作者Armuro (Say GoodBye)
看板Browsers
標題[新聞] 各瀏覽器的新危機?!
時間Fri Sep 26 02:38:33 2008
剛剛才發佈的新聞...
From ZDnet :
http://blogs.zdnet.com/security/?p=1972&tag=nl.e589
重點句在這邊:
In a nutshell,
it’s when you visit a malicious website and the attacker is
able to take control of the links that your browser visits. The problem
affects all of the different browsers except something like lynx. The issue
has nothing to do with JavaScript so turning JavaScript off in your browser
will not help you. It’s a fundamental flaw with the way your browser works
and cannot be fixed with a simple patch. With this exploit, once you’re on
the malicious web page, the bad guy can make you click on any link, any
button, or anything on the page without you even seeing it happening
簡單就是說...這種惡意網站就算你關掉javascript的支援也沒輒
因為他是利用瀏覽器本身的缺點來攻擊的
你到這惡意網站後會完全被控制, 包括點選任何連結或按鈕或任何東西
現在只有確定Lynx 不會遭受這種攻擊
所以...改用Lynx來看最安全XD
微軟跟Mozzila都承認這是個暫時無法解決的難題
目前解決辦法就是:關掉瀏覽器所有scripting 和 pluggins
--
我想 大家先到有保障的網站逛就沒事了XD
--
※ 發信站: 批踢踢實業坊(ptt.cc)
◆ From: 67.194.2.233
推 vip82:Lynx...XD 09/26 04:28
推 mstar:還有 w3m 啊 XD 09/26 06:21
推 wisehuang:lynx.... 那我寧願不要用browser XD 09/26 10:44
推 timmy5519:lynx... XDD 09/26 19:20