[Gomez]

The original article has a video demo

[Gomez]

ping

[Lazamataz]

Yikes. I am very heavy in the security world these days. This is pretty interesting.

[ConservativeMind]

This is definitely not cool. I know Firefox for version 4 is slated to have a way to hide the history, but its not been said how they will address it.

From what I’ve heard, browsers are designed for allowing access to this history. There’s even a website that can show you a number of places you’ve visited just by displaying their page. It is either through the history or through deciphering the cookies.

[a fool in paradise]

Seeing more browser hijack threats and more indications that Firefox is just as vulnerable as IE.

[ShadowAce]

[bigbob]

Frack! I’m about ready to go back to Netscape 1.0, text-only ;-)

[Old Professer]

Odd error found; “ memory is mailable and moldable “; probably should be ‘malleable,’ but since this doesn’t affect the story and outcome, who cares.

[Greysard]

I use FF with NoScript, and allow scripts only when I want them, on per site basis. Blocking Javascript also breaks most of ads, and Ghostery cleans up the web bugs.

All in all, Firefox today, with a good set of extensions, is the most privacy-protecting browser on the market. Extensions that you must have are: NoScript, Adblock Plus, Ghostery, OptimizeGoogle. Keep your IE or Chrome for script-heavy trusted sites, but do most of your casual browsing in FF. You'd be amazed to see how many spy and ad sites it blocks.

[for-q-clinton]

In my testing the attack worked in Firefox 3.6, 3.7a, Opera 10 and Safari 4.

What about IE8? Surely that was able to fall to this attack.

[chris_bdba]

I’ve never run with tabs for some reason they annoy me greatly?