| 6:18 pm on Jan 14, 2005 (gmt 0)|
Is there any way folks could get hold of adsense or adwords passwords this way?
| 7:22 pm on Jan 14, 2005 (gmt 0)|
As an FYI - that page in Hebrew is just a login page, not the actual article. That newspaper changed their site to subscription based a few years ago.
| 7:31 am on Jan 15, 2005 (gmt 0)|
The ynet article also states that this kind of flaw, although not trivial to perform, is present in many major sites, and that users should be aware of any comparison sites using URL referrals with your proprietary user ID or account ID stringed to it.
| 7:45 am on Jan 15, 2005 (gmt 0)|
Has been fixed.
| 7:59 am on Jan 15, 2005 (gmt 0)|
Did you read all of Brett's initial post?
| 10:15 am on Jan 15, 2005 (gmt 0)|
Well actually Ynet is still free for Israeli users, however, worldwide IPs has to subscribe. Just confirmed that with a proxy server.
| 2:25 am on Jan 20, 2005 (gmt 0)|
Why on earth is this reported in Hebrew - only Jews can read Hebrew
| 2:32 am on Jan 20, 2005 (gmt 0)|
"Why on earth is this reported in Hebrew - only Jews can read Hebrew"
That's the language they write on their site. Anyone really interested (like Google) will find a Jew to translate it.
| 2:53 am on Jan 20, 2005 (gmt 0)|
|...only Jews can read Hebrew |
Jews aren't the only people that can read Hebrew.
| 2:59 am on Jan 20, 2005 (gmt 0)|
And some Jews (okay, LOTS of us) can't read Hebrew. But anyway, lots of high tech people are Israeli, so it stands to reason that some breaking stories will come out of Israel, and they won't be packaged all nice and tidy for Americans.
| 3:29 am on Jan 20, 2005 (gmt 0)|
For those complaining that they can't read Hebrew, remember...there are Jews/Israelis that cannot read English. So for them the only way to post/read this information is in Hebrew.
| 5:22 pm on Jan 20, 2005 (gmt 0)|
Edit: wrong thread, apologies all, been working too hard and late. :-)
[edited by: rocknbil at 5:49 pm (utc) on Jan. 20, 2005]
| 5:34 pm on Jan 20, 2005 (gmt 0)|
I posted this of Foo yesterday. [webmasterworld.com...]
"It wasn't yesterday, in fact this worm may have been around for months and it's just not being recognized by virus software. It apparently can even operate users' connected webcams - the perpetrator was arrested while spying on several remote comps this way. If true, this is big."
| 7:06 pm on Jan 20, 2005 (gmt 0)|
And here's the kicker, apparently although the bug has been fixed, all compromised accounts, even if the user changes their password, are still open to the crackers.
Now imagine that scenario when the next desktop search hole is found and you'll start understanding why desktop search is possibly one of the very worst ideas ever to come up, about as bad as linking IE to the guts of Windows through active x etc. Some ideas are just intrinsically bad.