Following on from the Shell security issue recently here’s another vulnerability in Mozilla. A flaw in the Mozilla/FireFox web browsers (which I typically recommend, and (probably) still do recommend), has come to light. The problem was raised in 1999, and has been opened under a “5-year rule” (similar concept to UK Gov’s “30-Year rule” for Official Secrets). BACKGROUND: Mozilla allows the user interface (menus, toolbars, etc) to be customised by “plugins” - extra bits of software which add nifty features like blocking adverts, etc. EFFECT: This means that a malicious website could change the “Location:” bar to say something trustworthy. IMPACT: www.badsite.com can present a copy of your bank’s login screen, and you can’t use the “The Location: bar must say ‘www.goodsite.com’” test to ensure that you are really visiting that site. So you can see a webpage that looks like the site you expected to see, and the Location: bar says www.goodsite.com, but you would actually be sending your password to www.badsite.com CAVEATS:

  • Internet Explorer has a more deeply-rooted bug, for which a patch is expected in the next few weeks (this is a POOR excuse)
  • You would have to be hoaxed into visiting the bad site
  • We have no way of knowing what flaws exist in other web browsers (this is a VERY POOR excuse, at best).
  • tru5tn01 SUMMARY: The “Caveats” are insignificant. This is a significant problem, which has existed for 5 years, and has only just come to light. The fact that Internet Explorer is crap, is no excuse at all. WORKAROUND:
  • In Mozilla/FireFox, type “about:config” in the Location:bar
  • Change the settings below to “TRUE”:
  • Restart Mozilla/FireFox SETTINGS TO CHANGE:
dom.disable_window_move_resize = true
dom.disable_window_open_feature.close = true
dom.disable_window_open_feature.directories = true
dom.disable_window_open_feature.location = true
dom.disable_window_open_feature.menubar = true
dom.disable_window_open_feature.minimizable = true
dom.disable_window_open_feature.personalbar = true
dom.disable_window_open_feature.resizable = true
dom.disable_window_open_feature.scrollbars = true
dom.disable_window_open_feature.status = true
dom.disable_window_open_feature.titlebar = true
dom.disable_window_open_feature.toolbar = true
dom.disable_window_status_change = true

It could be argued that these should be set to “True” by default, which would avoid the problem in the first place. REFERENCES: