|
|
|
Top Stories
|
Google and eBay thwart phishing redirection ruse23 Jan 2008 12:58 Clean up campaign bears fruit
security 101By Iain Black
Posted Wednesday 23rd January 2008 14:17 GMT
 Was about to write.. this really is security 101... and then noticed that a page I wrote around 6 years ago has the same vunerability. Oops :-[ ] But in my defence: 1- I now know better 2- I was only learning dynamic web pages at the time and 3- I was not a multi billion dollar company!! Must go over 7 year old Perl code now... Google redirection you say?By Anonymous Coward
Posted Wednesday 23rd January 2008 14:27 GMT
http://www.google.com/search?q=%22paris+hilton%22&as_sitesearch=theregister.co.uk&btnI If you're inventive with the q and as_sitesearch parameters you can have hours of fun. People see a Google query and don't think to check for the site. 30 Second Effective Fix.By Edward Pearson
Posted Wednesday 23rd January 2008 14:38 GMT
99% of these redirect scripts can be secured through the use of a referrer check. Have they really cleaned up their act?By Anonymous Coward
Posted Thursday 24th January 2008 08:01 GMT
Um well about 75% of the spam I get has has links referred to by AOL, MSN, Yahoo and, yes, still Google. news.google.tw seems to be the favourite. So I don't think Google has cleaned up its act at all; I think it is effectively supporting spammers (maybe not phishers though, but effectively they are all the same now). Appalling behaviour I'd say. The period for commenting on this story has finished |
Breaking Hardware News
San Francisco City Council regained access to its own computer network today after Mayor Gavin Newsom convinced network administrator Terry Childs to give them the passwords.
Newsletter |
|
![[Mobile]](/Design/graphics/icons/mobile.png "The Register Mobile"){kind=icon}
