Skip to comments.
Firefox flaw raises phishing fears
ZDNET ^
| 1/7/2005
| Ingrid Marson
Posted on 01/07/2005 3:06:33 PM PST by KwasiOwusu
A vulnerability in Firefox could expose users of the open-source browser to the risk of phishing scams, security experts have warned.
The flaw in Mozilla Firefox 1.0, details of which were published by security company Secunia on Tuesday, allows malicious hackers to spoof the URL in the download dialog box that pops up when a Firefox user tries to download an item from a Web site. This flaw is caused by the dialog box incorrectly displaying long sub-domains and paths, which can be exploited to conceal the actual source of the download.
Mikko Hypponen, director of antivirus research at software maker F-Secure, said this bug could make Firefox users vulnerable to cybercriminals. "The most likely way we could see this exploited would be in phishing scams," he said.
To fall victim to such a scam, a Firefox user would have to click on a link in an e-mail that pointed to a spoofed Web site and then download malicious software from the site, which would appear to be downloaded from a legitimate site.
(Excerpt) Read more at news.zdnet.com ...
TOPICS: Technical
KEYWORDS: browsers; computersecurity; firefox; intertexplorer; kneepads; littleprecious; lowqualitycrap; microsoft; paidshill; redmondpayroll; trollfromredmond
Navigation: use the links below to view more comments.
first previous 1-20 ... 81-100, 101-120, 121-140 ... 221-223 next last
To: KwasiOwusu
I heard about this some time back. I believe it started in South America or somewhere around that area. Thay warned people it was on it's way here.
101
posted on
01/07/2005 8:13:46 PM PST
by
processing please hold
(Islam and Christianity do not mix ----9-11 taught us that)
To: Hank Rearden
"And, it's "Schadenfreude", by the way. It means the way we feel about the poor suckers who insist on sticking with Internet Exploder and Outschnook"
I'd be much more worried about the open source nuts, who define themselves by how much anti-Microsoft hate they can generate on any given day.
Now that is what I call really sick.
To: Robert A. Cook, PE
"So, how do you check whether your current firefox version is update-to-date? "
Never used Firefox in my life.
Never will.
Sorry.
I think you probably directed the question to the wrong guy.
To: KwasiOwusu
Just couldn't resist getting the Firefox evangelists' backs up. You can't do it anyway. It was a Firefox fan who posted it originally.
104
posted on
01/07/2005 8:20:11 PM PST
by
ShadowAce
(Linux -- The Ultimate Windows Service Pack)
To: ShadowAce
"You can't do it anyway. It was a Firefox fan who posted it originally"
Umm.. but I did.
Look at the over 50 attacks from the Firefox fanatics that i got already. :)
To: KwasiOwusu
Dude, read the thread.
I'm out of my league in terms of the debate, but you.... calling other people fanatics... it doesn't exactly work.
To: KwasiOwusu
IE DOES own the Internet. yea Apache is near 70% of the web servers out there and BSD runs the DNS system (hint w/out DNS the internet wont work). So without windows the internet would still exist fine, without BSD we would be using very big host files...
Fact is that the Fortune 500 companies that do use IE do not generally use them in a mission critical fashion. what site do you use for online banking? I use wellsfargo.com, they are solaris/apache. For fun I looked at citibank.com's login site (solaris/apache).
The sites that use windows as a base are usually proxies for back end UNIX servers.
107
posted on
01/07/2005 8:36:05 PM PST
by
N3WBI3
To: baseballfanjm
"Dude, read the thread. "
I started the thread.
And I think I have followed the thread more than you have.
Why don't YOU read the thread ?
"but you.... calling other people fanatics... it doesn't exactly work."
It does.
To: KwasiOwusu
Look at the over 50 attacks from the Firefox fanatics that . :) Read that line again. You are the one receiving the attacks--not IE, not MS.
Ever stop to wonder why?
109
posted on
01/07/2005 8:39:41 PM PST
by
ShadowAce
(Linux -- The Ultimate Windows Service Pack)
To: All
I'm on post#68....damn good fight going on. Eating supper and watching the story unfold.
See ya when I get to the end.
110
posted on
01/07/2005 8:43:57 PM PST
by
processing please hold
(Islam and Christianity do not mix ----9-11 taught us that)
To: N3WBI3
"yea Apache is near 70% of the web servers out there "
Microsoft IIS runs more commercial sites than any other web server out there.
That is where the real money is made.
"Fact is that the Fortune 500 companies that do use IE do not generally use them in a mission critical fashion"
They do.
Go to DELL.COM, which does more business online than any other web site on the planet.
What do they use? Microsoft IIS and Windows Servers.
To: KwasiOwusu
Microsoft IIS runs more commercial sites than any other web server out there. ..while Free software runs every site on the planet. No site, commerical or otherwise, would be able to run without it.
112
posted on
01/07/2005 8:48:02 PM PST
by
ShadowAce
(Linux -- The Ultimate Windows Service Pack)
To: ShadowAce
"Read that line again. You are the one receiving the attacks--not IE, not MS."
Ummm.. read what I wrote again, will you?
I wrote:
"Look at the over 50 attacks from the Firefox fanatics that i got already. :)"
I never even mentioned IE in that post.
"Ever stop to wonder why?"
Because open source nuts are even worse than DUmmy nuts?:)
To: KwasiOwusu; antiRepublicrat
Because open source nuts are even worse than DUmmy nuts?:) Nah--it's because we require logical thinking in our arguments and opponents. You seem to lack it.
But it is pretty entertaining.
114
posted on
01/07/2005 8:51:33 PM PST
by
ShadowAce
(Linux -- The Ultimate Windows Service Pack)
To: ShadowAce
"..while Free software runs every site on the planet"
If by free software you mean Microsoft Internet Explorer, then you may have a point there. Because IE is free.
But then of course there are lots of sites that that don't use free software either.
To: KwasiOwusu
Are you the brother of a moderator? Or are you kin to the people who created this site? Or are you the Father, Son and Holy Ghost?
How you have managed to hang on here without being zapped is beyond me. Oh well, life goes on.
I must say, you and the people you are debating(fighting)with seem to know what's what when it comes to computers.
116
posted on
01/07/2005 8:55:44 PM PST
by
processing please hold
(Islam and Christianity do not mix ----9-11 taught us that)
To: ShadowAce
"Nah--it's because we require logical thinking in our arguments and opponents"
An open source nut with "logical thinking"?
What is that?
That's an Oxymoron isn't it?
You guys simply don't do logical thinking.
To: KwasiOwusu
If by free software you mean Microsoft Internet Explorer,... No, that not what I mean. This is a prime example of logical thinking missing in action. I said runs every site--not accesses every site.
Learn to read for comprehension. It may someday reward you with a little respect from others.
118
posted on
01/07/2005 9:01:57 PM PST
by
ShadowAce
(Linux -- The Ultimate Windows Service Pack)
To: ShadowAce
"No, that not what I mean. This is a prime example of logical thinking missing in
Ok, ok.
I stand corrected.
"I said runs every site--not accesses every site"
Umm.. about that open source software running every web site...unmm you are not really serious are you?
To: ShadowAce
"This is a prime example of logical thinking missing in action"
BTW, that has nothing to do with "logical thinking".
Its got everything to do with misreading.
Navigation: use the links below to view more comments.
first previous 1-20 ... 81-100, 101-120, 121-140 ... 221-223 next last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson