Page 1 of 1

Some nasty javascript command

Posted: Mon May 12, 2014 9:55 am
by BlubBlab
My old main AC in Neverwinter got hacked a few weeks ago, I got everything back but basically the support rolled-back my AC.
I don't know how they did find out my PW for the game but I know how they got into my Outlook E-Mail Ac which is needed when you want access the AC from a different PC(Mac-Address) .

I was a bit lazy I went to my outlook like every time putting ou in the browser-bar and click on want went on top in the browser history.
I got a message that through the fact that the heart bleed bug was out there new security measures were take like mobil-phone messages like in yahoo and I should re login.

I did take a look to the left side because this was "my" browser history not an e-mail. After a short search I found it is not mine , javascript can manipulate the browser history entirely (firefox).
https://developer.mozilla.org/en-US/doc ... er_history

So don't thrust your browser history.

Re: Some nasty javascript command

Posted: Mon May 12, 2014 10:07 am
by Administrator
First thing I would suggest is to ditch Outlook. Use Thunderbird instead. It functions the same way, looks about the same, but is way more secure.

For your browser, use Adblock Plus and NoScript (Firefox) or ScriptNot (Chrome). That will block most browser-based attacks, plus annoying crap, and break most types of tracking. You would want to use a blacklist and only whitelist domains you know are fine. Of course many people find this annoying since you have to allow Javascript for each site, but once you've got it set, you're done. Well worth it.

Re: Some nasty javascript command

Posted: Mon May 12, 2014 10:23 am
by BlubBlab
I have already Adblock Plus and Thunderbird, NoScript I have exactly like the reason you said and my Outlook AC isn't in Thunderbird because it my quick e-mail access AC you could say and setting up is complicated because it is a @msn.com address.

But I'm not very happy about firefox in the moment they because they removed to many important setting like I can't see what cookies I have without installing a add-on.

In the last weeks I have the feeling the whole Internet tries to make money at any costs and without limits, anyway I wrote a rant to the Javascript developers about those functions.( I asked about how much alcohol was involved :D )