February 2nd, 2009, 12:11 PM
Clickjacking: IE8 & Chrome
First Microsoft touts clickjacking protections in Internet Explorer 8, then a security researcher releases a proof of concept for a clickjacking attack targeting the Google Chrome Web browser. Clickjacking, some say, remains an issue that will require cooperation in the security community.
And IE8 might not be as bullet proof as MS would have you think?
If you use FF 3.0.5 and NoScript you can set NS to mitigate against this.
Grossman suggested browser vendors consider bundling in the NoScript Firefox plug-in by default.
"NoScript has powerful security features that can prevent clickjacking as well as many other Web-based attacks, which also allows users to tune their own level of desired security," he added. "For Internet Explorer, Opera, Google Chrome, etc., they should embed similar features and functionality in their products."
If you cannot do someone any good: don't do them any harm....
As long as you did this to one of these, the least of my little ones............you did it unto Me.
What profiteth a man if he gains the entire World at the expense of his immortal soul?
By t34b4g5 in forum Security News
Last Post: October 21st, 2008, 03:15 PM
By nihil in forum Web Security
Last Post: September 11th, 2008, 11:48 AM
By nihil in forum Security News
Last Post: September 8th, 2008, 02:24 AM
By fourdc in forum AntiOnline's General Chit Chat
Last Post: September 7th, 2008, 11:20 PM