| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 9 Dec 2011 10:37:51 -0500 From: Charles Morris <cmorris@...odu.edu> To: Michal Zalewski <lcamtuf@...edump.cx> Cc: adam <adam@...sy.net>, bugtraq <bugtraq@...urityfocus.com> Subject: Re: seamless bait-and-switch I agree that It's very unlikely that we would not catch it. I know that change made my eyes jump immediately. However, it's very likely that, given enough targets... I am 100% confident that many of them will fall for it. Keep in mind that this group is the group that responds to emails like the following: "From: coolguy131@...ationhomes.xyz You are akcount is ABOUT TO BE UPDATED respond with you'r SOCIAL SECURITY AND LICENSE SCAN. Error code 51535351535153515.5f." Also as this is an user attention issue, targeting pages that are heavily animated or otherwise distracting may help in the exploit. On Thu, Dec 8, 2011 at 5:09 PM, Michal Zalewski <lcamtuf@...edump.cx> wrote: >> And you don't believe that people would think that's suspicious? > > What part? The change of a URL that is not associated with the > repainting of window contents? I believe that they are very unlikely > to catch this after initially examining the URL, in absence of other > indicators (change in URL length, page repainting, throbber activity). > > /mz
Powered by blists - more mailing lists