Intel's Ronler Acres Plant

Silicon Forest

Thursday, July 18, 2013

Clickjacking

 

Readers sometimes “like” my posts by clicking a button that WordPress displays at the end of the post, and I appreciate that. In fact I very often like their posts too, but my security software (NoScript) goes off when I try to click “like.” Just to get to that point I must first temporarily allow a couple of urls to run javascript. Then NoScript warns me about a potential “clickjacking” attempt, and I haven’t been able to sort out exactly what that is and how to allow the link without allowing malicious links. Whatever clickjackingis, I bet it’s something I wouldn’t like. - Marcel on Monday Evening

I was just going to leave a comment, but then my mind made a connection, so I decided to make it a post.

One of things about modern computers with their point-and-click interface is that there is more than one way to do just about anything. Some of these techniques have hazards associated with them. One method might occasionally cause your computer to crash, another might inadvertently give you the wrong answer. As time goes by people tend to gravitate to methods that work reliably. They may not be the most efficient methods, but they know them by heart and can do them by just going through the required motions without having to think about it.

Now expand this idea to websites. People are more likely to revisit a website if it gives them what they want, and are less likely to go there if it gives them stuff they don't want, like computer viruses.

I do not like having to spend time "cleaning" my computer. I just want to use it. This means that my virus protection is in some unknown state, and it also means I will get hit with some nasty virus one of these days and I'll have to reload Windows, or buy another computer. But it hasn't happened in a while, so maybe the net is getting safer. (Yeah, right.) Or maybe I just don't go wandering off in the woods so much anymore. Every time I did that and got hit with some nasty crap, my subconscious took note, and now my clicker finger hesitates whenever some new web address shows up. Maybe I haven't been having as much trouble because I am staying closer to home and not out wandering around in strange neighborhoods.

Gack! Looking for a picture to illustrate this post and came across a page on Monopolize Social Media's website that appears to offer clickjacking as a service to their clients. There's a fine line between aggressive marketing and being a cretin. I'm not quite sure on which side of the line they fall.

No comments: