Full Disclosure mailing list archives
RE: Apparently the practice was prevalent
From: "Shawn K. Hall \(RA/Security\)" <Security () ReliableAnswers com>
Date: Sun, 8 Feb 2004 15:17:29 -0500
It is unbelievable that the media is spreading such FUD about the URL passwords.
"Unbelievable" and "media spreading FUD" in the same sentence? Twilight Zone.
The only good thing in this article is the message, that it breaks thousands of applications and produces tons of unnecessary costs.
I agree.
If it improves security that people cannot use password protected directories anymore... I doubt, I doubt.
Here's a link to the 'workarounds': http://support.microsoft.com/?kbid=834489 Believe it or not it actually *does* fix the ascii(1) bug (after you disable the new 'feature'): http://www.microsoft.com@www.redhat.com/ Actually displays ^ in the address bar. I half-expected MS to skip fixing the actual bug in favor of the "breaking the standards" 'solution.' Where do you want to be prevented from going today? Here's a reg fix: '// ======================================================== REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE] "iexplore.exe"=dword:00000000 "explorer.exe"=dword:00000000 '// ======================================================== Regards, Shawn K. Hall http://ReliableAnswers.com/ '// ======================================================== "You have to press the go button, not the slow button." -- Zachary Hall (my son) at age 4, instructing me how to drive a vehicle in "Need For Speed II" _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Apparently the practice was prevalent Paul Schmehl (Feb 08)
- RE: Apparently the practice was prevalent Shawn K. Hall (RA/Security) (Feb 08)
- Re: Apparently the practice was prevalent Stefan Esser (Feb 08)
- RE: Apparently the practice was prevalent Shawn K. Hall (RA/Security) (Feb 08)
- Re: Apparently the practice was prevalent hggdh (Feb 08)
- Re: Apparently the practice was prevalent Luke Norman (Feb 08)
- Re: Apparently the practice was prevalent Scott Taylor (Feb 08)
- Re: Apparently the practice was prevalent Nick FitzGerald (Feb 08)
- Re: Apparently the practice was prevalent Mattias Ahnberg (Feb 10)
- Re: Apparently the practice was prevalent Luke Norman (Feb 08)
- Re: Apparently the practice was prevalent Nick FitzGerald (Feb 08)
- Re: Apparently the practice was prevalent Ron DuFresne (Feb 09)
- Re: Apparently the practice was prevalent Nick FitzGerald (Feb 08)
- RE: Apparently the practice was prevalent Shawn K. Hall (RA/Security) (Feb 08)
- RE: Apparently the practice was prevalent Nick FitzGerald (Feb 09)
- RE: Apparently the practice was prevalent Shawn K. Hall (RA/Security) (Feb 08)