AW: New Ubuntu-Firefox - maybe safer but not 100%

Arjan Geven - CURE geven at cure.at
Fri May 13 13:43:33 UTC 2005


>> app.version             1.0.4
>> It's not very nice, but it might work 

>Yes but it's just like the doctor offering to touch up the X-Ray so
>the lung cancer no longer shows up.

>The reason Mozilla changed their web site is because the vulnerability
>allows a pirate web site to hijack the trusted status of the mozilla
>site so the pirate site can more easily install malicious software
>unbeknownst to you.

>So you could lie about the version of Mozilla/Firefox but you still
>have the underlying "disease."

Tommy,

Actually, you're not completely right here. 

Since Ubuntu backports security-updates into their own version, the
disease is actually fixed. Mozilla just doesn't recognize that because
the version number is not updated. Manually changing the version number
to trick the Mozilla website helps then.

Back to your metaphor: in the X-ray, there was not really lung cancer in
the picture but just a spot on the camera lense (or whatever). You touch
up the X-ray to avoid faulty diagnosis..  

Nice metaphor by the way ;)






More information about the ubuntu-users mailing list