Crackdown on Clickjacking

A new, or rather a newly revised threat may be coming to a browser near you. It’s called Clickjacking and it can affect all browsers. It first appeared a few years ago but little was heard of it after the first warnings. It looks like it might be back though the threat level is still quite low at the moment but these things can quickly spiral out of control. Here’s how it works. If a hacker can get access to a website they can fiddle with buttons and graphics so that if you click on what appears to be a legitimate link what actually happens is you are directed to a phoney or fake site where you unwittingly enter personal details, or in a worse case scenario, clicking the link downloads malicious software onto your PC. Of course the same kind of thing can be found on less reputable websites.

Microsoft and Mozilla have released fixes in the past but there is a way to stop clickjacking in its tracks, on Firefox at least, and that’s to install an add-on called No-Script. This creates a white list of trusted sites by blocking any attempt to run an unapproved or suspicious script within a web page. If the site is blocked by NoScript all you have to do is click on the ‘S’ logo that appears in the bottom left hand corner and decide whether to allow the page to load. It’s a bit of a chore, but if you take security seriously, or you visit the odd dodgy website then it will give you some extra peace of mind.

nocript Crackdown on Clickjacking

Comments

Popular posts from this blog

Convert Google Books to Sony Reader Format

BIOS to pc performance

Use tough passwords but make them easy to recall