Skip to main content

broadband - News - Update on the IE vulnerability

Some facts:
An update on the recently reported IE vulnerability that lets people create fake sites that look real and disguise their true address. You can see the bug in action using this hoax site: here (designed by us). If you are on IE, and visit the 'site', your Address bar will be wrong (say symantec.com). But your status bar, once in the page, may show something is bogus. If you don't believe it is not Symantec, click the privacy link at the bottom of the page.

You can also see a demo of faking a secure page with padlock and valid certificate (but not one from paypal): here.

Some facts about the vulnerability:
# Once at a fake site, only File..Properties will reveal a strange URL that does not agree with the Address bar.
# It appears that basically all windows MSIE versions are vulnerable.
# If you use MSIE 'enhancers' such as IRider, you may be protected from the problem.
# With java script enabled, it is trivial for the hoax site to modify the MSIE 'Status bar' to show whatever it wishes.
# Examples have been posted of mostly obscuring the tell-tale info in the IE status bar at the bottom, after you are on a hoax site, even with javascript (Active-Scripting) turned off. "

Comments

Popular posts from this blog

Artist turns animals into everyday objects

Ananova - A Chilean artist is making a name for herself with an exhibition in which stuffed animals are transformed into household objects. Artworks on display include a chick turned into a lamp, and 'sheep bag' - a lamb carcass fitted with handles. Artist Caterina Purdy says her exhibition at the Experimental Arts Centre in Santiago is intended to be humorous but also makes a serious point. She told Las Ultimas Noticias online: 'It is possible to see my work as something scary, but I find it beautiful. 'There is also irony and humour in my objects as well as a criticism of the way animals are treated by society.'"

Josh Nimoy @ ITP - BallDroppings

Josh Nimoy @ ITP - BallDroppings : "BallDroppings is an addicting and noisy play-toy. It can also be seen as an emergence game. My brother Marc takes this software seriously as an audio-visual performance instrument. Balls fall from the top of the screen and bounce off the lines you are drawing with the mouse. The balls make a percussive and melodic sound, whose pitch depends on how fast the ball is moving when it hits the line."

W Ketchup™

W Ketchup™ : "You don’t support Democrats. Why should your ketchup? W Ketchup™ is made in America, from ingredients grown in the USA. In side-by-side taste tests of five leading brands, we found that W Ketchup is second to none. You'll never go back to Heinz again! W Ketchup is America’s Ketchup™"