On MovieTome: VENOM is moving ahead slowly!
BNET Business Network:
BNET
TechRepublic
ZDNet
TalkBack 4 of 62:
Next »
« Previous
Yeah, right.
Sorry, but IF you provide a feature that is clearly meant to show the URL of where the link is supposed to go, THEN there turns out to be a way for the web site author to trick the application into displaying false information, that IS a security flaw as it circumvents the reasonable expectation of the end user.

Granted, it's not an earth-shattering security flaw, but none the less it is a security flaw.

Reminds me of when I described to them a way to break the "password protected" screen saver on Windows 3.1/3.1.1 without rebooting the system or entering the password. They told me that was "by design" and therefore not a flaw.
Posted by: mathandmetal   Posted on: 11/02/04 You are currently: a Guest | Members login | Terms of Use
Reply to Story Reply to Message

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

Its not a security flaw, its a "feature."  tamuhockey | 11/02/04
I think...  KOS-MOS | 11/02/04
Right on the head again  tamuhockey | 11/02/04
Yeah, right.  mathandmetal | 11/02/04
It'll be a "Critical Vulnerability" in a week  rpmyers1 | 11/02/04
It is not an IE security flaw  alterego_z | 11/02/04
Can't be removed?  Partlyczy | 11/04/04
Before you folks start flying off the handle..  vdraken | 11/02/04
Darn rights you ABM'rs  mojoman_x@... | 11/02/04
ABMers  Omch'Ar | 11/02/04
ABMers  Kukulkan | 11/02/04
It doesn't matter where this flaw is  rpmyers1 | 11/02/04
exactly, other browsers DO see this as a flaw  Monkey_MCSE | 11/02/04
But...  vdraken | 11/02/04
I agree..  Patrick Jones | 11/02/04
Right.  vdraken | 11/02/04
Um, except ...  coffeenite | 11/03/04
No reason to make it easy  rpmyers1 | 11/02/04
Software flaws  ChuTw | 11/03/04
Nope  IT Scion | 11/04/04
What version are you using?  Chad_z | 11/02/04
see below.  vdraken | 11/02/04
i think...  wimbo_z | 11/02/04
Yes and...  Linux User 147560 | 11/02/04
Firefox corrected this?  PA-ITGuy | 11/03/04
Pick the Handle Up MS  crescentdave | 11/02/04
Do you have to try hard to be this stupid?  NonZealot | 11/03/04
Actually, I read it a little differently  coffeenite | 11/03/04
Avoiding the Real Issue  ChuTw | 11/03/04
Okay so what is the real issue?  IT Scion | 11/04/04
This is what Ballmer meant  Chad_z | 11/02/04
I didnt mean...  vdraken | 11/02/04
Ooops...This was suppsoed to reply to Chad.  vdraken | 11/02/04
Yes and No  PA-ITGuy | 11/02/04
Isn't this the same..  Patrick Jones | 11/02/04
Not really a security flaw..  d_jedi | 11/02/04
BTW  d_jedi | 11/02/04
Well...  KOS-MOS | 11/02/04
No doubt..  d_jedi | 11/02/04
Agreed but the bug is the tag  seosamh_z | 11/02/04
Maybe it's a Marketing Ploy ....  coffeenite | 11/03/04
And they wonder why we don't trust them...  BitTwiddler | 11/02/04
Negative Microsloth Story = No Ax MIA....  itanalyst | 11/02/04
Now it makes sense  NonZealot | 11/03/04
Mac OS Is Safest OS  itanalyst | 11/02/04
And that same story..  d_jedi | 11/02/04
Wierd  DarthRidiculous | 11/02/04
Haha...  Yen_z | 11/03/04
Did they read the ENTIRE article?  coffeenite | 11/03/04
Download a secure browser here!  anthonycea | 11/02/04
I'm lucky if I can get my students to even LOOK at a URL  James Dean_z | 11/02/04
They don't even look at the URL..  d_jedi | 11/02/04
times are changing  Kukulkan | 11/02/04
What!?!  Patrick Jones | 11/03/04
Re: What!?!  rpmyers1 | 11/03/04
Yeah, Right!  Jeff Hayes | 11/03/04
Why is it that every "bug" is a reason to B@#!#! about MS  vbp1 | 11/03/04
this is a flaw  JasonL31 | 11/04/04
umm  IT Scion | 11/04/04
Am I missing a point here?  IT Scion | 11/04/04
All priase MS  IT Scion | 11/04/04
Microsoft thinks all users are computer professionals  wemeier | 11/12/04

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement
Click Here
advertisement