Sorry folks, MSKLC cannot trap CONTROL+ALT+DELETE

by Michael S. Kaplan, published on 2005/01/29 02:39 -05:00, original URI: http://blogs.msdn.com/b/michkap/archive/2005/01/29/363002.aspx


A few days ago, Larry Osterman pointed out Why is Control-Alt-Delete the secure attention sequence (SAS)?

It is funny but one popular topic that comes up in supporting MSKLC is people wanting to be able to develop a keyboard layout that blocks the keystroke combination. So they are just looking for a version of MSKLC that does not have the DELETE key disabled because the other two keys are there and they are so close to their goal....

Sorry, but they are not close. A keyboard layout cannot be made to take away this functionality. CTRL+ALT+DEL is still the one safe combination, even if the DELETE key were eanbled in the user interface of MSKLC.

Of course, there is a dialog that Outlook puts up when it feels the need to reauthenticate (network hiccups?) which I never type into since the spoofing potential is so obvious. But I am sure most people do type in their credentials again anyway and would consider me to be paranoid. Maybe they should recommend in the dialog that the user hit CTRL+ALT+DEL and type in their password there rather than trying to prompt for it directly?

The problem with trying to make a system foolproof is that the designers will always underestimate the ingenuity of complete fools. Unfortunately, those with evil intent do not underestimate complete fools; they thrive on such people....

This post sponsored by "ΒΆ" (U+00b6, PILCROW SIGN)


# Mike Dimmick on 29 Jan 2005 9:33 AM:

I haven't used XP with Fast User Switching for a while, but from what I recall, on that setup, CTRL+ALT+DEL does not bring up the Windows Security dialog. It brings up the Task Manager. So Outlook can't necessarily prompt to press CTRL+ALT+DEL, because that feature may not be available.

I was going to make some reference to Windows 98 but I note that Outlook 2003 requires at least Windows 2000 SP3. Outlook 2002 (XP) does run on Windows 9x, where again CTRL+ALT+DEL doesn't do that.

This leads me on to logging on with a Low-privileged User Account (LUA). Other systems such as Mac OS X prompt for passwords if you're trying to do something requiring administrative access. To me, that seems like a big opportunity for spoofing. You don't want to get the user used to typing in an administrator password all the time, or they won't consider the risk of doing so. Some of the benefit of using a LUA will be lost.

# Michael Kaplan on 29 Jan 2005 12:24 PM:

Fair enough.... but like I said I have trouble trusting dialogs that could indeed be spoofs. Generally I tend to shut down Outlook and start it again -- authentication seems to have no problems after that. So maybe the bug is that they are asking for re-authentication at all?

# Dean Harding on 30 Jan 2005 3:33 PM:

> So maybe the bug is that they are asking for re-authentication at all

I'd say so. I don't like to type my details into a dialog that pops up seemingly of it's own accord either. What they should probably have done, is added a "click File->Reconnect" message, which you clicked OK to and then actually initiated the reconnect yourself from Outlook's menu. It's like if a bank rings you and asks for your password, instead of you ringing the bank first - at least in the latter case you know it's far more difficult to intercept the phone call.

go to newer or older post, or back to index or month or day