Clickjacking is a malicious technique of tricking Web users into revealing confidential information or taking control of their computer while clicking on seemingly innocuous Web pages. A vulnerability across a variety of browsers and platforms, a clickjacking takes the form of embedded code or script that can execute without the user's knowledge, such as clicking on a button that appears to perform another function.
The term "clickjacking" was coined by Jeremiah Grossman and Robert Hansen in 2008. The exploit is also known as UI redressing.
Clickjacking can be understood as an instance of the confused deputy problem.
lickjacking is possible because seemingly harmless features of HTML Web pages can be employed to perform unexpected actions.
A clickjacked page tricks a user into performing undesired actions by clicking on a concealed link. On a clickjacked page, the attackers show a set of dummy buttons, then load another page over it in a transparent layer. The users think that they are clicking the visible buttons, while they are actually performing actions on the hidden page. The hidden page may be an authentic page, and therefore the attackers can trick users into performing actions which the users never intended to do and there is no way of tracing such actions later, as the user was genuinely authenticated on the other page.
The reason I unloaded this huge clot of text on you dear reader is this. I'm getting warnings on my computer every time I click on something related to this site. When I post a a video on here i constantly get a clickjacking warning. Be careful wogs I figured I'd provide an explanation because I had no idea what clickjacking was.
Be prepared Not scared!
No comments:
Post a Comment
Leave a message after the beep