{ Individual Misdruk }

Valse URL's

Zowel voor Mac als PC:

The clever folks at the The Shmoo Group, a bunch of interesting security folks who punch holes in assumptions about what's secure on the Internet, have discovered a simple way to fool most browsers into believing that they've connected to a secure Web site when they've been spoofed into connecting to a rogue location with a different name.

It's ironic, but Internet Explorer is entirely exempt from this spoof. Opera, Safari and KHTML-based browsers, and all Mozilla and Firefox browsers suffer from this weakness on all platforms.[...]

[...] Thus, in an example that the Schmoos posted for a while (now replaced), you see "https://www.paypal.com/" in your browser URL field, and the SSL signals are all there - you get no warnings, the lock icon is present, and Firefox's Security tab in the Page Info window says the Web site's identity is verified.[...]

[...] If you're a Firefox user, I recommend obtaining and installing a utility called SpoofStick , which alerts you to what is being called "homograph" spoofing. [...]

elisa op 15 februari 2005 om 09:57 uur

Dit is gezegd

nove zei op 15 februari 2005 22:31

Thank You!

Zegt u maar