Netcraft Releases Anti-Phishing Toolbar
AgainstHate writes "Netcraft has released an Anti-Phishing Toolbar that provides detailed information about the website you are visiting (sites' hosting location, country, longevity and popularity) at all times to help users to validate fraudulent URLs. It also natively traps cross site scripting and other suspicious URLs. The toolbar also enables users to report phishing attacks to Netcraft, thus blocking any other unsuspecting users from being harmed (Netcraft supervisor validation is used to contain the impact of any false reporting). Currently the toolbar is only available for IE but a Firefox version is under development."
They really don't need a firefox version anyway..
:)
People who use firefox fall under those who don't really need it
Online backup with Mozy, sounds like Ozzie, but more!
Not true at all. I happen to be the proud owner of a very serious exploit in the shopping cart of a major online retailer - an exploit of a simple-fix problem they refuse to even look at.
The gist is this - there's a variable in the GET string of the cart which does no input sanitization or checking at all. I derived a GET string which caused an invisible iframe to be embedded in the shopping cart page of this retailer. Inside the iframe, however, was a page pointing to one of my sites on which a fake form resided. The page/form claimed you would "Get a free gift for only 99 cents S&H" and asked for name, address, phone number, and credit card. The ONLY indicator that it's fake is:
1. The hard to read GET string which, if you know HTML and the concept of CGI, you could figure out points to a "bad" page if you looked at it.
2. The javascript alert that says "owned" after you click the "submit" button.
I even photoshopped some of their own button graphics and used their CSS files to maintain the look of the site.
They have yet, after almost a year, to fix the problem.
Firefox is just as vulnerable as anything else, and this particularly nasty XSS attack was fairly hard to detect. Do not rely on your browser to save you from yourself.
Alito: A vote for Alito is a punch in the eye to put that bitch back in her place!