Posted Monday 12th November 2007 19:53 GMT
I believe that the newest version of the Firefox plugin called, "Noscript" overcomes this JarJar vulnerability & stops a whole bunch of other nasties. Admittedly, it makes web browsing a bit ugly, but the web is a pretty ugly place isn't it?
Posted Monday 12th November 2007 19:53 GMT
Jar Jar links. nice.
'arguably racist' - you forgot 'and shit'.
Posted Tuesday 13th November 2007 00:57 GMT
reason to mention Gmail in the title then. was there.
Posted Tuesday 13th November 2007 14:37 GMT
I dunno, scared me into reading it....
my thought process was:
"Firefox broken"... oh great not again *sighs*
"broken jar vuln"... yeah, because java sucks *sighs*
"menaces Gmail" ... crap - I use firefox AND Gmail QUICK, READ, BEFORE ITS TOO LATE - AGGGGHHHHHHHHH!!!!
Posted Tuesday 13th November 2007 16:33 GMT
The media scaremongers have infiltrated The Register! Red alert!
You forgot to include Paris Hilton in the subject. I'm sure this affects her too someway. Maybe she drinks java coffee and has an outfit made of fox skin? ;-)
Posted Tuesday 13th November 2007 16:33 GMT
..isn't it called no-web?
O hang on - that was the last one - or was that slo-mo web?
I installed it once - tried to use it and was convinced someone had sneaked in and replaced the DSL line with a standard dial-up modem.
Posted Friday 23rd November 2007 07:51 GMT
The ONLY fix currently available is the NoScript plugin according to the US Cert advisory (www.kb.cert.org/vuls/id/715737).
I know NoScript can be a pain on some sites - I've even (*shudder*) had to revert to IE to use some of them - but I value my security over the issues, particularly as my kids use IM, mySpace and other social networks so much.
btw the original report on this was made by Jesse Ruderman in February. Why has it taken so long to not produce a fix?
Sign up, sign up for The Register's weekly IT security newsletter - click here
Back to the article
