Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mozilla UI Spoofing Vulnerability

Posted by CowboyNeal on from the shields-up dept.

Short Circuit writes "Secunia has issued a security advisory for Mozilla and Firefox. Apparently, remote web sites can spoof the user interface using XUL. (See the Firefox proof of concept.) Of course, that won't stop me from using Firefox."

18 of 583 comments (clear)

  1. This is nothing... by Anonymous Coward · · Score: 3, Funny

    You think your Mozilla or FireFox has neat features like that?

    Well my friend, my IE can beat your browser many times over!

    HA!

  2. Not another one! by Nermal6693 · · Score: 5, Funny

    I've lost faith in Secunia, they seem to love pointing out security holes in open-source products. So I just ignore them now.

    1. Re:Not another one! by Nermal6693 · · Score: 3, Funny

      But at 21, I'm too young to be a grandparent! ;)

  3. I'm using Firefox... by Anonymous Coward · · Score: 5, Funny

    so am I really seeing slashdot, or is someone trying to spoof me, while at the same time ironically warning me about said Firefox spoofs?

    1. Re:I'm using Firefox... by HoneyBunchesOfGoats · · Score: 5, Funny

      You can tell that it's not the real slashdot because they got the colors all wrong.

    2. Re:I'm using Firefox... by King_of_Prussia · · Score: 2, Funny

      I think I'm being spoofed, only a colourblind script-kiddie from Norway could have chosen a background colour this vomit-inducing.

      --

      Making the moon less necessary since 1998.

    3. Re:I'm using Firefox... by Pharmboy · · Score: 2, Funny

      Depends, did you get a bunch of 500 and 503 errors? Then its the real Slashdot. Oh, and look for dupes on the front page, the spoof's don't do that.

      --
      Tequila: It's not just for breakfast anymore!
    4. Re:I'm using Firefox... by Anonymous Coward · · Score: 5, Funny

      man...oh man. this reminds me of the time our "cio" first heard about ip spoofing back in 97.

      for the next 3 months every problem was probably caused by "spoofing"...he drove us nuts with that bullshit.

      so to fuck with him, we created fake security/vulnerability reports about a new threat: "goof balling"

      we could barely keep from wetting our pants as he ran around for the next 3 months telling everyone "we are being goof balled"

    5. Re:I'm using Firefox... by dillee1 · · Score: 5, Funny

      Fuck, I thought that was the VGA cable getting loose again and tried to fix it.

    6. Re:I'm using Firefox... by Anonymous Coward · · Score: 2, Funny

      You can download a fix here

      After installing this, I am not vulnerable to this security threat.

  4. Firefox, huh ? by ElVirolo · · Score: 4, Funny

    Of course, that won't stop me from using Firefox But then how do you know you ARE using the 'proper' Firefox if the interface is spoofed ?

    1. Re:Firefox, huh ? by Spunk · · Score: 2, Funny

      I don't have to worry, I use Mozilla Superchicken.

  5. Re:What the hell? by tirenours · · Score: 5, Funny

    And from the linked page, a gem that we shouldn't overlook:

    "if you don't have Firefox (you should get it!)"

  6. This is a feature..... by Anonymous Coward · · Score: 1, Funny

    ....to make former IE users feel at home...

  7. Re:Fix the Colors! by Anonymous Coward · · Score: 1, Funny
    Mod me up if you hate the color scheme. Here's a fixed link using the "old" slashdot colors:


    i really want to mod you up, but since i followed your link in mozilla, i don't dare log in, since i can't really be sure of what i'm looking at...

  8. Re:Vulnerability? by bcmm · · Score: 2, Funny

    And here is a perfect reversal of how /. usually works. Someone says "I can do X with FireFox, but not in IE", and someone else points out how to do the same with IE...

    --
    # cat /dev/mem | strings | grep -i llama
    Damn, my RAM is full of llamas.
  9. Very, Very OT: Your Sig. by Anonymous Coward · · Score: 1, Funny


    "Making the moon less necessary since 1998"

    Are you claiming to be so fat, that by sprinting around the equator, you can sustain tides and stabilise the Earth's attitude?

  10. Re:What the hell? by Trailer+Trash · · Score: 2, Funny

    There are many, many people out there who continue to use IE, even after knowing there are alternatives and that IE has many security holes. So what? Why doesn't anybody label those people as "MS zealots"?

    They do. You apparently missed the memo...

    --
    Do you have ESP?