Mozilla Privacy Bug
Saturday September 14th, 2002
Yesterday, ZDNet UK News reported that Mozilla has a privacy flaw involving HTTP referers. The flaw can be exploited using the
The bug was filed in Bugzilla as bug 145579 on Sunday 19th May, with the more serious
UPDATE! Bug 145579 has now been made public.
ANOTHER UPDATE! A fix has been checked in to the trunk. A patch for the 1.0 branch will follow shortly.
YET ANOTHER UPDATE! A patch has now been checked in to the 1.0 branch.
#54 Re: Re: Re: Re: Re: Track Record
Wednesday September 18th, 2002 9:07 AM
You are replying to this message
You don't understand the "Black hat" mentality. The number of users dosen't matter. Putting the exploit to use dosen't matter. The "fame", the admiration of other hackers is all that matters.
Finding yet another hole in MEIE is old hat. Finding an exploit in Mozilla is new territory. It will bring more recognition among other hackers than finding yet another exploit in MSIE. It's worth more in the hacker community.
The real problems start after the "black hat" feeds his ego by releasing the exploit on a hacker site. That is when the "script kiddies" pick it up and start using the exploit.
So far the "black hats" have scored ZERO exploits in Mozilla. That makes it a very tempting target. Being the first "black hat" to find a hole in Mozilla will gain a lot of recognition among hackers.