Does this affect transactions conducted directly through Paypal’s site?
Any idea if Opera is affected?
Thank goodness I use Firefox now.
And blow.
Cheers!
I think I have had 2 updates to my Camino browser for Mac in the last 10 days. I wonder if one was related to this...
Fairly certain I saw this type of attack about 7 to 8 weeks ago. Was logged into what appeared to be the normal paypal web site, on a compromised workstation, but right in the middle of the first screen after login, there was a paypal request to update the CC card info. The clue was the text wording was not grammatically proper English and they wanted the PIN number of a bank ATM card. Paypal never needs a pin number for your cc card backing up their account. Been using Firefox since then with no problems after complete format. FYI - I always type the paypal address manually when accessing the site.
If you use the Internet Explorer, Google Chrome or Apple Safari browsers to conduct PayPal transactions, now would be a good time to switch over to the decidedly more secure Firefox alternative.Skip from lead paragraph to last paragraph)That's because a hacker on Monday published a counterfeit secure sockets layer certificate that exploits a gaping hole in a Microsoft library used by all three of those browsers. Although the certificate is fraudulent, it appears to all three to be a completely legitimate credential vouching for the online payment service. The bug was disclosed more than nine weeks ago, but Microsoft has yet to fix it.
. . . Fortunately, Mozilla developers patched the hole a few days after Marlinspike's demo and Apple followed suit a few weeks later with Safari for OS X. That means if you're on Windows, the only way to protect yourself against this critical vulnerability is to use versions 3.5 or 3.0.13 or later of Firefox. At least until Microsoft fixes the CryptoAPI, whenever that may be. ®
So from the POV of a Mac user, essentially the entire article up to the last paragraph is a bunch of Elmer.