Another reason to use Firebird...

Forums » Update on the IE vulnerability » Another reason to use Firebird...


Uniqs: 473	Share Topic:	RSS topic:	toggle: flat / full normal / watch	Post a:	Post a:

Simple safety net »
« Small, but important, correction

borborpa Slipping Slowly Into Oblivion Premium join:2002-02-20 New Cumberland, PA clubs:	Another reason to use Firebird...
	permalink · 2003-12-12 11:35:06 ·

Amaethon join:2000-10-22 USA clubs:	Re: Another reason to use Firebird... No fix yet eaither.. shessh
	permalink · 2003-12-12 11:42:38 ·

youngmoore join:2001-03-16 Marietta, GA ·Sprint Mobile Broa..	Re: Another reason to use Firebird... this is what I get from firebird »www.symantec.com%2Fanything%2FI%···dex.html from IE »www.symantec.com/anything/I/want···ut/here/ Interesting From my understanding you can clock the URL line to just about anything you want. I use that for our webmail so it just shows the hostname not the IP. ym
	permalink · 2003-12-12 11:49:03 · Print ·

Xtract join:2003-04-25 Etheria	I loaded firebird when I read the first article and have not touched IE since.
	permalink · 2003-12-12 11:52:58 ·

woody7 Premium join:2000-10-13 Torrance, CA ·EarthLink ·DSL EXTREME	Re: Another reason to use Firebird... said by Xtract : I loaded firebird when I read the first article and have not touched IE since. Been using it for a long time now and only use IE for updates........have been a happy camper since -- Bloome
	permalink · 2003-12-12 12:11:27 ·

deltat2000 Timor Omnis Abesto Premium join:2000-04-13 127.0.0.1 clubs:	Okay...........now that you have me totally paranoid..whats the real url/link to Opera or Firebird? Hopefully Justin will post it.......I think I'de trust his links... deltat2000 softly whistles in the dark! and thinks "boy its getting kinda scary online" -- "Lets Roll" You are missed Todd.The Future Is Purchased By The Present!Lifetime member VRWC
	permalink · 2003-12-12 12:51:54 ·

Xtract join:2003-04-25 Etheria	Re: Another reason to use Firebird... Use good old google
	permalink · 2003-12-12 13:02:50 ·

jplove71 IBEW 113 Premium join:2001-03-16 Colorado Springs, CO	Mozilla Firebird product page. I've been using Firebird for about 9 months now, Mozilla for 1 1/2 yrs before that, and Netscape 4.x before that. -- Browsing with Mozilla Firebird 0.7
	permalink · 2003-12-12 16:02:20 ·

mrchris We don't miss you Bush Premium join:2002-10-01 North Babylon, NY	Using Firebird since 0.6 and Thunderbird since 0.2
	permalink · 2003-12-12 13:53:52 ·

insomniac84 join:2002-01-03 Schererville, IN	Re: Another reason to use Firebird... said by mrchris : Using Firebird since 0.6 and Thunderbird since 0.2 Do you want a cookie?
	permalink · 2003-12-12 14:10:31 ·

jose3030 Premium join:1999-08-17 Manassas, VA	Re: Another reason to use Firebird... Just dont track my online movements and we'll be fine!
	permalink · 2003-12-12 23:56:07 ·

inciter Noobie Premium join:2000-08-30 Rohnert Park, CA	Glad I don't use FireBird! or anything eles but IE! At least they come up with the fixes and warnings. Are you under the same bug? Maybe maybe not.... But at least I know whats wrong with my browser and how to fix it. -- A SUCKER is born every min. On the Internet a SUCKER is born every Sec.
	permalink · 2003-12-12 17:21:56 ·

Xtract join:2003-04-25 Etheria	Re: Another reason to use Firebird... And what is your suggestion for fixing this one?
	permalink · 2003-12-12 17:50:08 ·

Winerin Premium join:2002-03-30 Woodland Hills, CA 2 edits	Good for you, but since IE is given with the operating system a very high percentage of people will only use IE. In addition, many are not expert programers and are not aware of issues such as these and will be very hurt by these.
	permalink · 2003-12-12 21:24:32 ·

Hayward
K A R - 1 2 0 C
Premium
join:2000-07-13
Key West, FL

said by inciter :
Glad I don't use FireBird! or anything eles but IE! At least they come up with the fixes and warnings. Are you under the same bug? Maybe maybe not.... But at least I know whats wrong with my browser and how to fix it.

Its a shame how easily some can be deluded by MicroGod(soft).... M$ has a long and unwavering history of releasing things long before they are ready and solid, just because they SEEM to work... however they never even seem to attempt to break them. Its is a closed group of self interested developers.
The only reason you know about any of the problems is because someone OUTSIDE M$ found them and embarrassed them into fixing them... Microsoft does not find them themselves. And since the source code is not readily available no one else can look for the problems BEFORE they happen. They just create new "glitter features" that more often than not cause problems, because they haven't worked them hard enough once they have the appearance of working.

Mozilla on the other hand is a consortium of INDEPENDENT developers... and even if a bad apple got in and tried to do something bad... the other would likely spot it before it was even released. Plus there are people going over the code everyday, mostly with the goal of improving it, but also often correcting problems.

But go right a head delude yourself into believing M$ will protect you... you'll get had sooner or later.
--
»haywardm.com (Hayward's Key West)

permalink · 2003-12-12 23:48:22 · Print ·

jram

join:2003-08-06
Albany, NY

I hope this isn't true

A vulnerability which affects Internet Explorer can be exploited by scammers who try to trick people into revealing details of online banking accounts or other private information.

The flaw, wherein Internet Explorer displays the contents of one web site while showing a different, incorrect, address in the browser address bar, is not confined to IE but also affects version 0.7 of the Mozilla Firebird browser, according to a security analyst from Secure Data Group.

Ben Robson said members of the security communirty had found that all users of Internet Explorer 6, Outlook Express 6 and Mozilla Firebird 0.7 - the last-named on both Linux and Windows - were affected by this vulnerability.

However, others have contested the claim that the flaw can be exploited under Mozilla Firebird.

The flaw was disclosed on Wednesday by graphic designer Sam Greenhalgh who has set up a demonstration here.

Robson said the big giveaway in scams like those on eBay, where users were asked to enter details at a bogus website, was that the URL would not match the "eBay.com" address.
advertisement

advertisement

"This new vulnerability allows the attacker to send the victim to a page that looks and behaves just like the eBay site and has the "eBay.com" address in the address bar. But in fact any information the user provides is being sent to another website looking to steal their details," he said.

Robson said a malicious user could use this vulnerability and create a series of fake websites that looked like they were those of a legitimate company.

"They can ask the user for credit card details. However upon going to the page, inspite of what the URL states, the user is in fact at the malicious user's website. As a result the user may unwittingly enter important personal information," he said.

Using a technique such as this with the recent 'eBayUpdates' scam would have made the scam almost impossible to detect until it was too late for thousands of victims, Robson said.

He said it worked with SSL-encrypted links as well. "As such it would be very easy for someone to misrepresent themselves as a bank, or other financial institute and convince the user to input their access details. Even the little 'lock' symbol at the bottom of the browser would look right.

"We have proved that it is possible to direct a web browser to an alternate web server, whilst placing a bank's URL in the address bar, and having the link place the banks URL in the status bar at the bottom of the screen. As such we can see no way that a user might determine that a link is illegitimate," he said.

Neither Microsoft nor the Mozilla project have yet publicly reacted to the news of the vulnerability.

permalink · 2003-12-12 21:59:50 · Print ·

jplove71
IBEW 113
Premium
join:2001-03-16
Colorado Springs, CO

Re: Another reason to use Firebird...

said by jram :
The flaw, wherein Internet Explorer displays the contents of one web site while showing a different, incorrect, address in the browser address bar, is not confined to IE but also affects version 0.7 of the Mozilla Firebird browser, according to a security analyst from Secure Data Group.

The difference between MSIE and Mozilla Firebird is that the fake URL is visible in the address bar in Firebird whereas it isn't when using MSIE.
--
Browsing with Mozilla Firebird 0.7

permalink · 2003-12-12 23:11:43 · Print ·

jram

join:2003-08-06
Albany, NY

Re: Another reason to use Firebird...

Thank-you,I just started using Firebird a couple months ago and have it the way I want..I have a couple of comments,I 'm on the machine at least 7hrs.a day,never been to a site that I have had a problem on ,including on-line banking..They have a extension open with IE just in case..I haven't had any kind of a pop-up since I've been using Firebird,not even the sliding ones.
Last thing,yes IE can be set-up to be secure but it will drive you nuts with them asking all of the time blah blah blah,I have to many things to do to waste my time..

permalink · 2003-12-13 14:04:52 · Print ·

KrK Heavy Artillery For The Little Guy Premium join:2000-01-17 Tulsa, OK	Yep, clicked the link and saw..... (http deleted) " www.symantec.com%01@i.dslr.net/symantec/www.symantec.com/index.html "
	permalink · 2003-12-14 20:10:03 ·

Hazeleyze join:2003-05-09 Wauseon, OH	After I saw this, I switched to Firebird 0.7. This is my first experience with another browser and I don't miss IE one little bit.
	permalink · 2003-12-14 21:28:18 ·

your comment..

Forums » Update on the IE vulnerability

Simple safety net »
« Small, but important, correction


Saturday, 28-Nov 15:46:38	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com. page compression OFF