Eddy Nigg (StartCom Ltd.): > I just wonder why the h*** Google anti-phishing tool still allows me > to go to > http://comerica.connect.tmconnectweb.login.cgi.msg5984.time32491989.webbizcompany.c1b9r62whf314lx53xq.secureserv.onlineupdatemirror66272.comerica.certificateupdate.cxv32.com/logon.htm > > Should they have blocked the cxv32.com domain already all over the > place? Tested with FF3 and FF2...
Oh, and just by the way...now that we are at it...How easy it would have been for cxv32.com to get a wild card certificate from some of the CAs in NSS, making the phishing attack even more convincing. The theory that we have anti-phishing tools simply doesn't hold the water, an argument which was used multiple times against any strengthening of the Mozilla policy. A sub domain name like the one from above most likely would never have been issued, not even by the CAs which issue domain validated wild cards, at least this sub domain name would have raised enough attention if the CA has also some personnel there... -- Regards Signer: Eddy Nigg, StartCom Ltd. <http://www.startcom.org> Jabber: [EMAIL PROTECTED] <xmpp:[EMAIL PROTECTED]> Blog: Join the Revolution! <http://blog.startcom.org> Phone: +1.213.341.0390 _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security
