Linux and Spywares - lack of reading
James Wilkinson
james at westexe.demon.co.uk
Thu Feb 17 13:43:59 UTC 2005
Robert Storey wrote:
> "The attack can be disabled in Firefox and Mozilla by setting
> 'network.enableIDN' to false in the browser's configuration (enter
> about:config in the address bar to access the configuration
> functions). The Mozilla development team today made this the
> default setting. Users who want IDN support will be able to turn it
> on, but will be warned about the risks involved."
Gene Heskett replied:
> I've done this, to copies of both that are about a month old. Is this
> really sufficient?
Robert answered.
> Yes, that's all you really need to do to stop this particular exploit.
> Of course, that's no guarantee that some other exploit won't be
> uncovered in the future.
You can test at http://secunia.com/multiple_browsers_idn_spoofing_test,
or *possibly* by following this link: http://www.paypаl.com/ (depending
on how your e-mail and/or browser is set up).
Hope this helps,
James.
--
James Wilkinson | Say it with flowers, send a triffid.
Exeter Devon UK |
E-mail address: james |
@westexe.demon.co.uk |
More information about the fedora-list
mailing list