http://www.google.com/ (http://www.google.com
%00@hostlead.com/)

Now who wants to buy google from me? :D

HL

http://www.google.com%01%00@hostlead.com/


it's already been done.

awww

:D

at least give others a little more time to figure it out...

HL

Does anyone still use Internet Explorer?!?

From the comfort and security of Opera, these IE exploits seem ridiculous and laughable.

I will reluctantly fire up IE when I need to browser-test a site, or I go to my braindead banking site that insists on IE.

It's great clicking on it from Safari ... no issues at all.

I bet MS did not release patch for this yet.

I talked to my neighbor that works at MS, he says that it was released about 4 months ago..

I bet MS did not release patch for this yet.
I talked to my neighbor that works at MS, he says that it was released about 4 months ago..
Its all about visiting Windows Update more often. ;)

I dont want to download all the crap with windows update wants me to install (those days are over). What bulletian was this so I can find this patch?

I would like to know too, he works late and leaves early, so i can't talk to him very often.

I looked at all the bulletins for IE for the past year, but they all say the same thing, so i have no clue.

Originally posted by sightz.com
Does anyone still use Internet Explorer?!?

From the comfort and security of Opera, these IE exploits seem ridiculous and laughable.

I will reluctantly fire up IE when I need to browser-test a site, or I go to my braindead banking site that insists on IE.

Unfortunatly...yes..
At work I can't pick and chose my browser :(

Originally posted by sightz.com
Does anyone still use Internet Explorer?!?

From the comfort and security of Opera, these IE exploits seem ridiculous and laughable.

I will reluctantly fire up IE when I need to browser-test a site, or I go to my braindead banking site that insists on IE.

Umm yes around 90% of the browsing public... therefore you do need to make sure that your site looks it's best in IE if you want to capture your audience (of course whilst writing compliant code that works in all browsers)

And you mean that Mozilla and Opera don't have exploits.. go here http://www.securityfocus.com/bid/vendor and select 'Mozilla' and then 'Browser' from the drop down boxes

I don't know why people hate IE, except for the security, i'm just careful.

I think people don't like how MS has worked, so they join the crowd and try to be cool.

Myself, i have IE, Opera, Mozilla and Firebird, but i like IE the most.

this bug works on Firebird 0.7 too (so it's not a IE only)

I saw this trick in one of the scam emails. Poor people I don't know how many of them gave out their credit card details thinking it was a genuine email from paypal or ebay !!

We all blame IE for the security hole but if people are stupid enough to enter their credit card details on the net without checking everything then it's not entirely Microsoft's fault.

I for one, always check the certificate of the page first by clicking on the padlock when entering sensitive data... pretty hard to spoof that!

meah, I use google.ca... did scare me for a bit there... lol. How the heck you typed char 01 anyways?

Originally posted by is0lized
I don't know why people hate IE, except for the security, i'm just careful.

I think people don't like how MS has worked, so they join the crowd and try to be cool.

Myself, i have IE, Opera, Mozilla and Firebird, but i like IE the most.

It's been said that the reason a lot of people don't switch to Open Source operating systems is because of IE, and I tend to agree with that. Now, I don't like the way M$ operates myself, I do got to give them credit for IE..it is an awesome browser. Heh, if M$ released IE for Linux, it'd be the only M$ product I'd pay for directly from M$.

Originally posted by is0lized
I don't know why people hate IE, except for the security, i'm just careful.

Why do people hate IE?


Internet Explorer steals your web site visitors:

-IE can hijack text on your site to advertise for your competitors! (From MS) "Smart Tags enable real-time, dynamic recognition of content on Web pages and offer you relevant options as you work. By hovering and clicking on these smart links, you can get access to additional information or perform convenient Web tasks"

-404 errors on Your website can send your visitors to Microsoft! Unless your site's 404 error page is configured in a special way IE delivers it's own 404 error page with a Search link that goes to Microsoft's MSN Search


Microsoft usually ignores standards, preferring to re-write them to try and get people to only use their software.

-For example, the following tags ONLY work in Internet Exploder, because MS made 'em up:
<bgsound> <comment> <marquee> <ruby> <rt>


-active X security holes have allowed exploits that: hijack your homepage to show you porn every time you open IE; delete files from your system; install trojans and keyloggers; etc.

IE has:
-No support for attribute selectors (Windows/Mac)
-Incomplete support for PNG (Windows)
-No support for the W3C event model (Windows/Mac)
-No support for adjacent selectors (Windows)
-No support for border-spacing (Windows/Mac)
-No support for position: fixed (Windows)


In short, IE's ignorance of Internet standards, refusal to fix bugs and use of IE-only tags forces web designers to greatly complicate their work. You make one version for standards-compliant browsers and one for IE.

BTW - when I click on the IE-exploit link that started this thread, Opera helpfully tells me I clicked on a weirdly formatted URL and asks if I am sure it is safe.

The bug does not work on Firebird 7.0. Actually, the bug doesn't work on any browser I use on the Mac.

Mozilla 1.5.1
Firebird 0.7
Safari 1.1

I think it is just a Windows IE thingie.

Originally posted by Angel78
this bug works on Firebird 0.7 too (so it's not a IE only) I'm using firebird .7 and I see http://www.google.com%01%00@hostlead.com/

if you're talking about the link description, it looks munged, and that's not really a bug, you can use simple javascript to change the link decription in the status bar.

And netscape never supported a <blink> tag then?

Active X... only if you're stupid enough to load an active x signed by an untrusted source. For the most part active x doesn't work if you don't agree to it being installed.

I think netscape was the first to have blink tage. :D

Originally posted by chrisranjana
I saw this trick in one of the scam emails. Poor people I don't know how many of them gave out their credit card details thinking it was a genuine email from paypal or ebay !!
Yah I saw that one as well.
I looked at the link (mozilla :-) and saw it was definitly not paypal . Had a good chuckle , e-mailed the guy back (he did a good job on the layout of the email) and went on my way .

Want to buy a bridge ?

I have a couple just released onto the market

Bridge you mean IE bridging??

Hm... although have many bugs... I like IE :P Well... I like Opera too though.

No, no, I meant do you want to buy a bridge

I have one, handy, for sale to the right person, it's in London. And another that will be snapped up fast but obviously out of your range, it's in San Francisco

Ah the good old bugs of MS Internet Explorer.
But hey, every software package has bugs.
You just need to install the updates, time to go hunting. :P

Chris

Sure all software has bugs, but how many comes close to needing as many patches as IE?

IE is like a rotting ship. Fix one hole, another opens up.

They need a rewrite from the ground up. Until then I can only laugh if anyone get's scammed or infected by trojans or whatever because they are using IE. No
sympathies there.

OK, anyone wanna explain how this works?? Or maybe I missed something... :confused:

:D

Originally posted by is0lized
I talked to my neighbor that works at MS, he says that it was released about 4 months ago..

Nope, no patch yet. If there was one released, it doesn't work. Fully updated here, yet the exploit works as expected.

-B

Originally posted by TMX
Fully updated here, yet the exploit works as expected.

The exploit seems to have stopped working for me in the last day or so, but I have not been notified of any Windows Updates! Can they update me without my permission if I have chosen to notified?!?

Im runningb the NEWEST version of MyIE2 which is supposed to have fixed this,BUT IT DOESNT!!!!!! (I have to re-load to have it show the whole URL)

The Dude :)