With Security at Risk, a Push to Patch the Web – NYTimes.com

While Internet service providers are racing to fix the problem, which makes it possible for criminals to divert users to fake Web sites where personal and financial information can be stolen, Mr. Kaminsky worries that they have not moved quickly enough.

A new vulnerability on the web makes it possible for hackers to redirect you to a website of their choosing.  The issue attacks your ISP, so it is tricky to know if you are being misdirected.  If you intend to go to Google, you might very well be directed to another version of Google without your knowing.  I still think many people are cautious about their personal information on the web, and I’m hoping that we are checking our websites carefully before we input confidential information.  Yes, if in the rare case you are redirected, you might compromise your password, but how much information will they really be able to exploit if they get into your Google account or your email? They might get some addresses or phone numbers.  We all should be careful about where we are going and continue to be extra cautious when we are dealing with highly confidential information.  I think eventually we will see this vulnerability addressed before too much harm is done.  The websites I use for financial purposes have security questions and images unique to them, something no fake website could emulate.  The people who are most likely to be taken advantage of this scheme are the ones who probably don’t use the Internet for serious cloud computing.  I’ll be interested if this really leads to any significant issues.