|
View previous topic ::
View next topic
|
| Author |
Message |
 diginferno 
Admiral (Administrator)
Joined: Apr 11, 2006
Member#: 1771
Posts: 3153
Location: Bucharest, Romania
    
    |
 Posted:
Tue Oct 06, 2009 4:03 pm Post subject: IE, Chrome and Safari vulnerable to fake PayPal certificate |
 
|
Long story short: Firefox is the only secure browser for conducting PayPal transactions from Windows-based computers. This is because of a rogue PayPal SSL certificate that has been released "in the wild" by some people in desperate need of a life. Recommended versions of Firefox: 3.5 or 3.0.13 or later.
Users of non-Microsoft operating systems do not seem to be affected.
Here is a link to the original article.
_________________
diginferno
.:: Death.FM Administrator ::.
.::  ::. |
|
 |
 aiolyfe
Lieutenant Commander
Joined: Jan 04, 2008
Member#: 4447
Posts: 421
Location: Colorado
|
|
Posted:
Tue Oct 06, 2009 4:08 pm Post subject: |
|
*sigh*
...fuckin microsoft... they need to buckle down and re-evaluate some things.
_________________
Death to false metal. \,,/ |
|
|
|
 Metalheadbrewer
Commander
Joined: Dec 10, 2008
Member#: 6546
Posts: 729
Location: Santa Rosa, CA.
|
|
Posted:
Tue Oct 06, 2009 4:16 pm Post subject: |
|
Cool, thanks Digi. I only use Firefox anyway but it is good to know.
_________________
Religion is true for the common man.
Religion is false for the wise man.
Religion is power for the rulers.
|
|
|
|
diginferno
Admiral (Administrator)
Joined: Apr 11, 2006
Member#: 1771
Posts: 3153
Location: Bucharest, Romania
|
|
Posted:
Tue Oct 06, 2009 4:26 pm Post subject: |
|
@aio: proof that some managers there are clueless.
@Brewer: you're most welcome. Eyes on the "patch Tuesday" (second Tuesday from each month) to see if they release the too-long-expected patch.
Please inform everyone you know and who may be using PayPal from a Windows computer. It is not PayPal's fault for this.
_________________
diginferno
.:: Death.FM Administrator ::.
.:: ::. |
|
|
|
 cjjeepercreeper
Commodore
Joined: Nov 27, 2006
Member#: 2665
Posts: 5787
Location: At the Mountains of Madness
|
|
Posted:
Tue Oct 06, 2009 5:45 pm Post subject: |
|
Hmm, doesn't mention Opera which is the browser I use when I don't feel like using Firefox. Will just stick to Firefox for Paypal transactions I guess. 
_________________
Memento Mori
 |
|
|
|
diginferno
Admiral (Administrator)
Joined: Apr 11, 2006
Member#: 1771
Posts: 3153
Location: Bucharest, Romania
|
|
Posted:
Tue Oct 06, 2009 6:07 pm Post subject: |
|
@CJ: I don't know if Opera uses the Windows CryptoAPI, which is the defective component. Firefox uses its own cryptography library, that's why it was patched and it's safe. As you said, using FF for a while won't hurt.
_________________
diginferno
.:: Death.FM Administrator ::.
.:: ::. |
|
|
|
cjjeepercreeper
Commodore
Joined: Nov 27, 2006
Member#: 2665
Posts: 5787
Location: At the Mountains of Madness
|
|
Posted:
Tue Oct 06, 2009 6:57 pm Post subject: |
|
I believe Opera is actually similar in its structure to IE.
_________________
Memento Mori
|
|
|
|
 misanthrone
Commodore
Joined: Jun 09, 2006
Member#: 1992
Posts: 3901
Location: BC, Canada
|
|
Posted:
Tue Oct 06, 2009 9:38 pm Post subject: |
|
| Metalheadbrewer wrote: |
| Cool, thanks Digi. I only use Firefox anyway but it is good to know. |
me too, but thanks for info
_________________
None are more hopelessly enslaved than those who falsely believe they are free - Goethe
 |
|
|
|
 Daniem
Commander
Joined: Jan 24, 2007
Member#: 2982
Posts: 536
Location: Curitiba, Brasil
|
|
Posted:
Fri Oct 09, 2009 3:44 pm Post subject: |
|
Wow, nice to know that Firefox is that trusted. Thanks for the information.
_________________
"Fists are in the air. banging everywhere thrashing to the sound, faces melting down!
It's time to fight for metal tonight bangers take your stand and obey... our Metal Command!!"
\m/ |
|
|
|
 Necrophagist666
Lieutenant Commander
![]()
Joined: Oct 06, 2008
Member#: 6105
Posts: 334
Location: Under your bed...
|
|
Posted:
Sat Oct 10, 2009 11:57 am Post subject: |
|
well, I guess its time to get firefox. Thanks digi for the heads up.
_________________
I am generally useless
You should have died when I killed you -John LeCarre
http://soundcloud.com/ethosprophecy |
|
|
|
 Dami
Commodore
Joined: Feb 04, 2005
Member#: 87
Posts: 2536
Location: Stalag 13
|
|
Posted:
Sun Oct 11, 2009 10:25 am Post subject: |
|
| Necrophagist666 wrote: |
| well, I guess its time to get firefox. Thanks digi for the heads up. |
It was time to get Firefox since it was released 
_________________
o
L_
OL
This is Schäuble. Copy Schäuble into your signature to help him on his way to Überwachungsstaat. |
|
|
|
cjjeepercreeper
Commodore
Joined: Nov 27, 2006
Member#: 2665
Posts: 5787
Location: At the Mountains of Madness
|
|
Posted:
Sun Oct 11, 2009 10:47 am Post subject: |
|
| Dami wrote: |
| Necrophagist666 wrote: |
| well, I guess its time to get firefox. Thanks digi for the heads up. |
It was time to get Firefox since it was released |
So very true. We even switched to FF a year or so ago at work, you can't even use IE there. 
_________________
Memento Mori
|
|
|
|
Necrophagist666
Lieutenant Commander
![]()
Joined: Oct 06, 2008
Member#: 6105
Posts: 334
Location: Under your bed...
|
|
Posted:
Tue Oct 20, 2009 11:42 pm Post subject: |
|
my school still uses IE 6....
_________________
I am generally useless
You should have died when I killed you -John LeCarre
http://soundcloud.com/ethosprophecy |
|
|
|
Dami
Commodore
Joined: Feb 04, 2005
Member#: 87
Posts: 2536
Location: Stalag 13
|
|
Posted:
Wed Oct 21, 2009 3:44 am Post subject: |
|
| Necrophagist666 wrote: |
| my school still uses IE 6.... |
Schools are very common to be THAT up to date (at least in Germany) 
_________________
o
L_
OL
This is Schäuble. Copy Schäuble into your signature to help him on his way to Überwachungsstaat. |
|
|
|
diginferno
Admiral (Administrator)
Joined: Apr 11, 2006
Member#: 1771
Posts: 3153
Location: Bucharest, Romania
|
|
Posted:
Wed Oct 21, 2009 4:49 am Post subject: |
|
Hey, I also have IE6 at home, but that doesn't mean I'm using it I mean, I'm still using Windows 2000 on my home computer and all I can say is that it's stabler and it doesn't act up in stupid ways like the Windows XP I use at work.
Btw, the last "patch Tuesday" was supposed to cover that hole in CryptoAPI, but the CryptoAPI patch seems to break other services. Many people had banged their heads against their desks because their servers suddenly stopped working after the last Microsoft Update. My advice: keep using safe browsers, as this patch seems to be unstable itself.
_________________
diginferno
.:: Death.FM Administrator ::.
.:: ::. |
|
|
|
|
|
