J
jeffrey
Hi,
For those who likes to bash IE, read this at this link
http://www.techweb.com/wire/security/59301618
For those who likes to bash IE, read this at this link
http://www.techweb.com/wire/security/59301618
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
All Browsers But IE At Risk To New Spoofing Scheme (Techweb article)
M
Marc Liron MVP
Hi,
For those who likes to bash IE, read this at this link
http://www.techweb.com/wire/security/59301618
Yep, had to laugh that one!
Also here:
Serious vulnerability hits non-Microsoft browsers
http://www.computerweekly.com/articles/article.asp?liArticleID=136643&liFlavourID=1
Marc Liron
Microsoft MVP
www.updatexp.com
www.podcasting-101.com
A
Al
I tried the example, dusting off a rarely used copy of Mozilla 1.6 to do it.
the example for spoofing paypal.com uses a cyrillic 'a', which is much smaller
than the other characters in the url. Will anybody fall for something that
looks so obvioulsy rwong? Maybe. But I can Xerox a dollar bill, and replace
George Washington's face with Moe Howard, and some people will fall for that,
too.
This hardly compares to the many serious security flaws that turn up all the
time in microsoft software.
the example for spoofing paypal.com uses a cyrillic 'a', which is much smaller
than the other characters in the url. Will anybody fall for something that
looks so obvioulsy rwong? Maybe. But I can Xerox a dollar bill, and replace
George Washington's face with Moe Howard, and some people will fall for that,
too.
This hardly compares to the many serious security flaws that turn up all the
time in microsoft software.
A
Al
here's a screen shot, if anyone is interested:
http://img226.exs.cx/img226/9417/secunia2gt.jpg
I suppose if you don't look closely at it, you can be fooled.
What solution could there be except not to have such lookalike characters
allowed...
http://img226.exs.cx/img226/9417/secunia2gt.jpg
I suppose if you don't look closely at it, you can be fooled.
What solution could there be except not to have such lookalike characters
allowed...
N
N. Miller
For those who likes to bash IE, read this at this link
If that is the worst flaw in Firefox, et. al., then I will stay with it,
thank you very much; MSIE still has the "DestructiveX" flaw, a much more
serious disability.
G
Gary Smith
Al said:I tried the example, dusting off a rarely used copy of Mozilla 1.6 to do it.
the example for spoofing paypal.com uses a cyrillic 'a', which is much smaller
than the other characters in the url. Will anybody fall for something that
looks so obvioulsy rwong? Maybe. But I can Xerox a dollar bill, and replace
George Washington's face with Moe Howard, and some people will fall for that,
too.
It all depends on the fonts you're using. Using the default font for
Firefox -- whatever that happens to be on my system -- the spoof is
pretty convincing. I can't detect any difference between the two a's.