Clickjacking: IE8 & Chrome
Results 1 to 3 of 3

Thread: Clickjacking: IE8 & Chrome

  1. #1
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,192

    Clickjacking: IE8 & Chrome

    First Microsoft touts clickjacking protections in Internet Explorer 8, then a security researcher releases a proof of concept for a clickjacking attack targeting the Google Chrome Web browser. Clickjacking, some say, remains an issue that will require cooperation in the security community.
    Article here:


    http://www.eweek.com/c/a/Security/Fr...-Clickjacking/


    And IE8 might not be as bullet proof as MS would have you think?



    If you use FF 3.0.5 and NoScript you can set NS to mitigate against this.

    Grossman suggested browser vendors consider bundling in the NoScript Firefox plug-in by default.
    "NoScript has powerful security features that can prevent clickjacking as well as many other Web-based attacks, which also allows users to tune their own level of desired security," he added. "For Internet Explorer, Opera, Google Chrome, etc., they should embed similar features and functionality in their products."
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  2. #2
    Senior Member t34b4g5's Avatar
    Join Date
    Sep 2003
    Location
    Australia.
    Posts
    2,391
    if you are using ie7/8 then just install the ie7 pro addon and it has stuff that can help block this clickjacking rubbish..

    The ie8 version is still in development mode, but the ie7 addon will still work just some features will not be enabled.

  3. #3
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,192
    That's a great link t34b4g5,

    Why didn't you tell us about it before?

    Seriously though, it shows just how "M$ institutionalised" I have become.

    Back in the day, you always looked for add-ins to Win 3.x, 9.x, NT4, Office and IE. Since Win2000 and XP I haven't really bothered to look for anything other than alternatives rather than enhancements.

    Linux is a different story of course. That is the very stuff of open source communities.

    Thanks mate! you have taught an old dog a new trick
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

Similar Threads

  1. Adobe shutters Clickjacking flaw
    By t34b4g5 in forum Security News
    Replies: 0
    Last Post: October 21st, 2008, 03:15 PM
  2. Chrome & User Data
    By nihil in forum Web Security
    Replies: 7
    Last Post: September 11th, 2008, 11:48 AM
  3. Chrome plate tarnished?
    By nihil in forum Security News
    Replies: 0
    Last Post: September 8th, 2008, 02:24 AM
  4. Google Chrome
    By fourdc in forum AntiOnline's General Chit Chat
    Replies: 2
    Last Post: September 7th, 2008, 11:20 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides