New flaw found in Netscape security

we know where you wanted to go today, apparently...

The relentless march of the Web browser security flaw continues, this time with Netscape apparently providing the inadvertent doorway for what sounds like a pretty compelling application for unscrupulous Web outfits. Sunnyvale computer consultant Dan Brumleve says he has produced a Javascript program which can use a security flaw in Netscape Navigator and Communicator to read the cache on the user's hard disk. This means somebody using the program could find out which sites the user of the browser had visited, and could also pick up passwords and security information for sites that were stored in the cache. As credit card details aren't usually held in the cache there probably isn't a great deal of attraction for villains of the financial persuasion, but market researchers prepared to blatantly infringe Web users' privacy would no doubt love it. According to Brumleve Microsoft Internet Explorer isn't vulnerable to this approach, so sighs of relief in Redmond, until the next one. Netscape is currently working hard to shut this door, but there will no doubt be more. How sure are you that you really want all this sharing and interactivity stuff? ® Click for more stories

Sponsored: Network DDoS protection