[3853] in WWW Security List Archive
Message not deliverable
daemon@ATHENA.MIT.EDU (Administrator_at_~BMI__INFO__SYS@b)
Fri Dec 20 04:41:02 1996
From: Administrator_at_~BMI__INFO__SYS@battelle.org
Date: Fri, 20 Dec 1996 03:22:03 -0500 (EST)
To: www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
Guess what? I found the easter egg "about:mozilla" ... it won't
show up unless you put mozilla in all lower-case (not Mozilla with
first letter upper-case, that won't work)! (Unix version of
Netscape 3.0, U.S. secured.)
The easter egg reads:
And the beast shall come forth surrounded by a roiling cloud of
vengeance. The house of
the unbelievers shall be razed and they shall be scorched to the
earth. Their tags shall
blink until the end of days.
from The Book of Mozilla, 12:10
about:mozilla
What could this possibly mean? Does Netscape have a mad plan
to dominate the internet? ;-)
That's funny, I didn't know they had a sense of humor.
Steve Neruda wrote:
>
> >
> > The hack is harmless.
> >
> > There are a number of other easter eggs in the program. None of them are
> > harmful. What eggs work and what do not depend on version and platform.
> > (There is at least one that is Mac specific. There are a couple of X
> > specific. I do not know of any PC specific ones.)
>
> For the most part I agree with the above statement. However the habit
> of putting in hidden features is sometimes the same habit of putting in
> a "engineering back door" to help speed development. These back doors
> often become a security hole (remember the good old days of wizard
> passwords in sendmail).
>
> I'm not implying that netscape has backdoors, only that developers need
> to be careful of what they add. Netscape uses about: for many internal
> functions as well. Here are some that work with 3.0 under Unix
>
> about:plugins
> about:document
> about:license
> about:cache
> about:global
> about:image-cache
> about:memory-cache
> about:security
> about:hype
> about:blank
> about:Mozilla
> about:security
> about:security?subject-logo=
> about:security?
> about:security?banner-mixed
> about:security?banner-insecure
> about:security?banner-secure
> about:security?banner-payment
> mocha:
> javascript:
> livescript:
> view-source:
>
> I haven't been able to get the sound file from about:hype to play yet.
> It looks like an .snd file though. Anyone know what the "mocha"
> interpreter does?
>
> Steve Neruda Steve_Neruda@Nationwide.Com
> Senior Internet Consultant The Internet Technologies Group
>
> ...simpler living through complexity...
>
> --
> Steve Neruda Steve_Neruda@Nationwide.Com
> Senior Internet Consultant The Internet Technologies Group
>
> "...you wouldn't want to OD on IP..."
> [Joe Oak in response to Micro$oft$ plan to limit number
> of IP sessions in their products]
