Keystrokes, including passwords, can be sniffed when using Windows Terminal Server or the XP remote control feature. MS has rolled a fix silently into SP1 without making any public statement on this serious problem. The cause of the keystroke -sniffing feature is a design mistake in Microsoft's Remote Desktop Protocol (RDP) which leaks information about the contents of encrypted packets through their checksums. This is because packets with the same plaintext have matching checksums throughout a particular session.
|