Terry's Computer Tips - Newsletter
November 26, 2006

Volume 2, Number 24 — Sunday, November 26, 2006

Part 1 | Part 2 | Part 3 | Part 4

3.  Web Browser Bug -- IE and Firefox

Well, really, I'm not sure I would call it a web browser bug, so much as a possible phishing expedition that is enabled by some web sites. The real fix, though, CAN be controlled by changes in the web browsers.

P2Pnet.net (http://p2pnet.net/story/10510) reports a "Firefox bug" ( which is reported elsewhere to also affect Internet Explorer) is capable of disclosing userIDs and passwords. This bug is also reported on a number of other web sites and blog entries.

Ads by Terry

Sunbelt Kerio Personal Firewall
Two-way firewall protection for PC's
terryscomputertips.com/Kerio

CounterSpy
Always-running AntiSpyware Protection
terryscomputertips.com/Counterspy

It seems that, if a person can put HTML code on a web site, they sometimes can put a fake login form on the web site as part of that code. Where can this happen? On an blog or forum or such site that allows visitors to enter HTML code -- and there are NOT many of those. Most blog software and forum software prevents the entry of HTML code by the person posting. Unfortunately, not all do.

This bug is being exploited on the Internet now. Recently, there were reports of fake login screens at MySpace.com.

How do these work? They take advantage of Firefox and IE's functions to save passwords and user ID's and to automatically insert them into forms on those sites. In this case, while the actual form may be on the known site, a click on the submit button (which might even be invisible) sends the result to the malicious person's site.

Further, the actual form might be invisible... But, it still takes a click on the invisible "button" to make the phishing attempt work.

Mozilla is reported to have confirmed this issue, assigned a bug number, and has announced that it will be patched in version 2.0.0.1 or 2.0.0.2. I haven't heard any word on this from Microsoft, but they are usually much more close-mouthed about bugs and bug-fix plans.

The temporary fix for users is to disable the saving of passwords.

Comment About This Article Now

XP Repair Pro 2006
Find and fix Windows Registry errors
Download and scan for free
Read my review


XP Privacy Pro
Erase your Windows and Internet History Files
And, it works with Firefox and Opera, too!
Download and scan for free
Read my review

4.  Reader Feedback

Subscriber Ivan Tadej wrote to say:

Hello Terry, this is again a response to your last "/Sunday, November 12, 2006/" TCT newsletter-issue ...

You see, regarding the "/*4. Firefox 2.0 Bookmarks*/" entry on the http://www.terryscomputertips.com/archives/news_20061112_2.php page in particular, I thought to let you know that there is one much easier and straight-forward way of exporting Firefox's "bookmarks.html" files (and importing them too), i.e. all one needs to do is go to the main menu on the program's interface, click on "Bookmarks" item, choose "Organize Bookmarks...", and then in the Bookmarks Manager go once again to the menu, click on "File" and choose the "Export..." option.

regards, Ivan Tadej
http://www.tadej-ivan.be/

Good point, Ivan. However, in the case of that particular article, Karen (the subscriber with the question) wanted to know where the actual file was located.

There's an even easier way to back up Firefox, Mozilla, Netscape and Thunderbird profiles. There is a free utility that will back up the profiles (and restore them). I cover it in my article Backing Up Your Mozilla, Firefox, Thunderbird and Netscape Profiles



New subscriber Valerie Mitchell found her answers on Terry's Computer Tips. She was having a problem with slow-loading web site links, when she clicked on links in her Outlook Express email program. I'm glad she wrote to thank me!

Just wanted to thank you for the tips on this. The only one that did work for me however, was turning off system restore and letting it dump then turning it back on. Links in emails now load quickly again.
Thanx
v.mitchell

If you've experienced this problem, or if you do in the future, you can find my tips on solving it in my article Slow-loading Web Browser Links.

The link is also available in the Computer Tips / Email / Outlook Express and Computer Tips / Web Browsers / Internet Explorer areas of my site navigation bar.

 

Comment About This Article Now

Part 1 | Part 2 | Part 3 | Part 4

Volume 2, Number 24 — Sunday, November 26, 2006

Copyright © 2006 Terry A. Stockdale.  All rights reserved.


 

Thank you for visiting my site — I hope you found the site and articles helpful. If you did, please consider supporting my efforts by making a purchase (if you have one to make) via one of the links in my articles, one of my recommendations, or in my "Ads by Terry" to purchase the item. You can also shop via these links to major Internet retailers
Amazon.com and NewEgg.com or this my Amazon store...