08 July 2011

Clickjacking Update

A new white paper from Carnegie Mellon University describes alternative clickjacking attacks that do not reply on the use of iframes.

Photograph of signage at Tate Modern in London with the words 'Interactive Zone' written on the glass windows overlooking the turbine hall

Lin-Shung Huang and Collin Jackson announced the overview white paper Clickjacking Attacks Unresolved describing their research topic, references to related research and example demonstrations. The paper outlines how using the X-Frame-Options header and anti-framing code are recommended but are not a complete solution. The authors are continuing with their research, which will include advice on countermeasures.

So, one to watch.

Posted on: 08 July 2011 at 08:12 hrs

Comments Comments (0) | Permalink | Send Send | Post to Twitter

Comments

Comments are filtered automatically and should appear shortly after they been checked.

Post a comment
Confirm acceptance and understanding of the terms of use
New posts to this thread will be sent to your email address
Clickjacking Update
http://www.clerkendweller.com/2011/7/8/Clickjacking-Update
ISO/IEC 18004:2006 QR code for http://clerkendweller.com

Page http://www.clerkendweller.com/2011/7/8/Clickjacking-Update
Requested by 54.196.24.103 on Thursday, 24 April 2014 at 10:11 hrs (London date/time)

Please read our terms of use and obtain professional advice before undertaking any actions based on the opinions, suggestions and generic guidance presented here. Your organisation's situation will be unique and all practices and controls need to be assessed with consideration of your own business context.

Terms of use http://www.clerkendweller.com/page/terms
Privacy statement http://www.clerkendweller.com/page/privacy
© 2011-2014 clerkendweller.com