Comments on: Critical flaw in Firefox and IE allows password theft http://tech.blorge.com/Structure: /2006/11/26/critical-flaw-in-firefox-and-ie-allows-password-theft/ Technology news Sun, 22 Nov 2009 16:15:02 -0700 http://wordpress.org/?v=2.8.5 hourly 1 By: mozila http://tech.blorge.com/Structure:/2006/11/26/critical-flaw-in-firefox-and-ie-allows-password-theft/comment-page-1/#comment-9096 mozila Tue, 17 Apr 2007 20:46:10 +0000 http://tech.blorge.com/Structure: /2006/11/26/critical-flaw-in-firefox-and-ie-allows-password-theft/#comment-9096 the history has shown that Firefox is safer than IE so I don't think that there is a reason to be afraid of. Just get FF and surf the web faster http://www.mozila.com.pl the history has shown that Firefox is safer than IE so I don’t think that there is a reason to be afraid of. Just get FF and surf the web faster http://www.mozila.com.pl

]]> By: melon http://tech.blorge.com/Structure:/2006/11/26/critical-flaw-in-firefox-and-ie-allows-password-theft/comment-page-1/#comment-1678 melon Tue, 28 Nov 2006 14:33:44 +0000 http://tech.blorge.com/Structure: /2006/11/26/critical-flaw-in-firefox-and-ie-allows-password-theft/#comment-1678 Don’t worry. Mozilla fixes the bugs faster them other browser, becouse is faster. Did you know that you can significantly speed up Firefox? You can find manual how to easily speed up Firefox over here: http://www.mozila.pl/firefox-speed-up.html Don’t worry. Mozilla fixes the bugs faster them other browser, becouse is faster. Did you know that you can significantly speed up Firefox? You can find manual how to easily speed up Firefox over here: http://www.mozila.pl/firefox-speed-up.html

]]> By: Biju http://tech.blorge.com/Structure:/2006/11/26/critical-flaw-in-firefox-and-ie-allows-password-theft/comment-page-1/#comment-1667 Biju Mon, 27 Nov 2006 19:44:04 +0000 http://tech.blorge.com/Structure: /2006/11/26/critical-flaw-in-firefox-and-ie-allows-password-theft/#comment-1667 What Robert Chapin found was not a browser flaw, it is a myspace.com flaw due to insufficient sanitizing done by myspace.com on user submitted content. Cross site form submit is a features very much used around 10 years or more. If you stop that even big sites like Bank of America or many sites useing MS passport.net service will stop functioning. As of Nov 26, I have not seen mozilla.org acknowledge it as a flaw. see http://www.mozilla.org/projects/security/known-vulnerabilities.html and bug https://bugzilla.mozilla.org/show_bug.cgi?id=360493 It is sad that media repeating the same story with out consulting relevant people. What Robert Chapin found was not a browser flaw, it is a myspace.com flaw due to insufficient sanitizing done by myspace.com on user submitted content.

Cross site form submit is a features very much used around 10 years or more. If you stop that even big sites like Bank of America or many sites useing MS passport.net service will stop functioning.

As of Nov 26, I have not seen mozilla.org acknowledge it as a flaw.
see http://www.mozilla.org/projects/security/known-vulnerabilities.html

and bug https://bugzilla.mozilla.org/show_bug.cgi?id=360493

It is sad that media repeating the same story with out consulting relevant people.

]]>