This paper outlines a simple way to accomplish a local trojan horse attack using Java or similar remote execution facilities. We show an implementation in Java of a simple example of this type of trojan horse.
We propose a new mechanism of window personalization that can thwart this type of attack. Window personalization allows a consumer to select a pattern for window display that will be unknowable (or very difficult to determine) by rogue applets and other transmission media for trojan horses. Through window personalization, a consumer can catch almost all trojan horse emulations of human interfaces; the rogue program can not determine the correct way to format the interface, and so it is likely to appear wrong to the consumer. In section 5 we show how this method can be extended to other applications such as point-of-sale transactions and automatic teller machine transactions.