Moho Forum


https://www.lostmarble.net/forum/

Javascript vulnerability in FireFox

https://www.lostmarble.net/forum/viewtopic.php?t=5916

Page 1 of 1

Javascript vulnerability in FireFox

Posted: Mon Oct 02, 2006 2:46 pm
by heyvern
I just read about a new vulnerability in FF that effects ALL PLATFORMS... Win, Mac, Linux.

http://www.pocket-lint.co.uk/news.php?newsId=4979

Mozilla is looking at it but doesn't have a timeline for a fix. This is a nasty bugger that would allow a malicious website to cause some kind of buffer overun allowing someone to take control of a computer.

(Buffer overrun? Is that similar to a Buffy rerun?)

In the meantime you could turn off JS or instal this cool little dohicky:

http://www.noscript.net/

It allows you to block all JS from untrusted sites.

-vern

Posted: Mon Oct 02, 2006 3:13 pm
by Patmals
Thanks mate!

Posted: Wed Oct 04, 2006 11:47 am
by Patmals
Heyvern,

the whole thing was a hoax / joke

http://www.betanews.com/article/Firefox ... 1159903320

Posted: Wed Oct 04, 2006 1:24 pm
by Rasheed
Nevertheless, it is wise to use NoScript on websites you don't know or trust. Running JavaScript (or whatever code) from an untrusted source is a potential security risk. With NoScript in FireFox (or Security Zones in MSIE), you can turn off scripting and selectively turn it on for websites you trust.

I should note that using these solutions are no final protecting against malware and hackers, because security is a process, not a state. If you want to learn more about computer security and how to keep your computer and local network safe, I suggest you listen to the Security Now! podcast.

Posted: Wed Oct 04, 2006 4:21 pm
by heyvern
Patmals wrote:Heyvern,

the whole thing was a hoax / joke

http://www.betanews.com/article/Firefox ... 1159903320
Yeah I noticed that!
Pretty annoying if you ask me. I pride myself on avoiding hoaxes. I scold others when they send me hoaxes... no... I insult them... I belittle them... I tell them to check their sources, and now I got nailed by one.
:(

I think the press is responsible as much as the perpetrators. They pounded on this story since it first came out and no one really verified it. Maybe they have learned a lesson as well.

The FF team seem pretty... noncholant about the whole thing. I would be pretty pissed about this if I were them. A lot of people were switching to Opera during the fiasco.

I turned off my noscript... it got on my nerves. I only browse the web "randomly" with my Mac and never had any trouble.

The PC is not allowed to leave the house with out telling me exactly where it's going and who it is going with.
;)

-vern
All times are UTC+01:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited