Black Hat Briefings, Las Vegas 2005 [audio] Presentations From The Security Conference

The Shatter attack uses the Windows API to subvert processes running with greater privilege than the attack code. The author of the Shatter code has made strong claims about the difficulty of fixing the underlying problem, while Microsoft has, with one exception, claimed that the attack isn't a problem at all. Whether or not Shatter is indeed an exploit worth worrying about, it uses a feature of Windows that has other malicious uses, such as keystroke logging. This talk presents a means of defeating this entire family of attacks with minimal breaking of applications and effect on the look and feel of the user interface. Tyler Close is a researcher and developer, working in the field of secure, multi-user, distributed applications since 1998. He is the designer of the web-calculus, a messaging model for creating POLA interfaces between heterogeneous applications. He is a developer for an ongoing series of applications in the POLA genre, including: Waterken Server, for web-services; petname tool, anti-phishing