> Think about how easy it is going to be > to fake the windows logout - login sequence and phish unaware users' > credentials and just how do you propose you catch the SAS with your little IE window?