Safari (Apple browser) URL-spoofing vuln reveals how fanbois can be led astray

The Register ^ | May 20, 2015 | Alexander J Martin

[dayglored]

A recently published exploit for the Safari browser demonstrates a URL spoofing mechanism which might convince users they are visiting a legitimate website, when they are actually visiting another site which may be phishing their details.

Deusen researchers have disclosed a vulnerability which may be exploited by hackers to hijack user accounts on a range of websites, from social media to banking.

The proof-of-concept invites users to visit what appears to be the Daily Mail website – however, a script will execute the loading of another URL before the page users are directed to can be displayed.

Tested using Safari on the iPad, the example address-spoofing script causes the Safari browser to display dailymail.co.uk whilst the browser displays content from deusen.co.uk, although the latter can be substituted for a malicious site, say Deusen's researchers.

[dayglored]

Proof of concept here -- explore at your own risk:

http://www.deusen.co.uk/items/iwhere.9500182225526788/

Thanks to tacticalogic for the heads up on this one!

[dayglored]

Swordmaker: for your list (sorry about the "fanbois", it's the original title...)

Tacticalogic: I chose to post the Register's version, the Hacker News version page creeped me out, their massive script ran forever on my Firefox.

[TEXOKIE]

bfl

[867V309]

Swordmaker: for your list (sorry about the "fanbois", it's the original title...)

It only hurts when it's true.

[Scutter]

So true.

[Swordmaker]

WARNING A german Security Site has discovered a vulnerability in the DNS structure on Safari and Chrome browsers on Apple OS X, iOS, and also Chrome on Android. Google has patched Chrome so download a new version. Apple has yet to fix the vulnerability. The proof-of-concept is extremely simple… it uses JavaScript to load up a website (dailymail), every 10 micro-seconds, which is not enough time for the website to begin loading. So it’s displaying that website address, but hasn’t actually loaded it yet. Meanwhile, it’s on a different website, which could have active malware.

As a quick fix, go to Safari Menu, Preferences, Security, uncheck Webcontent: Enable JavaScript. Problem Solved! However, you may not be able to use some sites which require JavaScript to operate. — PING!

Apple Security Ping!

If you want on or off the Mac Ping List, Freepmail me.

Still working on the Freepathon. . . I challenge the members of the Apple ping list to each donate at least $10 each to the latest Freepathon. I HAVE donated $100. Many members of the Apple Ping list are already rising to the challenge. Join them. Let's show the power of the Apple Ping list in supporting Freerepublic!

If you have ordered an Apple Watch,
MAKE A DONATION TO THE FREEPATHON!

[SunkenCiv]

Fanbois is a French term, pron. “fon-bwa”, means “intellectual” I think. ;’)

[tacticalogic]

Fanbois is a French term, pron. “fon-bwa”, means “intellectual” I think. ;’)

Imagine spending an evening with a bunch of French "intellectuals".

[dennisw]

Apple fanbois can be led astray..... goes on all the time as they toss their money down an obsessive rathole buying overpriced Apple watches etc. They hang on Tim Kooks every word and before that Steve Jobs.

[dayglored]

Ah, thank you Dennis, I knew we could count on you to hold down your end of the spectrum with surety and aplomb.

[conservatism_IS_compassion]

A German Security Site has discovered a vulnerability in the DNS structure on Safari and Chrome browsers on Apple OS X, iOS, and also Chrome on Android . . . Apple has yet to fix the vulnerability.

As a quick fix, go to Safari Menu, Preferences, Security, uncheck Webcontent: Enable JavaScript. Problem Solved! However, you may not be able to use some sites which require JavaScript to operate.

Thanks to tacticalogic for the heads up on this one! - dayglored

Thanks, SM, DG, and TL.

[dayglored]

>> Fanbois is a French term, pron. “fon-bwa”, means “intellectual” I think. ;’)

> Imagine spending an evening with a bunch of French "intellectuals".

Ben Franklin spend considerable time in the company of French intellectuals, and it appears to have done him little or no damage.

OTOH, he also reportedly spent numerous evenings in the company of French whores. Whether it did the good Doctor any harm or not was not recorded for posterity.

[tacticalogic]

Ben Franklin spend considerable time in the company of French intellectuals, and it appears to have done him little or no damage.

Ben himself would have been among the intellectuals of his day. Intellectualism I fear, ain't what it used to be.

[dayglored]

> Ben himself would have been among the intellectuals of his day. Intellectualism I fear, ain't what it used to be.

You sure got that right, FRiend. :)