Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi all! We have been experiencing an issue on site where threads have been missing the latest postings. The platform host Vanilla are working on this issue. A workaround that has been used by some is to navigate back from 1 to 10+ pages to re-sync the thread and this will then show the latest posts. Thanks, Mike.
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

2FA compromised in new attack

Comments

  • #2
    edanto
    Registered Users, Registered Users 2 Posts: 2,809 ✭✭✭edanto


    Attacks just keep getting cleverer. That's fairly nifty.


  • #3
    Blowfish
    Registered Users, Registered Users 2 Posts: 5,112 ✭✭✭Blowfish


    Unless I'm missing something, doesn't HSTS defeat this?

    [edit] Actually, I suppose it partially does, but the attack can still work if you can get the user to click on a different URL. Victim connects to g00gle.com, proxy then connects to google.com. I should really read the article fully before responding.


  • #4
    ezra_
    Registered Users, Registered Users 2 Posts: 1,363 ✭✭✭ezra_


    I messed about with a little chome extension that basically matched Headers and URLS against the current URL.
    So if you were visiting a site that said 'GMail Login' and had an url of accounts.google.com, and you then hit 'GMail Login' and had a different URL, you'd get an popup warning.

    I stopped when I realised just how many websites have 'Home' as the title.


Advertisement