« How did we survive before Google? | Main | Cool Tool for GL Interface imports to QuickBooks »

September 28, 2008

Another Web Browser Exploit: Clickjacking

This one sounds pretty bad:

In a nutshell, it’s when you visit a malicious website and the attacker is able to take control of the links that your browser visits.  The problem affects all of the different browsers except something like lynx.  The issue has nothing to do with JavaScript so turning JavaScript off in your browser will not help you.  It’s a fundamental flaw with the way your browser works and cannot be fixed with a simple patch.  With this exploit, once you’re on the malicious web page, the bad guy can make you click on any link, any button, or anything on the page without you even seeing it happening.

The only defense might be Firefox + NoScript according to the guy who developed NoScript.

Here's more info on it from one of the two guys who were going to present it.

September 28, 2008 |

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d834bb092b69e2010534d4c95a970b

Listed below are links to weblogs that reference Another Web Browser Exploit: Clickjacking:

Comments

Verify your Comment

Previewing your Comment

Posted by:  | 

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

About

October 2009

Sun Mon Tue Wed Thu Fri Sat
        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30 31

Recent Posts

Archives

Subscribe to this blog's feed
Blog powered by TypePad
I Love JotSpot

Key Dates

iMIS Resources

Other iMIS Related Resources

  • Communicate for iMIS
    The best-selling third party tool for iMIS. Made by VanDamme Associates.
  • Crystal Reports Tech Support
    Found on the website for Business Objects, today's owner of Crystal Reports.
  • L-Soft
    Makers of listserv, which is highly recommended if you have the e-Series module, e-Communities.
  • Macromedia
    Makers of ColdFusion, which the iMIS e-Series runs on.
  • VanGo Web modules
    A great set of products from VanDamme Associates

Useful Tech Stuff

  • Firefox
    A better browser than IE 6. Love the tabs.
  • GoToMyPC
    Remote Access to Your PC From Anywhere
  • LogMeIn
    Remote Access and Desktop Control Software for your PC. Has a free trial.
  • SnagIt from TechSmith
    I couldn't live without this screen capture tool (and lots more).
  • Tiny URL
    Take a long URL and make it tiny!
  • YouSendIt
    Email large files quickly, securely, and easily! AND FREE!!