borborpaSlipping Slowly Into Oblivion Premium Member join:2002-02-20 New Cumberland, PA |
borborpa
Premium Member
2003-Dec-12 11:35 am
Another reason to use Firebird... | |
|
| |
Re: Another reason to use Firebird...No fix yet eaither.. shessh | |
|
| | |
| | |
to Amaethon
I loaded firebird when I read the first article and have not touched IE since. | |
|
| | | woody7 Premium Member join:2000-10-13 Torrance, CA |
woody7
Premium Member
2003-Dec-12 12:11 pm
Re: Another reason to use Firebird...said by Xtract: I loaded firebird when I read the first article and have not touched IE since.
Been using it for a long time now and only use IE for updates........have been a happy camper since | |
|
| deltat2000Timor Omnis Abesto Premium Member join:2000-04-13 127.0.0.1 |
to borborpa
Okay...........now that you have me totally paranoid..whats the real url/link to Opera or Firebird?
Hopefully Justin will post it.......I think I'de trust his links...
deltat2000 softly whistles in the dark! and thinks "boy its getting kinda scary online" | |
|
| | |
Xtract
Member
2003-Dec-12 1:02 pm
Re: Another reason to use Firebird...Use good old google | |
|
| | jplove71 Premium Member join:2001-03-16 Scottsdale, AZ |
to deltat2000
Mozilla Firebird product page. I've been using Firebird for about 9 months now, Mozilla for 1 1/2 yrs before that, and Netscape 4.x before that. | |
|
| GlaiceBrutal Video Vault Premium Member join:2002-10-01 North Babylon, NY |
to borborpa
Using Firebird since 0.6 and Thunderbird since 0.2 | |
|
| |
1 recommendation |
Re: Another reason to use Firebird...said by Glaice: Using Firebird since 0.6 and Thunderbird since 0.2
Do you want a cookie? | |
|
| | | jose3030 Premium Member join:1999-08-17 Manassas, VA |
jose3030
Premium Member
2003-Dec-12 11:56 pm
Re: Another reason to use Firebird...Just dont track my online movements and we'll be fine! | |
|
| inciterNoobie Premium Member join:2000-08-30 Rohnert Park, CA |
to borborpa
Glad I don't use FireBird! or anything eles but IE! At least they come up with the fixes and warnings. Are you under the same bug? Maybe maybe not.... But at least I know whats wrong with my browser and how to fix it. | |
|
| | |
Xtract
Member
2003-Dec-12 5:50 pm
Re: Another reason to use Firebird...And what is your suggestion for fixing this one? | |
|
| | Sperkowitz Premium Member join:2002-03-30 Valencia, CA 2 edits |
to inciter
Good for you, but since IE is given with the operating system a very high percentage of people will only use IE. In addition, many are not expert programers and are not aware of issues such as these and will be very hurt by these. | |
|
| | Hayward0 K A R - 1 2 0 C Premium Member join:2000-07-13 Key West, FL |
to inciter
said by inciter: Glad I don't use FireBird! or anything eles but IE! At least they come up with the fixes and warnings. Are you under the same bug? Maybe maybe not.... But at least I know whats wrong with my browser and how to fix it.
Its a shame how easily some can be deluded by MicroGod(soft).... M$ has a long and unwavering history of releasing things long before they are ready and solid, just because they SEEM to work... however they never even seem to attempt to break them. Its is a closed group of self interested developers. The only reason you know about any of the problems is because someone OUTSIDE M$ found them and embarrassed them into fixing them... Microsoft does not find them themselves. And since the source code is not readily available no one else can look for the problems BEFORE they happen. They just create new "glitter features" that more often than not cause problems, because they haven't worked them hard enough once they have the appearance of working. Mozilla on the other hand is a consortium of INDEPENDENT developers... and even if a bad apple got in and tried to do something bad... the other would likely spot it before it was even released. Plus there are people going over the code everyday, mostly with the goal of improving it, but also often correcting problems. But go right a head delude yourself into believing M$ will protect you... you'll get had sooner or later. | |
|
| jram join:2003-08-06 Albany, NY |
to borborpa
I hope this isn't true
A vulnerability which affects Internet Explorer can be exploited by scammers who try to trick people into revealing details of online banking accounts or other private information.
The flaw, wherein Internet Explorer displays the contents of one web site while showing a different, incorrect, address in the browser address bar, is not confined to IE but also affects version 0.7 of the Mozilla Firebird browser, according to a security analyst from Secure Data Group.
Ben Robson said members of the security communirty had found that all users of Internet Explorer 6, Outlook Express 6 and Mozilla Firebird 0.7 - the last-named on both Linux and Windows - were affected by this vulnerability.
However, others have contested the claim that the flaw can be exploited under Mozilla Firebird.
The flaw was disclosed on Wednesday by graphic designer Sam Greenhalgh who has set up a demonstration here.
Robson said the big giveaway in scams like those on eBay, where users were asked to enter details at a bogus website, was that the URL would not match the "eBay.com" address. advertisement
advertisement
"This new vulnerability allows the attacker to send the victim to a page that looks and behaves just like the eBay site and has the "eBay.com" address in the address bar. But in fact any information the user provides is being sent to another website looking to steal their details," he said.
Robson said a malicious user could use this vulnerability and create a series of fake websites that looked like they were those of a legitimate company.
"They can ask the user for credit card details. However upon going to the page, inspite of what the URL states, the user is in fact at the malicious user's website. As a result the user may unwittingly enter important personal information," he said.
Using a technique such as this with the recent 'eBayUpdates' scam would have made the scam almost impossible to detect until it was too late for thousands of victims, Robson said.
He said it worked with SSL-encrypted links as well. "As such it would be very easy for someone to misrepresent themselves as a bank, or other financial institute and convince the user to input their access details. Even the little 'lock' symbol at the bottom of the browser would look right.
"We have proved that it is possible to direct a web browser to an alternate web server, whilst placing a bank's URL in the address bar, and having the link place the banks URL in the status bar at the bottom of the screen. As such we can see no way that a user might determine that a link is illegitimate," he said.
Neither Microsoft nor the Mozilla project have yet publicly reacted to the news of the vulnerability. | |
|
| | jplove71 Premium Member join:2001-03-16 Scottsdale, AZ |
jplove71
Premium Member
2003-Dec-12 11:11 pm
Re: Another reason to use Firebird...said by jram: The flaw, wherein Internet Explorer displays the contents of one web site while showing a different, incorrect, address in the browser address bar, is not confined to IE but also affects version 0.7 of the Mozilla Firebird browser, according to a security analyst from Secure Data Group.
The difference between MSIE and Mozilla Firebird is that the fake URL is visible in the address bar in Firebird whereas it isn't when using MSIE. | |
|
| | | jram join:2003-08-06 Albany, NY |
jram
Member
2003-Dec-13 2:04 pm
Re: Another reason to use Firebird...Thank-you,I just started using Firebird a couple months ago and have it the way I want..I have a couple of comments,I 'm on the machine at least 7hrs.a day,never been to a site that I have had a problem on ,including on-line banking..They have a extension open with IE just in case..I haven't had any kind of a pop-up since I've been using Firebird,not even the sliding ones. Last thing,yes IE can be set-up to be secure but it will drive you nuts with them asking all of the time blah blah blah,I have to many things to do to waste my time.. | |
|
| KrKHeavy Artillery For The Little Guy Premium Member join:2000-01-17 Tulsa, OK |
to borborpa
Yep, clicked the link and saw..... (http deleted) " www.symantec.com%01@i.dslr.net/symantec/www.symantec.com/index.html " | |
|
| |
to borborpa
After I saw this, I switched to Firebird 0.7. This is my first experience with another browser and I don't miss IE one little bit. | |
|
|
K-MeleonAnother reason to use K-Meleon!!
Be well all........& safe! | |
|
| rawWar Eagle Premium Member join:2001-01-17 Madison, AL |
raw
Premium Member
2003-Dec-12 12:02 pm
Re: K-Meleonsaid by tons of fun: Another reason to use K-Meleon!!
Or Firebird, Epiphany, Konqueror, Galeon, or even stock Mozilla. Heck, anything is safer than IE at this point. | |
|
| | borborpaSlipping Slowly Into Oblivion Premium Member join:2002-02-20 New Cumberland, PA |
borborpa
Premium Member
2003-Dec-12 2:14 pm
Re: K-MeleonDon't forget Lynx!! | |
|
| | | rawWar Eagle Premium Member join:2001-01-17 Madison, AL |
raw
Premium Member
2003-Dec-12 2:17 pm
Re: K-MeleonI might as well mention Mosaic while we're at it. | |
|
| | | | |
Re: K-MeleonReal men surf with telnet to port 80. | |
|
| |
to tons of fun
Thanks for mentioning the K-Meleon browser. I like it so far. It's also nice and fast:) | |
|
ifarrell join:2000-08-10 Willow Spring, NC |
IE Out.....I only use IE for Windows Updates and for the few web sites that don't support Firebird that I need access to. I inform the Webmasters in cases like that though. | |
|
| 1 edit |
Re: IE Out.....Which all to often is met by a reply such as, "Sorry but we are unable to support that feature at this time.". Which roughly translates to, "We're to stupid or lazy to implement a non-MS piece of software." Is it really nessisary to build sites with frontpage? I think not. Edit: Oh, Mozilla 1.4 | |
|
| | Radio ActiveMy pappy's a pistol Premium Member join:2003-01-31 Fullerton, CA |
Re: IE Out.....said by smpjunky: Is it really nessisary to build sites with frontpage?
Only if you have no skills(like me);) | |
|
Matt3All noise, no signal. Premium Member join:2003-07-20 Jamestown, NC |
Matt3
Premium Member
2003-Dec-12 12:25 pm
Ummm......Ok, so IE shows the proper / and Firebird shows the improper HTML escape code, %2F.
Sounds like a Firebird bug to me. | |
|
| Mike Mod join:2000-09-17 Pittsburgh, PA |
Mike
Mod
2003-Dec-12 12:28 pm
Re: Ummm......Safari does the same thing.. that's kind of the way it's typed if you looked at the code.. | |
|
| | Matt3All noise, no signal. Premium Member join:2003-07-20 Jamestown, NC |
Matt3
Premium Member
2003-Dec-12 1:41 pm
Re: Ummm......said by Mike: Safari does the same thing.. that's kind of the way it's typed if you looked at the code..
It should be typed that way in the code, otherwise the / might be interpreted as an HTML command, instead of actually displaying the correct character. So, in that sense, IE is correct in the way it is displaying things. The part that is INCORRECT and sloppy programming on Microsoft's part, is they should have LIMITED it to only a certain set of characters instead of parsing EVERY escape/control code. | |
|
TrelGood Evening Premium Member join:2002-10-08 USA |
Trel
Premium Member
2003-Dec-12 12:29 pm
put the practicle joke potentialisn't it also funny to claim that you hijacked say google if you do something like this » www.krahs-emag.com/?page ··· orts.com | |
|
| |
Another one dead!!!Im getting good at this ppl.... I just put a few of the symbols he used in his bogus URL in my ad blocker and when I refreshed the page guess what??? link gone.
I see Im kinda on the right track but we gotta long road ahead. I must be a fool for trying to save IE lol | |
|
TechyDad Premium Member join:2001-07-13 USA
1 recommendation |
TechyDad
Premium Member
2003-Dec-12 12:57 pm
Microsoft's Advicesaid by From BetaNews.com: In the meantime, before a fix is released and while industry pundits argue over proper disclosure, Microsoft advises its customers to follow its "Protect Your PC" guidance program by enabling a firewall, installing all available product updates and employing anti-virus software.
What type of advice is this? Granted, it's good to do all of those things, but that won't stop this particular bug. If a faked out site gets you to submit your personal information then none of those protective measures will stop the data from falling into a hacker's hands. If the faked out site gets you to download and run a program (by exploiting the trust and reputation of the site it's pretending to be), your firewall might alert you, but you would be just as likely to let it through. (After all, it came from a site you know and trust... or so you were tricked into thinking.) The best advice is don't click on links in unrequested communications. (Ok, that and perhaps don't use IE, but that's not an option for me. As a web developer, I have to use whichever browser my audience is using, and this means IE for me.) | |
|
|
1 recommendation |
Re: Microsoft's Advicesaid by TechyDad:
The best advice is don't click on links in unrequested communications.
No, the best advice would be "Use another browser." | |
|
| | |
Re: Microsoft's AdviceNo, I would have to say--educate yourself and DON'T click on it | |
|
|
No problems with Avant BrowserI use the Avant browser which uses IE as a base but this problem shows up in the address bar making it clear what the address realy is, it also adds pop-up blocker and tabbed browsing, ( » www.avantbrowser.com/ ) | |
|
|
OperaHere's what Opera is saying: | |
|
| •••••• |
|
liht - lazy
Anon
2003-Dec-12 4:32 pm
Monkey!i just think that picture is funny, haha. monkey, lol...funny monkies. hahaha. hes biting the hand. hahahaha. | |
|
|
JohnInSJ Premium Member join:2003-09-22 Aptos, CA |
JohnInSJ
Premium Member
2003-Dec-12 4:39 pm
Simple safety netIn IE... go to any of the example Phish sites above... Click at the end of the address in the address bar hit spacebar once hit enter key Whalla. Back at real site. You're welcome | |
|
| ••• |
|
|
Small, but important, correctionThe article suggests that "File/Properties" is the only reliable way to detect this sort of trickery in IE.
Actually, there's a second method that has a few advantages:
- Right click the text (background) of the web page and choose properties from the popup menu to identify the web site that contains the text you're reading. That'll protect you just as well, possibly better because it rules out some additional exploits (eg: so-called "frameless" pop-up windows, or creative use of frames).
It's a small nitpick, but if you're about to access your $100K brokerage account it's worth double-checking whom you're sending your password to! | |
|
|
IE 5.5 shows URL in title barIE 5.5 displays the full and real URL in the title bar??? | |
|
| ••• |
|
Netcaptor has already patched this» www.netcaptor.com IE frontend, tabs, solved the spoof problem already. | |
|
| mod bait Premium Member join:2001-06-11 Rochester, NY |
mod bait
Premium Member
2003-Dec-18 11:04 am
Re: Netcaptor has already patched thissaid by stark23x: »www.netcaptor.com IE frontend, tabs, solved the spoof problem already.
NetCaptor doesn't "solve" the spoof exploit; it provides a workaround for NetCaptor users. ( MyIE2 does the same thing.) | |
|
djaHappy to Help Premium Member join:2002-03-25 Niagara |
dja
Premium Member
2003-Dec-18 4:35 am
shameless shill for BBRI'm so proud! On what may be my last day with internet service... I managed to get a link to this article in the LangaList. Nasty IE Bug Lets Fake Sites Look 100% RealGlad to promote BBR whenever possible. | |
|
Fobulous Premium Member join:2002-08-14 Missouri City, TX 1 edit |
Fobulous
Premium Member
2003-Dec-18 10:32 pm
Firebird and Avantbrowser show the samethingok i don't understand.. this is what i got with Avant browser. and it's essentially the samething with Firebird...so i'm not sure why you are saying Firebird is any safer... | |
|
| Iowan5 Premium Member join:2002-11-27 Des Moines, IA |
Iowan5
Premium Member
2003-Dec-19 11:12 am
Re: Firebird and Avantbrowser show the samethingI use Firebird only.
And IE for updates. | |
|
|
ANother One DEAD!!!Im getting good at this ppl.... I just put a few of the symbols Trel used in his bogus URL in my ad blocker and when I refreshed the page guess what??? link gone.
I see Im kinda on the right track but we gotta long road ahead. I must be a fool for trying to save IE lol | |
|
| |
Re: ANother One DEAD!!!hey I vote just use OPERA...the fastest most secure browser around...also for multiple OSes...
I use it on my MAC, Linux, Windozes... | |
|
|
Good Thing Mcafree catches this...Good Thing Mcafree catches this... | |
|
| ATTekGot Sand? Premium Member join:2000-12-13 Glendora, CA |
ATTek
Premium Member
2004-Jan-15 10:55 pm
Re: Good Thing Mcafree catches this...Ya, I noticed that too. Doesn't seem like such a big deal now. | |
|
|
|