Hello, Has anybody considered security issues with wpkg? As far as I can tell, wpkg requires the local network to be trusted. If it cannot be trusted, and the server goes off-line, then anybody could set up a fraudulent server with the same name, which serves a fraudulent copy of wpkg.js that does malicious things. As wpkg.js runs, automatically, as the system user on every Windows computer, this would be an easy way to bring all Windows computers in a company down. I conducted some tests using domain level security, but found I domains do not prevent this type of attack. Any thoughts? Thanks. -- Brian May <bam at snoopy.apana.org.au> wpkg-users mailing list wpkg-users at lists.wpkg.org http://lists.wpkg.org/mailman/listinfo/wpkg-users |