Re: Seriously?

["Nick FitzGerald" <nick () virus-l demon co uk>]

Dan Hubbar wrote:

> Does anyone have a sample website? I am wondering if you need to have 
> the checkbock selected for allowing external apps from non-sanctioned 
> marketplaces..

Not been able to find a working site (the first level IFrame domain is 
working again -- well, last I looked -- but the next level of 
redirection was (still) down) but from the descriptions I've read and 
discussions with colleague, the answer is "yes, you need to have 
enabled that option".

It's not a driveby anything though -- except for the mental cripples 
who accept Wikipedia's definition of "drive by download".  When it 
works it does so by the browser popping up an "accept this download" 
warning and the user assenting.  This is nothing different from a 
squillion other pages over the years (mostly compromised) that via a 
redirect of some kind, a JS, an Iframe, etc cause a visitor's browser 
to request a URL whose contents turn out to be of a content type that 
the browser has no native handler for, causing the browser to pop-up 
some kind of a "what the heck do you want to do with this" dialog.

"driveby download", "driveby exploit", etc, etc means "nothing 
whatsoever to do with the browser user (think "victim") other than 
happening to have been in the wrong place at the wrong time", as should 
be obvious to anyone with a fifth-grade education and a vague 
understanding of the meaning of the term "drive by shooting", which is 
the analogy from which "driveby downloads", etc, etc were named in the 
first place.

"user-initiated drive by download" is thus, again obviously so, an 
oxymoron.



Regards,

Nick FitzGerald


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.