[ShadowAce]

I've always considered phishing to be more of a social engineering bug than technical, but it still pays to watch your browser.

[ShadowAce]

Firefox tech ping!

[smith288]

The more popular you are, the bigger of a target is painted on your back.

If FireFox was THE browser of the web, the same freaks who live and die to hate Microsoft right now would be slamming Firefox.

Its just the natural order of things.

[Ginifer]

Thx for the update and post.

[Recovering Hermit]

As Firefox becomes increasingly popular, we'll probably see more of these vulnerabilities found and exploited.

[b4its2late]

So you're telling me I gotta go back to browsing with IE?

[demlosers]

I agree...

[TruthWillWin]

Wonder if these hackers received any compensation from MS?

[zeugma]

I'll be interested in seeing how long it takes to fix this. I run Mozilla Nightlies, so I'll be testing it out when it is released.

[zeugma]

I just checked out Bugzilla's note about this. It would appear that it's a presentation "bug" in that if your dialog window is not big enough, the entire URL may not be shown. See bold text below. Workaround, is to expand (or maximize) the dialog box so that you can see the entire URL of the download.

To go along with the download box spoof reported in bug SA12712 Jakob Balle submits a demonstration to make the download dialog more convincing by obscuring the software source. The demo takes advantage of the default length truncation (similar to truncation of the filename in bug 258601). While the dialog /can/ be resized to see the whole url, most people won't think to do that or even know it's possible.

[BigSkyFreeper]

So much for it being more "bulletproof" than IE. Just the perks that come with popularity.

[terabyte]

Ping. Just in case you didn't see it.