On 08/12/2010 12:54 PM, Beverly Howard wrote: > >> proof of concept << > > I assumed (and hoped) that it was innocent, but, as it would work when > malicious, I got pulled off the page before I had time to read far > enough to get to the full explanation of what _was_ going to happen. > > When I returned to the tab, there as the bogus page. imho, the user > should have been offered the option of experiencing the phish rather > than having it execute on the page reporting on the possibility. It was > pretty disturbing, albeit educational. > > Beverly Howard
<quote> Try it Out You can try it out on this very website (it works in all major browsers). Click away to another tab for at least five seconds. Flip to another tab. Do whatever. Then come back to this tab. </quote> You switched away from the tab (either to a different tab, to check this newsgroup, email, whatever). Try sitting on the tab without switching away; you can read the entire article, go get coffee, do what you wish. The code won't activate until you switch away from it; that's the actual point the author is making. _______________________________________________ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey