Check out the new USENIX Web site.

Home About USENIX Events Membership Publications Students
Second USENIX Workshop on Electronic Commerce     [Technical Program]

next up
Next: Introduction Up: WWW Electronic Commerce and

WWW Electronic Commerce and Java Trojan Horses

gif tex2html_wrap_inline326

Abstract:

World Wide Web electronic commerce applications often require consumers to enter private information (such as credit card numbers) into forms in the browser window. If third parties can insert trojan horse applications onto a consumer's machine, they can monitor keyboard strokes and steal private information.

This paper outlines a simple way to accomplish this using Java or similar remote execution facilities. We implemented a simple version of this attack. We give a general method, window personalization, that can thwart or prevent this attack.





TOM Comversion
Fri Oct 4 17:27:59 EDT 1996

This paper was originally published in the Proceedings of the Second USENIX Workshop on Electronic Commerce
November 18-21, 1996, Oakland, California

Last changed: 30 April 2002 aw
Conference Index
USENIX home