(applehelpwriter.com)

1037 points 8bitben | 1 comments | 09 Sep 16 15:52 UTC | HN request time: 0.206s | source

Show context

gruez ◴[09 Sep 16 16:41 UTC] No.12463849[source]▶

The fact that any application can spoof the os password prompt makes me wonder why they don't have a prominent feature to show the prompt is from the OS. On windows there is the secure desktop with the dimming effect.

replies(6): >>12463913 #>>12463935 #>>12463946 #>>12464205 #>>12464261 #>>12465995 #

pritambaral ◴[09 Sep 16 16:50 UTC] No.12463935[source]▶

>>12463849 #

Is the "secure desktop with dimming effect" not spoofable?

replies(3): >>12464096 #>>12464194 #>>12464260 #

1. Vendan ◴[09 Sep 16 17:22 UTC] No.12464260[source]▶

>>12463935 #

Trivially, in fact, KeePass does a fairly good job of it, mimicing everything down to the actual creation of a second, "secure" desktop. It's arguably more secure, though it's a little bit of a "false security", as KeePass's "Secure Desktop" is not as "secure" as the UAC and similar one, as the UAC one runs as SYSTEM, where as KeePass's runs as the current user.

↑

How Dropbox Hacks Your Mac