On Wed, 2005-02-16 at 08:22 -0500, Scot L. Harris wrote:
> On Tue, 2005-02-15 at 22:41, jdow wrote:
> > From: "jdow" <jdow@xxxxxxxxxxxxx>
> > > From: "Jeff Vian" <jvian10@xxxxxxxxxxx>
> > > > On Tue, 2005-02-15 at 17:13 -0800, jdow wrote:
> > > > > From: "David Curry" <dsccable@xxxxxxxxxxx>
> > > > >
> > > > >
> > > > > > jdow wrote:
> > > > > >
> > > > > > >Of course you do know of the recent exploits found for Mozilla,
> > > aren't
> > > > > > >you, Brian? What's this "No antivirus needed" I hear about for
> > Linux?
> > > > > > >
> > > > > > >{^_-} The quibbler.
> > > > > > >
> > > > > > >
> > > > > > "Recent exploits found for Mozilla" is news here. Care to elaborate
> > > or
> > > > > > point me in the right direction?
> > > > >
> > > > > Ran across it in the Dartmouth IRIA news summaries yesterday. It's
> > > > > scrolled off. It appears to affect the core of Mozilla so it affects
> > > > > FireFox as well. It should appear in the CERT advisories.
> > > > >
> > > > > It appears Mozilla is getting more attention from crackers now that
> > > > > it is starting to command a noticeable market share. It's a matter of
> > > > > time before more serious items appear. Of course, without things like
> > > > > ActiveX it's a little harder to mash a Linux machine than a Windows
> > > > > machine.
> > > > >
> > > > > {^_^}
> >
> > They had another reference today - it was a spyware application. If a
> > spyware can be tossed onto the machine then a rootkit can, also.
> >
> > http://news.com.com/Spyware+takes+aim+at+Mozilla+browsers/2100-7349_3-5569635.html
> >
> > {^_^}
>
> The recent exploit I read about was used more in phishing scams. They
> used the internationalization features to display certificates and
> prompts that looked like they came from legit sources so the users would
> click on them.
>
> The article above did not go into much detail but sounds like it is a
> combination of the exploit which gets the users to click on accepting a
> download of a program.
>
> Why don't they just disable the whole function of downloading plugins
> via the browser? It would be more secure to make the user go an extra
> step or two in order to get to the point that code executes on the
> system if they had to exit out to a different application. At least
> that way the user would know that something was going on instead of just
> clicking away blindly at the browser.
>
social engineering can defeat the best security system.
> --
> Scot L. Harris
> webid@xxxxxxxxxx
>
> Yesterday upon the stair
> I met a man who wasn't there.
> He wasn't there again today --
> I think he's from the CIA.
>
