-
February 8th, 2005, 01:58 PM
#1
Registered User
READ: Browser Exploit That Doesn't Affect IE - Shocks The World
- According to a paper recently published by Eric Johanson of the Shmoo Group, users on most Mozilla-based browsers (Firefox 1.0, Camino .8.5, Mozilla 1.6, etc), Safari 1.2.5, Opera 7.54, Omniweb 5 are victim to a complex International Domain Name [IDN] spoof. This new attack allows an attacker/phisher to spoof the domain/URLs of businesses. Every recent gecko/khtml based browser implements IDN (which is just about every browser except for Internet Explorer). The Smoo Group have created a proof of concept where the links are directed at "http://www.pаypal.com/", which the browsers punycode handlers render as www.xn--pypal-4ve.com.
-
February 10th, 2005, 06:55 AM
#2
Share the wealth.
Now someone attack Mac so the Apple nuts shut up
-
February 10th, 2005, 08:18 AM
#3
Registered User
Theyre already attacking Mozilla. Just a matter of time...
-
February 10th, 2005, 02:58 PM
#4
Registered User
Just turn off IDN...
In Mozilla-based browsers type "about:config" (no quotes no spaces) in the address bar. Look for the setting "network.enableIDN" (they are listed in alphabetical order) and change it to "false".
Of course this is just a work-around and if you are patient enough to wait, the Mozilla team will probably have a real fix in less than a week.
Last edited by Vip2; February 10th, 2005 at 03:01 PM.
Similar Threads
-
By TechZ in forum Tech News
Replies: 2
Last Post: January 11th, 2005, 03:18 PM
-
By spyder007 in forum CD-ROM/CDR(-W)/DVD Drivers
Replies: 2
Last Post: January 11th, 2005, 01:19 AM
-
Replies: 0
Last Post: November 24th, 2004, 01:40 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Bookmarks