[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] OT: MS disabling features and changing old standards.

Subject: [ale] OT: MS disabling features and changing old standards.
From: jasonday at worldnet.att.net (Jason Day)
Date: Sun Feb 15 14:15:55 2004
In-reply-to: <[email protected]>
References: <[email protected]>

On Sun, Feb 15, 2004 at 12:24:08PM -0500, Adrin wrote:
> Has anyone noticed that another
> recent update also took out http://username:password at www.website.com?

Yes, this is because of all the phishing scams which expoloit this.
This was posted to bugtraq a few weeks ago, more info is here:

http://support.microsoft.com/default.aspx?scid=kb;en-us;834489

It's also interesting to note that, despite the fact that many browsers
support this URL syntax, it's not valid according to the RFCs, as
pointed out in this message:

http://www.securityfocus.com/archive/1/352429/2004-01-29/2004-02-04/0

-- 
Jason Day                                       jasonday at
http://jasonday.home.att.net                    worldnet dot att dot net
 
"Of course I'm paranoid, everyone is trying to kill me."
    -- Weyoun-6, Star Trek: Deep Space 9

References:
- [ale] OT: MS disabling features and changing old standards.
  - From: haswes at mindspring.com (Adrin)

Prev by Date: [ale] OT: One-time use digital cameras
Next by Date: [ale] Windows Invasion
Previous by thread: [ale] OT: MS disabling features and changing old standards.
Next by thread: [ale] Windows Invasion
Index(es):
- Date
- Thread