Fixes Released (and More Promised) For "Clickjacking" Exploits 70
An anonymous reader writes "As discussed previously on Slashdot, concern has been raised over a class of 'clickjacking' vulnerabilities which affect all major Web browsers. These exploits allow an attacker to place invisible or seemingly legit objects on a Web page that perform undesired actions when a user clicks on them. In recent developments, 'Guya' posted a scary proof-of-concept that hijacks Adobe Flash Player to spy on users with a webcam and/or microphone. In response, Adobe released an advisory with a temporary workaround, and stated that a future Player update will address the exploit. This prompted the original disclosers of the vulnerabilities to post a summary of the exploits. Additionally, Giorgio Maone, creator of the popular NoScript extension for Firefox and other Gecko-based browsers, released version 1.8.2.1 of NoScript, which adds 'ClearClick,' a feature that intercepts clicks made on invisible or otherwise obscured elements on a page. Although issues remain, there seems to be progress in addressing these security problems."
Original fix (Score:2, Funny)
Comment removed (Score:5, Funny)
Re:Has... (Score:4, Funny)
I was describing this article to my boss, and here is what he said to me verbatim. My Emp. added.
So, should I be afraid of my web browser clickjacking me off of my normally visited websites to some spyware?
The jokes on you, hackers! (Score:2, Funny)
Not only am I an exhibitionist, I'm also unbelievably ugly! You won't be 'clickjacking' to my warped, drooling countenance!
Re:The jokes on you, hackers! (Score:1, Funny)
Goddamnit, mom! I thought I told you not to post on the same websites as me? And don't think I haven't seen you on adultfriendfinder either.
Re:Simple solution: (Score:3, Funny)
i.e. for banking.
and you expect us to trust you with security advice? Please!
Re:Flash and microphones and webcams, oh my. (Score:4, Funny)
It's always kind of creeped me out that Flash even gives applets access to the microphone
Definitely creepy. One time I visited a page with a Flash-based advertisement from (apparently) a French company. When my mouse cursor inadvertently moved over the Flash applet, some kind of contact was made with the company. This French guy was screaming into his microphone "'ello?? 'ELLOO??". And he obviously saw through my cam because he continued: "Bonjour, sire! Whas arr yous eatingue?" just when I was shoving a sandwhich in my pie-hole.