Warning-New Threat for Web Surfers [Important Info To Read About!]

Discussion in 'Teen Disney' started by MuskratSusie, Oct 8, 2008.

  1. MuskratSusie

    MuskratSusie <font color=darkred>Three Days Grace ♥ <br><font c

    May 8, 2008
    I was just on another web site and read this about "Clickjacking" Its pretty scary!! So here is what it says:

    Web Surfers Face Dangerous New Threat: 'Clickjacking'

    Internet and Web browser security experts are sounding the alarm about a new type of malicious attack called "clickjacking," a technique that can be used to dupe Web surfers into revealing confidential information while clicking on seemingly innocuous Web pages. Among other things, a clickjacking attack can be used to take control of a computer's webcam and microphone without the knowledge of the user.

    Clickjacking has been identified as a vulnerability for the Adobe Flash player, as well as for every major browser, including Firefox, Internet Explorer, Opera, Safari and even the newly released Google Chrome.

    "It is a very serious problem," said Giorgio Maone, the author of a widely praised free Firefox extension called NoScript, which blocks potentially malicious scripts from running in the Firefox browser.

    "Clickjacking is a very simple attack to build, and now that the details are out, any script kid can try it successfully," Maone warned. "There's no estimate to the number of trap sites, and it's unlikely that we will see any credible report about the number of sites using this technique, because there are literally infinite ways to implement such an attack, therefore no signature-based scanning can detect it automatically."

    Unauthorized Access to Information

    The growing severity of the clickjacking problem was identified by Robert Hansen, CEO of SecTheory, and Jeremiah Grossman, CTO of WhiteHat Security. The two were scheduled to speak publicly about their discovery last month at the Open Web Application Security Project NYC AppSec conference in New York, but postponed their talk in order to give Adobe and browser companies a chance to come up with a solution.

    Reacting quickly to the announcement, Adobe released a security advisory Tuesday, describing the threat as "critical" and instructing users on how to turn off Flash access to cameras and microphones.

    "We have just posted a Security Advisory for Flash Player," wrote David Lenoe, Adobe's security program manager, on the Adobe security blog, "in response to recently published reports of a 'clickjacking' issue in multiple Web browsers that could allow an attacker to lure a Web browser user into unknowingly clicking on a link or dialog. This potential 'clickjacking' browser issue affects Adobe Flash Player's microphone and camera access dialog." Lenoe said a patch for Flash would be ready by the end of October.

    Unfortunately, as Hansen and other researchers have pointed out repeatedly, Flash clickjacking is only one of the variants of this problem. In a lengthy blog posting about the issue, Hansen said that "there are multiple variants of clickjacking. Some of it requires cross-domain access, some don't. Some overlay entire pages over a page, some use iframes to get you to click on one spot. Some require JavaScript, some don't. Some variants use CSRF to preload data in forms, some don't. Clickjacking does not cover any one of these use cases, but rather all of them."

    A Structural Problem of the Web

    Hansen warned that it will be challenging to come up with a comprehensive solution to prevent the clickjack threat because of the nature of the code that underlies the Internet.

    Maone agreed. "This problem comes from features which are integral to the modern Web as we know it," he said, "and especially from the ability of Web pages to embed arbitrary content from different sites, or to host little applications (applets) through plug-ins like Adobe Flash, Java or Microsoft Silverlight."

    Maone predicted that a general browser fix won't be developed any time soon, since the real solution lies in developing a general consensus about changing existing Web standards in the various Internet standardization groups.


    Okay, Its basically about on Adobe Flash Player, Java or Silverlight. A new threat has happened of by a simple click there has been Hacks going on. Basically untill they find a patch for this. Watch what you click and know where your going. Because you may lose all your accounts: aol, yahoo, ect.
  2. JulielovesDisney

    JulielovesDisney <font color=darkorchid>Hakuna Matata<br><marquee><

    Oct 12, 2005
    Thanks for the heads up!
  3. Avatar


    to hide this advert.
  4. pigletgirl

    pigletgirl Mama to my Minnie Mouse lovin' girl!

    Jun 11, 2006
    Eeek, how scary! Ok, now I'm nervous.
  5. marypops!

    marypops! <font color=orange>Sponsered by Powergen!<br><font

    Dec 3, 2004
    Scary. I always hated having a webcam facing me when on the computer, even when nobody was using it, because I feared someone might hack into it and watch... Now I know they can :-O :scared:
  6. Disney.Ears

    Disney.Ears <img src=http://photopost.wdwinfo.com/data/500/509

    Jun 28, 2007
    Ahhh, that's so scary.
    Things like that get me paranoid :/
  7. Em&Em

    Em&Em <font color=darkorchid>I love my Les Paul<br><font

    Jul 27, 2008
    Wow, that is scary. I can't believe there are people behind this type of crap. They need to get a life.
  8. cdog12

    cdog12 Mouseketeer

    Apr 10, 2008
    ye sadly i know how to do it :(

    i wish everyone safe

    use noscript the plug in as a added security
  9. PurpleDucky

    PurpleDucky <font color=green>Sorry folks, this ain't skinemax

    Sep 24, 2006
    Stupid d-bags (stole that word from Caitlin)
  10. PosessedEeyore

    PosessedEeyore <font color=blue>I secretly think Zac Efron is hot

    Feb 27, 2008

    im like... freeked out now.

    i feel like... someones watching me...

    *unplugs webcam*

    i dont see why any no life loser would do that. its stupid and its invading privacy. ):

Share This Page