January 29th, 2004

Don't Click Here

I'd suggest that you read this article,
http://support.microsoft.com/default.aspx?scid=kb;%5Bln%5D;833786

but the content of the article (written by microsoft) tells you it is no longer safe to click on any links on the web, unless you know you trust them. However there is virtually nothing on the net that is 100% trustworthy, and 99% of the web is just the opposite.

Want to see if you are affected? Visit this link
http://secunia.com/Internet_Explorer_File_Download_Extension_Spoofing_Test/

Did you see that download window? If so, you're not safe. You should pretty much click the little X in the upper right hand corner and log off the web, at least for a few months, until this is all fixed.

Why? Why such a incredibly rediculously stupid policy?

Becuase IE, the web browser that comes with 99% of all home computers, is a complete pile of shit.
There are 2 bugs that fit together nicely to completely destroy the usefulness of the program, and the web.

bug #1
A long complicated url can be created, that will only show the first part, but the browser will visit the full long url.

bug #2
an executable (very unsafe) can be made to look like any typical (usually safe) .html file


So I can build a long url like

http://www.yahoo.com:password@hacked.machine.com/evil/virus.exe

but all you'll see is http://www.yahoo.com

And there is a huge difference in those two urls. The iportant part is that @ symbol is important. It means I'm passing a username and password to the machine. My password is 'password', but my username is 'www.yahoo.com'. That looks like a machine name, but it isn't. Its just a username which happens to look like a machinename. The actual machinename is hacked.machine.com

You'll visit hacked.machine.com and download the virus.exe

but I'll put an extra character into the url, so that you won't see anything beyond www.yahoo.com. If that url happens to start a download, the filename will look safe, but could instead be my virus.

With just a tiny bit more complexity, I could tell you the url for an mp3, and when you saw the download popup, you would think it was completely normal. And instead you'll get my virus. And my virus is smart. It would have a couple of extra features, so that it would play a music file, enclosed inside it. And you'd hear the music and never thing twice.

And then I 0wn j00!

The solution, use a different browser. There are other programs that let you read web pages besides IE. The one I'd recommend is mozilla (http://www.mozilla.org), but Opera, and other options exist.

Why are these better. Well because IE is so common, its an excellent target for the bad guys. But beyond that, IE's fixes happen on slower time scales, so diseases have more time to spread. Mozilla is maintained by a community of volunteers, and is updated much more frequently. And anyone can see all the code (no, seriously. http://www.mozilla.org/cvs.html Admittedly its not for the faint of heart).

A major factor in the potato famine, is that everyone was growing identcial strains of potatoes. One disease was able to wipe everything out. By running a different browser you're helping to maintain a more complex, and therfore robust, ecology on the web.
  • Current Mood
    aggravated aggravated