On BNET: Turn your iPhone into an air mouse
BNET Business Network:
BNET
TechRepublic
ZDNet
TalkBack 6 of 77:
Next »
« Previous
No, it isn't
The adress bar is supposed to show the URL of the site. If you are at an address of:

"http://www.microsoft.com%01@zapthedingbat.com/security/ex01/vun2.htm"

and your browser says:

"http://www.microsoft.com"

That is a bug.

A browser can't do any more than honestly report the URL, which is what all other browsers do. A browsers can't say "gee, this address looks a bit like another address, maybe I should block it".

If you Aunt Edna is fooled by "http://www.microsoft.com%01@zapthedingbat.com" than I'll bet she also has a draw full of really cheap Rolex watches that she didn't realise were actually "Roll-ex" watches.

Nothing like a bit of user education, eh?
Posted by: Fred Fredrickson   Posted on: 12/11/03 You are currently: a Guest | Members login | Terms of Use
Reply to Story Reply to Message

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

Use Mozilla or Firebird  richman555 | 12/10/03
Not just IE  jmeola75@... | 12/11/03
Other browsers do not have the vunerability  dragosani | 12/11/03
Re:Other browsers do not have the vunerability  middle of nowhere | 12/11/03
Plainly tell?  chrichton99 | 12/11/03
No, it isn't  Fred Fredrickson | 12/11/03
Please answer this:  chrichton99 | 12/12/03
ragardless...  ryusen | 12/12/03
Ummm...that?s not the bug....!  Jomo_z | 12/11/03
Dang it!! Didin't they get the memo?  Jose Jimenez | 12/10/03
Make sure you get to real Viagra sites  FilledOut | 12/10/03
No, no, tell me it aint so, another negative artical about MS security.  DonnieBoy | 12/10/03
Like all the recent Linux security holes?  Loverock Davidson | 12/10/03
you mean holes like...  ryusen | 12/10/03
I'll bite  Richard Flude | 12/10/03
Richard Richard Richard  Squawkbox | 12/10/03
me2  Suicida| | 12/10/03
We are paying the idiots at Microsft, and they have billions of our money  DonnieBoy | 12/10/03
But you don't use Microsoft products  Loverock Davidson | 12/10/03
MS damage to non-MS users/developers  michael-t | 12/10/03
I do and dont  Suicida| | 12/10/03
So how are you paying for it?  NemesisNL | 12/14/03
Holee Software Batman!  0utasite | 12/10/03
Upgrade to Windows Server 2003  0utasite | 12/10/03
Certainitly wouldn't downgrade to Linux  Loverock Davidson | 12/10/03
Server 2003 isn't the answer, either  AbsolutelyNot | 12/10/03
On top of that...  in-DUH-vidual | 12/10/03
That's impossible.  NoB$ | 12/10/03
But why is that funny?  WhoIsDaMan | 12/10/03
Hate the new forums  WhoIsDaMan | 12/10/03
Only reasonable explanation?  Hug-Hes | 12/12/03
MS security is a joke.  Suicida| | 12/10/03
IE bug lets fake sites look real  Loverock Davidson | 12/10/03
yes, but only IE does this tot he address bar  ryusen | 12/10/03
You're right  doctormoriarty | 12/12/03
two points  ryusen | 12/10/03
The exploit didn't work for me when I tried it  toadlife | 12/10/03
The true cost of monopoly  Sunny Jalolly | 12/10/03
You mean you paid MS  FilledOut | 12/10/03
Overlooking a basic fact  master of illusion | 12/10/03
Most of the people here.....  Rick_K | 12/10/03
Darn!  Yen_z | 12/10/03
Only with dumb admins  Suicida| | 12/10/03
Exactly the customers MS wants  michael-t | 12/10/03
Hmm...here's an idea  jdane | 12/10/03
Sleeping in class  in-DUH-vidual | 12/10/03
You are right about Stats, wrong otherwise.  are-you-thinking | 12/10/03
better rethink...  stmueller | 12/11/03
IE Stinks  xero11 | 12/11/03
I agree, complacent  voska | 12/12/03
Not so simple...  Hug-Hes | 12/12/03
Not so complex either...  kevmit | 12/12/03
All My friends use Mozzila  voska | 12/11/03
Typical Argument  xero11 | 12/11/03
Cool article...  Jose Jimenez | 12/11/03
Imaginary Statistics are meaningless  Update victim | 12/11/03
Sorry about the formatting  Update victim | 12/11/03
don't kill your own argument,  ryusen | 12/11/03
Similar to  michael-t | 12/10/03
Wow, watching the holiday hate flow  FilledOut | 12/10/03
The Last Cumulative Patch for I.E.  The Real Bitch | 12/10/03
funny  Suicida| | 12/10/03
Help ???  Update victim | 12/11/03
Opera is immune  bmeacham98@... | 12/11/03
spoofs are as bad  JWatson77 | 12/11/03
Doesn't work on Mac OS X 10.2 on IE 5.2.2  ppflanz | 12/11/03
The problem is a business matter too  TTate | 12/11/03
How Do I Know?  BlackDiamond | 12/11/03
PayPal email spoofs will be lucrative now...  ejhonda | 12/11/03
Stop the madness  Jaded old guy | 12/11/03
IE Bug  dfyfe | 12/11/03
You Can't Protect Against being an IDIOT  Da_Bobcee | 12/11/03
Sure you can. It's called educating yourself. Try it.  kevmit | 12/12/03
It seems no trick for Mozilla  pesanti@... | 12/11/03
Look again  dscherf | 12/12/03
Outrageous!  paulgeaf | 12/15/03
New security patch is out, but not by Microsoft!  admin@... | 12/17/03

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement
Click Here
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
advertisement
  • Smart Tech Expert advice on innovations in healthcare and the green technologies that make it happen. Find out more
  • Smart Business Discussion and advice on management issues that revolve around making your world smarter and more useful. More Smart Advice
  • Smart People The best and worst moves in the management and strategy trenches. Learn More