l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
September 2: Social gathering
Next Installfest:
TBD
Latest News:
Aug. 18: Discounts to "Velocity" in NY; come to tonight's "Photography" talk
Page last updated:
2003 Dec 13 21:47

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] New phishing vulnerability
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] New phishing vulnerability



On Fri, Dec 12, 2003 at 07:12:10PM -0800, Bill Kendrick wrote:
> On Sat, Dec 13, 2003 at 02:18:08AM +0000, Rob Rogers wrote:
> >  But the question is what does it show in the status bar while
> > hovering? The 0x01 bug only affects IE, but the %00 bug affects both
> > IE and Moz (at least 1.5) I'd be interested what NS 4.7 does.
> 
> While I agree it's some concern, the status bar isn't NEARLY as important
> as what's show in the URL field at the top.
> 
> Status bar can get covered up or altered easily with JavaScript.
> (Hover on an URL and status bar can say "Click that link to go to foobar"...
> or the site could be running one of those hiddeously irritating
> scrollers.)
> 
> Of course, turn off JavaScript, and it's less of a concern... until you get
> to...
> 
> URLs which are JavaScript function calls.  How many times have I wanted to
> look at a screenshot, or submit my answers to a survey question, and the
> URL is "javascript:void(0);"? >:^(
> 
> Who knows WHAT server a link like that will go to?
> 
> 
> And finally, there's always HTML form links.  I haven't seen a browser that
> puts any kind of "this form submits to: http://www.foo.bar/blah.cgi"; notice
> in the status bar when you hover over the Submit button.
> 
> Combine that with "<input type="image"..." submit buttons, and it looks
> like any old "<a href="..."><img src="..."></a>" link... except nothing will
> appear in the status bar.  (Or sometimes it'll show X/Y coordinates,
> since it's using the image as an imagemap.)
> 
> 
> Finally, one of the other really irritating tricks out there, which is kind
> of similar to this "0x01" bug in IE, is the use of frames.  Display
> two frames... one is 0 pixels tall, the other fills the rest of the window,
> and displays the content of some other site.
> 
> The URL at the top will always remain "http://www.foo.com/frame-page.html";,
> while you're happy browsing "www.bar.net/..." URLs in the window.
> 
> 
> Man, I hate the web. :)

Would you forward your email to some of the open source browser projects 
(Mozilla, Galeon, Konqueror) they might be interested in building in 
more browser security features, especially simple ones like the status 
bar.
-- 
I usually have a GPG digital signature included as an attachment.
See http://www.gnupg.org/ for info about these digital signatures.
My key was last signed 10/14/2003. If you use GPG *please* see me about 
signing the key. ***** My computer can't give you viruses by email. ***

Attachment: signature.asc
Description: Digital signature



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.