Create an Account
username: password:
 
  MemeStreams Logo

MemeStreams Discussion

search


This page contains all of the posts and discussion on MemeStreams referencing the following web page: Microsoft: Why patch IE when you can just issue notices?. You can find discussions on MemeStreams as you surf the web, even if you aren't a MemeStreams member, using the Threads Bookmarklet.

Microsoft: Why patch IE when you can just issue notices?
by Acidus at 11:53 am EST, Jan 30, 2004

So Microsoft in its infinite wisdom has released a notices on their Knowledge Base to help users to avoid going to spoofed pages. There are a few sentences about looking for the padlock in the lower rigth corner, what Certificates are, etc.

The rest of the articles tells users how to type in 1-2 line javascript commands directly into the address bar to make sure they are really at Yahoo. All of this is to prevent the fun %00 %01 bug in IE what can let you spoof an address.

WTF is this? Do they really expect Joe Sixpack to actually do do this? There are the same morons how say "Oh look an attachment from someone I don't know" [OPENS]. You think they are reall going to type:

javascript:alert("The actual URL is:\t\t" + location.protocol + "//" + location.hostname + "/" + "\nThe address URL is:\t\t" + location.href + "\n" + "\nIf the server names do not match, this may be a spoof.");

This is retarded. This exploit came in early December, its now nearly January, and instead of a patch, Microsoft gives us a tersely worded notice to do things no normal user would do.


 
 
Powered By Industrial Memetics