Skip to comments.
Firefox flaw raises phishing fears
ZDNET ^
| 1/7/2005
| Ingrid Marson
Posted on 01/07/2005 3:06:33 PM PST by KwasiOwusu
A vulnerability in Firefox could expose users of the open-source browser to the risk of phishing scams, security experts have warned.
The flaw in Mozilla Firefox 1.0, details of which were published by security company Secunia on Tuesday, allows malicious hackers to spoof the URL in the download dialog box that pops up when a Firefox user tries to download an item from a Web site. This flaw is caused by the dialog box incorrectly displaying long sub-domains and paths, which can be exploited to conceal the actual source of the download.
Mikko Hypponen, director of antivirus research at software maker F-Secure, said this bug could make Firefox users vulnerable to cybercriminals. "The most likely way we could see this exploited would be in phishing scams," he said.
To fall victim to such a scam, a Firefox user would have to click on a link in an e-mail that pointed to a spoofed Web site and then download malicious software from the site, which would appear to be downloaded from a legitimate site.
(Excerpt) Read more at news.zdnet.com ...
TOPICS: Technical
KEYWORDS: browsers; computersecurity; firefox; intertexplorer; kneepads; littleprecious; lowqualitycrap; microsoft; paidshill; redmondpayroll; trollfromredmond
Navigation: use the links below to view more comments.
first previous 1-20, 21-40, 41-60, 61-80 ... 221-223 next last
To: Dat Mon
LAMEOIDFREUD = FIREFOXSUCKSFREUD
To: KwasiOwusu
Hey Chicken Licker do you not understand the question?
42
posted on
01/07/2005 4:08:56 PM PST
by
davetex
To: JoJo Gunn
To: davetex
"Hey Chicken Licker do you not understand the question?"
Hey open source poufter, when you going to take your face out of Eric Raymond's backside, creep?
To: KwasiOwusu
"LAMEOIDFREUD = FIREFOXSUCKSFREUD"
DOESYOURDADDYKNOWYOURUSINGHISCOMPUTERAGAINFREUD
45
posted on
01/07/2005 4:13:23 PM PST
by
Dat Mon
(will work for clever tagline)
To: KwasiOwusu
Very smart answer, too bad the rest of us aren't as all knowing as you are. They let you out of school early today or what?
46
posted on
01/07/2005 4:13:52 PM PST
by
davetex
To: Dat Mon
"DOESYOURDADDYKNOWYOURUSINGHISCOMPUTERAGAINFREUD"
Real question is if you even know who YOUR daddy is at all.
To: davetex
"Very smart answer, too bad the rest of us aren't as all knowing as you are"
So...
You can hurl out abuse, but you can't take it?
To: KwasiOwusu
Think what you want, but all I can say is that I am absolutely, 100% ecstatic and satisfied with my experience using Firefox (and Thunderbird for email). I have dial-up service and pages are loading faster since I switched and I have not had to clean out scores of little tracking cookies, malware, spyware, and other assorted "crapware". I can't wait to get my mother and father-in-law switched to Firefox on their computer (talk about browser hell, they're running IE on an HP Pavillion with Windows ME!).
One glitch (which will more than likely be remedied way faster than any of the myriad MS glitches) doesn't constitute enough to run out and gloat about. If you're happy with IE, then fine. Some of us expect better.
49
posted on
01/07/2005 4:16:26 PM PST
by
Pablo64
("Everything I say is fully substantiated by my own opinion.")
To: KwasiOwusu
Please note the spelling:
Schadenfreude
It's a beautiful word, let's preserve all of its natural wonder.
50
posted on
01/07/2005 4:18:29 PM PST
by
Petronski
(I'd give my right arm to be ambidextrous.)
To: KwasiOwusu
"Real question is if you even know who YOUR daddy is at all."
Sorry...ad hominem attack.
Indicates lack of creativity, intelligence and sense of humor.
Please try again later...much later.
51
posted on
01/07/2005 4:18:55 PM PST
by
Dat Mon
(will work for clever tagline)
To: KwasiOwusu
Actually, this is a non-issue really, compared to the swiss cheese that is IE, but nonetheless, there is a patch that I've installed in Firefox... unfortunately, I forgot where I found it.
It displays in large letters where you're downloading from and the URL of the actual site you're visiting. It's kind of redundant if you're web savvy, but it's good for the kids.
52
posted on
01/07/2005 4:19:48 PM PST
by
Bon mots
To: KwasiOwusu
Still haven't answered the question, guess you can't. Aligator mouth with a tadpole ass. Seen a hundred of y'all.
53
posted on
01/07/2005 4:21:38 PM PST
by
davetex
To: KwasiOwusu; Jim Robinson
"But yeah the open source fanatics sure are ignorant and rabid." --KwasiOwusu
Jimrob, bet you were surprised to see you are one of the few and proud, you know... opensource, fanatics...
Is this site still running on an apache 'open source' server, perl and mysql? Are we still on freeBSD or openBSD? You know, all of those evil commie open source programs for ignorant and rabid folks?
How many years you been programming in 'fanatic' programming languages now?
heh heh...
pass me the rabies, please.
To: rube
Love Firefox, but I have noticed that certain web pages do not fully load graphics, and flash demos don't work.
What sites are you having problems with?
Firefox certainly will have bugs that affect certain websites, but I would suspect that much of what you are seeing are sites written specifically for IE6. Thats a problem with the website, not Firefox.
I really haven't experienced any problems of this sort, I installed Flash and those sites work fine for me. The only site I really had trouble with was ESPN and Microsoft. I wrote ESPN webmaster and started using SI. ESPN has since fixed their problem and it works fine for me now.
There isn't much you can do about that. But if the sites that are written specifically for IE6 are a problem, I think there is a plugin that will make Firefox mimic certain IE6 behaviors that are not standard. I personally don't want that since I went to Firefox to avoid all that in the first place. But if its a problem, you might try that. I have not used it and don't know exactly how it works, I don't know if it handles ActiveX or not.
Some folks prefer to stay with IE6 and don't mind the problems of having the browser and the operating system so closely entertwined. You may be one of those and thats fine. As long as you have a firewall, anti-virus, have your internet settings set properly, do all your updates, and watch out for security alerts you will probably be fine.
55
posted on
01/07/2005 4:22:57 PM PST
by
Arkinsaw
To: Pablo64
(talk about browser hell, they're running IE on an HP Pavillion with Windows ME!).
Watch out now! So am I.
Amazing what a few tweaks/programs and another browser can do. Why spend good money on a Swiss cheese "upgrade" like Big Brother XP?
56
posted on
01/07/2005 4:23:28 PM PST
by
JoJo Gunn
(More than two lawyers in any Country constitutes a terrorist organization. ©)
To: Petronski
"It's a beautiful word, let's preserve all of its natural wonder"
I am overcome with great sorrow at "not preserving the natural wonder" of that most profound of words.
How on earth do I make up for that horrendous crime? :)
To: Dat Mon
""Sorry...ad hominem attack.
Indicates lack of creativity, intelligence and sense of humor"
You started the ad hominem attacks.
You got the same thing back.
The "lack of creativity, intelligence and sense of humor" is on your side.
To: KwasiOwusu
How on earth do I make up for that horrendous crime? Burn 1000 copies of Knoppix and hand them out at your local mall. LOL
59
posted on
01/07/2005 4:26:30 PM PST
by
Petronski
(I'd give my right arm to be ambidextrous.)
To: KwasiOwusu
"You started the ad hominem attacks.
You got the same thing back."
Ill just crawl off, lick my wounds, and reboot Windows 2000.
60
posted on
01/07/2005 4:30:03 PM PST
by
Dat Mon
(will work for clever tagline)
Navigation: use the links below to view more comments.
first previous 1-20, 21-40, 41-60, 61-80 ... 221-223 next last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson