Create an Account
username: password:
 
  MemeStreams Logo

Microsoft: Why patch IE when you can just issue notices?
search
Home Agent Weblogs Social Network Post Help About

Acidus
Picture of Acidus
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Acidus's topics
Arts
Business
Games
Health and Wellness
Home and Garden
Miscellaneous
Current Events
Recreation
Local Information
Science
Society
Sports
Technology

support us

Get MemeStreams Stuff!


 
Microsoft: Why patch IE when you can just issue notices?
Topic: Technology 11:53 am EST, Jan 30, 2004

So Microsoft in its infinite wisdom has released a notices on their Knowledge Base to help users to avoid going to spoofed pages. There are a few sentences about looking for the padlock in the lower rigth corner, what Certificates are, etc.

The rest of the articles tells users how to type in 1-2 line javascript commands directly into the address bar to make sure they are really at Yahoo. All of this is to prevent the fun %00 %01 bug in IE what can let you spoof an address.

WTF is this? Do they really expect Joe Sixpack to actually do do this? There are the same morons how say "Oh look an attachment from someone I don't know" [OPENS]. You think they are reall going to type:

javascript:alert("The actual URL is:\t\t" + location.protocol + "//" + location.hostname + "/" + "\nThe address URL is:\t\t" + location.href + "\n" + "\nIf the server names do not match, this may be a spoof.");

This is retarded. This exploit came in early December, its now nearly January, and instead of a patch, Microsoft gives us a tersely worded notice to do things no normal user would do.

Microsoft: Why patch IE when you can just issue notices?

Thread [1]


  
 
Powered By Industrial Memetics		RSS2.0