Comments on: More browser bugs equals greater risk http://www.thespanner.co.uk/2007/08/29/more-browser-bugs-equals-greater-risk/ A tool for designers dealing with programmers dealing with designers... Fri, 10 Sep 2010 14:55:30 +0000 http://wordpress.org/?v=2.6.2 By: Gareth Heyes http://www.thespanner.co.uk/2007/08/29/more-browser-bugs-equals-greater-risk/#comment-463 Gareth Heyes Wed, 29 Aug 2007 13:16:01 +0000 http://www.thespanner.co.uk/2007/08/29/more-browser-bugs-equals-greater-risk/#comment-463 Yep I think it our job to highlight this and hopefully the browser manufacturers/sites will listen to what we have to say and not some obviously made up statistics. I still don't get how they can get away with writing such crap and how their feeds are being read by other sites. It's a disgrace and people need to wise up and start ignoring rubbish like this. Yep I think it our job to highlight this and hopefully the browser manufacturers/sites will listen to what we have to say and not some obviously made up statistics.

I still don’t get how they can get away with writing such crap and how their feeds are being read by other sites. It’s a disgrace and people need to wise up and start ignoring rubbish like this.

]]> By: Ronald http://www.thespanner.co.uk/2007/08/29/more-browser-bugs-equals-greater-risk/#comment-462 Ronald Wed, 29 Aug 2007 13:00:46 +0000 http://www.thespanner.co.uk/2007/08/29/more-browser-bugs-equals-greater-risk/#comment-462 Yah they say some strange things... I don't agree with 'em. I don't understand what Project Honeypot has anything todo with this since it only catches bots and spiders that follow a hidden hyperlink. :S And who knows how many customers have been compromised already without even knowing. I don't think we will ever know so we cannot assume it's okay now. I have seen attacks that were based upon my research, after I posted it. A simple example is bypassing the anti phishing filter in Firefox last year, when I disclosed it on ha.ckers.org a few weeks later phishers were incorporating the ideas I presented. So it happens, if anyone ever read the stories from phishers on ha.ckers.org know thta they make tons of money, and users are sitting ducks. At least I wanted to know how far I could compromise a browser, because it's my security also. :) Yah they say some strange things… I don’t agree with ‘em. I don’t understand what Project Honeypot has anything todo with this since it only catches bots and spiders that follow a hidden hyperlink. :S

And who knows how many customers have been compromised already without even knowing. I don’t think we will ever know so we cannot assume it’s okay now.

I have seen attacks that were based upon my research, after I posted it. A simple example is bypassing the anti phishing filter in Firefox last year, when I disclosed it on ha.ckers.org a few weeks later phishers were incorporating the ideas I presented.

So it happens, if anyone ever read the stories from phishers on ha.ckers.org know thta they make tons of money, and users are sitting ducks.

At least I wanted to know how far I could compromise a browser, because it’s my security also. :)

]]>