On Wednesday 21 February 2007 11:56, Kelsay, Brian - Kansas City, MO wrote:

Wrong. http://en.wikipedia.org/wiki/Control-Alt-Delete http://www.techshowflorida.com/details.html

Actually, it agrees with me: The design of Windows NT is such that, unless security is already compromised in some other way, only the WinLogon process, a trusted system process, can receive notification of this keystroke combination (because the kernel remembers Process ID of WinLogon process and allows only that process registering it). This keystroke combination is thus a secure attention key. In Windows NT, it is called Secure Attention Sequence. A user pressing Control-Alt-Delete can be sure that it is the operating system (specifically the WinLogon process), rather than a third party program, that is responding to the key combination, and that it is therefore safe to enter a password.

Invented LONG before phishing.

Before the term "phishing", perhaps, but not before the concept of tricking the user into entering their password in the wrong place.

I fail to see how a USB dongle can determine if a user is local or not.

Obviously, only a local user can plug in a USB device.

And yes, you can send a ctl+alt+delete remotely, but it will disconnect your session as the computer reboots.

What modern computer reboots on Ctrl-Alt-Delete? Not even Windows 3.1 did unless you repeated it at least twice.