Re: Linux and Spywares - lack of reading

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 16 Feb 2005 08:22:51 -0500
"Scot L. Harris" <webid@xxxxxxxxxx> wrote:

> On Tue, 2005-02-15 at 22:41, jdow wrote:
> > From: "jdow" <jdow@xxxxxxxxxxxxx>
> > > From: "Jeff Vian" <jvian10@xxxxxxxxxxx>
> > > > On Tue, 2005-02-15 at 17:13 -0800, jdow wrote:
> > > > > From: "David Curry" <dsccable@xxxxxxxxxxx>
> > > > >
> > > > >
> > > > > > jdow wrote:
> > > > > >
> > > > > > >Of course you do know of the recent exploits found for
> > > > > > >Mozilla,
> > > aren't
> > > > > > >you, Brian? What's this "No antivirus needed" I hear about
> > > > > > >for
> > Linux?
> > > > > > >
> > > > > > >{^_-}   The quibbler.
> > > > > > >
> > > > > > >
> > > > > > "Recent exploits found for Mozilla" is news here.  Care to
> > > > > > elaborate
> > > or
> > > > > > point me in the right direction?
> > > > >
> > > > > Ran across it in the Dartmouth IRIA news summaries yesterday.
> > > > > It's scrolled off. It appears to affect the core of Mozilla so
> > > > > it affects FireFox as well. It should appear in the CERT
> > > > > advisories.
> > > > >
> > > > > It appears Mozilla is getting more attention from crackers now
> > > > > that it is starting to command a noticeable market share. It's
> > > > > a matter of time before more serious items appear. Of course,
> > > > > without things like ActiveX it's a little harder to mash a
> > > > > Linux machine than a Windows machine.
> > > > >
> > > > > {^_^}
> > 
> > They had another reference today - it was a spyware application. If
> > a spyware can be tossed onto the machine then a rootkit can, also.
> > 
> > http://news.com.com/Spyware+takes+aim+at+Mozilla+browsers/2100-7349_3-5569635.html
> > 
> > {^_^}
> 
> The recent exploit I read about was used more in phishing scams.  They
> used the internationalization features to display certificates and
> prompts that looked like they came from legit sources so the users
> would click on them.  
> 
> The article above did not go into much detail but sounds like it is a
> combination of the exploit which gets the users to click on accepting
> a download of a program.  

No, not really the downloading of a program. Rather, to get you to click
to go to a web site that will look just like Citibank or Amex so that
you enter confidential info that will then be recorded.

>From what I understand, Mozilla will now ship with the
internationalization features turned off by default. The article you
were referring to (worth reading!) was publicised on Slashdot:

http://slashdot.org/article.pl?sid=05/02/15/1922215&tid=154&tid=1

cheers,
Robert


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux