Clickjacking – Something to be concerned about…

(From TechRepublic – 10/19/2008) – “Clickjacking – Potentially harmful web browser exploitClickjacking has the potential to redirect unknowing users to malicious Web sites or even spy on them. We all need to be aware of clickjacking and how to avoid its trappings.”

I am encouraging my “techie friends” to read the TechRepublic blog post about clickjacking and learn more by “Googling Clickjacking“. There is a whole lot of buzz and concern about this potential problem which ultimately could call for a complete redesign in all browsers. Currently if this exploit takes off, there is no effective solution known at this time. Basically in a nutshell, what you think you may be clicking on in a web page, may in fact end up being malicious code that is transparent to the naked eye, that carries out a malicious operation without your knowledge (i.e. stealing an account number, turning “on” your web camera or microphone).

What is clickjacking? (From Wikipedia) – Clickjacking is a malicious technique of tricking web users into revealing confidential information or taking control of their computer while clicking on seemingly innocuous web pages. A vulnerability across a variety of browsers and platforms, a clickjacking takes the form of embedded code or script that can execute without the user’s knowledge, such as clicking on a button that appears to perform another function.


2 thoughts on “Clickjacking – Something to be concerned about…

Add yours

  1. Hey Rick,

    As you say ‘Clickjacking” is an enormous problem. I’ve been watching this for several months now, and I’m surprised that this security issue has not gotten the “play” that it should have.

    In a way, it reminds me of the DNS problem discovered earlier this year – lots of early coverage that seems to have just disappeared; as if the problem itself has just disappeared!

    I guess we’re like a kid having a nightmare – just pull the covers over our heads, and the monsters will disappear.



  2. You know, have to wonder if this “clickjacking” is already out there in the wild… This is the first I read about it… I’ve noticed some of the sites where I have accounts, now have (just recently) a double layered login process (i.e. username/password first layer, then say an “image” or question that I only know about on the second layer). I’m assuming this is in place to hinder a “clickjacking”… From what I read, this impacts the entire playing field and is not just browser specific…

    Nice to hear from you… Oh, thanks for the heads up on the Windows Update that you had posted on your blog… Caught my attention!


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Powered by

Up ↑

%d bloggers like this: