|
|
User Controls
|
New User
|
Login
|
Edit/View My Profile
|
|
|
|
ActiveMac
|
Articles
|
Forums
|
Links
|
News
|
News Search
|
Reviews
|
|
|
|
News Centers
|
Windows/Microsoft
|
DVD
|
ActiveHardware
|
Xbox
|
MaINTosh
|
News Search
|
|
|
|
ANet Chats
|
The Lobby
|
Special Events Room
|
Developer's Lounge
|
XBox Chat
|
|
|
|
FAQ's
|
Windows 98/98 SE
|
Windows 2000
|
Windows Me
|
Windows "Whistler" XP
|
Windows CE
|
Internet Explorer 6
|
Internet Explorer 5
|
Xbox
|
DirectX
|
DVD's
|
|
|
|
TopTechTips
|
Registry Tips
|
Windows 95/98
|
Windows 2000
|
Internet Explorer 4
|
Internet Explorer 5
|
Windows NT Tips
|
Program Tips
|
Easter Eggs
|
Hardware
|
DVD
|
|
|
|
Latest Reviews
|
Applications
|
Microsoft Windows XP Professional
|
Norton SystemWorks 2002
|
|
Hardware
|
Intel Personal Audio Player
3000
|
Microsoft Wireless IntelliMouse
Explorer
|
|
|
|
Site News/Info
|
About This Site
|
Affiliates
|
ANet Forums
|
Contact Us
|
Default Home Page
|
Link To Us
|
Links
|
Member Pages
|
Site Search
|
Awards
|
|
|
|
Credits
©1997/2004, Active Network. All
Rights Reserved.
Layout & Design by
Designer Dream. Content
written by the Active Network team. Please click
here for full terms of
use and restrictions or read our
Privacy Statement.
|
|
|
|
|
|
|
|
Time:
19:59 EST/00:59 GMT | News Source:
ActiveWin.com |
Posted By: Brian Kvalheim |
Most browsers affected except Microsoft Internet Explorer.
The state of homograph attacks. International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs. Desscription: In December 2001, a paper was released describing Homograph attacks [1]. This new attack allows an attacker/phisher to spoof the domain/URLs of businesses. At the time this paper was written, no browsers had implemented Unicode/UTF8 domain name resolution.
Test URL: http://www.shmoo.com/idn/
|
|
#26 By
37 (67.37.29.142)
at
2/8/2005 9:27:27 AM
|
You are in denial. Since day one (and even now), Firefox advocates have been saying "Firefox is secure", which is obviously not a true statement about Firefox.
TechLarry, good thing I DO use IE on a daily basis. I have not had, and still don't have ANY spyware collections on my computer...drive by or not.
|
#27 By
7797 (63.76.44.6)
at
2/8/2005 10:35:58 AM
|
The majority of the Firefox advocates on Activewin and elsewhere have not made the claim that "Firefox is secure". And nobody, not even Firefox advocates like it when halfwits DO make such claims. But as with everything there are halfwits who say "IE is secure" and there are halfwits that say "Firefox is secure". Overall this minority can simply be ignored like a troll. You choose NOT to ignore them to paint a false picture of what "Firefox advocates" as a whole are like. If you think I am in denial please prove me wrong by linking to a bunch of instances on your own Activewin website where Firefox advocates made this claim. Should be easy for you to do if it is as you say.
This post was edited by tgnb on Tuesday, February 08, 2005 at 10:38.
|
#28 By
37 (67.37.29.142)
at
2/8/2005 10:51:06 AM
|
tgnb wrote (before another edit): The majority of the Firefox advocates on Activewin and elsewhere have not made the claim that "Firefox is secure".
http://blogs.wdevs.com/am/archive/2004/12/22/1561.aspx:
"Is FireFox Secure, Maybe Not... "
http://www.novell.com/products/desktop/:
"Mozilla Firefox – secure, feature-rich web browser "
http://www.oooff.com/firefox.html:
"Secure, Fast, Smarter searching"
http://www.mozilla.org/products/firefox/switch.html
"from Spyware and Adware Browse and search the web more quickly with tabs Stay safe and secure online"
http://www.wired.com/wired/archive/13.02/firefox_pr.html
"It's fast, secure, open source - and super popular."
http://www.crazypc.com/
" CrazyPC.com is best viewed in Firefox Free & Secure "
http://jbariou.com/links:
"Self-defense against invasive marketing Firefox Secure, stable, efficient, extensible, makes IE cry"
I have 311,158 hits on MSN Search: Firefox is secure
Let me know if you want me to keep posting. Even Mozilla says it's secure. If I should trust anyone to know if it's secure, it should be Mozilla. But since Firefox is NOT secure, Mozilla is wrong and I no longer trust them as well.
This post was edited by AWBrian on Tuesday, February 08, 2005 at 11:06.
|
#29 By
37 (67.37.29.142)
at
2/8/2005 10:53:12 AM
|
tgnb, I see you conveniently changed your post...TOTALLY different than your first. Understandable though that you would go back and eat crow.
|
#30 By
23275 (68.17.42.38)
at
2/8/2005 12:09:26 PM
|
#35 Amen! ...been at it since 1973 and what you observe is so necessary for people to understand and embrace.
No one is going to be safer if people across the industry do not work together to isolate, prosecute and jail the criminals responsible for injuring all of us.
It will take a fundamental understanding that no software is entirely secure and that all software can a) be made better and is and b) that it will take a layered defense in depth to keep people safer.
What you suggest is sound - and instead of celebrating a discovered flaw in any SW, we might instead simply use our collective energy to find and then share solutions and work-arounds until either the commerical or OSS authors produce a permanent solution.
..until of course, the next one is doscovered and we repeat this process.
What does have to stop is the constant sniping - I mean like choices in art, friends, music, mates, etc... platform and SW choices are very personal - cutting on one, cuts very deeply indeed. it'd be like, ok - so you drive a Dodge...I heard that they had a recall on X, Y, or Z - much like the one I had for my Chevy, or Ford... etc...
The people we all need to objectify are the criminals and thieves that hurt each of us and our ability to earn a living. We need to target them with our energy and contempt - not one another. #35 is to be lauded for his remark - a good reminder to all of us.
|
#31 By
7797 (63.76.44.6)
at
2/8/2005 12:28:17 PM
|
"tgnb, I see you conveniently changed your post...TOTALLY different than your first. Understandable though that you would go back and eat crow."
Huh? Are you smoking crack? Yes i did edit it, but I edited it immediately after I posted it originally posted 10:35, and edited 10:38 which was BEFORE you even posted your reply.
My edit: This post was edited by tgnb on Tuesday, February 08, 2005 at 10:38.
Your post: #34 By AWBrian (1146 Posts) at 2/8/2005 10:51:06 AM
Stop smoking crack bro!
This post was edited by tgnb on Tuesday, February 08, 2005 at 12:30.
|
#33 By
37 (67.37.29.142)
at
2/8/2005 1:03:19 PM
|
I like how you avoided all the factual cites i provided.
And I read your original post before your edit, and it didn't say quite a bit of what was changed.
And why do you think that IE isn't the most secure? They don't say it's SECURE, they indeed say it's the MOST secure. And with all the security issues that Firefox has been facing, it comes at no surprise.
|
#34 By
15406 (216.191.227.90)
at
2/8/2005 1:09:35 PM
|
#40: Why don't you hold yourself to your own standard? MS tells everyone + dog that Windows & IE are secure, despite boatloads of evidence to the contrary. So, naturally, you'll be quitting your job here and dumping Windows, since you can't trust MS anymore right?
|
#35 By
7797 (63.76.44.6)
at
2/8/2005 1:39:51 PM
|
I avoided your links because for the most part they are a pathetic attempt to try to counter my argument that Firefox Advocates do not claim that "Firefox is Secure". I have reviewed your links and remain of the same opinion. Only somone who reads the words without understanding their meaning and context would come to the same conclusions as you.
|
#36 By
37 (67.37.29.142)
at
2/8/2005 1:51:57 PM
|
Latch, that sounds like a typical republican response. Maybe we should also blame the lack of security in today's browsers on President Clinton?
How about we address the issue we started with here first. Firefox is NOT secure, but thousands of advocates, websites, and even Mozilla say it is, when in fact it is not.
|
#37 By
37 (67.37.29.142)
at
2/8/2005 1:56:44 PM
|
tgnb, it's not a pathetic attempt. It's real and factual. Are you denying that even OOo, Mozilla and Firefox said that it is secure, as I pointed out on THEIR websites...who which are the biggest advocates of their own browser?
The way you "READ" the links and the way you interpret them in "your favor" is called denial, and when you report that to this comment board, that is FUD and Spin.
FACT: The above links I posted do in fact say that firefox is secure. That is a fact. You cannot dispute that.
FACT: Even Mozilla, Firefox and OOo say that the browser is secure. And they are THE biggest advocates of said browser.
|
#38 By
7797 (63.76.44.6)
at
2/8/2005 2:32:36 PM
|
AWBrian, you know what? You win. Your links prove without leaving any doubt that the majority of Firefox advocates are blatant liars. They claimed that Firefox is secure and this latest security issue has proved them to be completely wrong. You proved it to the world by providing those links. You exposed them for what they are, a bunch of fraudsters.
Although I am now through your enlightenment ashamed to be a Firefox advocate I will still continue to use it. My own personal views on how secure Firefox is remain unchanged.
|
#39 By
37 (67.37.29.142)
at
2/8/2005 3:33:51 PM
|
Thank you tgnb. And the same can be said for IE. Just replace Firefox with IE in your above paragraph and that too is true.
|
#40 By
7797 (63.76.44.6)
at
2/8/2005 4:15:36 PM
|
Learn how to read between the lines AWBrian, it will enlighten you tremendously.
|
#41 By
37 (67.37.29.142)
at
2/8/2005 4:19:09 PM
|
No need to read behind the lines. I intentionally looked past your obvious ClosedStandards sarcasm.
Just the facts jack :o)
|
#42 By
7797 (68.142.9.161)
at
2/8/2005 7:59:37 PM
|
Not my lines Brian... learn how to read between the lines in general.
|
#43 By
37 (24.183.41.60)
at
2/8/2005 8:25:59 PM
|
But as tgnb says, it's secure LIT, so that is NOT true. That information you provided is wrong.
|
#44 By
37 (24.183.41.60)
at
2/9/2005 7:16:23 AM
|
I don't have a problem with one saying that it is MORE secure than another browser. But saying that it's secure is WRONG. Firefox does it and MS does it. It's wrong.
That's like saying that if you have 15 airbags in your car, your SAFE or your SECURE. No your not. You can still die within less then a second if hit properly. You might be MORE safe or MORE secure however.
And I do believe that IE is MORE secure than Firefox. At least we get security patches and Microsoft tests them and releases them as promised. And I have no spyware/adware/malware on my system and I have not been breached. Even before SP2 for Windows XP. I can control IE behaviors more easily than in Firefox.
|
#45 By
7797 (63.76.44.6)
at
2/9/2005 8:40:55 AM
|
" But as tgnb says, it's secure"
Um no i did not say that. It's more secure than IE though.
" I don't have a problem with one saying that it is MORE secure than another browser. But saying that it's secure is WRONG."
Umm exactly. So how did you end up claiming i said its secure?
This post was edited by tgnb on Wednesday, February 09, 2005 at 08:42.
|
#46 By
37 (67.37.29.142)
at
2/9/2005 10:56:22 AM
|
I was reading between the lines. And I feel that IE is more secure than Firefox.
But we can agree to disagree again...cool? :)
|
|
|
|
|