Skip to comments.
New URL Spoofing Flaw Found in Internet Explorer
Netcraft ^
| October 29, 2004 01:52 PM
| richm
Posted on 10/30/2004 1:05:40 PM PDT by FreedomCalls
click here to read article
Navigation: use the links below to view more comments.
first previous 1-20, 21-40, 41-60, 61-73 next last
To: FreedomCalls
It's a great article, really! ;-)
41
posted on
10/30/2004 2:22:36 PM PDT
by
k2blader
(It is neither compassionate nor conservative to support the expansion of socialism.)
To: ScottM1968
Firefox IS affected if you right click and choose to open in a new tab or window. Bad because that it how I open many links in all the browsers I use. Opera is unaffected, though. See
post #40.
42
posted on
10/30/2004 2:25:03 PM PDT
by
Weirdad
(A Free Republic, not a "democracy" (mob rule))
To: FreedomCalls
It's not working on my IBM Selectric II. Am I doing something wrong?
(It seemed funny when I typed it.)
43
posted on
10/30/2004 2:35:37 PM PDT
by
UseYourHead
(This November, remember who the terrorists are voting for.)
To: surtcaldera
Safari for the Mac is not fooled, either...
44
posted on
10/30/2004 2:41:12 PM PDT
by
TXnMA
To: Weirdad
Right click and choose "Open link in new window" or right click and shoose "OPen link in new tab".... When you open links this way you defeat all of the protections built into Mozilla/Firefox. I suggest that you always left click on links, as the best way to defeat spoofing.
Personally, I use Camino at home, which is a Mozilla version tailored as a high-speed low-overhead Firefox for Mac OS X (not suggesting you or anyone switch). I don't use tabs for browsing at all, on the theory that the more I let the computer do for me, the less secure the browser is.
45
posted on
10/30/2004 2:45:52 PM PDT
by
jimtorr
To: Weirdad
The standard approach does work, though, fortunately.
My problem with Opera is the advertising it displays in the upper right corner of the screen if not the paid version.
I have the current Opera (paid version) as well, but prefer using Firefox because I can recommend that without reservation.
To: FreedomCalls
What's this "Internet Explorer", anyways?
Thanks to Mozilla, I no longer care about these kinds of stories.
47
posted on
10/30/2004 2:50:00 PM PDT
by
LincolnLover
(Useless Vanities and Reposts--The Bane of an Admin Moderator's Existence!)
To: mhking
A real developer would've linked the image to the site lol
48
posted on
10/30/2004 3:06:22 PM PDT
by
tai-pan
(media responsibility? ha!!)
To: ScottM1968
I use the paid version of Opera. However I agree that Firefox is great and I use it on machines where I do not have Opera.
However, it remains really annoying how many web sites specifically demand Internet Explorer even when they would probably run with another browser. Several hospitals that I long into permit ONLY IE, and both my bank and credit card demand it. Even using another browser ID setting will not work.
One major very expensive software package I must use uses IE components within the application, and as a result is now "broken" by any upgrade to WinXP SP2. So I have to run a less secure OS just to use one megaexpensive app that makes the mistake of being very dependent on MS Software.
49
posted on
10/30/2004 3:15:25 PM PDT
by
Weirdad
(A Free Republic, not a "democracy" (mob rule))
To: FreedomCalls
50
posted on
10/30/2004 3:27:17 PM PDT
by
Truth666
To: FreedomCalls; All
Help for viruses and malware:
Things you need--(all FREE)
Anti-Virus
AVG
The best forum for malware removal:
51
posted on
10/30/2004 3:33:26 PM PDT
by
backhoe
(Just an old Keyboard Cowboy, ridin' the Trackball into the Dawn of Information...)
To: ScottM1968
Firefox freaking rules - I have been using it exclusively since I got it a month ago! Leaves MS Internet Explorer in the DUST!
52
posted on
10/30/2004 3:36:23 PM PDT
by
HitmanLV
(I will not be pushed, filed, stamped, indexed, briefed, debriefed or numbered. My life is my own.)
To: ScottM1968
Of course the first thing most smart IE users do if forced to use it is shut off unsigned AX and make signed work on a permission only basis.
53
posted on
10/30/2004 3:49:13 PM PDT
by
Fire_on_High
(Why are you looking at me so funny? He's just a rat...)
To: FreedomCalls
Gee, my IE works fine. Sure, the text says the link goes somewhere else, but when I hover over it, the status bar shows the correct URL and after navigation the address bar also shows the correct URL.
Not seeing what the issue is here...
54
posted on
10/30/2004 5:14:49 PM PDT
by
showpromid
("Want some wood?")
To: showpromid
Gee, my IE works fine. Not seeing what the issue is here...Did you RTFA? IE versions 6.0.2800 or less are affected. IE versions 6.0.2900 or later are not.
55
posted on
10/30/2004 5:28:49 PM PDT
by
FreedomCalls
(It's the "Statue of Liberty," not the "Statue of Security.")
To: FreedomCalls
Netcraft has developed a service to help banks and other financial organizations identify sites which may be trying to construct frauds, identity theft and phishing attacks by pretending to be the bank, or are implying that the site has a relationship with the bank when in fact there is none. One financial institution I deal with allows users of its web site to set a "security phrase" which the Credit Union will include in all legitimate emails. So if you set your Security phrase to "FREEPERS RULE!" then any email you get which is supposedly from that financial institution that lacks those words is a phony.
The use of security phrase would not prevent someone from intercepting a real email to you and using it go generate a fake one. It would, however, stop a more common form of phishing which is to simply send out millions of phony emails without any degree of per-recipient interaction.
Given that such an approach is so simple, why don'y any of the "big" firms do it?
56
posted on
10/30/2004 6:16:50 PM PDT
by
supercat
(If Kerry becomes President, nothing bad will happen for which he won't have an excuse.)
To: backhoe; All
Thanks!
Anyone know the best anti-spam software? Recently I've been getting a lot more than usual... to the point where I feel willing to pay money to stop it...
57
posted on
10/30/2004 6:21:02 PM PDT
by
k2blader
(It is neither compassionate nor conservative to support the expansion of socialism.)
To: k2blader
Okay, I don't understand what the table tag is for.
Adding some color will help clarify things. The table itself is a link to www.altavista.com. The table contains links to www.google.com and www.dogpile.com. When a link is contained within a link, there don't seem to be consistently-implemented rules about whether the second link should override the first. I don't know whether the HTML specifications explicitly say, but my guess is that the second link should apply. What happens, though, is that some pieces of code to "find" whether there's a link at a given screen position stop as soon as they find one, while others each until they find the most deeply nested.
By the way, on Firefox, the "normal" text in the table appears as black with a link-colored underline except for the word "table" for which I requested [font color=red] (it appears as red text which with a red underline) and the word "these" for which I requested underlining (it appears as black with black underline).
58
posted on
10/30/2004 6:31:15 PM PDT
by
supercat
(If Kerry becomes President, nothing bad will happen for which he won't have an excuse.)
To: JoJo Gunn
Firefox users:
There is an extension called SpoofStick that will display the real URL of whereever you're surfing.
For 1.0PR users.
59
posted on
10/30/2004 6:38:39 PM PDT
by
George Smiley
(The only 180 that Kerry hasn't done is the one that would release ALL his military records.)
To: JoJo Gunn
60
posted on
10/30/2004 7:09:00 PM PDT
by
GregB
(Broken Glass Republican!!!!!!!!)
Navigation: use the links below to view more comments.
first previous 1-20, 21-40, 41-60, 61-73 next last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson