Posted on 01/07/2005 3:06:33 PM PST by KwasiOwusu
A vulnerability in Firefox could expose users of the open-source browser to the risk of phishing scams, security experts have warned.
The flaw in Mozilla Firefox 1.0, details of which were published by security company Secunia on Tuesday, allows malicious hackers to spoof the URL in the download dialog box that pops up when a Firefox user tries to download an item from a Web site. This flaw is caused by the dialog box incorrectly displaying long sub-domains and paths, which can be exploited to conceal the actual source of the download.
Mikko Hypponen, director of antivirus research at software maker F-Secure, said this bug could make Firefox users vulnerable to cybercriminals. "The most likely way we could see this exploited would be in phishing scams," he said.
To fall victim to such a scam, a Firefox user would have to click on a link in an e-mail that pointed to a spoofed Web site and then download malicious software from the site, which would appear to be downloaded from a legitimate site.
(Excerpt) Read more at news.zdnet.com ...
I'm the same, knowing enough to get in trouble, hehe. I'm what the ham radio guys would call an "appliance operator", but I hope I pick up enough here and there to be one step ahead of the hackers.
The 3rd HP disc is for recovering individual programs or drivers for their machine, such as EasyCD or the Arcsoft image program or modem drivers, etc. They were even kind enough to give you the chance to recover BackWeb, which some considers snoopware.
Get their model number and hopefully some idea of what causes the BSOD and perhaps we can venture some guesses as to the problems. At least we can look it up on HP's site. It'll give us the specs and what even shipped in the carton.
ADDENDA:
See if you can get them to at least download this small program. It's about 600 kb's and it'll make a list of all that's on their computer, from the processor speed to HD size (and what space is left) and installed programs, etc. It makes an HTML page in IE, so they can save it as an .mht (single archive) and e-mail it to you.
Don't post it all anywhere, by the way, since it also shows some serial numbers, the OS included.
http://www.belarc.com/free_download.html
As far as I know, Jim has been running Free Republic on that evil commie Linux for at least the last few years.
Deutsches zu erlernen ist nicht sehr schwierig. Tun Sie es.
Pinging the Big Sky Guy to more discussion of this stuff (that is all Greek to me.) Get in here and bust a cap.
But through the EULA there's no recourse even if a Microsoft bug caused your death. Car manufacturers are at least held accountable for negligence.
lol, you are compleatly clueless. (1) Your opionion does not make fact. Selling a service is the same thing as selling a product. Citibank and WellsFargo sell a service and they do a higher transactional volume (in transactions) per day than Dell. Citibank also takes credit car payments, world wide money transfers, and other forms of electronic processing. Dell is numer 31 in the forture 500 and citigroup is number 8.
Rubbish Dell generates more secure, stable Internet transactions than anyone else. They use Windows.
Link? to dell doing more transactions than anyone else? BTW nice way to ignore the fact that the average server hosting dells websites have less than 25% the uptime than a server hosting Citibanks..
Plus Dell is one of the most succesfull companies on the entire planet
But not as successful as CitiGroup.
As a current user of IIS 6, and quite happy former user of IIS 4 & 5 (happy because I don't have to use them anymore), and a long-time user of Apache, I can see two main reasons for this.
1) "Corporate" is generally owned by Microsoft. That's what they have on their desktops and small workgroup servers, so they used what they know for http serving. That pure momentum should account for a large part of that percentage, not any quality of the product.
2) IIS 6 is actually pretty decent as opposed to the barely-working 5 and the absolutely horrible 4. It finally got abilities and some of the stability that other http servers have had for years. So, all those who wanted to serve on Windows because of #1, but couldn't because IIS sucked, can finally port with IIS 6.
Then you might as well quit posting on these threads, as you do not know what you're talking about. The closed-mindedness isn't good either, and much worse than the zealotry you claim of the free software advocates.
Show me.
Go to DELL.COM, which does more business online than any other web site on the planet.
I highly doubt Dell beats Amazon.
Did you pay for your copy of Windows? If so, then IE was not free, just a feature of the operating system you paid for.
IIRC, Microsoft was running a lot of BSD in the back of their operations for a while because Windows couldn't handle what BSD had been doing for years. I don't know if they've finally managed to port everything to Windows yet.
Actually, IIRC, this issue is serveral months old, and the problem is also found in IE, but I could be wrong.
I know that there was an exploit of this sort in IE that was announced on Secunia, and it may or may not have included Firefox.
Mark
I'll give you very good odds that even if your large corporate web server is running IIS, what's running the back end is *NIX if it's a large, critical application -- especially if it's a bank or brokerage.
At least do some research first, Amazon runs Linux/Apache.
NASDAQ is now IIS6, but look at that poor uptime. BTW, it's critical systems that actually run everything and feed the web site are Linux and other *NIXes.
London: You want to talk about horrible downtime! That thing's barely ever up! But the big daddy of exchanges, the NYSE, Windows can't do that -- they need the power of AIX/Apache. Banks? Go with the biggest, CitiCorp, running Solaris/Netscape.
We run a windows os with iplanet to the outside world but that proxies over to our big important boxes which are *NIX (though we do have a couple of MSSQL servers for light weight apps. If not for politics I would replace our main webserver with Linux running apache tomorrow it would save me the trouble that 6 or seven reboots a year cause..
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.