Re: how can you verify that the site you get is not a fake?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
Subject: Re: how can you verify that the site you get is not a fake?
From: Matthew Miller <mattdm@xxxxxxxxxx>
Date: Mon, 6 Jun 2005 09:50:17 -0400
In-reply-to: <[email protected]>
List-archive: <https://www.redhat.com/archives/fedora-list>
List-help: <mailto:[email protected]?subject=help>
List-id: For users of Fedora Core releases <fedora-list.redhat.com>
List-post: <mailto:[email protected]>
List-subscribe: <http://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=subscribe>
List-unsubscribe: <http://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=unsubscribe>
References: <[email protected]> <[email protected]> <[email protected]> <[email protected]>
Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
User-agent: Mutt/1.4.1i

On Mon, Jun 06, 2005 at 03:38:58PM +0200, Felipe Alfaro Solana wrote:
> Nah! That's not enough... many web browsers are vulnerable to
> cross-site scripting code. I've seen some real proof-of-concept web
> sites that, by using a main frame protected via HTTP/S and a valid SSL
> certificate, where vulnerable to cross-site scripting-like attacks
> that were able to insert fake pages into a subframe without the web
> browser even alerting about it.

If there's a security vulnerability in your applications, all bets are off.


-- 
Matthew Miller           mattdm@xxxxxxxxxx        <http://www.mattdm.org/>
Boston University Linux      ------>                <http://linux.bu.edu/>
Current office temperature: 80 degrees Fahrenheit.

Follow-Ups:
- Re: how can you verify that the site you get is not a fake?
  - From: Felipe Alfaro Solana

References:
- Re: how can you verify that the site you get is not a fake?
  - From: Felipe Alfaro Solana
- RE: how can you verify that the site you get is not a fake?
  - From: bruce
- Re: how can you verify that the site you get is not a fake?
  - From: Matthew Miller
- Re: how can you verify that the site you get is not a fake?
  - From: Felipe Alfaro Solana

Prev by Date: Re: one background image per workspace
Next by Date: Re: Problem installing azureus
Previous by thread: Re: how can you verify that the site you get is not a fake?
Next by thread: Re: how can you verify that the site you get is not a fake?
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]