The Java Popup you Can't Stop 480
An anonymous reader writes "In his brand new hackademix.net blog, Giorgio Maone, known as the author of the NoScript security extension for Firefox, reveals how popup blockers can be easily circumvented using Java. Worse, popups opened this way are really evil, because they can be sized to cover the whole desktop (the wet dream of any phisher) and cannot be closed by user (the wet dream of any web advertiser).
Impressive demos available, all cross-browser and cross-platform, in the best Java tradition: 'Write once, hack anywhere' "
Don't spread this! (Score:5, Funny)
Who'd have thought it? (Score:4, Funny)
so how do i know (Score:5, Funny)
oh shit
DOOMED (Score:1, Funny)
Dont worry, I'll turn off the lights on my way out (Score:3, Funny)
Re:Don't spread this! (Score:5, Funny)
Re:Don't spread this! (Score:5, Funny)
As for voting Bush. Since I'm not a US citizen, that would require use of the password '12345678'.
This will lead to (Score:2, Funny)
1. Java Popups 1.0
2. Java Popups on Struts
3. Java Popups 1.1. (Not compatible with 1.0 or struts, needs a patch to SunOS to work)
4. JPEE. (Java Popups, Enterprise Edition- Not compatible with 1.1)
5. Java Popups for Mobile Devices.
6. Java Popups for Mobile Devices, Enterprise Edition.
HA, and you thought that Java was going to make this easy for Phishers and Advertizers.
Re:NoScript, but they don't work (Score:5, Funny)
Obligatory Linux Elitism (Score:4, Funny)
Thing #397 That You Can Do In Linux But Can't In Other Popular Desktop OS's:
1. Ctrl+Atl+F1
2. Log In
3. missile-launch -f --target-from-process java
4. killall java
4a. killall firefox-bin (if necessary)
Actually this story is strangely coincidental; just a few minutes ago, I was trying to show a coworker a cool graphical demo of different sorting algorithm efficiencies, but I didn't have the Java plugin installed. Still don't.
Re:Who'd have thought it? (Score:5, Funny)
Didn't you read the headline? You can't stop these things. Heck, the demo popped up an unkillable window on my AmigaOS box, and no JVM even exists for that...
Popups, Wet Dreams... (Score:3, Funny)
Lovely (Score:5, Funny)
The one sure way to endear me to a product and cause me to whip out my credit card is to pop up a window over my entire screen that I cannot remove. This type of "in your face" advertising is exactly what reluctant consumers like myself need.
Re:and the wet dream of any victim (Score:3, Funny)
Exactly!
Re:Who'd have thought it? (Score:3, Funny)
I had no idea Java was so powerful.
pfft (Score:4, Funny)
don't be dense (Score:4, Funny)
Re:Don't spread this! (Score:3, Funny)
Re:and the wet dream of any victim (Score:3, Funny)
OK then, let's disable multi-level menus, client side form validation, any sort of calculator, date pickers, multi-dimensional form inputs (where one choice branches the rest of the form), tree-menus, AJAX (which does have it's uses), font-size controllers, style switchers and all the other UI elements that make web sites even remotely usable.
Let's just do away with Gmail and all other Google apps, Netvibes and all other personal portals, any instant feedback you might get on a social site, no more firehose for
Down with scripting, long live dumb content.
Re:Why? (Score:3, Funny)
Re:Don't spread this! (Score:4, Funny)
Sadly, most are not as aware and leave their browsers in "whore mode".
-nB
Re:Can't even switch Workspaces (Score:2, Funny)
Re:Why I love IE (Score:1, Funny)
Re:Don't spread this! (Score:4, Funny)
Re:Don't spread this! (Score:5, Funny)
Re:Don't spread this! (Score:5, Funny)
The ghost of the Entscheidungsproblem [wikipedia.org] descends, with malice in its eyes.
*smack* Oof.
You are dealt 2501 hit points of damage.
Hint: there is no way to programatically determine whether a given program is malicious or not, for any sufficiently interesting system.