I know this post is slightly off-topic, but given the induced risks, I want to share this infomration with you. The Second Life Insider reported a security issue with Second Life. If you let the client remind your password, to avoid having to type it each time you go in-world, there is a way for hackers using a malicious web-page and InternetExplorer to gain access to your SL account.
All the details (and the way to do it as well) are explained on http://www.gnucitizen.org/blog/ie-pwns-secondlife. I did not test it myself. Anyway, I never let any software remind passwords for me...
I won't turn this blog in a hacker / safety oriented way, nor as a hoax spreading tool, but this vulnerability seems serious enough to deserve being comunicated widely.
Tuesday, September 18, 2007
Security issue - Don't let the SL client remind your password
Labels:
password,
Second Life,
security risk,
SL client,
threat
Subscribe to:
Post Comments (Atom)
1 comment:
I have been away from SL due to a computer failure, but looking at the reference shows that ONLY Internet Explorer is vulnerable - Firefox (et al) users are fine!
BTW good news about the failure, my NEW games machine is Athlon 64bit dual 6000+, 4Gb RAM, 1Tb SATA HDD! WOW what a screamer!
Post a Comment