Posted on 02/15/2005 12:44:04 PM PST by N3WBI3
Netcraft has the story that Mozilla has decided to drop support for international domain names in future versions of its Firefox Web browser. The decision comes after demonstrations by the Schmoo Group that the feature can be used to aid in phishing scams and other browser naughtiness." From the article: "The attack can be disabled in Firefox and Mozilla by setting 'network.enableIDN' to false in the browser's configuration (enter about:config in the address bar to access the configuration functions). The Mozilla development team today made this the default setting. Users who want IDN support will be able to turn it on, but will be warned about the risks involved."
Time to actually address this problem about a week..
Looks like they are going to turn of IDN until at least 1.1 when they hope ot have a more perminate fix in place..
So is this Bill Gates' fault, too?
Okay, I need to download Firefox. I've put it off long enough. Where is the best and most current download at?
Thanks
Funny - the one case where Windows IE is NOT vulnerable and other browsers (including my favorite, Safari) are. I guess there are benefits to not following standards, after all.
Of course, if you don't click on those "send-me-your-bank-number-so-we-can-verify-your-account" messages, you're better off, anyway.
Nope. The IDN standard is broken (allows for spoofing in addresses), and removing support for the feature until the standard is fixed is the prudent thing to do.
If you're not bright enough to contribute to the conversation its more polite to just stay silent.. Dang windows shills are like Canadians always acting on their P**is envy..
You should be able to find the latest and greatest at mozilla.org
Izzy,
Yes and no. If you install and IDN plugin for Internet explorer it is just as vulnerable. The solution of the firefox folks (turning it off) is similar to the MS solution.
You won't be pleased with it when you reload FR threads.
Hey, that's cool!
I was being sarcastic. Lately, anything wrong with internet functionality seems to bring out the anti-Gates crowd. My Firefox network.enableIDN is already set to "false" since this news came out several days ago.
Thanks! Download commencing.
I was very intrigued by the following setting:
privacy.popups.default_whitelist default string
aol.com,bankofamerica.com,carsdirect.com,cnn.com,compuserve.com,digitalcity.com,ea.com,mapquest.com,match.com,netscape.com
Look at some of the names in that list! BoA, CNN, carsdirect, match.com, etc.
What do you find in firefox and mozilla???
"You won't be pleased with it when you reload FR threads."
Doesn't refresh pages well?
In IE, when you're at the "bottom" of a thread, and after you refresh, you're looking at the post you last looked at, with the "new" content below
In Firefox, after you refresh, you're at the bottom of the refreshed page, and you have to scroll back up to find where you left off.
I find that you can confiure them yourself, by default there is no whitelist. You at some point clicked (allow popups from this site) and that put them there.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.