But don't panic. The exploit only can be done if you "whitelisted" the site. Because of that, some people believe it is not an exploit because if you whitelisted the site, you are giving it a permission to put any program on your computer like it is designed to do. It is an interesting view because this exploit is somewhat similar to ActiveX which install and run small (both good and bad) programs on your computer. This is what make ActiveX so popular and yet so hated by the online community.
If you are very paranoid about this exploit/bug/feature/whatever, there are two workarounds:
- disable "tools/options/web-Features/>Enable Javascript"... but it will disable good javascripts too.
- disable "tools/options/web-Features/>Allow web sites to install software"... but you have to install firefox extensions the hard way (save as, then drag the xpi to firefox).
This exploit/bug/feature/whatever has many nasty potentials, but thank god it only can work in limited circumstances. I have faith in the developers to do something about it as quicky as possible. Good luck developers.
No comments:
Post a Comment