Apparently there are a new wave of popups out there, according to hackademix.net;

Imagine you’re a web advertiser.
Imagine you can open a popup window from a web page defeating any popup blocker.
Imagine this popup can invade the whole desktop, full screen.
Imagine this popup has no title bar, no menus, no toolbar, no location bar, no border and no buttons. No mean to close it.
Imagine user can’t move or minimize this popup. It will go away only when the browser is killed or your show is done…

Now imagine you’re a phisher.
Imagine you can use this almighty popup to draw anything you want. A fake browser or — why not? — a whole fake desktop to collect user’s data.

Apparently Sun had classified this as a non security related bug, so in frustration, the person who had contacted Sun wrote a blog entry, at which point Sun removed the bug from their bug system and asked the author of the blog to remove his blog posting (or embargo it until Sun fixed the bug).  Well Sun didn’t contact the blog poster directly, they had another person who had notified Sun about the bug (who was a little better versed in getting Sun’s attention) to tell the original poster to remove the blog (I guess it’s Sun’s way of denability).

Share on Facebook