Jump to content

Talk:Gifar

Page contents not supported in other languages.
From Wikipedia, the free encyclopedia

Poor quality

[edit]

The quality of this page is unusually low. I have issues with almost every sentence. Beginning with the title: Is it "Gifar" or "GIFAR"? The page title is mixed-case, but the article uses all-uppercase.

"Graphics Interchange Format Java Archives (GIFAR) is malware that allows a hacker to piggy back off the victim’s HTTP cookies." How does it do that? Does it really only affect cookies? I doubt that.

"A GIFAR is a photo that can "borrow" an victim's online credentials, possibly taking over the web user's session." Strange language, and no explanation on how it does this.

"This technique works because GIF images [...] store their header in the beginning of the file, and JAR (ZIP) files store their data in the end." How? Why?

"Any site that includes login sessions with user-uploaded pictures can be vulnerable." As far as I understand it, the vulnerability is not on the host, but rather on the client side...?

Unfortunately I can't fix the page, as I know too little of the topic. IMHO it needs a complete rewrite. FBitterlich (talk) 10:46, 12 September 2012 (UTC)[reply]

Even worse, the article says “In this attack, GIF Java archive files (GIFARs) run code through anyone viewing (opening) such a file.” which does not only sound unbelievable, as Java code still requires a JVM to be executable, it’s also contradicted only a few lines later: “GIFAR is not executable code that gets run when you view an image.” 91.64.86.50 (talk) 15:05, 30 August 2018 (UTC)[reply]
This article sucks! 92.40.173.203 (talk) 21:03, 23 May 2021 (UTC)[reply]

Parentheses imbalance

[edit]

In the version from 28 July 2015 (actually, in all the preceding versions, too) the second paragraph:

Special:PermaLink/673392869#SUN and the JRE

needs fixing parentheses, but I have no idea how it should be done. CiaPan (talk) 08:33, 27 February 2019 (UTC)[reply]