INTRODUCTION
During the last years we could see how shadow server[3] attacks were a serious problem for many companies. It’s true that, for a security "expert", a shadow server attack can be considered obsolete and a "stupid" attack but in a security contest there is no banal problem,
mainly if it is still feasible.
The shadow software[1] attack, discussed in this paper, is very similar to the shadow server’s one, if we abstract to its essence.
Usually, the user does not require the authentication of the server and the exchange of information begins trusting the look-and-feel of the server[3]. This is very dangerous since we don’t know if the server we are connected to is the real one.
The shadow software attack is based on the concept that an attacker could simulate the look-and-feel of a software, launched by the victim, to steal his or other people's information.
For More: neworder
No comments:
Post a Comment