Log in

No account? Create an account

Previous Entry | Next Entry

Just a heads up for you all...

There is a weird russion lj meme floating around which looks like this (just be aware that the lj user in question often has non-work-safe icons):


As it turns out, it is a password stealing thing (the explaination of the java script is beyond me), but more info on how it works can be found here:


So if you see this meme on someone's lj, for the love of pete don't succumb to the temptation of filling it out, even out of idle curiosity! This has been a public service announcement.


( 2 comments — Leave a comment )
Jun. 13th, 2004 07:06 am (UTC)
It doesn't actually steal any identifying features at all. It merely pretends to be the LJ update page, and then LJ asks your browser for it's cookie, and auths the post that way. The actual form itself doesn't at any stage receive or store any sensitive information of any kind.

It's really quite harmless... pretty much the equivalent of a practical joke, although it does highlight some interesting holes in the way internet security is handled, since the same effect can be achieved on any site that uses only cookies for authentication. The largest concern is them changing things like your user info details, since that's a bigger hassle to fix than simply deleting a post, but this particular form doesn't do that.

Oh, and it's a write only thing... it doesn't at any stage have the ability to read content using your access, due to some domain control restrictions built into javascript (at least assuming MS hasn't bypassed them, but hopefully no one uses IE anymore anyway).

This one is harmless, and I suspect, or would at least hope, that the devs will have come up with a way to stop anything dangerous happening by this method before it does.
Jun. 13th, 2004 08:15 pm (UTC)
( 2 comments — Leave a comment )