| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 47892 | 2004-08-08 09:16:00 | User Interface Spoofing in Mozilla and Firefox | Misty (368) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 259543 | 2004-08-08 09:16:00 | I have been trying to convince a friend of mine in Melbourne to adopt Firefox. He has a degree in Computer Science and practices in that field. In the past hour or two have received a message from him suggesting that I check out this link www.auscert.org.au I am above my head except it seems that this website is saying that there is vulnerability within Mozilla and Firefox for "Phishing" to take place to get hold of "sensitive account details". Do I read this correctly in that what the >>> Australian Computer Emergency Response Team > (whoever the hell they are !! - must check on Google !) are saying is that security details may not be secure ?? I do know that I would trust my friend with my life and he obviously has some reservations and as an expert in some aspects of computer matters has a degree of expertise not to be ignored. Please advise. I really enjoy using Firefox and want to know that it is safe - or at least as safe or unsafe as IE ! Misty ?:| |
Misty (368) | ||
| 259544 | 2004-08-08 09:30:00 | Here is a link re the "Australian Computer Emergency Response Team" http://www.auscert.org.au/ Misty |
Misty (368) | ||
| 259545 | 2004-08-08 09:40:00 | If it was/is true I would bet that the Mozilla Group (the people who make Mozilla and Firefox would know about it & possible it could be fixed it by now) Just a suggestion have a look on there forum: http://forums.mozillazine.org & even maybe ask about it on there as well & see what they say. |
stu120404 (268) | ||
| 259546 | 2004-08-08 09:59:00 | The url spoofing has been fixed Here (www.mozilla.org) | johnboy (217) | ||
| 259547 | 2004-08-08 09:59:00 | Hi Stu Your first comment is rather wishful rather than factual. Who knows ? Nevertheless, your second comment is very useful and constructive so I have become a member and have posted the query. thanks Misty :D |
Misty (368) | ||
| 259548 | 2004-08-08 10:09:00 | I have a reply already from MozillaZine forums - it says >>>There is a reported security bug and people are working on it. And mind you - this is a problem with almost any browser that is out there. You can always try to trick people by showing the incorrect URLs, a false lock (faking a https connection) and more. The way to do it just is somewhat different depending on browser. >>>Regards, Mikael >>>Swedish Support for the Mozilla Suite (unofficial) I have had a look at the link you have given Johnboy and will have to evaluate in my own slow way. Thanks - much appreciated - as always ! Misty :D |
Misty (368) | ||
| 259549 | 2004-08-08 10:15:00 | Go here (secunia.com) to test if you are vulnerable. | mikebartnz (21) | ||
| 259550 | 2004-08-08 10:17:00 | Has a patch been issued yet for IE to cure this problem. | mikebartnz (21) | ||
| 259551 | 2004-08-08 12:08:00 | Hi Mike, If the conversation is about the "Browser Injection" vulnerability (that your link pointed to) the simple answer is that Internet Explorer 6 is still vulnerable. The interesting thing is that while both Mozilla 1.2.1 and Konqueror 3.1.1 are also vulnerable I have never had this happen with Firefox. I suppose the critical IE update released last weekend could have been more to do with plugging the web server plus IE allows program injection vulnerability ?:| |
Gorela (901) | ||
| 259552 | 2004-08-08 21:29:00 | > Hi Stu > Your first comment is rather wishful rather than > factual. Who knows ? yeath, you have a point there, but there is a 90% change that I was right, & I was :) Side note: I was just very lucky that I was right :D |
stu120404 (268) | ||
| 1 | |||||