[huskerlug] Re: A big danger of using Java
- From: Jim Worrest <jworrest@xxxxxxxxxxxxxxxx>
- To: huskerlug@xxxxxxxxxxxxx
- Date: Tue, 02 Jun 2009 12:31:02 -0500
Well, actually that story was about routers which was what I found
before I did a better job on finding the original video about
clickjacking that I saw on clickjacking here:
http://www.tommerritt.com/?p=852
so I don't know if that original story was FUD or not, since it really
did have to do with routers (and I believe Java)
Sorry for phrasing it so sloppily. I do think I did convey what was in
the original video that clickjacking can be greatly decreased with the
NOSCRIPT addon in FireFox (and what wasn't in the video, or I don't
remember that the WOT addon should help keep you off of dangerous
websites in the first place. What was in the video is that you should
upgrade to Java 10, which may or may not be easy depending on the
version of a distro you are using?
This problem doesn't look OS specific, is the other thing I was pointing
out. :-(
GreyGeek wrote:
> Doesn't the FUD ever stop?
>
> This isn't a "Linux" issue, or a "Windows" issue. This is a router
> issue and not just for home routers either. Many SOHO's don't bother to
> change their router passwd when they set it up in the business. As the
> article said:
>
>> The attack works on any type of home router, but only if the default
>> router password hasn't been changed,
>>
>
> The lack of security with WEP encryption is just as bad, if not worse,
> and it is NOT an OS issue, either.
> GG
>
>
> Jim Worrest wrote:
>
>> Now of course we know that using Linux makes us impervious to spyware
>> and viruses. Perhaps one of you fellows brought this up before, and
>> there is a cute name for oh and it isn't this by the way, which I have
>> just ran across:
>>
>>
>> Hack lets intruders sneak into home routers
>>
>>
>>
>> http://news.cnet.com/2100-7349_3-6159938.html
>>
>> I was looking at a tip on CNET hacks that had nothing to do with this,
>> but I happen to see it listed, they had a little video on clipjacking.
>>
>> The above is a stealth way of stealing keycodes when visiting an evil
>> site. This strikes me as a problem that has nothing to do with
>> operating systems, of course Linux users use Firefox, and just adding
>> Noscript and WOT addons will greatly decrease the danger, though I
>> notice that on Linux there seems to be a lot of Java version 9 and the
>> video did say to go to Java version 10.
>>
>> Even something for Linux users to think about. ---Jim
>>
>> ----
>> Husker Linux Users Group mailing list
>> To unsubscribe, send a message to huskerlug-request@xxxxxxxxxxxxx
>> with a subject of UNSUBSCRIBE
>>
>>
>>
>>
>>
>
>
>
----
Husker Linux Users Group mailing list
To unsubscribe, send a message to huskerlug-request@xxxxxxxxxxxxx
with a subject of UNSUBSCRIBE
Other related posts:
