On Mon, 6 Jun 2005 11:30, Russell Davie wrote: > Hi > Please give your advice on security of Java in Linux. > > scenario: > I have just received a email from ANZ bank (which I don't bank with, so its > likely to be phishing) that is linked to a bunch of Java scripts. This is > shown in Mozilla-Thunderbird when I move the cursor over the link.
I got one too... but, there are no links to Java applets, do you mean javascript? Javascript is different and unrelated to Java. Those phishing emails come up often, but seems that they're targeting aussie banks again. These emails seems to flare up every now and then. In most cases they take you to a fake site that exploits (usually an IE) bug that allows the author to obscure the real origin of the site. They then ask you for personal information. Since the bank will never do that, delete the email straightaway. I have come across one site that had a Java applet that would try and overwrite a Windows DLL (the applet never ran), but typically they are not that sophisticated. The Security Manager should prevent that from happening anyway. Applets should run inside a sandbox and, by design, the JVM does not allow them to overwrite file outside the user directory (I believe). <...> > > regards > > Russell -- --- Marek Wawrzyczny ------------------------------------- "Terrorism is the war of the poor, and, war is terrorism of the rich." - Peter Ustinov ------------------------------------- - Send instant messages to your online friends http://au.messenger.yahoo.com -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
