Slashdot Mirror


Patch & Workaround for Firefox Flaw Available

mcc writes "Yesterday Slashdot reported on a Firefox vulnerability which could allow remote code execution. Today Firefox has a patch and a configuration workaround, both of which immunize against the bug. If you are using Firefox you should immediately go to the URL 'about:config', type 'network.enableIDN' into the box, and verify that 'network.enableIDN' is set to 'false'." Update: 09/10 18:59 GMT by Z : Removed wayward colon.

5 of 235 comments (clear)

  1. Re:IDN? by ScrewMaster · · Score: 3, Funny

    Integrated Digital Network without the Services. I think it's referring to MSN.

    --
    The higher the technology, the sharper that two-edged sword.
  2. Re:Here's a question... by Professor_UNIX · · Score: 4, Funny
    Turning IDN off in Firefox is mighty a stupid solution. Stupid on a planetary scale. A problem should be fixed, not circumvented by removing the functionality.

    I disagree. I would wager at least 98% of Firefox users do not need IDN functionality at all. The only thing it's really used for in reality are phishing sites. Unless you regularly interact with foreigners who refuse to conform to the proper ASCII character set in their domain names you shouldn't notice any difference in your browsing at all. When Jesus established the original RFC for domain names he used sensible restrictions, but now with this new IDN garbage we have people using characters that don't even make sense or appear on our keyboards! What villainy is this?

  3. Re:Here's a question... by Professor_UNIX · · Score: 4, Funny

    Woops, I meant Jon.. Jon Postel. Common mistake.

  4. But, but, but by heinousjay · · Score: 5, Funny

    Removed wayward colon.

    Ewwwwwww.

    --
    Slashdot - where whining about luck is the new way to make the world you want.
  5. Ouch. by x136 · · Score: 5, Funny
    Update: 09/10 18:59 GMT by Z : Removed wayward colon.
    That sounds exceedingly painful.
    --
    SIGFEH