Clickjacking / UI redress vulnerability: the biggest IT security problem ever?

For now, from what I read, there’s no “elegant” solution to any browser yet.

Apparently, the only sure way to protect yourself is disabling JavaScript, plugins/ActiveX and iFRAMEs, but I think that would severely affect usability.

The most elegant solution available is for Firefox, ie to install the NoScript add-on but even that is not perfect (not foolproof), because at the end, it’s still up to the user i.e. “users can decide for themselves whether to continue clicking, or free up the mouse from the underlying — and potentially exploitive — content.”

Get NoScript add on here:
https://addons.mozilla.org/en-US/firefox/addon/722

I cannot find any details on how to deal with clickjacking for IE from Microsoft’s website, the best step-by-step info I could get is here:

http://hackademix.net/2008/09/29/clickjacking-and-other-browsers-ie-safari-chrome-opera/

Written by pinolobu on October 10th, 2008 with no comments.
Read more articles on Uncategorized.

Related articles

No comments

There are still no comments on this article.

Leave your comment...

If you want to leave your comment on this article, simply fill out the next form:




You can use these XHTML tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> .