Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

New IE Malware Captures Passwords Ahead Of SSL

simoniker posted more than 10 years ago | from the tricky dept.

Internet Explorer 986

Ken Treis writes "SANS Internet Storm Center is reporting on a new strain of IE Malware. This one targets bank customers, which in itself is nothing new. But the catch is in the way it does it: it installs a Browser Help Object (BHO) that can capture login information before it is encrypted, and 'watches for HTTPS (secure) access to URLs of several dozen banking and financial sites in multiple countries.'."

cancel ×

986 comments

Sorry! There are no comments related to the filter you selected.

Coming events (5, Funny)

Carnildo (712617) | more than 10 years ago | (#9563705)

Cue the "Gee I'm glad I use FireFox on Linux" posts.

Re:Coming events (5, Funny)

Anonymous Coward | more than 10 years ago | (#9563726)

Gee I'm glad I use FireFox on Linux.

GEE (-1, Redundant)

Anonymous Coward | more than 10 years ago | (#9563742)

I am glad I use FireFox on Linux and not such shitty software that gets a new exploit every week that has the potential to fuck up my life! All I want is to browse the Internet, not risk losing all my money.

-1, mindless tool (nt) (-1, Troll)

Anonymous Coward | more than 10 years ago | (#9563766)

N to the mothafucking T

Re:Coming events (0, Offtopic)

Anonymous Coward | more than 10 years ago | (#9563747)

Personally, I use Opera on Linux, and Safari on MacOS X.

Re:Coming events (5, Insightful)

Anonymous Coward | more than 10 years ago | (#9563780)

Gee I'm glad I use FireFox on Linux!
Except when I'm at work...

I've got no choice at the office. So should I just stop doing online banking at work because the computers happen to use the most popular operating system and browser in the world?

It does seem surprising that this hasn't been done before.

Re:Coming events (5, Insightful)

oGMo (379) | more than 10 years ago | (#9563794)

Cue the "Gee I'm glad I use FireFox on Linux" posts.

Gee, I'm glad I use Firefox on Linux. And why the hell shouldn't I be? In addition to actually supporting standards (CSS anyone?), my decision is constantly reaffirmed by exploints such as these. Do you have a problem with that? (Actually I use Mozilla, but close enough.)

Re:Coming events (4, Funny)

foidulus (743482) | more than 10 years ago | (#9563799)

Nah, I'll stick to lynx running on my gamecube, the only way to surf!

Re:Coming events (0)

Anonymous Coward | more than 10 years ago | (#9563872)

Well, I just telnet to the server with my NES, but that's pretty much the same thing...

Re:Coming events (1)

i_should_be_working (720372) | more than 10 years ago | (#9563807)

that's what i used to say.

but after this many screw ups by IE, i'm starting to think even i could take advantage of one of their vulnerabilities.

hey everybody, keep using IE!

Re:Coming events (1)

mandark1967 (630856) | more than 10 years ago | (#9563808)

Boy am I glad I use lynx!

Re:Coming events (0)

Anonymous Coward | more than 10 years ago | (#9563819)

I use IE on MacOS. No holes here!

Re:Coming events (mutated) (1)

Karl Prince (738370) | more than 10 years ago | (#9563867)

"Gee I'm glad I use Firefox on Windows"

FWIW the 0.9.1 upgrade may help convert a few more Invariably Exploited (IE) users.

The phrase "Invariably Exploited (IE)" is patent pending, though infractions won't be dealt with until SCO's lawyers have a bit more time on their hands

GEE (0)

Anonymous Coward | more than 10 years ago | (#9563896)

I am glad I use FireFox on Linux and not such shitty software that gets a new exploit every week that has the potential to fuck up my life! All I want is to browse the Internet, not risk losing all my money.

Can someone explain... (1, Insightful)

Anonymous Coward | more than 10 years ago | (#9563706)

Why anyone is still running Internet Explorer when there are so many [mozilla.org] better [mozilla.org] alternatives [opera.com] ?

Re:Can someone explain... (5, Insightful)

gr33nlantern (623996) | more than 10 years ago | (#9563745)

Well, personally, i agree with you. Internet Explorer is far inferior to a lot of the other browsers out there.. The thing is that it's bundled with windows, and most people out there quite frankly aren't very computer literate, and more than 1/2 I would bet don't even know other web browsers exist. True, no? Any comments to that?

Re:Can someone explain... (1)

Neil Blender (555885) | more than 10 years ago | (#9563836)

Agreed. A month ago, I spent a day cleaning up my wife's laptop, installed an alternate browser and told her to never use IE ever again. After a week, I check up on it and she's still using IE. It took me three times get it to sink in. It's seems to pretty much be ingrained in people who have only ever used Windows. I don't think she had a clue that there were alternatives out there and, while not too computer literate, she has been on the net for 7 or so years in a windows only environment.

Re:Can someone explain... (5, Insightful)

DjMd (541962) | more than 10 years ago | (#9563869)

Thats when you point her IE shortcut at Firefox...
I mean come on,,, Just tell her it is the new IE.

Re:Can someone explain... (1)

gr33nlantern (623996) | more than 10 years ago | (#9563891)

"Thats when you point her IE shortcut at Firefox... I mean come on,,, Just tell her it is the new IE." XD hahahahaha

one word (4, Insightful)

WormholeFiend (674934) | more than 10 years ago | (#9563753)

"laziness"

Re:one word (2, Insightful)

Oxy the moron (770724) | more than 10 years ago | (#9563910)

Better word:

"ignorance"

Not necessarily ignorant of computers, but ignorant of acceptible substitutes.

Because... (5, Funny)

Draconix (653959) | more than 10 years ago | (#9563777)

What's a browser? Is that like Internet Explorer? But why do I need another one when I already have Internet Explorer? Don't I have to use Internet Explorer to connect to the internet?

Re:Can someone explain... (5, Insightful)

The Fanta Menace (607612) | more than 10 years ago | (#9563781)

Primarily cos they just use the first thing that is in front of their face.

One small step towards fixing this is to be involved as much as possible with all new computer installations.

Your mum is getting a new computer? Go in there and set it up for her. Put mozilla and firefox on the desktop, show her how to use them, and remove all the IE icons. She won't know any better and you can rest easy knowing there's less chance your inheritance is going to disappear from her bank account.

Re:Can someone explain... (2, Funny)

DaHat (247651) | more than 10 years ago | (#9563821)

less chance your inheritance is going to disappear from her bank account.

Or if there is currently little or no inheritance... have her use IE in the hopes that some how her bank account will get extra funds due to the exploit thus creating or increasing your possible inheritance.

Re:Can someone explain... (1)

gr33nlantern (623996) | more than 10 years ago | (#9563824)

ha!... tried that.. they just complain. lol. Change is not good for old people, they're just set in their ways. ; ;...

Re:Can someone explain... (1)

Errtu76 (776778) | more than 10 years ago | (#9563914)

but certain sites simply won't work on anything other than IE. So here's a small tip from a guy on securityfocus:

Copy the IE icon for all websites (eg. online banking) that require IE. Rename them to 'ABN Bank' or whatever and if you want you change the icon too. Than make the other browser the default one.

Because it isn't so clear cut (5, Insightful)

SimianOverlord (727643) | more than 10 years ago | (#9563785)


For the non-power user IE *IS* preferable. I came to this conclusion after trying several times to get friends and family to migrate to Firefox from Explorer. Even when I did all the grunt work, installing and setting up the browser and explained the benefits to them, they all went back to IE.

IE has enough features for them to deal with. They don't need the fancy "bells and whistles" of Mozilla, in fact they didn't even use the extra features. IE has the Microsoft look and feel they are used to. It's free, it's preinstalled, so they get used to the feel of it from the outset and don't have to download and install, a task many find daunting. And as most of the extra functionality Firefox has over IE comes from extensions, which they can't even work out anyway, then it seems pointless for me to try to force them to use it.

I don't blame most users for using IE. For them it is "good enough". I see a lot of snobbishness on this site, and maybe some of it is fair enough. I also see a lot of silly arguments with extrapolation from a small sample set "My sister uses Mozilla all the time now!" to big conclusions. As a scientist, I know enough not to make those errors. Anyway I just wanted to say most users don't need Firefox despite what you might read. I guess this is pretty obvious, it accounts for a fraction of 1% of browser usage after all.

For the average user, using Mozilla is like using a 4x4 to go shopping. It is needed one time in a million, and the rest of the time it is woefully underused.

I have Firefox on XP. I don't use it because... (-1, Troll)

Anonymous Coward | more than 10 years ago | (#9563826)



I have Firefox on XP. I don't use it because it's made for wusses. IE6, which is not very good really, makes firefox look like a baby toy.

Re:Can someone explain... (2, Informative)

bugmenot (788326) | more than 10 years ago | (#9563832)

I tried to switch to Firefox 0.9, but was overwhelmed by the amount of annoying bugs in it. It was constantly crashing on my machine and some web pages simply did not render correctly( probably the web designer's fault). I upgraded to 0.9.1 but some bugs are still there and not all extensions are working correctly. It may be much more secure than IE, but it's not as stable and still has a few flaws. I will wait for the 1.0 release and hopefully by then all those Firefox bugs will be fixed.

Re:Can someone explain... (4, Insightful)

stevesliva (648202) | more than 10 years ago | (#9563863)

I've actually had online banking sites force me to use MSIE when they decided Mozilla 1.5 wasn't a modern browser. Seems better with recent Mozilla and Firefox versions, or perhaps the frigging bank fixed their frigging software.

Easy (-1, Troll)

Anonymous Coward | more than 10 years ago | (#9563908)

Because it's the best. IE is pretty much solely responsible for the best innovations to web browsing.

www.refestltd.com/cgi-bin/yes.pl (2, Interesting)

Theatetus (521747) | more than 10 years ago | (#9563710)

When an outbound HTTPS connection is made to such a URL, the BHO then grabs any outbound POST/GET data from within IE before it is encrypted by SSL. When it captures data, it creates an outbound HTTP connection to http://www.refestltd.com/cgi-bin/yes.pl and feeds the captured data to the script found at that location.

Intrigued, I went to those scumware vendors [refestld.com] and saw that they are, in fact, dishing out scumware. So, in the interests of justice:

whois refestltd.com
Domain name: reflestltd.com

Registrant: Jay Seaton (6PPPG) jay@tremjade.com
United States
(913)6814254

Not that I condone using that information for any nefarious purposes...

Re:www.refestltd.com/cgi-bin/yes.pl (0)

Anonymous Coward | more than 10 years ago | (#9563728)

Mirror please!!! This site has already been slashdotted!!!

Re:www.refestltd.com/cgi-bin/yes.pl (1)

Mz6 (741941) | more than 10 years ago | (#9563754)

There's not much to it... It is basically one of those sites that you would find after clicking on a popup that says "YOU HAVE SPYWARE ON YOUR MACHINE". With that said... It tells you to click here to download, then re-directs you to the following link:

http://www.enigmasoftwaregroup.com/affiliate3/link .php?ref=398&productid=4

Re:www.refestltd.com/cgi-bin/yes.pl (0)

Anonymous Coward | more than 10 years ago | (#9563750)

It's a fax machine. Time to bust out that black paper loop.

Re:www.refestltd.com/cgi-bin/yes.pl (0)

Anonymous Coward | more than 10 years ago | (#9563752)

Bastard's phone line is busy!

grr.. typo above (3, Informative)

Theatetus (521747) | more than 10 years ago | (#9563765)

That query is for "refestldt.com" and I stupidly typed "reflestldt.com" after "domain name". The whois info is accurate, just not what I typed there.

Let's not be hasty... (1, Informative)

irokitt (663593) | more than 10 years ago | (#9563804)

And is everyone here is just assuming that information is authentic? That could just be some poor random schmuck whose name got used by someone else (identity theft happens), so let's not start any DDOS or Phone tree attacks on the guy. Or for the more dense:

"You! Step away from the wardialer! NOW!"

Re:Let's not be hasty... (1, Offtopic)

HeghmoH (13204) | more than 10 years ago | (#9563859)

And is everyone here is just assuming that information is authentic? That could just be some poor random schmuck whose name got used by someone else (identity theft happens), so let's not start any DDOS or Phone tree attacks on the guy. Or for the more dense:
"You! Step away from the wardialer! NOW!"

--
Your lucky number is 3552664958674928. Watch for it everywhere.

It's ok. I'll just wardial the number in your sig instead.

It's probably fake: Blue Valley High (3, Informative)

tmoertel (38456) | more than 10 years ago | (#9563887)

A Google search on the phone number [google.com] reveals that it is for one Blue Valley High School.

In other words, it's almost certainly a bogus phone number attached to bogus domain-registration info.

Don't Call!! (1)

corodon (792258) | more than 10 years ago | (#9563904)

According to the "complete findings" [sans.org] linked from the article, the phone number belongs to a school in Kansas.

I'm suprised (5, Insightful)

cbrocious (764766) | more than 10 years ago | (#9563713)

that this hasn't happened earlier. Why would you fsck with SSL when you can bypass it completely?

Re:I'm suprised (4, Funny)

NanoGator (522640) | more than 10 years ago | (#9563813)

"Why would you fsck with SSL..."

Because there are no files to check, just packets?

Grrrrrrr (0)

Anonymous Coward | more than 10 years ago | (#9563715)

And why won't Microsoft admit there is a problem???

Re:Grrrrrrr (1)

DaHat (247651) | more than 10 years ago | (#9563767)

Who says they haven't? Or more appropriately, who says they wont do so and fix it in some way?

Re:Grrrrrrr (1)

RY (98479) | more than 10 years ago | (#9563864)

Problem? What problem? It is still a "secure" connection.

It is not a problem until the media gets ahold of it an lets the public know that there is a problem.

Think of the number of "SECURE SITES" (banks) which only work with IE.

First Post (-1, Troll)

Anonymous Coward | more than 10 years ago | (#9563716)

:P

Re:First Post (-1, Offtopic)

uberfruk (745030) | more than 10 years ago | (#9563773)

you lose

ha-ha

fp (-1, Offtopic)

Joey Patterson (547891) | more than 10 years ago | (#9563717)

fp

Coward (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#9563718)

fr1st p9st!

Wow.... (1, Funny)

FatSean (18753) | more than 10 years ago | (#9563719)

I'm simply stunned...where I work security is #1 and availability is #2. Judging by their output...it must be very different working at MS.

Re:Wow.... (0)

Anonymous Coward | more than 10 years ago | (#9563761)

I'm simply stunned...where I work security is #1 and availability is #2. Judging by their output...it must be very different working at MS.
-1, Redundant

Re:Wow.... (2, Insightful)

lukewarmfusion (726141) | more than 10 years ago | (#9563814)

Where I work, I have to cater to the clients' demands, timelines, and budgets. That means that I strongly recommend as much security as they need, and if they don't want everything I recommend then I don't build it in. Then I provide a nice document detailing all the steps I took to secure the site and request that they review and sign off on it. It's on their heads.

There's an outcry when Microsoft pushes their product launch back another year, and followed up with complaints that they didn't spend enough time testing and securing everything.

I don't disagree with you, but I can also see some factors that cause these problems.

And finally - the story is not about Microsoft, it's about malware that someone else created. You could create and install malware for Firefox too, you know.

Re:Wow.... (1)

akh (240886) | more than 10 years ago | (#9563899)

>And finally - the story is not about Microsoft, it's about malware that someone else created. >You could create and install malware for Firefox too, you know

Except that the infection vector is a known IE exploit for which there is no patch.

FP (-1, Troll)

Anonymous Coward | more than 10 years ago | (#9563721)

I'll take your money!

- Bill G.

uh oh (-1, Offtopic)

Anonymous Coward | more than 10 years ago | (#9563722)

OH damn, bad news.

And this... (5, Funny)

DaHat (247651) | more than 10 years ago | (#9563729)

Is why I transmit all of my passwords in plain text... not very secure, but a lot less obvious then all of these complicated 'security' or 'encryption' methods.

Has to be said (-1, Redundant)

harley_frog (650488) | more than 10 years ago | (#9563730)

Just one more reason to switch to Mozilla [mozilla.org] .

spybot S&D (2, Informative)

scrytch (9198) | more than 10 years ago | (#9563741)

I imagine spybot's BHO inoculation should block this. Anyone know? I use firefox on windows myself, but not for any other reason than that it's just a better browser. ff on linux is actually kind of painful to look at and sluggish to use still.

Interesting (2, Interesting)

xCepheus (687775) | more than 10 years ago | (#9563743)

I wonder why the author of the code chose to only look for a certain number of SSL-enabled URLs. Why not just write the code to look for any URL or redirection that's prefaced by "https://"?

Just another good reason to switch to Firefox.

Re:Interesting (1)

SlamMan (221834) | more than 10 years ago | (#9563774)

Probably makes it easier for them. Lots and lots of sites use SSLs, and most of them won't make the Spyware vendors any money.

Re:Interesting (1)

Mz6 (741941) | more than 10 years ago | (#9563792)

I would imagine it's because it would be a lot easier to weed through the sites you want rather than every SLL-enabled URL out there. This way he knows what passwords and from what sites hes getting.

If this won't get people to switch, what will? (2, Insightful)

motown (178312) | more than 10 years ago | (#9563746)

For crying out loud, people! How hard is it to download Firefox and switch? Especially with the new settings import wizard?

This is about your internet banking passwords, people! Your hard earned money is at stake here!

Re:If this won't get people to switch, what will? (1)

marnargulus (776948) | more than 10 years ago | (#9563828)

I'm on a company computer, which doesn't allow me to instal firefox. I assume that many people don't have additional computers at home which would mean they need to use their company loaners for personal use as well. It is not that uncommon. How are those people going to know about this bug in the first place, and what can they do about it as far as changing browsers? The answers: They won't know about it, and they can't change.

Dont need to intsall (1)

SuperKendall (25149) | more than 10 years ago | (#9563888)

Just download the zip file, and extract it - you should be able to run it in place from a directory!

Also complain to your company security team about having to use an insecure browser.

Re:If this won't get people to switch, what will? (4, Insightful)

Carnildo (712617) | more than 10 years ago | (#9563860)

If this won't get people to switch, what will?

Nothing. Probably 75% of computer users out there aren't even aware what a web browser is, much less what "SSL", a "security hole", and a "BHO" are. If they can understand neither what they are using, nor why they shouldn't be using it, they aren't about to switch.

Re:If this won't get people to switch, what will? (5, Insightful)

NanoGator (522640) | more than 10 years ago | (#9563868)

"For crying out loud, people! How hard is it to download Firefox and switch? Especially with the new settings import wizard?"

For crying out loud, people! Nobody even knows what Firefox is!

Quit acting like everybody's a retard and start putting money into a Firefox ad campaign or something. Acting like a raging zealot isn't going to get people to switch.

Too late? (1)

RoboProg (515959) | more than 10 years ago | (#9563875)

Is switching browsers enough? After that business last week about the IIS + IE sucker punch, I very much distrust anything running on Windows, for fear that the entire system is so easily compromised. If every key stroke is logged, every file is scanned, any DLL can be replaced, you really need to adopt an "X Files" kind of mentality, or you aren't paranoid enough. (they ARE out to get you, where they = black hats; you = people with anything valuable on a computer)

I *do* use Windows -- as a home entertainment center. At this point, there is no way I would consider putting anything like bank account numbers or SSNs on a Windows box. I have no illusions about the perfection of Linux, but there is something to be said about a diversity of platforms. I've never loaded BSD myself, but maybe it's time to start diversifying my software portfolio (OTOH - I can hardly wait to try to find *those* drivers).

My opinion of businesses considering using (requiring?!?) Windows for any kind of accounting or personal information just sunk another notch lower today.

-- END RANT -- :-)

My Related Prayer (2, Funny)

Anonymous Coward | more than 10 years ago | (#9563895)

I'm not a religious person... but I will now attempt to pray...

God, it's me, Anonymous Coward, I beg you, have the l33t hax0rs of the world unite to develop exploits and hacks against Linux and Firefox so that open source zealots can no longer scream about how secure their software is. Any competent person or deity (ie you) knows that there are potential exploits in both, but most have not been found because most do not look as hard as is done with Windows.

If you do this for me... I promise to sell my soul to your minions in Redmond and banish any Linux or Open Source related product from my home from now until eternity.

Amen

usually a good idea (5, Informative)

dtfinch (661405) | more than 10 years ago | (#9563755)

To uncheck the "enable third party browser extensions" box in your Internet Explorer properties, if you must use Internet Explorer. This fixes most of the Internet Explorer problems that people ever experience and blame on Microsoft.

There is the slight problem that malware can silently reenable it when they run, but I doubt many do.

HA! (5, Funny)

Anonymous Coward | more than 10 years ago | (#9563762)

This is why I do all my online banking using Gopher.

I love IE (3, Funny)

Admiral Llama (2826) | more than 10 years ago | (#9563770)

This isn't Malware, this is advertising for Apple. THIS is why I buy Macintoshes.

Can someone refer me to a useful BHO? (5, Insightful)

curtisk (191737) | more than 10 years ago | (#9563791)

Anytime I hear of BHO's its always malware/spyware/adware...so when is it used for good? Seriously....

Stuff like the google search bar? Does that count?

Re:Can someone refer me to a useful BHO? (1)

Carnildo (712617) | more than 10 years ago | (#9563884)

Anytime I hear of BHO's its always malware/spyware/adware...so when is it used for good? Seriously....

Stuff like the google search bar? Does that count?


I think GoZilla and other download managers use it to intercept downloads for managing. If someone were to make a download manager that wasn't spyware, this would be a good use of a BHO.

Banks need to wise up (0)

Anonymous Coward | more than 10 years ago | (#9563793)

Online banking and voting are insane ... we have been lucky up to this time.

If the next guy to find a buffer overflow on windows decides to just abuse it to target a couple of banks to hijack all transactions we will have chaos on a scale not seen before. One time verification helps a little, but only a very little ... you never know what transaction you are verifying, and if your computer is rooted it can be anything at all.

Both online banking and online voting will only be acceptable if they use external devices on which users can verify transactions. Mainstream OSs are too complex to trust.

How long (0, Redundant)

Harbinjer (260165) | more than 10 years ago | (#9563796)

this seems like its a pretty big deal. Good thinking by the author, he should be complimented, then put away.

how long will it take for everyone to switch to firefox? I sure hope its happening.

New Genre (3, Funny)

the_mad_poster (640772) | more than 10 years ago | (#9563798)

You know you really have something going for you when a single application in your product line helps defines it own genre of exploits:

...the adware/spyware/IE exploit genre...

The fellow in the article... (5, Informative)

tcopeland (32225) | more than 10 years ago | (#9563800)

....who figured out how it worked (i.e., Browser Handler Object, HTTP POST of stolen account info to a site) is Tom Liston of Hackbusters [hackbusters.net] . He's been sorting through this kind of thing for a while...

Open Source compressor used: (4, Funny)

geeber (520231) | more than 10 years ago | (#9563806)

From the article:

It is actually a 27648 byte Win32 executable that has been compressed using the Open Source executable compressor UPX.

Cue the FUD saying "look I told you Open Source was inherently less secure!"

And the wave of IE abandonment begins... (4, Interesting)

Billy the Mountain (225541) | more than 10 years ago | (#9563809)

I read this article in the Houston Chronicle this morning: Flaws may mean it's time to drop Microsoft browser [chron.com] . It's beginning to look like there's a ton of exploitable stuff in IE.

BTM

What, exactly, is the FBI doing about this? (5, Insightful)

ryanwright (450832) | more than 10 years ago | (#9563810)

Everyone here is likely to blame Microsoft. I'm turning my wrath against the intelligence organizations of various countries. For far too long this BS - malware, viruses, fraud sent via spam - has been mostly ignored. It seems nobody is going to jail for the Paypal scams because Paypal isn't a "real bank". Now they're targeting real banks.

I, for one, am sick of it. Where is our FBI and what are they doing about this? If these were criminals setting up videocameras to record pin numbers at ATMs, you can bet there would be a huge effort to track them down. Well, this is worse than that.

Re:What, exactly, is the FBI doing about this? (1)

harley_frog (650488) | more than 10 years ago | (#9563902)

I'm no expert, but considering the nature of this bug, it shouldn't be too hard to the FBI to set up a honeypot disquised as a bank, add some phoney accounts and large, fictious transactions and track for any activity.

And now, a few years later, we see why we needed.. (2, Insightful)

Smeagel (682550) | more than 10 years ago | (#9563831)

netscape.

When there's no competition, M$ can get away with this crap. Let's face it, even with this 99% of people won't switch from IE, solely because they don't even realize they have a choice anymore. If there was actual competition in the industry (aside from nerds who run firefox), then this crap would NOT be allowed by M$, because it would mean certain death for any share of the browser market they held.

Gah! (0, Redundant)

Solar Limb (673519) | more than 10 years ago | (#9563833)

How many time does it have to be said? DON'T USE IE. Period. End of story. Fin.

"New IE Malware" (4, Funny)

sulli (195030) | more than 10 years ago | (#9563835)

(Score: -1, Redundant)

Go back to basics? (0, Troll)

Sheetrock (152993) | more than 10 years ago | (#9563845)

This brings up a complaint I've got with the way the industry works nowadays.

As a programmer, I feel the continual march of progress in computing has been hampered as of late because of a major misconception in some segments of the software industry. Some would argue that the process of refinement by iterative design, which is the subject of many texts in the field -- extreme programming being the most recent -- demonstrates that applying the theory of evolution to coding is the most effective model of program 'design'.

But this is erroneous. The problem is that while extremely negative traits are usually stripped away in this model, negative traits that do not (metaphorically) explicitly interfere with life up until reproduction often remain. Additionally, traits that would be extremely beneficial that are not explicitly necessary for survival fail to come to light. Our ability to think and reason was not the product of evolution, argues a new and credible scientific theory called intelligent design, but was deliberately chosen for us. Perhaps this is a thought that should again be applied to the creation of software.

It makes no sense to choose the option of continually hacking at a program until it works as opposed to properly designing it from the start. One only has to compare the security woes of Microsoft or Linux with the rock-solid experience of OpenBSD for an example. It makes little sense from a business perspective as well; it costs up to ten times as much to fix an error by the time it hits the market as it would to catch it during the design. Unfortunately, as much of this cost is borne by consumers and not the companies designing buggy products, it's harder to make the case for proper software engineering.

Different password entry schemes? (4, Interesting)

vanza (125693) | more than 10 years ago | (#9563847)

Not to discuss about IE, what about banks using different password entry schemes?

In Brazil there seems to be a new regulation saying that users of ATM and online banking shouldn't type the password in a numeric pad anymore.

Instead, you get 5 buttons on the touch screen (or a small Java applet, or Javascript thing in the case of the bank where I have an account there) with combinations of two numbers. It looks like "press this if the next number is 3 or 8".

The thing is, the combination changes every time you enter your password. The first button that was "3 or 8" before will be something like "4 or 7" next time. And the combinations change too, not only the position of the buttons.

So it becomes more difficult for spyware to monitor keypresses / mouse clicks, or things like this [utexas.edu] to work for the scammer. (Ironic or not, the ATM in the pictures at the UT website is from a Brazilian bank).

I haven't seen anything like that in any US bank; it's always a number pad where you type your password, or a text field to type the password online.

To all the posts pushing Firefox... (0)

Anonymous Coward | more than 10 years ago | (#9563853)

What is the point of pushing Firefox and other alternatives on /.? Is there anyone reading this that still uses IE?

Patched in 48 hours (3, Interesting)

ikekrull (59661) | more than 10 years ago | (#9563855)

Come on Bill, lets see you put your money (its not like you don't have enough of that) where your mouth is.

Your 48 hours starts now.

Man, I'm so sick of this... (5, Funny)

NeoGeo64 (672698) | more than 10 years ago | (#9563861)

When will us Linux users finally get to experience all of these exploits and viruses? It looks like Windows users have all the fun. :-)

How vulnerable are Mozilla, etc? (0)

Anonymous Coward | more than 10 years ago | (#9563874)

What would it take to do this in other browsers, say on Linux and Windows?

Would java enabled make it easy?

What about just javascript?

Oh, PUH-LEEZE (1)

SamMichaels (213605) | more than 10 years ago | (#9563879)

"Oooh switch to firefox" is the most ignorant and misguided response to this. Does soccer mom really care about a firefox? Nope.

This activity needs to be ILLEGAL...and that's the only way to stop it. They're wiretapping without consent.

Oh, and before the pro-firefox people jump all over me...allow me to show you my browser: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20040626 Firefox/0.8.

Wouldn't hurt me too much (4, Interesting)

Zarhan (415465) | more than 10 years ago | (#9563882)

...I don't know about banks in the US, but at least my (Finnish) bank gives me a username, password and (most important of all) a list of one-time passwords. When I log in, the only things I can see before it requests a one-time password is the balance on account, EURIBOR interest rates and the few stocks I've chosen to observe (ie, a master summary page). If I try to access anything, such as transaction records (not to mention transfers), I have to type in the one-time password. They mail me a new sheet when I'm starting to run out of one-timers.

If I don't want to use one-time passwords, I can choose to use smartcard reader and a PIN number (which remains constant). I'm not sure if that would be vulnerable. Anyway, this follows the "something you have, something you know"-security model, I know the username/password and have either the smartcard or the one-time list.

Do the US banks only use username/password pair?

so... (0)

Anonymous Coward | more than 10 years ago | (#9563892)

basically it's a keylogger?

Yeah.. (0)

Anonymous Coward | more than 10 years ago | (#9563894)

But Does it Run on Linux?

What's going on at Microsoft? (2, Insightful)

swb (14022) | more than 10 years ago | (#9563898)

Are they even paying attention? At first it was .exe worms in email, then it was network-layer exploits, and then it was spyware, and now in the past week it seems that IE is totally unsafe for any purpose whatsoever.

What's amazing me is why Microsoft isn't *running* to provide patches, for at least XP and 2K, to mitigate this. They're offering non-solutions like disabling Active X and Javascript. Sure, fixing the problem may mean some serious breakage for some in-house software someplace, but does anyone care that Spyware+Malware+IE is rendering their operating systems junk?

Are they even paying attention? Is XP SP2 a magic fix? Is it just too badly broken to even BE fixed?

Time for a credit card poison pill... (0)

Anonymous Coward | more than 10 years ago | (#9563900)

If they don't already, credit card companies and banks should have several unsecured computers hooked up to the internet and create bogus accounts so they can track where the information is going to. As soon as someone attempts a transaction with the information out come the cops.

/ Hmm, better read the article in case something similar was mentioned. Good thing I'm an A.C.

Online Banking etc (1)

vector0319 (530769) | more than 10 years ago | (#9563905)

I have no problem with online banking et al, but I was talking to my accountant yesterday and he said he will never put a credit card number or transfer money using the internet. He is an older gentleman and I wasn't about to go on about how SSL and other tech keeps this stuff safe, but it makes you think. Why would I put my information so easily available out there? I will continue to use the internet for online banking and such because I feel I take the necessarly precautions to keep myself safe. Makes you wonder will there ever be a time when you will be safe on the internet? I would say no. What are your thoughts?

So.. (3, Insightful)

NanoGator (522640) | more than 10 years ago | (#9563906)

What fancy-ass security feature in Firefox would prevent somebody from writing a plugin like this? Anything besides 'not a big enough user base to attempt it'?
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?