Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Firefox flaw raises phishing fears
ZDNET ^ | 1/7/2005 | Ingrid Marson

Posted on 01/07/2005 3:06:33 PM PST by KwasiOwusu

A vulnerability in Firefox could expose users of the open-source browser to the risk of phishing scams, security experts have warned.

The flaw in Mozilla Firefox 1.0, details of which were published by security company Secunia on Tuesday, allows malicious hackers to spoof the URL in the download dialog box that pops up when a Firefox user tries to download an item from a Web site. This flaw is caused by the dialog box incorrectly displaying long sub-domains and paths, which can be exploited to conceal the actual source of the download.

Mikko Hypponen, director of antivirus research at software maker F-Secure, said this bug could make Firefox users vulnerable to cybercriminals. "The most likely way we could see this exploited would be in phishing scams," he said.

To fall victim to such a scam, a Firefox user would have to click on a link in an e-mail that pointed to a spoofed Web site and then download malicious software from the site, which would appear to be downloaded from a legitimate site.

(Excerpt) Read more at news.zdnet.com ...


TOPICS: Technical
KEYWORDS: browsers; computersecurity; firefox; intertexplorer; kneepads; littleprecious; lowqualitycrap; microsoft; paidshill; redmondpayroll; trollfromredmond
Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-80 ... 221-223 next last
To: goldstategop
"They'll create a fix for it since Firefox's code is open source"

They still haven't, open source or not.

"Any way, its one bug compared to the thousands documented in Internet Explorer"

IE has been attacked by malignant code writers over a thousand times more than Firefox has, because IE is by far the overwhelming market share leader.
Of course more vulnerabilities will be found in IE.

I can write a browser at home that no one knows about and claim its got a 100% security record too, because no one has attacked it.

Its like saying the Swedish army is tough because they haven't been defeated in battle for the past 40 years.
Of course they haven't been defeated in battle, BECAUSE THEY NEVER FOUGHT ANY BATTLES FOR 40 YEARS!!

" Microsoft hasn't even pledged to make its browser more secure"

Microsoft has, starting from Bill Gates down, over and over again, and they are working hard at it.
21 posted on 01/07/2005 3:43:53 PM PST by KwasiOwusu
[ Post Reply | Private Reply | To 14 | View Replies]

To: JoJo Gunn
"I rest my case."

So do I.
Give it up, will you?
22 posted on 01/07/2005 3:45:41 PM PST by KwasiOwusu
[ Post Reply | Private Reply | To 18 | View Replies]

To: KwasiOwusu
In the News/Activism forum, on a thread titled Firefox flaw raises phishing fears, KwasiOwusu wrote:
"Already posted"

Apologies.
Just couldn't resist getting the Firefox evangelists' backs up.
Temptation to wind them up just proved too much.
I really am enjoying myself hugely, after all the ribbing that Microsoft supporters have taken from the Firefox fanatics over the past few months.:)

Apparently ignorance really is bliss. There are HUGE architectural differences bewtween IE and FireFox that will always make IE far more vulnerable to attack and exploit.

23 posted on 01/07/2005 3:47:21 PM PST by cooldog (Islam is a criminal conspiracy ... deal with it!)
[ Post Reply | Private Reply | To 10 | View Replies]

To: rube
There have been countless threads at the Mozilla forum over images not loading, or images downloading again when you save them. And no, you won't get help there very often, since it's teeming with the same types of adolescent smart alecky zit cragged OS/browser groupies, (same as we have Quasi-literate and Shill2000 here).

Personally, from the problems I've had, I think it's been a mess ever since 0.8, when they added and started screwing around with the Theme/Extension manager. It's breathtakingly stupid having images associated with the Download box to begin with, (why not have every table and every dot and tittle there as well), but the propeller heads thinks there's nothing illogical about it.

24 posted on 01/07/2005 3:49:21 PM PST by JoJo Gunn (More than two lawyers in any Country constitutes a terrorist organization. ©)
[ Post Reply | Private Reply | To 17 | View Replies]

To: frog_jerk_2004
"I guess that makes the ratio about 1000-to-1 Microsoft IE flaws to Firefox flaws..."

Nope.
It makes it 1000:1 ratio of malignant virus writers attacking Microsoft IE ( the by far market leader), as against the very few virus writers who have only just started malignant code against Firefox.

Firefox looked good because few people bothered to attack it before when it had no market share.

Read my post 21 above.
25 posted on 01/07/2005 3:50:10 PM PST by KwasiOwusu
[ Post Reply | Private Reply | To 19 | View Replies]

Comment #26 Removed by Moderator

To: JoJo Gunn

Propeller heads. That's a good one. I'm gonna start using that one.


27 posted on 01/07/2005 3:52:05 PM PST by davetex
[ Post Reply | Private Reply | To 24 | View Replies]

To: cooldog
"Apparently ignorance really is bliss"

Can't say I agree.
But yeah the open source fanatics sure are ignorant and rabid.
The Jim Jones followers come to mind....
28 posted on 01/07/2005 3:52:43 PM PST by KwasiOwusu
[ Post Reply | Private Reply | To 23 | View Replies]

To: KwasiOwusu

So, what is your beef?


29 posted on 01/07/2005 3:54:23 PM PST by davetex
[ Post Reply | Private Reply | To 25 | View Replies]

To: KwasiOwusu

No, Little Precious, I will not give it up. On the contrary, I've only begun.

Linking to that dog sodomy article didn't give you any more stature as Freeper material. In fact, I'm beginning to suspect your adolescent antics are revealing you as just another dime store sleeper troll.


30 posted on 01/07/2005 3:56:03 PM PST by JoJo Gunn (More than two lawyers in any Country constitutes a terrorist organization. ©)
[ Post Reply | Private Reply | To 22 | View Replies]

To: JoJo Gunn
"same as we have Quasi-literate and Shill2000 here"

That's a bit rich coming from an individual that actually calls himself JoJo Gunn, isn't it?

About the literacy thing, I'd back my literacy against yours any day. :)
31 posted on 01/07/2005 3:56:53 PM PST by KwasiOwusu
[ Post Reply | Private Reply | To 24 | View Replies]

To: JoJo Gunn
" On the contrary, I've only begun"

On no!
Now I am really scared.
NOT!

If you want to be a tiresome little puppy that's fine.
Its going to be fun taking you apart. :)
32 posted on 01/07/2005 3:59:55 PM PST by KwasiOwusu
[ Post Reply | Private Reply | To 30 | View Replies]

To: davetex
That is a funny image, ain't it? But it fits....
33 posted on 01/07/2005 3:59:56 PM PST by JoJo Gunn (More than two lawyers in any Country constitutes a terrorist organization. ©)
[ Post Reply | Private Reply | To 27 | View Replies]

To: KwasiOwusu

I thought this thread was about Firefox, why would you link to a story about dog sodomy. Makes you go hummm.


34 posted on 01/07/2005 4:00:08 PM PST by davetex
[ Post Reply | Private Reply | To 31 | View Replies]

To: KwasiOwusu
This is a "flaw" not found in the wild and requiring a EBKC.

"To fall victim to such a scam, a Firefox user would have to click on a link in an e-mail that pointed to a spoofed Web site and then download malicious software from the site, which would appear to be downloaded from a legitimate site."

While I am sure that exploits will be made of Firefox, it is inherently more secure than IE (and limited in functionality for it).
35 posted on 01/07/2005 4:00:19 PM PST by CyberCowboy777 (Well.... I'll be)
[ Post Reply | Private Reply | To 25 | View Replies]

To: KwasiOwusu

"SHADENFREUD."

LAMEOIDFREUD


36 posted on 01/07/2005 4:01:32 PM PST by Dat Mon (will work for clever tagline)
[ Post Reply | Private Reply | To 1 | View Replies]

To: JoJo Gunn

Sure does.


37 posted on 01/07/2005 4:01:37 PM PST by davetex
[ Post Reply | Private Reply | To 33 | View Replies]

To: davetex
"Use it at home and work, and I don't have the problems that IE users have"

I use IE at work, at home on my Ipaq PDA, and everywhere, and I just love it.
38 posted on 01/07/2005 4:04:51 PM PST by KwasiOwusu
[ Post Reply | Private Reply | To 20 | View Replies]

To: KwasiOwusu

Trust me, Little Precious, I've chewed and spit out countless lowlifes at the various Leftist forums, and you without a doubt have left a first impression as something bottom shelf.


39 posted on 01/07/2005 4:05:55 PM PST by JoJo Gunn (More than two lawyers in any Country constitutes a terrorist organization. ©)
[ Post Reply | Private Reply | To 32 | View Replies]

To: KwasiOwusu

But you still haven't answered what's your beef with Firefox?


40 posted on 01/07/2005 4:06:38 PM PST by davetex
[ Post Reply | Private Reply | To 38 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-4041-6061-80 ... 221-223 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson