More amazing Microsoft IE "features"

Mon Dec 20 13:55:48 2004 More amazing Microsoft IE "features"
Posted by Tony Lawrence
Search Keys: security|browsing
Referencing: http://www.informationweek.com/story/showArticle.jhtml?articleID=55800899

Gotta love this one: apparently someone could use one of Internet Explorer's "helpful" features to replace content you think you are viewing with something else entirely. It's called "cross-site scripting", and http://www.cgisecurity.com/articles/xss-faq.shtml explains more about it.


Hate these ads?


The real issue here is that the web has become far too complicated, and of course Microsoft's "ease of use" was right there to help the process. I know, I know, I'm a grump about this, but "easy" shouldn't be the primarily goal.

Unfortunately, that does seem to be the first thought, and Linux isn't immune to it either. However, Microsoft remains the undisputed champion of weakening security in the name of user friendliness.

Many of the products and books I review are things I purchased for my own use. Some were given to me specifically for the purpose of reviewing them.

I resell or can earn commissions from the sale of some of these items. Links within these pages may be affiliate links that pay me for referring you to them. That's mostly insignificant amounts of money; whenever it is not I have made my relationship plain. I also may own stock in companies mentioned here. If you have any question, please do feel free to contact me.




Comments

"It's called 'cross-site scripting'..."

Gee. That means I can arrange things so that when someone browses to www.aplawrence.com they will actually see www.playboy.com. Whatta concept!

--BigDumbDinosaur


"It's called 'cross-site scripting'..."

Gee. That means I can arrange things so that when someone browses to www.aplawrence.com they will actually see www.playboy.com. Whatta concept!

--BigDumbDinosaur

---December 20, 2004


More fun to do it the other way around..

--TonyLawrence



"It's called 'cross-site scripting'..."

Gee. That means I can arrange things so that when someone browses to www.aplawrence.com they will actually see www.playboy.com. Whatta concept!

--BigDumbDinosaur

---December 20, 2004


More fun to do it the other way around..

--TonyLawrence

Really? I've searched your entire site and can't seem to find the "Girls of Comdex" feature.

--BigDumbDinosaur


"It's called 'cross-site scripting'..."

Gee. That means I can arrange things so that when someone browses to www.aplawrence.com they will actually see www.playboy.com. Whatta concept!

--BigDumbDinosaur

---December 20, 2004


More fun to do it the other way around..

--TonyLawrence

Really? I've searched your entire site and can't seem to find the "Girls of Comdex" feature.

--BigDumbDinosaur

---December 21, 2004

You have to be a paid subscriber for those "etras".

--TonyLawrence


"It's called 'cross-site scripting'..."

Gee. That means I can arrange things so that when someone browses to www.aplawrence.com they will actually see www.playboy.com. Whatta concept!

--BigDumbDinosaur

---December 20, 2004


More fun to do it the other way around..

--TonyLawrence

Really? I've searched your entire site and can't seem to find the "Girls of Comdex" feature.

--BigDumbDinosaur

---December 21, 2004

You have to be a paid subscriber for those "extras".

--TonyLawrence

---December 21, 2004







Thu Jan 1 00:00:00 1970:  






Thu Jan 1 00:00:00 1970:  






Thu Jan 1 00:00:00 1970:  






Thu Jan 1 00:00:00 1970:  






Thu Jan 1 00:00:00 1970:  






Thu Apr 17 22:48:30 2008: Subject: CSS issues   yewnewb
http://www.youn00b.com

As an accomplished web developer, I can tell you that any past, present, or future browser that implements support for JavaScript or CSS can be exploited by XSS.

Firefox, Opera, Safari, and even the "MICROSOFT OMG" browser Internet Explorer.

Although I agree with the points you've made throughout the site, I really have to say, c'mon man. Realize it that Linux does indeed suck. The support sucks, the programs suck, and as a programmer of 16 years, I can honestly say of the thousands of Microsoft-compatible applications I've developed, I never felt the need to write one for Linux.



Fri Apr 18 02:14:28 2008: Subject:   TonyLawrence

gravatar
We'll have to disagree.




Fri Apr 18 13:14:34 2008: Subject:   BigDumbDinosaur
http://bcstechnology.net

Programmer of 16 years? Lessee, that means he started entering code in 1992 and therefore, probably knows nothing about computers other than what he learned about Microsoft stuff -- which isn't saying much, in my opinion. That would have been around Windows 3.1 or thereabouts. Some experience!



Sat Apr 19 00:55:29 2008: Subject:   drag


""I can honestly say of the thousands of Microsoft-compatible applications I've developed, I never felt the need to write one for Linux. ""

And as a Linux user for about 8 years I'd have to say that under no circumstances have I ever felt the need to use any of your applications.

Go figure. Now we are even! :) :)


Don't miss responses! Subscribe to Comments by RSS or by Email

Click here to add your comments

If you want a picture to show with your comment, go get a Gravatar


Have you tried Searching this site?

Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more. We appreciate comments and article submissions.

Publishing your articles here


book graphic unix and linux troubleshooting guide

My Troubleshooting E-Book will show you how to solve tough problems on Linux and Unix systems!





pavatar.jpg
More:
       - Security
       - Microsoft
       - Blog











Change Congress

Publish your articles, comments, book reviews or opinions here!