Vulnerability Development mailing list archives
R: Re: ICQ >= 99* + CC Data
From: raist () CTRADE IT (Raistlin)
Date: Wed, 19 Jan 2000 13:32:52 +0100
I read an article about that last night. Apparently, with the feature turned on IE just looks at the field name in the HTML code, and throws up a list of choices that you've previously used for the same field name elsewhere.
Anyone knows if there is some kind of attribute to tell IntelliNonSense not to do this even if enabled ? I mean, something like <INPUT TYPE="password" NAME="themostimportantpasswordinmylife" INTELLISENSE="vade_retro_satana"> which tells IntelliSense to stay quiet and not to log the entry ? In my opinion, such a thing (if applied) would make the security problem a little easier to manage, since trusted, big, secure sites would activate this kind of protection on all their password & credit card entries, effectively making only useless data stay in IntelliSense database. Obviously, the best would be if Intellisense needed to be activated, not deactivated, as the simplest rules of security ask. Raist
Current thread:
- Re: ICQ >= 99* + CC Data Ken Williams (Jan 17)
- <Possible follow-ups>
- Re: ICQ >= 99* + CC Data Sachs, Marcus (Jan 17)
- Re: ICQ >= 99* + CC Data Jon Hadley (Jan 17)
- Re: ICQ >= 99* + CC Data Blue Boar (Jan 17)
- Re: ICQ >= 99* + CC Data Mikael Olsson (Jan 18)
- R: Re: ICQ >= 99* + CC Data Raistlin (Jan 19)
- Re: ICQ >= 99* + CC Data Taavet Hinrikus (Jan 20)
- Re: R: Re: ICQ >= 99* + CC Data C. C. Camp (Jan 20)
- Overflows due to unexpected casts Mixter (Jan 20)
- Re: ICQ >= 99* + CC Data Blue Boar (Jan 17)
- Re: ICQ >= 99* + CC Data Jon Hadley (Jan 18)
- Re: ICQ >= 99* + CC Data Flynn, Harold M. III (Jan 18)