Nathan (gemsling) wrote,

Again on the Microsoft thing

One of the vulnerabilities corrected by the update I mentioned in the last post is the one where someone can alter what is displayed in the address bar, such that you think you are using, but you are actually using password capturing site

Microsoft has now disabled the use of basic auth within URLs. ie:

Good one! Now, it probably will help avoid some problems and it's not like there's a great need for such URLs anyway, but... I just can't help but think Microsoft is saying "look, we can't be sure how many more problems are going to surface in this software, so let's just cripple it a bit so that undiscovered vulnerabilities can't be exploited so easily".

  • Yay for Phase One!

    For a long time, I've used iView MediaPro to manage my photos. Functionality includes thumbnails, slideshows, metadata editing and so forth. iView no…

  • Monday Morning, 3 A.M.

    Time to stop thinking about resuming posting to Flickr and just actually post to Flickr, methinks. I gotta stop being held back by the nonsensical…

  • Printing photos: where now?

    Rabbit Photo has all but disappeared from Victoria and Officeworks suck at photo printing. Any recommendations?

  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded 

  • 1 comment