Nope. From the LAN side, only the LAN address works. From the WAN side, only the WAN address works, and then only if the router is set up to expose the management GUI to the outside.
The WAN address does work from the LAN side as well, whether remote management is enabled or not. A quick test confirms this, on both the old and new firmwares.
The quality control that a patch goes through, the ruthless dissection of programming style, usefulness, and clarity is something I've never seen in a commercial environment.
Javascript alerts would be fine, as long as they would stay only with their own content and not interrupt other tabs/windows or other programs on the system.
There is a very long-standing bugzilla bug about this for Mozilla, you can read:
(comment #39 describes a security problem that sounds similar to the problem here)
Lots of good ideas in that page about how alerts could be handled differently. I like the one where the alert becomes an infobar. If you aren't on that tab when the alert happens, you won't be forced to see it, and it can't interrupt anything else you're doing.
In the meantime, closing all open browser windows before you visit your bank site is still the safest thing to do.
Re:Clean out the '\Flash Player' folder
on
Browser Privacy Test
·
· Score: 3, Interesting
For Linux users you want to (after rm'ing) symlink ~/.adobe and ~/.macromedia to/dev/null.
I've noticed lately that a lot more TV ads are venturing into extremely obnoxious territory. Many of the ads are so annoying that I never want to see them again, so I mute that ad as soon as I clue in that it's coming. For the most part, I'm talking about ads that scream to get your attention. I dislike people screaming at me anyway, and if they are screaming to get my attention so they can siphon money from my wallet, they get on my mute first list.
As a Dish Network customer, I don't recall giving Experian nor Echostar permission to conduct tracking on my credit card purchases to establish my "buying habits".
No, you gave them permission as a credit card customer.
God help the person whose dogs were just killed in a freak pesticide accident who now gets pet grooming/product commercials 24/7 to remind them of their now dead pets. Or maybe the guy who borrows from his 401k to pay for the burial of his wife and then starts getting ads for retirement planning.
Statistical outliers are not relevant to advertisers.
I'm certain that there are serial killers who had less reason to do their killing than what these people are capable of stirring in the souls of the unwashed masses.
Sounds dreadful. Television is certainly not worth killing for.
* Even typing a correct URL you're not free from dns-poisoning
Anti-phishing techniques do not make you safe from dns-poisoning, either.
But that's why you have SSL certificates. Unless one of your CAs has gone bad, nobody will have a certificate for that domain except for the person that owns the domain.
Even if (like me) you don't trust your CAs, you can keep track of certificates by their fingerprints. There are some extensions that will keep track of certificates for you so you can be alerted if your bank's certificate changes. Then you call the bank and ask if they changed their certificate.
but in the end the thing is simply too complicated for non-geeks. And it is not their fault, the problem is the design of the security infrastructure
Then make it easy for them. If you know someone who has trouble with it, set up their browser for them. Make the bookmarks and put them somewhere that can be accessed easily (like the "personal bar" or whatever your browser uses) and tell them they should only use that bookmark to access the site and nothing else. That kind of help will go a lot farther than any anti-* gimmicks will.
They're talking about turning off the encryption flag in the Bittorrent handshake, so your client won't use encryption even if the other end says he supports it (though, if either end *requires* encryption, then all that does is make the connection drop).
The only thing they're targeting with this is P2P.
What if you want to download a freeware program to perform a task, but want to know if it's infected?
Run it under a dummy user account.
What if your system has a zero day exploit and has been infected without you knowing?
Anti-virus doesn't protect you from zero-days either. If you want to check for infections, your best bet is to use some kind of tripwire software (with signed hashes stored and checked offline).
Anti-virus scanners are unfortunately a necessity when it comes to using pre-compiled binaries.
Then don't use pre-compiled binaries. Or like I mentioned above, use dummy accounts. Or try out the different tools for limiting system access (selinux, etc).
Slashdot Mirror
The WAN address does work from the LAN side as well, whether remote management is enabled or not. A quick test confirms this, on both the old and new firmwares.
Both the LAN and WAN IP addresses can be used to access the router's interface, and the WAN IP is not a secret to the attacker.
That's to reduce the occurrence of regressions.
Javascript alerts would be fine, as long as they would stay only with their own content and not interrupt other tabs/windows or other programs on the system.
There is a very long-standing bugzilla bug about this for Mozilla, you can read:
https://bugzilla.mozilla.org/show_bug.cgi?id=59314
Bug 59314 - Alerts should be content-modal, not window-modal
(comment #39 describes a security problem that sounds similar to the problem here)
Lots of good ideas in that page about how alerts could be handled differently. I like the one where the alert becomes an infobar. If you aren't on that tab when the alert happens, you won't be forced to see it, and it can't interrupt anything else you're doing.
In the meantime, closing all open browser windows before you visit your bank site is still the safest thing to do.
For Linux users you want to (after rm'ing) symlink ~/.adobe and ~/.macromedia to /dev/null.
Lack of 64-bit {Java,Flash,Wine} doesn't hold you back from 64-bit Linux. A decent Linux distro can handle both 64-bit and 32-bit binaries.
Can you please post your name & billing address, so I can send you the bill for my next abortion?
Thanks much
Sshhhhh, the Two Minutes Hate is on!
Shit, that must be a real chore to keep up with.
No, you gave them permission as a credit card customer.
Sounds like an idea for a new game show.
Statistical outliers are not relevant to advertisers.
Sounds dreadful. Television is certainly not worth killing for.
It is easier than it sounds.
make war
Sounds like someone forgot to disable auto-run.
Anti-phishing techniques do not make you safe from dns-poisoning, either.
But that's why you have SSL certificates. Unless one of your CAs has gone bad, nobody will have a certificate for that domain except for the person that owns the domain.
Even if (like me) you don't trust your CAs, you can keep track of certificates by their fingerprints. There are some extensions that will keep track of certificates for you so you can be alerted if your bank's certificate changes. Then you call the bank and ask if they changed their certificate.
Then make it easy for them. If you know someone who has trouble with it, set up their browser for them. Make the bookmarks and put them somewhere that can be accessed easily (like the "personal bar" or whatever your browser uses) and tell them they should only use that bookmark to access the site and nothing else. That kind of help will go a lot farther than any anti-* gimmicks will.
A 11,000 year old turkey found in a temple?
Don't underestimate the stupidity of voters.
They're talking about turning off the encryption flag in the Bittorrent handshake, so your client won't use encryption even if the other end says he supports it (though, if either end *requires* encryption, then all that does is make the connection drop).
The only thing they're targeting with this is P2P.
Doesn't matter. Although he loses your vote, he gets six more!
There is an intelligence requirement. But it is an upper limit, not a lower limit.
http://www.torproject.org/
You have eleven open-parens but only ten close-parens! Arrrrrrrrg!
Run it under a dummy user account.
Anti-virus doesn't protect you from zero-days either. If you want to check for infections, your best bet is to use some kind of tripwire software (with signed hashes stored and checked offline).
Then don't use pre-compiled binaries. Or like I mentioned above, use dummy accounts. Or try out the different tools for limiting system access (selinux, etc).
Because you don't transmit the key.
Depends on how secure your computer is.