From: Peter Pentchev Date: 16:05 on 14 May 2007 Subject: Remote Desktop, Windows Logon, or something entirely different --BXVAT5kNtrzKuDFl Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Soooo... So, I'm messing around with a Java applet for creating XML digital signatures using X.509 certs stored on a smartcard accessed via a USB smartcard reader. Yes, I know that this sentence alone contains enough triggers for about three weeks of continuous hate... but wait, there's more! Two hours ago, Something Happens(tm), and the Java cryptography whachamacallit suddenly decides that actually communicating with the lowly smartcard is way beneath its dignity. Off we go, blaming the JCA, the applet, the browser, the command-line JRE, the PKCS11 library, the reader itself... All kinds of documentation gets pulled out from long-lost websites, dusted off, and read. All kinds of tweaks are applied to all kinds of tweakable things. All kinds of small furry animals meet a grisly fate. After two hours of chasing wild geese and other predators, I stumble upon http://blogs.msdn.com/oldnewthing/archive/2006/11/20/1109013.aspx =2E.. Inspiration hits. Hard. Right between the eyes. =2E.. No, I'm not trying to log in with the smartcard. I won't try to log in with the smartcard in the foreseeable future. I don't even want to think about logging in with the smartcard. But still, if: 1. somebody tries to log in using Remote Desktop, and 2. there is a smartcard reader attached, and 3. there is a smartcard in the smartcard reader, =2E..then the Windows logon system hides the reader from all other libraries and applications and claims it as its own, to love and to cherish, till the power supply do them part. Turn computer off, remove reader, turn computer on, plug reader back in. See applet. See applet run. Run, applet, run. Two. Bloody. Hours. Right now, I wish I had a kzin to challenge. It would have been easier on the unlucky coworkers that just happened to be near my desk five minutes ago. Off on a bloody rampage, Peter --=20 Peter Pentchev roam@xxxxxxx.xxx roam@xxxxx.xx roam@xxxxxxx.xxx PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 This sentence every third, but it still comprehensible. --BXVAT5kNtrzKuDFl Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (FreeBSD) iD8DBQFGSHqy7Ri2jRYZRVMRArjrAJ48VBJgvS4oXfijp1uM5TDWgL5CjgCggJ+D U3Qja0lxqQZ2ouSwsrdhpHg= =ULRZ -----END PGP SIGNATURE----- --BXVAT5kNtrzKuDFl--
Generated at 10:28 on 16 Apr 2008 by mariachi