Headline FeedsLinuxInsider Talkback
|
|
Re: Firefox Phishing Vulnerability Sparks Hot Debate
Posted by: Jennifer LeClaire 2005-01-07 20:23:50
See Full Story
A vulnerability in Mozilla's open-source Firefox browser could be exploited, security experts have warned. Despite the hoopla about the superior security of Firefox, Secunia Research reported that the browser could be used by malicious people, know as phishers, to spoof the source URL displayed in the browser's "Download Dialog" box. "The problem is that long sub-domains and paths aren't displayed correctly, which therefore can be exploited to obfuscate what is being displayed in the source field of the Download Dialog box," said the Secunia advisory.
Re: Firefox Phishing Vulnerability Sparks Hot Debate
Posted by: OldGeek 2005-01-08 10:14:49 In reply to: Jennifer LeClaire
Let us first try something like SPOOFSTICK for knowing exactly where you are; it is available for both Microsoft and Mozilla browsers.
Next let's try common sense? Don't download without knowing exactly what you are downloading and why! Firefox won't let you auto open an executable file, Internet Explorer will. I like how Firefox approaches the download of an executable, it saves the file, and then you can run a real virus scan on it. Internet Explorer, unless you have download scan on your third party virus software enabled, you are out of luck when you press Open.
Is this a security problem? Not really. It's more of an uneducated user population problem. Luckily Firefox has a user base that educates each other.
Nice try at instilling fear and panic. Just because I see a seven line URL in Internet Explorer and not in Firefox doesn't mean I'm going to make a switch. If I can't determine the source of what I am downloading is legitimate, then chances are it's not, and I won't download it.
Common sense defeats this so called "Security Problem."
Next let's try common sense? Don't download without knowing exactly what you are downloading and why! Firefox won't let you auto open an executable file, Internet Explorer will. I like how Firefox approaches the download of an executable, it saves the file, and then you can run a real virus scan on it. Internet Explorer, unless you have download scan on your third party virus software enabled, you are out of luck when you press Open.
Is this a security problem? Not really. It's more of an uneducated user population problem. Luckily Firefox has a user base that educates each other.
Nice try at instilling fear and panic. Just because I see a seven line URL in Internet Explorer and not in Firefox doesn't mean I'm going to make a switch. If I can't determine the source of what I am downloading is legitimate, then chances are it's not, and I won't download it.
Common sense defeats this so called "Security Problem."
Re: Firefox Phishing Vulnerability Sparks Hot Debate
Posted by: kkimmel 2005-01-07 20:40:15 In reply to: Jennifer LeClaire
I am still amazed at the number of people who still don't get it. Microsoft lackeys who still like the idea of their Internet browser being in bed with their OS. They dont get it - they fail to grasp the concept.
Every time Firefox has a new bug found, they predict and suggest the end for the new browser. The media uses its might to turn users off from the product. Why? Because Microsoft buys full page ads in their magazines and banner ads on their sites. No Microsoft means lots of ad revenue lost for the media.
Since we are keeping score now between FireFox and IE, let us count up all the security problems Internet Explorer has had. The number is certainly in the hundreds by now. And that is only counting the ones that Microsoft acknowledges. There are 100s of undiscovered flaws in that worthless code and 100s more that are known about but Microsoft refuses to acknowledge. At least Firefox fixes its products and admits to its mistakes.
There is no comparison to be made between IE and FireFox. FireFox is so far ahead of Microsoft it isnt even funny. All that and they dont even charge for the software. Isnt open source a great thing?
Every time Firefox has a new bug found, they predict and suggest the end for the new browser. The media uses its might to turn users off from the product. Why? Because Microsoft buys full page ads in their magazines and banner ads on their sites. No Microsoft means lots of ad revenue lost for the media.
Since we are keeping score now between FireFox and IE, let us count up all the security problems Internet Explorer has had. The number is certainly in the hundreds by now. And that is only counting the ones that Microsoft acknowledges. There are 100s of undiscovered flaws in that worthless code and 100s more that are known about but Microsoft refuses to acknowledge. At least Firefox fixes its products and admits to its mistakes.
There is no comparison to be made between IE and FireFox. FireFox is so far ahead of Microsoft it isnt even funny. All that and they dont even charge for the software. Isnt open source a great thing?
