l i n u x - u s e r s - g r o u p - o f - d a v i s
Next Meeting:
July 7: Social gathering
Next Installfest:
Latest News:
Jun. 14: June LUGOD meeting cancelled
Page last updated:
2002 Jun 05 11:09

The following is an archive of a post made to our 'vox mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox] Gopher: New use for old software.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox] Gopher: New use for old software.

My first thought with regards to this Gopher security hole in IE is
that "oh, users just need to learn not to click 'gopher:' links."

But, whoops!  What about:

  * Couldn't an "<img src="gopher:...">" cause the same, nasty effect?

  * HTTP header, or META tag page redirects?

  * JavaScript that changes the "Status" line on the browser
    (typically used for crap like "Click me for blah!" or scrolling annoyances)
    A "<a href="gopher:BAD-MOJO">Click for nekkid people!</a>" could
    actually be disguised to look like a link to  http://www.whitehouse.gov/

I guess the moral of the story is:  If you use Internet explorer:

  1. Browse with images off

  2. Browse with JavaScript off, or simply don't click any links, anywhere

  3. Don't browse to any web pages anywhere

Hey!  It's better than "unplug the computer from the network."
(Not by much, though ;^) )

I love the internet ;)

vox mailing list

LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!