Hi,
Let's say I'm a hacker with access to a public kiosk,
[...]
I then install that version of Firefox on the kiosk.
Simple: You should not be able to do that (if the kiosk is correctly
configured). If the hacker can install arbitrary code, he could also
install a rootkit with a keylogger or
On 04/05/09 20:27, Andrews, Rick wrote:
Are there any safeguards in place to prevent this hack from succeeding?
Of course not. Code is code - you can make it do anything. It's just
ones and zeroes. They could make the hacked version show your evil
website while having the URL bar display "htt
Ian G wrote, On 2009-05-04 13:26:
> On 4/5/09 22:04, Nelson Bolyard wrote:
>> A very similar hack has already been done. It's a Firefox extension
>> that (IIRC) silently installs some roots and shows the green bar for
>> (some of) the certs that chain up to those roots. See it at
>> https://addo
On 4/5/09 22:04, Nelson Bolyard wrote:
A very similar hack has already been done. It's a Firefox extension that
(IIRC) silently installs some roots and shows the green bar for
(some of) the certs that chain up to those roots. See it at
https://addons.mozilla.org/en-US/firefox/addon/4828
Nice,
On 2009-05-04 12:27, Andrews, Rick wrote:
A customer asked this question, and I couldn't answer it.
Let's say I'm a hacker with access to a public kiosk, and I want users
of that kiosk to see the EV green toolbar when they use the kiosk to
visit my hacked web site. My web site is configured with
public
computer because a
hacked browser may steal it it.
Anders
- Original Message -
From: "Andrews, Rick"
To:
Sent: Monday, May 04, 2009 21:27
Subject: Hacking Firefox
A customer asked this question, and I couldn't answer it.
Let's say I'm a hacker with acce
A customer asked this question, and I couldn't answer it.
Let's say I'm a hacker with access to a public kiosk, and I want users
of that kiosk to see the EV green toolbar when they use the kiosk to
visit my hacked web site. My web site is configured with an SSL cert
signed by my own root.
I acces
7 matches
Mail list logo