Hacker News new | past | comments | ask | show | jobs | submit login

Can't you capture all Windows messages also?



It used to be a big deal - you could use the shatter attack to read the contents of text controls that stored passwords, etc:

https://en.wikipedia.org/wiki/Shatter_attack

These days less of a problem. Message injection/sniffing between applications in different contexts doesn't work. Unless you're the administrator, in which case it is game over already.


Windows has UI isolation between processes with different privilege levels per UIPI.

https://blogs.msdn.microsoft.com/vishalsi/2006/11/30/what-is...

(Note: I am not a Windows expert.)


Vista was only released in 2006. I think the thread is discussing the period a few years before that.


I was reacting to:

Nowadays [...] coupled with Linux's security and remote debugging capabilities, it's a very good fit for my father for example.


Right, well as you point out, nowadays Wayland is default on major distributions like Rebecca Black OS and some minor players like Fedora.

In any event, when a user is compromised, it's lol Windows. But when Yahoo is compromised, is anyone opining security in Linux? Or are these social engineering hacks?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: