| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 54381 | 2005-02-10 22:42:00 | "Vunerability" in browsers (except IE) | Mary (6534) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 323719 | 2005-02-10 22:42:00 | FYI This from Computerworld: Only IE safe from spoofing flaw (computerworld.co.nz) There are workarounds for Firefox/Mozilla/etc See Mozilla article: www.mozillazine.org Some websites have noted that Internet Explorer is safe from this issue. We would like to point out that this is misleading, since Internet Explorer has not implemented IDN, and the Verisign IDN plugin is affected. Mozilla developers Darin Fisher and Ben Goodger point out that ICANN should prevent the registeration of malicious domain names. |
Mary (6534) | ||
| 323720 | 2005-02-11 00:11:00 | Ta Mary . It was discussed here ( . pcworld . co . nz/showthread . php?t=54282" target="_blank">pressf1 . pcworld . co . nz) but your links give us a workaround and a bit more info . Edit: Oooohh! but wait there's more, IE is vulnerable via the Verisign plugin :eek: . |
Murray P (44) | ||
| 323721 | 2005-02-11 02:04:00 | Huh? Verisign? Show me where that information is. Im interested. Edit: Duh! Why did I not check the link first! |
mister harbies (5607) | ||
| 323722 | 2005-02-11 02:44:00 | there is a firefox plug in to tell u wether a site is a IDN site or not lingvo.org and there is also sum stuff on users.tns.net |
sambaird (47) | ||
| 323723 | 2005-02-11 08:28:00 | FYI This from Computerworld: Only IE safe from spoofing flaw (computerworld.co.nz) There are workarounds for Firefox/Mozilla/etc See Mozilla article: www.mozillazine.org seem to be missing something here..... so i click the test link, < a h r e f =" # 1 0 7 2 ; l.com/"" target="_blank">www.payp & # 1 0 7 2 ; l.com target="_blank" > (which i edited to insure full display) and you go to what displays as "www.paypal.com" yet the page claims not to be..... Going directly to www.paypal.com with a copied link produces exactly the same page BUT typing paypal produces the real page? Pasting in "a" from the spoof page into the url of the real one takes me to the fake :confused: So what is this? "a' is an "a" is an "a" unless its a "?"???? O darn!!!!! :D |
personthingy (1670) | ||
| 323724 | 2005-02-11 08:59:00 | Check out the PressF1 Members List (pressf1.pcworld.co.nz). Note that two users apparently called "Mike" appear in the # category. It's for the same reason, really - they're making use of stupid non-alphanumeric characters. Well, international characters anyway. I installed the IDND extension for Firefox as a precaution to this vulnerability. |
agent (30) | ||
| 1 | |||||