- security News Forums
- > RSA break-in: it was the Flash Player's ...
- > Re: Some remarks to make
Posting 
Thread - Reply
- New Topic
- Hide Thread
Re: Some remarks to make 11 April 2011 11:35
> nilie wrote on 04 April 2011 17:06
>
> > 1- Employee retrieving email from a spam folder ? Either RSA spam
> > system is weak or the employee in question is clearly unaware of
> > security policies (or there are simply no policies covering this
> > scenario).
>
> Well, I monitor an abuse@ address and sometimes false positives
> happen, so I regularly check my spam folder to see if something
> slipped through.
>
> Maybe they do so too? Though, I would never open any attachment from
> my spam folder and I usually block HTML emails (and I also use
> GNU/Linux).
> And even after all I said (almost like defending RSA) I totally agree
> with you on the security fail.
Fair enough but I think your being too nice.
If they're running flash on systems where these access credentials
are used.
Then this could easily happen next month and the month after that and
the month after that.
I presume they're running outlook which accepts foreign data almost
as trusted input. Get a text mail client with optional html2text
conversion for crying out loud, you jokers.
I wouldn't be surprised if they're running adobe air too just so an
exploit can continue trying to elevate priviledges once the browsers
closed.
p.s. I believe after the google incident they pushed hard on the unix
usage front. Shrewd move, but you still need to think about
priviledge seperation.
OMG - RSA need lessons on priviledge seperation and code quality.
-
-
-
-
11 Apr 2011 11:35Kevin Chadwick
Re: Some remarks to make
-
-
- Posting
- Thread
- Reply
- New Topic
- Hide Thread
- Threaded View
- Flat View