can easily
remap keys. If you don't believe me, run
xmodmap -e 'keycode 22 = '
and then try killing the X server using C-A-B.
More information about the Ubuntu-devel-discuss
mailing list