« Motorola Razr Sharp? | Main | It's in Her Genes »

What's Old is New

The Firefox vulnerability of the week appears to be a regression of something more than seven years old. According to the Register, Firefox 1.0.4 is vulnerable to a cross-site frame injection spoof that allows hackers to insert the contents of one window into another, while making it appear as if the content was from the original window.

So, for example, you could be on the password page to your online bank and hackers could insert HTML code that re-creates a screen that looks like the original but actually sends the information to Russia. Not a GoodThing(tm).

For now, the work around appears to be: "Do not browse untrusted web sites while browsing trusted sites." Not exactly specific advice but the bottom line seems to be don't open more than one site at a time.

Aloha!

Comments (1)

sjon:

Your password and info is unlikely to be sent to Russia. It's much more likely to bounce around a bunch of servers all over the world before comming to rest on an American hackers BBS.

(or go straight to a Homeland Security server...)

About

This page contains a single entry from the blog posted on June 7, 2005 8:39 AM.

The previous post in this blog was Motorola Razr Sharp?.

The next post in this blog is It's in Her Genes.

Many more can be found on the main index page or by looking through the archives.

Creative Commons License
This weblog is licensed under a Creative Commons License.
Powered by
Movable Type 3.34