Re: URL with punycode = easy phishing
On 4/20/2017 12:09 PM, Lee wrote: > On 4/20/17, Gabriel wrote: >> Frank-Rainer Grahl wrote on 15/04/17 20:05: >>> The current "patch" is just a flipped pref which you can flip yourself in >>> about:config >>> >>> Set network.IDN_show_punycode to true. >>> Other than setting this as the default I do not know how this could be >>> fixed >>> differently by anyone. Maybe putting an icon or something in the status >>> bar. >>> Firefox will likely add another doorhanger because they got rid of the >>> status >>> bar and now clutter the location bar to make it finally unusable... >> >> I know about the manual preference change, but I think it would be better if >> the >> browser shown an alert or as you suggest a special icon near the URL; or >> just do >> as Safari and always show the "xn--". > > +1 for always show the "xn--" > > altho who hasn't already set network.IDN_show_punycode to true? > > Lee > See https://bugzilla.mozilla.org/show_bug.cgi?id=1332714 for info/discussion on this problem. BTW - Windows: Microsoft Edge 40.15063.0.0 doesn't have the issue o Google Chrome Version 58.0.3029.81 fixed the issue in that browser o Google Chromium Version 60.0.3078.0 (Developer Build) (64-bit) fixed the issue in that browser o Opera 44.0.2510.1218 (PGO) still has the issue o Firefox 53.0 still has the issue I've not tested the above (minus Edge) in linux yet ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: URL with punycode = easy phishing
On 4/20/2017 12:09 PM, Lee wrote: On 4/20/17, Gabriel wrote: Frank-Rainer Grahl wrote on 15/04/17 20:05: The current "patch" is just a flipped pref which you can flip yourself in about:config Set network.IDN_show_punycode to true. Other than setting this as the default I do not know how this could be fixed differently by anyone. Maybe putting an icon or something in the status bar. Firefox will likely add another doorhanger because they got rid of the status bar and now clutter the location bar to make it finally unusable... I know about the manual preference change, but I think it would be better if the browser shown an alert or as you suggest a special icon near the URL; or just do as Safari and always show the "xn--". +1 for always show the "xn--" altho who hasn't already set network.IDN_show_punycode to true? People who don't know about it? Haha. Yes, this should be true by default. :( -- "I remember being fascinated by ants and wasps and other bugs when I was a kid. I'd set out a Coke can and stand back 20 feet and use my telescope to watch wasps land on it." --Paul McEuen Note: A fixed width font (Courier, Monospace, etc.) is required to see this signature correctly. /\___/\ Ant(Dude) @ http://antfarm.ma.cx (Personal Web Site) / /\ /\ \Ant's Quality Foraged Links: http://aqfl.net | |o o| | \ _ /If crediting, then use Ant nickname and AQFL URL/link. ( ) Axe ANT from its address if e-mailing privately. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: URL with punycode = easy phishing
On 4/20/17, Gabriel wrote: > Frank-Rainer Grahl wrote on 15/04/17 20:05: >> The current "patch" is just a flipped pref which you can flip yourself in >> about:config >> >> Set network.IDN_show_punycode to true. >> Other than setting this as the default I do not know how this could be >> fixed >> differently by anyone. Maybe putting an icon or something in the status >> bar. >> Firefox will likely add another doorhanger because they got rid of the >> status >> bar and now clutter the location bar to make it finally unusable... > > I know about the manual preference change, but I think it would be better if > the > browser shown an alert or as you suggest a special icon near the URL; or > just do > as Safari and always show the "xn--". +1 for always show the "xn--" altho who hasn't already set network.IDN_show_punycode to true? Lee ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: URL with punycode = easy phishing
Frank-Rainer Grahl wrote on 15/04/17 20:05: The current "patch" is just a flipped pref which you can flip yourself in about:config Set network.IDN_show_punycode to true. Other than setting this as the default I do not know how this could be fixed differently by anyone. Maybe putting an icon or something in the status bar. Firefox will likely add another doorhanger because they got rid of the status bar and now clutter the location bar to make it finally unusable... I know about the manual preference change, but I think it would be better if the browser shown an alert or as you suggest a special icon near the URL; or just do as Safari and always show the "xn--". ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: URL with punycode = easy phishing
The current "patch" is just a flipped pref which you can flip yourself in about:config Set network.IDN_show_punycode to true. Other than setting this as the default I do not know how this could be fixed differently by anyone. Maybe putting an icon or something in the status bar. Firefox will likely add another doorhanger because they got rid of the status bar and now clutter the location bar to make it finally unusable... FRG Gabriel wrote: Hello, does someone know if/when SeaMonkey and Firefox will get a patch to show the real URL when using punycode? Just as in Safari :-) Check this: https://www.еріс.com/ it's "https://xn--e1awd7f.com/"; Explanation: https://www.wordfence.com/blog/2017/04/chrome-firefox-unicode-phishing/ ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Phishing and Malware Protection
MCBastos wrote: > Interviewed by CNN on 30/01/2013 14:35, Rob told the world: >> MCBastos wrote: >>> So... >>> Antivirus: missed it >>> Other antivirus: about 75% chance of missing it. >>> Google Safe Browsing: missed it >>> ISP spam filter: flagged it as spam, but did nothing else. Not that it >>> helps much, since this particular filter has a high rate of false >>> positives. One of the myriad reasons I'm migrating to another ISP... >>> Seamonkey spam filter: missed it (probably because it had my full name) >> >> Filtering proxy looking at file type: would probably have caught it. >> Software restriction policy at computer (AppLocker): would have caught it. >> Operating as a nonprivileged user: would most likely have made the >> malware fail to install in system directories. > > Sure, those are fine tools, but some of them are not practical for most > home users or small business. I mean, AppLocker is an Enterprise-level > tool, and how many homes do you know that have *any kind* of proxy? Not > to mention notebooks that connect to public wi-fi? > > And even so, you qualified your claims with "probably" and "likely". As > I said, there are no absolute guarantees. There are no magical silver > bullets that will kill *all* attacks, surely, with zero false positives. > > Every security tool must achieve a balance between the security it > offers and its shortcomings. In the case of the Firefox blacklist, the > choice between real-time blacklist checks and batch-downloaded updates > has to consider the following: > > - Pro real-time checks: somewhat elevated security > - con: privacy concerns, increased latency The reason I mention those three other methods is that I prefer methods that work by fixed yes/no checks over methods that use dynamically updated patterns and blacklists. A rule that prevents driveby downloads is better than a virus scanner or site blacklist, in my opinion. Sure it requires effort to implement those things, that is why almost nobody is doing it. But then, don't complain when you are hacked. I am not in the Windows software development business, but seeing that current security products already scan for viruses in internet download streams, either by pushing a proxy inbetween or by watching all TCP streams, it should be trivial to add a feature that just blocks any executable download for users that are not designated as administrators. That should be much more effective than scanning for malware. When our users are on public WiFi, they can only setup a VPN to the company network and access the internet using the standard security in place. This also prevents wiretapping of the activities of the user. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Phishing and Malware Protection
Interviewed by CNN on 30/01/2013 14:35, Rob told the world: > MCBastos wrote: >> So... >> Antivirus: missed it >> Other antivirus: about 75% chance of missing it. >> Google Safe Browsing: missed it >> ISP spam filter: flagged it as spam, but did nothing else. Not that it >> helps much, since this particular filter has a high rate of false >> positives. One of the myriad reasons I'm migrating to another ISP... >> Seamonkey spam filter: missed it (probably because it had my full name) > > Filtering proxy looking at file type: would probably have caught it. > Software restriction policy at computer (AppLocker): would have caught it. > Operating as a nonprivileged user: would most likely have made the > malware fail to install in system directories. Sure, those are fine tools, but some of them are not practical for most home users or small business. I mean, AppLocker is an Enterprise-level tool, and how many homes do you know that have *any kind* of proxy? Not to mention notebooks that connect to public wi-fi? And even so, you qualified your claims with "probably" and "likely". As I said, there are no absolute guarantees. There are no magical silver bullets that will kill *all* attacks, surely, with zero false positives. Every security tool must achieve a balance between the security it offers and its shortcomings. In the case of the Firefox blacklist, the choice between real-time blacklist checks and batch-downloaded updates has to consider the following: - Pro real-time checks: somewhat elevated security - con: privacy concerns, increased latency -- MCBastos This message has been protected with the 2ROT13 algorithm. Unauthorized use will be prosecuted under the DMCA. -=-=- ... Sent from my Odyssey2. * Added by TagZilla 0.7a1 running on Seamonkey 2.15 * Get it at http://xsidebar.mozdev.org/modifiedmailnews.html#tagzilla ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Phishing and Malware Protection
MCBastos wrote: > So... > Antivirus: missed it > Other antivirus: about 75% chance of missing it. > Google Safe Browsing: missed it > ISP spam filter: flagged it as spam, but did nothing else. Not that it > helps much, since this particular filter has a high rate of false > positives. One of the myriad reasons I'm migrating to another ISP... > Seamonkey spam filter: missed it (probably because it had my full name) Filtering proxy looking at file type: would probably have caught it. Software restriction policy at computer (AppLocker): would have caught it. Operating as a nonprivileged user: would most likely have made the malware fail to install in system directories. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Phishing and Malware Protection
Interviewed by CNN on 30/01/2013 06:57, Daniel told the world: > So I could still be visiting phishing sites because my database could, > in part, be a week out of date!! There's no guarantees of a complete database anywhere. For instance: I have just received a phishing e-mail, trying to induce me to download and open some sort of malware. I found it mildly interesting (as scams go) because they actually included my full name, instead of sending a generic message. Not that's hard to buy lists of e-mails with full user names... Anyway, I decided to amuse myself giving it a check. First thing: copied the link to GetLinkInfo.com to see what they could tell about it. Not much, it turned out -- even the Google Safe Browsing check gave the website a clean bill of health. (Apparently the site -- some sort of Chinese name in a .com domain -- is an image host, and the malware distributor uploaded the crap as if it were an image) Next step: check the malware itself. Yes, I know what I'm doing, I routinely have to disinfect virus-possessed computers from clients, I know how to keep from actually running a file. So I disabled plugins and Javascript and very carefully opened the link. Turns out it it was a .cpl file, which is a big red flag for malware. Anyway, my antivirus didn't complain. I uploaded it to Jotti.com and Virustotal.com, and it got only about 25% hits, suggesting that it's pretty new. So... Antivirus: missed it Other antivirus: about 75% chance of missing it. Google Safe Browsing: missed it ISP spam filter: flagged it as spam, but did nothing else. Not that it helps much, since this particular filter has a high rate of false positives. One of the myriad reasons I'm migrating to another ISP... Seamonkey spam filter: missed it (probably because it had my full name) So there are no guarantees, you have to keep a sharp eye anyway. Automated tools (antivirus, antispam, website black lists and such) help by essentially cutting down on the volume of mail you have to actually read and analyse. They won't ever get everything. -- MCBastos This message has been protected with the 2ROT13 algorithm. Unauthorized use will be prosecuted under the DMCA. -=-=- ... Sent from my Bugatti Veyron. * Added by TagZilla 0.7a1 running on Seamonkey 2.15 * Get it at http://xsidebar.mozdev.org/modifiedmailnews.html#tagzilla ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Phishing and Malware Protection
Daniel wrote: >> It is the same with virus scanners. That is why it is always better >> to setup the system in such a way that software cannot be installed >> or run as downloaded by the logged-in user. Use a separate account >> for surfing and for administering the system (installing software). > > or use Linux and *don't* run it as Root! Actually, Windows provides more and better mechanisms to guard the non-admin user against unwilling execution of malware than Linux does. The problem is that some of the mechanisms are not enabled by default, and others are enabled but are often turned off by users because they are considered too invasive. The only real advantages a Linux user has over a Windows user are the smaller number of Linux systems and hence less attraction from people who want to break in, and the lack of standardization which makes it difficult to develop portable applications (both for hackers and for normal software developers). ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Phishing and Malware Protection
Rob wrote: Yes. That is how it always is. You can never get total protection from a system like this. Even with a system that queries an online server, you have the problem that you may visit a site that is not yet known to serve malware, so the server says "OK" and you get infected anyway. It is the same with virus scanners. That is why it is always better to setup the system in such a way that software cannot be installed or run as downloaded by the logged-in user. Use a separate account for surfing and for administering the system (installing software). Antivirus publishers nowadays try to defeat the malware writers by incorporating heuristic algorithms that are supposed to recognize patterns even if the malware doesn't precisely match a known specimen. The downside of that, as we've seen here, is a certain percentage of false positives -- legitimate programs that are flagged because they kinda sorta look like malware. -- War doesn't determine who's right, just who's left. -- Paul B. Gallagher ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Phishing and Malware Protection
Rob wrote: Daniel wrote: MCBastos wrote: Interviewed by CNN on 29/01/2013 10:47, Daniel told the world: Rob wrote: Ray_Net wrote: 2. A firefox guy is complaining about lag when accessing web pages .. could this feature slow firefox. This is not very likely. The feature works by downloading a list of infected sites at a certain interval, then storing this list in a local file. The file is then consulted during browsing. So there is no extra query to a single server that has to reply before a page is shown, like in some competing system. Hey, Rob, in your first para, you say that a list is downloaded, so in your second para, you *must be wrong* when you state there is "no extra query to a single server that has to reply". Of course, this extra wait time will depend on how often SM has to download the list of infected sites, daily, weekly, whatever. No, you missed the rest of the sentence: "...that has to reply before a page is shown." What Rob meant is that Firefox won't stop loading the page you want to visit while checking a particular server to see if that page is clean. Instead, it has a previously-downloaded blacklist of problem sites. So, e.g. Yesterday SM downloaded a list. The site I am now visiting was not on that list, however this site may have been added to the list overnight, so I've been phished/spammed/whatever, even though I was doing the right thing!! Some protection, maybe, but not total!! Yes. That is how it always is. You can never get total protection from a system like this. Even with a system that queries an online server, you have the problem that you may visit a site that is not yet known to serve malware, so the server says "OK" and you get infected anyway. It is the same with virus scanners. That is why it is always better to setup the system in such a way that software cannot be installed or run as downloaded by the logged-in user. Use a separate account for surfing and for administering the system (installing software). or use Linux and *don't* run it as Root! -- Daniel ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Phishing and Malware Protection
Daniel wrote: > MCBastos wrote: >> Interviewed by CNN on 29/01/2013 10:47, Daniel told the world: >>> Rob wrote: Ray_Net wrote: > 2. A firefox guy is complaining about lag when accessing web pages .. > could this feature slow firefox. This is not very likely. The feature works by downloading a list of infected sites at a certain interval, then storing this list in a local file. The file is then consulted during browsing. So there is no extra query to a single server that has to reply before a page is shown, like in some competing system. >>> >>> Hey, Rob, in your first para, you say that a list is downloaded, so in >>> your second para, you *must be wrong* when you state there is "no extra >>> query to a single server that has to reply". >>> >>> Of course, this extra wait time will depend on how often SM has to >>> download the list of infected sites, daily, weekly, whatever. >> >> No, you missed the rest of the sentence: "...that has to reply before a >> page is shown." >> >> What Rob meant is that Firefox won't stop loading the page you want to >> visit while checking a particular server to see if that page is clean. >> Instead, it has a previously-downloaded blacklist of problem sites. > > So, e.g. Yesterday SM downloaded a list. The site I am now visiting was > not on that list, however this site may have been added to the list > overnight, so I've been phished/spammed/whatever, even though I was > doing the right thing!! > > Some protection, maybe, but not total!! Yes. That is how it always is. You can never get total protection from a system like this. Even with a system that queries an online server, you have the problem that you may visit a site that is not yet known to serve malware, so the server says "OK" and you get infected anyway. It is the same with virus scanners. That is why it is always better to setup the system in such a way that software cannot be installed or run as downloaded by the logged-in user. Use a separate account for surfing and for administering the system (installing software). ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Phishing and Malware Protection
Philip Chee wrote: On Tue, 29 Jan 2013 23:47:18 +1100, Daniel wrote: Rob wrote: Ray_Net wrote: 2. A firefox guy is complaining about lag when accessing web pages .. could this feature slow firefox. This is not very likely. The feature works by downloading a list of infected sites at a certain interval, then storing this list in a local file. The file is then consulted during browsing. So there is no extra query to a single server that has to reply before a page is shown, like in some competing system. Hey, Rob, in your first para, you say that a list is downloaded, so in your second para, you *must be wrong* when you state there is "no extra query to a single server that has to reply". Of course, this extra wait time will depend on how often SM has to download the list of infected sites, daily, weekly, whatever. The Gecko backend downloads the phishing and malware data in "chunks" at a low priority. I think it takes up to a week for the complete tables to be downloaded. After that, any updates are also download in chunks. So I could still be visiting phishing sites because my database could, in part, be a week out of date!! Back in the Triassic when the safe browsing code was still a separate Google Safe Browsing extension, there was code to do online lookups if the local copies of the databases didn't have information on a particular URL, but that functionality was removed a long time ago. Phil -- Daniel ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Phishing and Malware Protection
MCBastos wrote: Interviewed by CNN on 29/01/2013 10:47, Daniel told the world: Rob wrote: Ray_Net wrote: 2. A firefox guy is complaining about lag when accessing web pages .. could this feature slow firefox. This is not very likely. The feature works by downloading a list of infected sites at a certain interval, then storing this list in a local file. The file is then consulted during browsing. So there is no extra query to a single server that has to reply before a page is shown, like in some competing system. Hey, Rob, in your first para, you say that a list is downloaded, so in your second para, you *must be wrong* when you state there is "no extra query to a single server that has to reply". Of course, this extra wait time will depend on how often SM has to download the list of infected sites, daily, weekly, whatever. No, you missed the rest of the sentence: "...that has to reply before a page is shown." What Rob meant is that Firefox won't stop loading the page you want to visit while checking a particular server to see if that page is clean. Instead, it has a previously-downloaded blacklist of problem sites. So, e.g. Yesterday SM downloaded a list. The site I am now visiting was not on that list, however this site may have been added to the list overnight, so I've been phished/spammed/whatever, even though I was doing the right thing!! Some protection, maybe, but not total!! -- Daniel ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Phishing and Malware Protection
On Tue, 29 Jan 2013 23:47:18 +1100, Daniel wrote: > Rob wrote: >> Ray_Net wrote: >>> 2. A firefox guy is complaining about lag when accessing web pages .. >>> could this feature slow firefox. >> >> This is not very likely. The feature works by downloading a list >> of infected sites at a certain interval, then storing this list >> in a local file. The file is then consulted during browsing. >> >> So there is no extra query to a single server that has to reply before >> a page is shown, like in some competing system. > > Hey, Rob, in your first para, you say that a list is downloaded, so in > your second para, you *must be wrong* when you state there is "no extra > query to a single server that has to reply". > > Of course, this extra wait time will depend on how often SM has to > download the list of infected sites, daily, weekly, whatever. The Gecko backend downloads the phishing and malware data in "chunks" at a low priority. I think it takes up to a week for the complete tables to be downloaded. After that, any updates are also download in chunks. Back in the Triassic when the safe browsing code was still a separate Google Safe Browsing extension, there was code to do online lookups if the local copies of the databases didn't have information on a particular URL, but that functionality was removed a long time ago. Phil -- Philip Chee , http://flashblock.mozdev.org/ http://xsidebar.mozdev.org Guard us from the she-wolf and the wolf, and guard us from the thief, oh Night, and so be good for us to pass. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Phishing and Malware Protection
Daniel wrote: > Rob wrote: >> Ray_Net wrote: >>> 2. A firefox guy is complaining about lag when accessing web pages .. >>> could this feature slow firefox. >> >> This is not very likely. The feature works by downloading a list >> of infected sites at a certain interval, then storing this list >> in a local file. The file is then consulted during browsing. >> >> So there is no extra query to a single server that has to reply before >> a page is shown, like in some competing system. > > Hey, Rob, in your first para, you say that a list is downloaded, so in > your second para, you *must be wrong* when you state there is "no extra > query to a single server that has to reply". > > Of course, this extra wait time will depend on how often SM has to > download the list of infected sites, daily, weekly, whatever. No. There is no extra wait time. The download proceeds in the background while you are working on your computer, not at the time you click a link. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Phishing and Malware Protection
Interviewed by CNN on 29/01/2013 10:47, Daniel told the world: > Rob wrote: >> Ray_Net wrote: >>> 2. A firefox guy is complaining about lag when accessing web pages .. >>> could this feature slow firefox. >> >> This is not very likely. The feature works by downloading a list >> of infected sites at a certain interval, then storing this list >> in a local file. The file is then consulted during browsing. >> >> So there is no extra query to a single server that has to reply before >> a page is shown, like in some competing system. > > Hey, Rob, in your first para, you say that a list is downloaded, so in > your second para, you *must be wrong* when you state there is "no extra > query to a single server that has to reply". > > Of course, this extra wait time will depend on how often SM has to > download the list of infected sites, daily, weekly, whatever. No, you missed the rest of the sentence: "...that has to reply before a page is shown." What Rob meant is that Firefox won't stop loading the page you want to visit while checking a particular server to see if that page is clean. Instead, it has a previously-downloaded blacklist of problem sites. -- MCBastos This message has been protected with the 2ROT13 algorithm. Unauthorized use will be prosecuted under the DMCA. -=-=- ... Sent from my BBC Micro. * Added by TagZilla 0.7a1 running on Seamonkey 2.15 * Get it at http://xsidebar.mozdev.org/modifiedmailnews.html#tagzilla ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Phishing and Malware Protection
Rob wrote: Ray_Net wrote: 2. A firefox guy is complaining about lag when accessing web pages .. could this feature slow firefox. This is not very likely. The feature works by downloading a list of infected sites at a certain interval, then storing this list in a local file. The file is then consulted during browsing. So there is no extra query to a single server that has to reply before a page is shown, like in some competing system. Hey, Rob, in your first para, you say that a list is downloaded, so in your second para, you *must be wrong* when you state there is "no extra query to a single server that has to reply". Of course, this extra wait time will depend on how often SM has to download the list of infected sites, daily, weekly, whatever. -- Daniel ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Phishing and Malware Protection
Ray_Net wrote: > 2. A firefox guy is complaining about lag when accessing web pages .. > could this feature slow firefox. This is not very likely. The feature works by downloading a list of infected sites at a certain interval, then storing this list in a local file. The file is then consulted during browsing. So there is no extra query to a single server that has to reply before a page is shown, like in some competing system. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Phishing and Malware Protection
WaltS wrote: Ray_Net wrote: I read here http://www.mozilla.org/en-US/firefox/phishing-protection/ Firefox 3 or later contains built-in Phishing and Malware Protection to help keep you safe online. The questions are: 1. Would this feature also implemented in SM ? 2. A firefox guy is complaining about lag when accessing web pages .. could this feature slow firefox. Upon investigation of Firefox and SeaMonkey. I do not see the "Warn me when sites try to install add-ons", "Block reported attack sites", or "Block reported web forgeries", under Security preferences, or any corresponding "browser.safebrowsing" preferences in about:config in SeaMonkey 2.15.1. Firefox has these prefs. SeaMonkey does not. browser.safebrowsing.enabled browser.safebrowsing.malware.enabled They probably would not slow down Firefox. You might look at Edit | Preferences | Advanced | Software Installation. The first option is [ ] Allow websites to install add-ons and updates and if you click "Allowed websites," it opens the Permissions tab of the Data Manager. From there, you can specify that a particular site does or does not have permission to install software. So that's a start. Philip Chee obviously knows more than I about this. -- War doesn't determine who's right, just who's left. -- Paul B. Gallagher ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Phishing and Malware Protection
On Tue, 29 Jan 2013 01:02:16 +0100, Ray_Net wrote: > I read here http://www.mozilla.org/en-US/firefox/phishing-protection/ > > Firefox 3 or later contains built-in Phishing and Malware Protection to > help keep you safe online. > > The questions are: > 1. Would this feature also implemented in SM ? I have a fully working patch in: Bug 477718 - Implement Phishing Protection (a.k.a. Safe Browsing) support in SeaMonkey <https://bugzilla.mozilla.org/show_bug.cgi?id=477718> Currently undergoing reviews. Phil -- Philip Chee , http://flashblock.mozdev.org/ http://xsidebar.mozdev.org Guard us from the she-wolf and the wolf, and guard us from the thief, oh Night, and so be good for us to pass. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Phishing and Malware Protection
Ray_Net wrote: > I read here http://www.mozilla.org/en-US/firefox/phishing-protection/ > > Firefox 3 or later contains built-in Phishing and Malware Protection to > help keep you safe online. > > The questions are: > 1. Would this feature also implemented in SM ? > 2. A firefox guy is complaining about lag when accessing web pages .. > could this feature slow firefox. Upon investigation of Firefox and SeaMonkey. I do not see the "Warn me when sites try to install add-ons", "Block reported attack sites", or "Block reported web forgeries", under Security preferences, or any corresponding "browser.safebrowsing" preferences in about:config in SeaMonkey 2.15.1. Firefox has these prefs. SeaMonkey does not. browser.safebrowsing.enabled browser.safebrowsing.malware.enabled They probably would not slow down Firefox. -- Fedora 17 (64-bit) KDE 4.9.4 SeaMonkey Release ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Phishing and Malware Protection
Ray_Net wrote: I read here http://www.mozilla.org/en-US/firefox/phishing-protection/ Firefox 3 or later contains built-in Phishing and Malware Protection to help keep you safe online. The questions are: 1. Would this feature also implemented in SM ? 2. A firefox guy is complaining about lag when accessing web pages .. could this feature slow firefox. Should be in the later versions. -- Phillip M. Jones, C.E.T. "If it's Fixed, Don't Break it" http://www.phillipmjones.netmailto:pjones...@comcast.net ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Phishing and Malware Protection
I read here http://www.mozilla.org/en-US/firefox/phishing-protection/ Firefox 3 or later contains built-in Phishing and Malware Protection to help keep you safe online. The questions are: 1. Would this feature also implemented in SM ? 2. A firefox guy is complaining about lag when accessing web pages .. could this feature slow firefox. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Phishing attempt, or highly-misleading recourse to FUD by Seamonkey ?
Philip TAYLOR (Webmaster, Ret'd) wrote: WLS wrote: Looked at your preference settings lately? Always a wise thing to go over when a new version becomes available. Things may change. No, but I looked in the release notes, and saw no mention. Of course, it may have snuck in prior to 2.3.3. Do you happen to know if there is any way of searching /all/ of the release notes up to and including the current production version, so that one can be sure of not accidentally overlooking any changes ? http://img29.imageshack.us/img29/9028/screenshotpreferences.png Thank you : that is a very useful pointer. I would still argue that "Advertise Firefox Compatibility" should /not/ be the default, or, if the majority prefer, that it be the default but that the User Agent string contain the text Firefox/6.0.2 compatible and not simply (and wrongly) Firefox/6.0.2 but at least my substantive wishes are met. Philip Taylor A very good idea ... I could not resist, i reported the ... https://bugzilla.mozilla.org/show_bug.cgi?id=686555 ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Phishing attempt, or highly-misleading recourse to FUD by Seamonkey ?
On 09/13/2011 08:11 AM, WLS wrote: > Philip TAYLOR (Webmaster, Ret'd) wrote: >> >> >> WLS wrote: >> >>> >>> Looked at your preference settings lately? Always a wise thing to go over >>> when a new version becomes available. Things may change. >> >> No, but I looked in the release notes, and saw no mention. >> Of course, it may have snuck in prior to 2.3.3. Do you happen >> to know if there is any way of searching /all/ of the release >> notes up to and including the current production version, so >> that one can be sure of not accidentally overlooking any changes ? > > From the SM 2.1 release notes. > > SeaMonkey should now support more websites that previously appeared to > only work with Firefox (configurable in Preferences). > > http://www.seamonkey-project.org/releases/seamonkey2.1/ ... It's not easy to find, but it is an option: Edit|Preferences|Advanced|HTTP Networking|User Agent String: 'Advertise Firefox compatibility'. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Phishing attempt, or highly-misleading recourse to FUD by Seamonkey ?
Philip TAYLOR (Webmaster, Ret'd) wrote: WLS wrote: Looked at your preference settings lately? Always a wise thing to go over when a new version becomes available. Things may change. No, but I looked in the release notes, and saw no mention. Of course, it may have snuck in prior to 2.3.3. Do you happen to know if there is any way of searching /all/ of the release notes up to and including the current production version, so that one can be sure of not accidentally overlooking any changes ? From the SM 2.1 release notes. SeaMonkey should now support more websites that previously appeared to only work with Firefox (configurable in Preferences). http://www.seamonkey-project.org/releases/seamonkey2.1/ http://img29.imageshack.us/img29/9028/screenshotpreferences.png Thank you : that is a very useful pointer. I would still argue that "Advertise Firefox Compatibility" should /not/ be the default, or, if the majority prefer, that it be the default but that the User Agent string contain the text Firefox/6.0.2 compatible and not simply (and wrongly) Firefox/6.0.2 but at least my substantive wishes are met. Philip Taylor -- SeaMonkey ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Phishing attempt, or highly-misleading recourse to FUD by Seamonkey ?
WLS wrote: > > Looked at your preference settings lately? Always a wise thing to go over > when a new version becomes available. Things may change. No, but I looked in the release notes, and saw no mention. Of course, it may have snuck in prior to 2.3.3. Do you happen to know if there is any way of searching /all/ of the release notes up to and including the current production version, so that one can be sure of not accidentally overlooking any changes ? > http://img29.imageshack.us/img29/9028/screenshotpreferences.png Thank you : that is a very useful pointer. I would still argue that "Advertise Firefox Compatibility" should /not/ be the default, or, if the majority prefer, that it be the default but that the User Agent string contain the text Firefox/6.0.2 compatible and not simply (and wrongly) Firefox/6.0.2 but at least my substantive wishes are met. Philip Taylor ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Phishing attempt, or highly-misleading recourse to FUD by Seamonkey ?
Philip TAYLOR (Webmaster, Ret'd) wrote: WLS wrote: I'm perfectly happy not having to use another extension. The fewer the better as far as I am concerned. So am I, and I would prefer not to use Prefbar. So let the choice of whether or not to lie in the User Agent string be under direct user control (i.e., under Edit / Preferences), and let the default be "Don't lie : don't pretend to be Firefox". Philip Taylor Looked at your preference settings lately? Always a wise thing to go over when a new version becomes available. Things may change. http://img29.imageshack.us/img29/9028/screenshotpreferences.png -- SeaMonkey ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Phishing attempt, or highly-misleading recourse to FUD by Seamonkey ?
WLS wrote: > I'm perfectly happy not having to use another extension. The fewer the better > as far as I am concerned. So am I, and I would prefer not to use Prefbar. So let the choice of whether or not to lie in the User Agent string be under direct user control (i.e., under Edit / Preferences), and let the default be "Don't lie : don't pretend to be Firefox". Philip Taylor ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Phishing attempt, or highly-misleading recourse to FUD by Seamonkey ?
Philip TAYLOR (Webmaster, Ret'd) wrote: Paul B. Gallagher wrote : Philip TAYLOR (Webmaster, Ret'd) wrote: In the same vein, I am very disturbed to see that Seamonkey now reports itself (in the User-Agent field) as "Firefox/6.0.2" (amongst other, more honest, claims); it is, and should be proud to be, "SeaMonkey/2.3.3", and should not seek to pretend that it is that which it is not. ... For the whole of my life, I have believed in telling the truth, the whole truth, and nothing but the truth; I am deeply saddened to find that a product in which I have previously had complete confidence, and which I have previously recommended unreservedly to others, is now prepared to lie. How else would you treat the idiots who design websites without knowing the word "Gecko," who write browser sniffers that reject SM because it's not called "Firefox"? We've been all through this. We're not fooling anyone with a lick of sense, just the idiots. For those who are content to lie about their user agent, there is a perfectly good plug-in/add-on : Prefbar : http://prefbar.tuxfamily.org/ Lying should be a user choice, not something forced on users by the Seamonkey developers. Philip Taylor I'm perfectly happy not having to use another extension. The fewer the better as far as I am concerned. Then again, following these newsgroups I must be using my browser(s) wrong, because I don't need most of the extensions I see being discussed. -- SeaMonkey ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Phishing attempt, or highly-misleading recourse to FUD by Seamonkey ?
Paul B. Gallagher wrote : > Philip TAYLOR (Webmaster, Ret'd) wrote: >> In the same vein, I am very disturbed to see that Seamonkey now >> reports itself (in the User-Agent field) as "Firefox/6.0.2" (amongst >> other, more honest, claims); it is, and should be proud to be, >> "SeaMonkey/2.3.3", and should not seek to pretend that it is that >> which it is not. ... >> >> For the whole of my life, I have believed in telling the truth, the >> whole truth, and nothing but the truth; I am deeply saddened to find >> that a product in which I have previously had complete confidence, >> and which I have previously recommended unreservedly to others, is >> now prepared to lie. > > How else would you treat the idiots who design websites without knowing the > word "Gecko," who write browser sniffers that reject SM because it's not > called "Firefox"? We've been all through this. We're not fooling anyone with > a lick of sense, just the idiots. For those who are content to lie about their user agent, there is a perfectly good plug-in/add-on : Prefbar : http://prefbar.tuxfamily.org/ Lying should be a user choice, not something forced on users by the Seamonkey developers. Philip Taylor ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Phishing attempt, or highly-misleading recourse to FUD by Seamonkey ?
Philip TAYLOR (Webmaster, Ret'd) wrote: Paul B. Gallagher wrote: Philip TAYLOR (Webmaster, Ret'd) wrote: Justin, your answers are always helpful, constructive and non-confrontational : please accept my replies (below) in the same vein -- Justin Wood (Callek) wrote: ... SeaMonkey 2.0.14 is VULNERABLE to web attacks/exploits, including ones actively being exploited as we speak. I did not suggest otherwise. But it was just as vulnerable on the day that it was released, and to suggest otherwise is grossly irresponsible. Speaking of hyperbole... ;-) I'm sorry, that is /not/ hyperbole : it is a statement of fact. You're hyperbolic, I'm just stating facts. You're obstinate, I'm determined. Etc. ... In the same vein, I am very disturbed to see that Seamonkey now reports itself (in the User-Agent field) as "Firefox/6.0.2" (amongst other, more honest, claims); it is, and should be proud to be, "SeaMonkey/2.3.3", and should not seek to pretend that it is that which it is not. ... For the whole of my life, I have believed in telling the truth, the whole truth, and nothing but the truth; I am deeply saddened to find that a product in which I have previously had complete confidence, and which I have previously recommended unreservedly to others, is now prepared to lie. How else would you treat the idiots who design websites without knowing the word "Gecko," who write browser sniffers that reject SM because it's not called "Firefox"? We've been all through this. We're not fooling anyone with a lick of sense, just the idiots. -- War doesn't determine who's right, just who's left. -- Paul B. Gallagher ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Phishing attempt, or highly-misleading recourse to FUD by Seamonkey ?
Paul B. Gallagher wrote: > Philip TAYLOR (Webmaster, Ret'd) wrote: > >> Justin, your answers are always helpful, constructive and >> non-confrontational : please accept my replies (below) in the same >> vein -- >> >> Justin Wood (Callek) wrote: >> >>> ... SeaMonkey 2.0.14 is VULNERABLE to web attacks/exploits, >>> including ones actively being exploited as we speak. >>> >> I did not suggest otherwise. But it was just as vulnerable on the >> day that it was released, and to suggest otherwise is grossly >> irresponsible. > > Speaking of hyperbole... ;-) I'm sorry, that is /not/ hyperbole : it is a statement of fact. > > SM 2.0.14, like any software product, was safest on the day it was released. > As time passes, the bad guys continue to develop new exploits, and both good > guys and bad guys discover holes they didn't know about on day one. The equal > vulnerability of which you speak is a theoretical abstraction; what matters > is practical reality. A samurai was exactly as skillful and dangerous the day > before firearms were introduced into Japan as he was the day afterward, but > he suddenly became vulnerable to their attack, and the emperor could no > longer rely on him for protection. With no deterioration of his skills > whatsoever, he became grossly inferior to the state of the art. > That could be quite adequately paraphrased in the popup, but the present text is misleading and plays on the FUD principle. I continue to believe and maintain that Seamonkey should describe the situation using neutral language, and not seek to suggest that Seamonkey 2.0.14 "is no longer protected against online attacks." It /is/ protected, just as it was protected on the day that it was released; to suggest otherwise is palpably dishonest, and not what I expect from those associated with the Seamonkey project. In the same vein, I am very disturbed to see that Seamonkey now reports itself (in the User-Agent field) as "Firefox/6.0.2" (amongst other, more honest, claims); it is, and should be proud to be, "SeaMonkey/2.3.3", and should not seek to pretend that it is that which it is not. Seamonkey 2.0.14 claimed, with complete accuracy, to be : "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14" Seamonkey 2.3.3 claims to be "Mozilla/5.0 (Windows NT 5.1; rv:6.0.2) Gecko/20110902 Firefox/6.0.2 SeaMonkey/2.3.3" which it is not. For the whole of my life, I have believed in telling the truth, the whole truth, and nothing but the truth; I am deeply saddened to find that a product in which I have previously had complete confidence, and which I have previously recommended unreservedly to others, is now prepared to lie. Philip Taylor ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Phishing attempt, or highly-misleading recourse to FUD by Seamonkey ?
Philip TAYLOR (Webmaster, Ret'd) wrote: Justin, your answers are always helpful, constructive and non-confrontational : please accept my replies (below) in the same vein -- Justin Wood (Callek) wrote: ... SeaMonkey 2.0.14 is VULNERABLE to web attacks/exploits, including ones actively being exploited as we speak. I did not suggest otherwise. But it was just as vulnerable on the day that it was released, and to suggest otherwise is grossly irresponsible. Speaking of hyperbole... ;-) SM 2.0.14, like any software product, was safest on the day it was released. As time passes, the bad guys continue to develop new exploits, and both good guys and bad guys discover holes they didn't know about on day one. The equal vulnerability of which you speak is a theoretical abstraction; what matters is practical reality. A samurai was exactly as skillful and dangerous the day before firearms were introduced into Japan as he was the day afterward, but he suddenly became vulnerable to their attack, and the emperor could no longer rely on him for protection. With no deterioration of his skills whatsoever, he became grossly inferior to the state of the art. -- War doesn't determine who's right, just who's left. -- Paul B. Gallagher ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Phishing attempt, or highly-misleading recourse to FUD by Seamonkey ?
Justin, your answers are always helpful, constructive and non-confrontational : please accept my replies (below) in the same vein -- Justin Wood (Callek) wrote: > > In our case, you can easily tell that it is a real, "chrome" window, and not > some Virus. How ? I know only too many people who have believed a virtually identical popup that tells them that their computer is infected, and that in order to remove the infections they must "Click here" to initiate the removal process. > > It is a genuine message, and is worded this way in direct thoughtful > expression. It is the message that Firefox also uses for 3.5.x->future > version upgrades as well, fwiw. I suspected that that was the case : in general, Seamonkey developers are less given to hyperbole. > > I'd argue that the attempt to scare a user into upgraded resembles trojan > stuff, but it is easily distinguished by those who know to watch for those > types of trojans, "Easily distinguished", Justin ? I could not tell whether it was genuine or not, and I suspect I am not atypical in this respect. > Actually it is NOT misleading. I'm sorry, here I completely disagree. Let me play back to you the exact wording : > Your version of SeaMonkey is no > longer protected against online > attacks. "No longer protected" ? That is as clear an exploitation of FUD as I have ever seen. Seamonkey 2.0.14 is /just/ as well protected as it was on the day that it was released; Seamonkey 2.3.3 may well be /better/ protected, but that is not in dispute. If this were an advertisement rather than a well-intentioned but severely misjudged attempt to help Seamonkey users, then I have no doubt at all that the Advertising Standards Authority would rule that it was intentionally misleading and insist it be withdrawn. > SeaMonkey 2.0.14 is VULNERABLE to web attacks/exploits, including ones > actively being exploited as we speak. I did not suggest otherwise. But it was just as vulnerable on the day that it was released, and to suggest otherwise is grossly irresponsible. > > No. That is overly wordy for what we have to work with, we should not expect > users to have to load the website directly for this, since our upgrade > service provides certificate checks that are not easily available through > website downloads. We also have limited space to work with in our update > dialog, and your wording implies that users are "OK" on 2.0.14, THEY ARE NOT. It if is too prolix, then feel free to trim it back, but please Please PLEASE stop telling people that Seamonkey 2.0.14 is "no longer protected"; that is totally misleading, and intentionally so. Its protection has not changed one iota, but later versions are better protected -- THAT is the key point at issue, and the one that the popup should make plain. Philip Taylor ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Phishing attempt, or highly-misleading recourse to FUD by Seamonkey ?
On 9/12/2011 12:44 PM, Philip TAYLOR (Webmaster, Ret'd) wrote: I have just logged in to one of my less-frequently-used machines to be greeted by this message : URGENT! Your version of SeaMonkey is no longer protected against online attacks. - _Get the upgrade_ -- it's fast& free ! * stay safe online * get faster performance * enjoy new features This is /exactly /the sort of message that is used to inject Trojan horses and worse, and there is no way that I would dream of clicking on "Yes, get the latest version" or similar. The link there leads to seamonkey-project.org our official site. There is also the ability to go directly to our website. Yes some trojan's/virus things try to inject scary messages like this, but that is the very reason that those scary warnings work for Virii. In our case, you can easily tell that it is a real, "chrome" window, and not some Virus. If this /is/ a phishing attempt, or an attempt to con me into loading a Trojan horse or virus, it is a clever one but will not succeed; if it is a genuine message from the Seamonkey group, then I consider it to be an appalling error of judgement. It is a genuine message, and is worded this way in direct thoughtful expression. It is the message that Firefox also uses for 3.5.x->future version upgrades as well, fwiw. (a) It looks like a phishing attempt, or an attempt to inject a Trojan horse or virus I'd argue that the attempt to scare a user into upgraded resembles trojan stuff, but it is easily distinguished by those who know to watch for those types of trojans, and otherwise fits in well with our SeaMonkey themeing/style that everyone *should* be able to identify it as legit. (b) It is an appalling use of the "Fear, Uncertainty and Doubt" technique -- my version of Seamonkey (2.0.14) is no less well protected against online attacks than it was on the day it was released; to suggest otherwise is intentionally confusing, intentionally misleading, and can only bring the whole Seamonkey project into disrepute. Actually it is NOT misleading. SeaMonkey 2.0.14 is VULNERABLE to web attacks/exploits, including ones actively being exploited as we speak. For one example that I can mention right now, is the DigiNotar case, where people (especially in Iran) are/were being hurt by that, by allowing the attacker access to e-mail, passwords, etc. 2.3.3 does not have that vulnerability. And that is just one of many. 2.0.14 is dead, we are not supporting it, and it has known vulnerabilities, which is why we did this message. To advocate otherwise is a disservice to yourself and our users. Please, if this is a genuine message, get rid of it */immediately/*, and replace it with something factual and considered, perhaps along the lines of the following : URGENT! Your version of SeaMonkey is not as secure as it might be; we have made considerable efforts to improve on security since this version was released, and you are strongly advised to use the Seamonkey icon in your browser, or e-mail/news client to download the most recent version. - Get the upgrade -- it's fast& free ! * stay safe online * get faster performance * enjoy new features No. That is overly wordy for what we have to work with, we should not expect users to have to load the website directly for this, since our upgrade service provides certificate checks that are not easily available through website downloads. We also have limited space to work with in our update dialog, and your wording implies that users are "OK" on 2.0.14, THEY ARE NOT. Sorry. -- ~Justin Wood (Callek) ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Phishing attempt, or highly-misleading recourse to FUD by Seamonkey ?
I have just logged in to one of my less-frequently-used machines to be greeted by this message : > URGENT! > Your version of SeaMonkey is no > longer protected against online > attacks. > - > _Get the upgrade_ -- it's fast & free ! > > * stay safe online > * get faster performance > * enjoy new features > This is /exactly /the sort of message that is used to inject Trojan horses and worse, and there is no way that I would dream of clicking on "Yes, get the latest version" or similar. If this /is/ a phishing attempt, or an attempt to con me into loading a Trojan horse or virus, it is a clever one but will not succeed; if it is a genuine message from the Seamonkey group, then I consider it to be an appalling error of judgement. (a) It looks like a phishing attempt, or an attempt to inject a Trojan horse or virus (b) It is an appalling use of the "Fear, Uncertainty and Doubt" technique -- my version of Seamonkey (2.0.14) is no less well protected against online attacks than it was on the day it was released; to suggest otherwise is intentionally confusing, intentionally misleading, and can only bring the whole Seamonkey project into disrepute. Please, if this is a genuine message, get rid of it */immediately/*, and replace it with something factual and considered, perhaps along the lines of the following : > URGENT! > Your version of SeaMonkey is not > as secure as it might be; we have made > considerable efforts to improve on security > since this version was released, and you are > strongly advised to use the Seamonkey icon > in your browser, or e-mail/news client to > download the most recent version. > - > Get the upgrade -- it's fast & free ! > > * stay safe online > * get faster performance > * enjoy new features > Philip Taylor ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: What's a good addon/extension to watch for phishing sites?
I do use OpenDNS, but apprarently they didn't catch http://www.aion-account-ncsoft.com/, but Chrome did. :( I need more protections like in my web browsers too but not from OpenDNS. I did submit http://www.aion-account-ncsoft.com/ to them. On 9/8/2010 8:41 AM PT, d...@kd4e.com typed: Go to OpenDNS.org They have excellent phishing-blocking resources. Phishing web sites are getting more sneaky these days! What's a good one to have with Mozilla's SeaMonkey v2 in Windows (XP to 64-bit W7), Linux/Debian, and Mac OS X? Thank you in advance. :) -- "Are you slower than an ant?" --Sai Yuk from The Legend of Fong Sai Yuk movie (English subtitles) /\___/\ Phil./Ant @ http://antfarm.ma.cx (Personal Web Site) / /\ /\ \Ant's Quality Foraged Links: http://aqfl.net | |o o| | \ _ /If crediting, then use Ant nickname and AQFL URL/link. ( ) If e-mailing, then axe ANT from its address if needed. Ant is currently not listening to any songs on this computer. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: What's a good addon/extension to watch for phishing sites?
I do use OpenDNS, but apprarently they didn't catch http://www.aion-account-ncsoft.com/, but Chrome did. :( I need more protections like in my web browsers too but not from OpenDNS. I did submit http://www.aion-account-ncsoft.com/ to them. On 9/8/2010 8:41 AM PT, d...@kd4e.com typed: Go to OpenDNS.org They have excellent phishing-blocking resources. Phishing web sites are getting more sneaky these days! What's a good one to have with Mozilla's SeaMonkey v2 in Windows (XP to 64-bit W7), Linux/Debian, and Mac OS X? Thank you in advance. :) -- "Are you slower than an ant?" --Sai Yuk from The Legend of Fong Sai Yuk movie (English subtitles) /\___/\ Phil./Ant @ http://antfarm.ma.cx (Personal Web Site) / /\ /\ \Ant's Quality Foraged Links: http://aqfl.net | |o o| | \ _ /If crediting, then use Ant nickname and AQFL URL/link. ( ) If e-mailing, then axe ANT from its address if needed. Ant is currently not listening to any songs on this computer. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: What's a good addon/extension to watch for phishing sites?
Go to OpenDNS.org They have excellent phishing-blocking resources. Phishing web sites are getting more sneaky these days! What's a good one to have with Mozilla's SeaMonkey v2 in Windows (XP to 64-bit W7), Linux/Debian, and Mac OS X? Thank you in advance. :) -- Thanks! & 73, doc, KD4E "Communicators must defend free speech or risk losing freedom entirely." A Search Engine & More! http://ixquick.com |_|___|_| | | & | | /\ {| / \ {| /\{| / @ \ {| | |~_|| | -| || \ # http://KD4E.com Have an http://ultrafidian.com day! ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
What's a good addon/extension to watch for phishing sites?
Hi! Phishing web sites are getting more sneaky these days! What's a good one to have with Mozilla's SeaMonkey v2 in Windows (XP to 64-bit W7), Linux/Debian, and Mac OS X? Thank you in advance. :) -- /\___/\ Phil./Ant @ http://antfarm.ma.cx (Personal Web Site) / /\ /\ \Ant's Quality Foraged Links: http://aqfl.net | |o o| | \ _ /If crediting, then use Ant nickname and AQFL URL/link. ( ) If e-mailing, then axe ANT from its address if needed. Ant is currently not listening to any songs on this computer. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Tabnabbing: A New Type of Phishing Attack
NoOp wrote: On 08/12/2010 12:54 PM, Beverly Howard wrote: >> proof of concept<< I assumed (and hoped) that it was innocent, but, as it would work when malicious, I got pulled off the page before I had time to read far enough to get to the full explanation of what _was_ going to happen. When I returned to the tab, there as the bogus page. imho, the user should have been offered the option of experiencing the phish rather than having it execute on the page reporting on the possibility. It was pretty disturbing, albeit educational. Beverly Howard Try it Out You can try it out on this very website (it works in all major browsers). Click away to another tab for at least five seconds. Flip to another tab. Do whatever. Then come back to this tab. You switched away from the tab (either to a different tab, to check this newsgroup, email, whatever). Try sitting on the tab without switching away; you can read the entire article, go get coffee, do what you wish. The code won't activate until you switch away from it; that's the actual point the author is making. I was still reading the page when, before my eyes, it changed!! Daniel ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Tabnabbing: A New Type of Phishing Attack
>> The code won't activate until you switch away from it; that's the actual point the author is making. << An excellent point... but, they way it happened to me was sort of like getting stabbed in order to learn not to go down dark alleyways ;-) Beverly Howard ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Tabnabbing: A New Type of Phishing Attack
On 08/12/2010 12:54 PM, Beverly Howard wrote: > >> proof of concept << > > I assumed (and hoped) that it was innocent, but, as it would work when > malicious, I got pulled off the page before I had time to read far > enough to get to the full explanation of what _was_ going to happen. > > When I returned to the tab, there as the bogus page. imho, the user > should have been offered the option of experiencing the phish rather > than having it execute on the page reporting on the possibility. It was > pretty disturbing, albeit educational. > > Beverly Howard Try it Out You can try it out on this very website (it works in all major browsers). Click away to another tab for at least five seconds. Flip to another tab. Do whatever. Then come back to this tab. You switched away from the tab (either to a different tab, to check this newsgroup, email, whatever). Try sitting on the tab without switching away; you can read the entire article, go get coffee, do what you wish. The code won't activate until you switch away from it; that's the actual point the author is making. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Tabnabbing: A New Type of Phishing Attack
>> proof of concept << I assumed (and hoped) that it was innocent, but, as it would work when malicious, I got pulled off the page before I had time to read far enough to get to the full explanation of what _was_ going to happen. When I returned to the tab, there as the bogus page. imho, the user should have been offered the option of experiencing the phish rather than having it execute on the page reporting on the possibility. It was pretty disturbing, albeit educational. Beverly Howard ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Tabnabbing: A New Type of Phishing Attack
On 08/12/2010 08:45 AM, Beverly Howard wrote: > Be aware of the fact that the first link in the op _executes_ the > attack! While this page may be benevolent, it is deceptive and it does > solicit a login!!! > > Beverly Howard > It's a 'proof-of-concept'. Watch the flash video & he explains exactly what he is doing & how. Also: <http://krebsonsecurity.com/2010/05/devious-new-phishing-tactic-targets-tabs/> Raskin includes a proof-of-concept at his site, which is sort of creepy when you let it run. In fact, at least once while composing this blog post in Firefox I went to click on the tab that had my Gmail inbox open, only to discover I’d accidentally clicked on Raskin’s page, which had morphed into the fake Gmail site in the interim. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Tabnabbing: A New Type of Phishing Attack
Be aware of the fact that the first link in the op _executes_ the attack! While this page may be benevolent, it is deceptive and it does solicit a login!!! Beverly Howard ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Tabnabbing: A New Type of Phishing Attack
On 08/11/2010 05:28 PM, Phillip Jones wrote: > NoOp wrote: >> Rather interesting read: >> http://www.azarask.in/blog/post/a-new-type-of-phishing-attack >> http://hacks.mozilla.org/2010/04/account-manager-coming-to-firefox/ >> >> Works on: >> Build identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.11) >> Gecko/20100701 Lightning/1.0b1 SeaMonkey/2.0.6 >> > > The first website is one reason I don't use tabs, never have and never > will. > I switch from page to page (like viewing a slideshow). > Were that true, I suspect that you would have brought up this, or similar, previously. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Tabnabbing: A New Type of Phishing Attack
NoOp wrote: Rather interesting read: http://www.azarask.in/blog/post/a-new-type-of-phishing-attack http://hacks.mozilla.org/2010/04/account-manager-coming-to-firefox/ Works on: Build identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.11) Gecko/20100701 Lightning/1.0b1 SeaMonkey/2.0.6 The first website is one reason I don't use tabs, never have and never will. I switch from page to page (like viewing a slideshow). -- Phillip M. Jones, C.E.T."If it's Fixed, Don't Break it" http://www.phillipmjones.netmailto:pjon...@kimbanet.com ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Tabnabbing: A New Type of Phishing Attack
Rather interesting read: http://www.azarask.in/blog/post/a-new-type-of-phishing-attack http://hacks.mozilla.org/2010/04/account-manager-coming-to-firefox/ Works on: Build identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.11) Gecko/20100701 Lightning/1.0b1 SeaMonkey/2.0.6 ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Subject: Re: phishing
Daniel wrote: > Beauregard T. Shagnasty wrote: >> Pat Connors wrote: >> [Beauregard wrote:] > > >> Your threads are hard to follow, as you seem to be creating a new one >> nearly every time you post. Please, just reply instead. > > Beauregard, this is a situation caused by posting from the "lists" > (or whatever) version of getting the posts on this server. It has > always been a problem with OP's new posts not linking to the original > thread. I understand. The situation, at least in my observation, is that if the list-email poster chose "Reply" to a post, it would thread correctly, but some of them seem to choose "Write" or "Compose" instead, thus wiping out the Reference-IDs. It's a sticky business... :-) -- -bts -Four wheels carry the body; two wheels move the soul ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Subject: Re: phishing
Beauregard T. Shagnasty wrote: Pat Connors wrote: [Beauregard wrote:] Your threads are hard to follow, as you seem to be creating a new one nearly every time you post. Please, just reply instead. Beauregard, this is a situation caused by posting from the "lists" (or whatever) version of getting the posts on this server. It has always been a problem with OP's new posts not linking to the original thread. Daniel ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: phishing
On 05/13/2010 12:28 PM, Ray_Net wrote: > Pat Connors a écrit : ... >> I just want this to not happen again. I think I am going to have to go >> back to Facebook and close out the account so no one can get on my page. >> > I think that you will have great difficulties to close your account ... > facebook is a devil Or... http://www.theregister.co.uk/2010/05/14/facebook_trust_dumb/ I liked this part: Facebook also has something else going for it - ordinary users regard it as the natural upgrade to Hotmail. In fact, once the crap has been peeled away, there may not be much more to Facebook than the Yahoo! or Hotmail Address Book with knobs on: the contact book is nicely integrated, uploading photos to share easier, while everything else is gravy. Unlike tech-savvy users, many people remain loyal to these for years. ® ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Subject: Re: phishing
Yes, I saw the article this morning when I opened my ATT-Yahoo mail which I check every morning before downloading it to SeaMonkey. I also think the NY Times is doing an investigative piece on all the security problems people are having as a result of joining FB. This article just came out on Yahoo either yesterday or the day before. I think it was written because you are definitely NOT the first person to encounter your problems. http://finance.yahoo.com/family-home/article/109538/7-things-to-stop-doing-now-on-facebook -- Pat Connors, Sacramento, CA http://www.connorsgenealogy.com ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Subject: Re: phishing
support-seamonkey-requ...@lists.mozilla.org wrote: And it isn't SeaMonkey's fault. > > No, and I never said it was. ... You erased the smiley from my statement. I am sorry, I had a horrible day yesterday with the scanning, new computer plus dealing with Windows 7 and trying to install the new Zone Alarm...I guess I wasn't smiling. Today is better, I am now only dealing with how to get off Facebook completely. Here are some back to you. :-) :-) :-) -- Pat Connors, Sacramento, CA http://www.connorsgenealogy.com ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: phishing
Pat Connors wrote: support-seamonkey-requ...@lists.mozilla.org wrote: I think your terms and usage is what is confusing. Your address book was not compromised, or hacked, or trojanized. It's a Facebook option that you (whether you knew it or not) agreed to. Yes, you are correct, I did use the wrong terms. It took a while to figure out what actually happened. After all those scans, I know it is not my computer but the Facebook program. I don't remember them asking me about copying my Address Book because I would have said, NO. And it isn't SeaMonkey's fault. No, and I never said it was. I have been on SeaMonkey, since it's beginning (after Netscape) and love it. I was trying to get help with a problem I didn't fully understand. Again, thanks to all that have helped me understand what was happening. Pat, This article just came out on Yahoo either yesterday or the day before. I think it was written because you are definitely NOT the first person to encounter your problems. http://finance.yahoo.com/family-home/article/109538/7-things-to-stop-doing-now-on-facebook Personally, I'd look at the smaller social networking sites and convince your friends to do the same. Technology is great, just not when you are the guinea pig and treated like one. Good luck. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: phishing
Pat Connors wrote: > [Beauregard, not support-seamonkey-requ...@lists.mozilla.org wrote: >> I think your terms and usage is what is confusing. Your address book >> was not compromised, or hacked, or trojanized. It's a Facebook >> option that you (whether you knew it or not) agreed to. > > Yes, you are correct, I did use the wrong terms. It took a while to > figure out what actually happened. After all those scans, I know it > is not my computer but the Facebook program. I don't remember them > asking me about copying my Address Book because I would have said, > NO. It must be a buried option. I had set up a Facebook account about a year ago so I could look for 50th year reunion classmates on FB. Since I really did not want an account, I used a not-real name, and a Gmail address that I keep for, um, testing purposes. I did have about a dozen real addresses in the Gmail address book. During the FB signup process, I noticed a cryptic, short textbox about three lines high, that contained a checkbox (pre-checked) for all those real addresses! The only way to NOT "invite everyone in my address book" was to manually UN-check each and every one. Obviously, there was/is breach-of-privacy collusion between Google Gmail and Facebook. How else would my "private" Gmail addresses get listed on the Facebook signup pages? (I would never use Gmail for my real email business.) >> And it isn't SeaMonkey's fault. > > No, and I never said it was. ... You erased the smiley from my statement. -- -bts -Four wheels carry the body; two wheels move the soul ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: phishing
Mark Hansen wrote: Actually, virus scanning as a whole is hit or miss. Just because you run one (or all) of them doesn't in any way mean you don't have a virus, etc., on your machine. The only tool in existence that will prevent your machine from getting a virus is to never turn it on in the first place. The scanner/cleaner tools can find most things, but they can't by any stretch of the imagination find everything. This just isn't possible. To help you see this, imagine the company that created a virus scanner. They designed their scanner to look for particular patterns in files which match known virus patterns. Known at that time, that is. Now, consider the situation even 5 minutes after they released their latest virus scanning database to you. Someone on the planet can develop a new virus which the scanner software doesn't know to look for. How will running the scanner software catch this one? It simply can't. In a few days/weeks, the software may be updated to catch that particular virus (depending on how easy it is to detect and how quickly the scanner software people are able to react to it). Note also that if you're the only one hit by a particular virus, the scanner software people may not even know about it - so their software might never be updated to look for it. I hope this help you understand things a bit better. It depends a lot on how the programmer writes the definitions. Suppose a security force is watching for criminals entering a company's premises, and they define "criminal" as anyone carrying a gun. In that case, they must do what they can to detect guns, such as x-ray scanners at the gate. But some criminals don't carry guns -- some thieves, for example, may try to sneak in and out without being detected, and rely on stealth rather than force. So the security force needs to update its definitions to recognize this type of criminal. Perhaps they also search for anyone carrying a lock pick. And so forth. It becomes a pretty complex task relying on a variety of indicators. But it would be silly to look only for individuals who match a photo in a particular album of known criminals, and modern virus scanners aren't this silly. Instead, they use heuristics that recognize certain actions or techniques -- like a security force noticing an individual who walks down a hallway trying every door. A normal person would not do that, so this action is a giveaway that the person is probably a thief. And they'll detain him even though he may never have been caught before. -- War doesn't determine who's right, just who's left. -- Paul B. Gallagher ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: phishing
support-seamonkey-requ...@lists.mozilla.org wrote: I think your terms and usage is what is confusing. Your address book was not compromised, or hacked, or trojanized. It's a Facebook option that you (whether you knew it or not) agreed to. Yes, you are correct, I did use the wrong terms. It took a while to figure out what actually happened. After all those scans, I know it is not my computer but the Facebook program. I don't remember them asking me about copying my Address Book because I would have said, NO. And it isn't SeaMonkey's fault. No, and I never said it was. I have been on SeaMonkey, since it's beginning (after Netscape) and love it. I was trying to get help with a problem I didn't fully understand. Again, thanks to all that have helped me understand what was happening. -- Pat Connors, Sacramento, CA http://www.connorsgenealogy.com ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: phishing
On 5/13/2010 10:59 AM, Pat Connors wrote: > I really want to thank all for the help you are giving me. >> Download the "free version" fromhttp://www.malwarebytes.org/ and run it >> ASAP. This is probably the best free programs available to detect and >> remove any unwanted files on your pc. >> > > I did this and this is the 3rd scan in less than 24 hours that I have > done (McAfee, Windows Security) and this one took the longest (over 2 > hours) and scanned over 275,000 files and I really feel it was the most > complete. None of them found anything. Remember this is a brand new > computer. I am confident their is no virus/worm on my computer. Actually, virus scanning as a whole is hit or miss. Just because you run one (or all) of them doesn't in any way mean you don't have a virus, etc., on your machine. The only tool in existence that will prevent your machine from getting a virus is to never turn it on in the first place. The scanner/cleaner tools can find most things, but they can't by any stretch of the imagination find everything. This just isn't possible. To help you see this, imagine the company that created a virus scanner. They designed their scanner to look for particular patterns in files which match known virus patterns. Known at that time, that is. Now, consider the situation even 5 minutes after they released their latest virus scanning database to you. Someone on the planet can develop a new virus which the scanner software doesn't know to look for. How will running the scanner software catch this one? It simply can't. In a few days/weeks, the software may be updated to catch that particular virus (depending on how easy it is to detect and how quickly the scanner software people are able to react to it). Note also that if you're the only one hit by a particular virus, the scanner software people may not even know about it - so their software might never be updated to look for it. I hope this help you understand things a bit better. Best Regards, ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: phishing
Pat Connors wrote: > I think what happened is that on my last visit to Facebook, with the > old computer, my address book was compromised. I think your terms and usage is what is confusing. Your address book was not compromised, or hacked, or trojanized. It's a Facebook option that you (whether you knew it or not) agreed to. > Part of Facebook's program is to send an email to everyone in your > Address Book an invitation to join you on Facebook. Exactly. I receive those every once in a while, from people getting new Facebook accounts. The default is "do it." But it isn't spamming, it's not a scam, and it isn't phishing. And it isn't SeaMonkey's fault. :-) -- -bts -Four wheels carry the body; two wheels move the soul ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: phishing
On or about 5/13/2010 2:34 PM, Pat Connors hatte gesagt: > support-seamonkey-requ...@lists.mozilla.org wrote: >> If you are not behind a firewall router, then I would recommend software >> like zone alarm internet security suite. I don't consider mcafee to be >> all that good. ZAISS will give you a top level software firewall, AV, >> spyware, etc, all in one place and let you monitor every connection from >> your computer to the outside world. >> > > Thanks for the help. I have Zone Alarm on my old computer and have a > subscription to it so will get that going again on this new one. I am > confident that I don't have anything on my computer causing the problem > now that I have scanned it 3 times in 24 hours by 3 different programs. > I think it is Facebook. I went into it again for the first time and > changed my password which is what Facebook suggested. My next step is > to take my page down and get out of Facebook completely. > > Lots of luck. My understanding is that you cannot get out completely. They only close you account temporarily. You can reactivate it at any time. -- Ed "No act of kindness, no matter how small, is ever wasted." -Aesop (620-560 BC) ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: phishing
Pat Connors a écrit : I really want to thank all for the help you are giving me. Download the "free version" fromhttp://www.malwarebytes.org/ and run it ASAP. This is probably the best free programs available to detect and remove any unwanted files on your pc. I did this and this is the 3rd scan in less than 24 hours that I have done (McAfee, Windows Security) and this one took the longest (over 2 hours) and scanned over 275,000 files and I really feel it was the most complete. None of them found anything. Remember this is a brand new computer. I am confident their is no virus/worm on my computer. I think what happened is that on my last visit to Facebook, with the old computer, my address book was compromised. Part of Facebook's program is to send an email to everyone in your Address Book an invitation to join you on Facebook. When I first got on the program, I elected not to do this. However, they changed their interface and an I think I clicked on something on the new interface that opened up that option, ripe to the spam programs that have plagued Facebook. I have not been on Facebook since my last visit and the next day was when the first spam emails were sent out in my name to some of the addresses in my Address Book. This last time the spam emails went to everyone in my Address Book. I just want this to not happen again. I think I am going to have to go back to Facebook and close out the account so no one can get on my page. I think that you will have great difficulties to close your account ... facebook is a devil ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: phishing
support-seamonkey-requ...@lists.mozilla.org wrote: If you are not behind a firewall router, then I would recommend software like zone alarm internet security suite. I don't consider mcafee to be all that good. ZAISS will give you a top level software firewall, AV, spyware, etc, all in one place and let you monitor every connection from your computer to the outside world. Thanks for the help. I have Zone Alarm on my old computer and have a subscription to it so will get that going again on this new one. I am confident that I don't have anything on my computer causing the problem now that I have scanned it 3 times in 24 hours by 3 different programs. I think it is Facebook. I went into it again for the first time and changed my password which is what Facebook suggested. My next step is to take my page down and get out of Facebook completely. -- Pat Connors, Sacramento, CA http://www.connorsgenealogy.com ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
re: phishing
I really want to thank all for the help you are giving me. Download the "free version" fromhttp://www.malwarebytes.org/ and run it ASAP. This is probably the best free programs available to detect and remove any unwanted files on your pc. I did this and this is the 3rd scan in less than 24 hours that I have done (McAfee, Windows Security) and this one took the longest (over 2 hours) and scanned over 275,000 files and I really feel it was the most complete. None of them found anything. Remember this is a brand new computer. I am confident their is no virus/worm on my computer. I think what happened is that on my last visit to Facebook, with the old computer, my address book was compromised. Part of Facebook's program is to send an email to everyone in your Address Book an invitation to join you on Facebook. When I first got on the program, I elected not to do this. However, they changed their interface and an I think I clicked on something on the new interface that opened up that option, ripe to the spam programs that have plagued Facebook. I have not been on Facebook since my last visit and the next day was when the first spam emails were sent out in my name to some of the addresses in my Address Book. This last time the spam emails went to everyone in my Address Book. I just want this to not happen again. I think I am going to have to go back to Facebook and close out the account so no one can get on my page. Thanks again to all who have tried to help me. -- Pat Connors, Sacramento, CA http://www.connorsgenealogy.com ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: phishing
If your computer is that new, I would advise backing up all of your data files and re-installing your operating system. That is the simplest way to be sure that your computer is clean. You can put days into using different security software apps and never really be sure, or spend a few hours re-installing and get it over with. If you go that route, make sure you also make backups of all the installers you use to install apps on your computer (such as seamonkey, firefox, spybot SSD, etc). That way you won't have to download all kinds of stuff to get set up again. Make sure your backups are in a different partition, or on a different drive, than the operating system partition where you will re-install. If you are not behind a firewall router, then I would recommend software like zone alarm internet security suite. I don't consider mcafee to be all that good. ZAISS will give you a top level software firewall, AV, spyware, etc, all in one place and let you monitor every connection from your computer to the outside world. Mark S. Beaulieu wrote: Pat Connors a écrit : I have a firewall, I have scanned my computer twice yesterday with both McAfee and a Microsoft Windows program and nothing was found. My computer is three weeks old and I have never been on Facebook with it. Maybe McAfee didn't catch that specific trojan. Try Malwarebytes and Spybot, as has been suggested previously. They don't search for the same things as antivirus software. S. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Subject: Re: phishing
Pat Connors wrote: [Beauregard wrote:] >> Since you've apparently posted the contents of your email address >> book on Facebook, what kind of "protection" could there be? You've >> already given it away. > > I never posted the contents of my email address book on Facebook. I > didn't not give it away, it was taken from me and I want to know what > I can do to stop it from happening again. I have a firewall, I have > scanned my computer twice yesterday with both McAfee and a Microsoft > Windows program and nothing was found. My computer is three weeks old > and I have never been on Facebook with it. Well, in one of your other messages, you said, "but I believe my Address Book got compromised on Facebook" - which would imply that there was some connection between your problem and that site. You also said (in I believe your first post), "The first time it happened was about a month ago on *my old computer* after I was on Facebook and then yesterday it happened again on *my new computer* " - so the fact that you actually got a new computer makes trojans less likely. Maybe... I don't know what to suggest anymore (other than you should run the Malwarebytes Anti-Malware application as was suggested. It's free. Download, install, get latest update from web, run a full scan. http://www.malwarebytes.org/ Your threads are hard to follow, as you seem to be creating a new one nearly every time you post. Please, just reply instead. -- -bts -Four wheels carry the body; two wheels move the soul ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Subject: Re: phishing
Pat Connors a écrit : I have a firewall, I have scanned my computer twice yesterday with both McAfee and a Microsoft Windows program and nothing was found. My computer is three weeks old and I have never been on Facebook with it. Maybe McAfee didn't catch that specific trojan. Try Malwarebytes and Spybot, as has been suggested previously. They don't search for the same things as antivirus software. S. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: phishing?
I think I am using the wrong term. My address book has been compromised and spam emails have been sent to everyone in it looking like they came from me but they didn't. Dephine "phished." If you mean some bozo sent a message trying to scam you but you didn't bite, no big deal, everybody gets those now and then, some more than others. -- Pat Connors, Sacramento, CA http://www.connorsgenealogy.com ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Subject: Re: phishing
I never posted the contents of my email address book on Facebook. I didn't not give it away, it was taken from me and I want to know what I can do to stop it from happening again. I have a firewall, I have scanned my computer twice yesterday with both McAfee and a Microsoft Windows program and nothing was found. My computer is three weeks old and I have never been on Facebook with it. Since you've apparently posted the contents of your email address book on Facebook, what kind of "protection" could there be? You've already given it away. -- Pat Connors, Sacramento, CA http://www.connorsgenealogy.com ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: phishing
Pat Connors wrote: Evidently, I wasn't clear. It has nothing to do with picking up my email address, it has to do with getting /into/ my Address Book and sending spam emails to all in the book. The email looks like it came from me but the were never sent by my email program. I have all kinds of virus protection and spyware protection and scan my computer once a week but I believe my Address Book got compromised on Facebook or when I was browsing the web. I am wondering if there are software out there where you can lock your Address Book in some manner where others can't get into it or is there someway, I can do it with SeaMonkey. I will never go on Facebook again, without protection. Don't publish your email address? I see yours here in your post; and I also see it on your web site, where harvesters can easily get it. Pat, Like bts wrote, you most likely have a trojan that is running on your computer and taking over as we speak! Download the "free version" from http://www.malwarebytes.org/ and run it ASAP. This is probably the best free programs available to detect and remove any unwanted files on your pc. The second program I would download and run, after malwarebytes, is Spybot - Search and Destroy - another great program. In addition, after you do the previous two suggestions, I would give the free version of Avast! a try - a great anti-virus program that I've used for a few years now and haven't had one attack come through since installing it. Let us know how this works out for you, okay? Glen ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: phishing
Pat Connors wrote: > Beauregard wrote: >> Don't publish your email address? I see yours here in your post; and I >> also see it on your web site, where harvesters can easily get it. > Evidently, I wasn't clear. I suppose not then. I read your original post as you were receiving phishing email and wondered how to stop it. "I have been phished two times." (It's in another thread.) Perhaps you misused the term phishing, which means "an email designed to entice me to a hacker's web site so I can give him my bank account numbers" and similar. > It has nothing to do with picking up my email address, it has to do > with getting /into/ my Address Book and sending spam emails to all in > the book. If that is truly the case, your computer is infected with a trojan. This is the only way spam could *originate* on your computer. > The email looks like it came from me but the were never sent by my > email program. No, of course not. All modern spamming trojans (in those million-PC bot-nets) have their own internal SMTP engine. They send when you're not looking. > I have all kinds of virus protection and spyware protection and scan > my computer once a week but I believe my Address Book got compromised > on Facebook Yes, Facebook. There's your answer! It's a security sieve. > or when I was browsing the web. Not likely. > I am wondering if there are software out there where you can lock your > Address Book in some manner where others can't get into it or is > there someway, I can do it with SeaMonkey. I will never go on > Facebook again, without protection. If your computer has a trojan, there's no way to lock "your address book" or anything else on the PC. Since you've apparently posted the contents of your email address book on Facebook, what kind of "protection" could there be? You've already given it away. -- -bts -Linux viruses: a few dozen, and they only exist in the lab -Mac viruses: maybe a hundred, and also mostly in the lab -Windows viruses: I've lost track; do we have a quarter-million yet? ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: phishing
Evidently, I wasn't clear. It has nothing to do with picking up my email address, it has to do with getting /into/ my Address Book and sending spam emails to all in the book. The email looks like it came from me but the were never sent by my email program. I have all kinds of virus protection and spyware protection and scan my computer once a week but I believe my Address Book got compromised on Facebook or when I was browsing the web. I am wondering if there are software out there where you can lock your Address Book in some manner where others can't get into it or is there someway, I can do it with SeaMonkey. I will never go on Facebook again, without protection. Don't publish your email address? I see yours here in your post; and I also see it on your web site, where harvesters can easily get it. -- Pat Connors, Sacramento, CA http://www.connorsgenealogy.com ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey