WebApp Sec mailing list archives
Re: Firefox extensions for fighting phishing
From: Saqib Ali <docbook.xml () gmail com>
Date: Tue, 19 Jul 2005 11:14:04 -0700
The Netcraft toolbar is is next to useless. The last time I checked it could be fooled by a frameset. So if someone could hack a frameset onto the host server, i.e., http://www.somewhere.net/only_fools_would_click_on_this_link/login.html
If you can hack into a host server, and change their login page to include a frameset, the webserver owner has a much bigger problem :) If you can hack into a server, you can do much more damage compared to what you can do with a phishing site.. :) Having said that, the purpose of the Anti-phishing toolbars is NOT to authenticate the content, but to authenticate the URL that you are clicking on. And Netcraft Toolbar does a mighty fine job of just that. -- In Peace, Saqib Ali http://www.xml-dev.com/blog/
Current thread:
- Firefox extensions for fighting phishing Mamading Ceesay (Jul 16)
- Re: Firefox extensions for fighting phishing Saqib Ali (Jul 17)
- Message not available
- Re: Firefox extensions for fighting phishing Saqib Ali (Jul 17)
- Message not available
- Re: Firefox extensions for fighting phishing Sean P. DeMerchant (Jul 19)
- Re: Firefox extensions for fighting phishing Saqib Ali (Jul 19)
- Message not available
- Re: Firefox extensions for fighting phishing Saqib Ali (Jul 20)
- Re: Firefox extensions for fighting phishing Saqib Ali (Jul 17)