what is clickjacking anyway?

clickjacking is a hacking method that exploiting browsers such as Microsoft Internet Explorer, Mozilla Firefox, Apple Safari, Opera and Adobe Flash allowing the attacker to take control of the links that your browser visits. And with clickjacking any computer with a microphone and/or a web camera attached can be invisibly turned to be a remote surveillance device.
but if you use text-based browser like lynx, you’re save. but i doubt that you do 🙂

it’s not a new issue, in fact it’s a well-known issue. it’s just that it’s been underestimated and unappreciated. they (Robert Hansen and Jeremiah Grossman) say that it’s a fundamental flaw and can’t be fixed with a simple patch. isn’t that sounds difficult and scary? it has nothing to do with javascript, so if you turn off your browser’s javascript support, it won’t do any good. But until the flaw is fully fixed, there’s a temporary solution for us to be safe. it’s a bit extreme tough, but for you who really paranoid, the temporary solution is to disable all browser scripting, plugins, webcam and microphone.

but don’t worry too much, you can still do your daily internet activity as usual because this flaw seems already been comunicated with some major browser vendors. here’s a quote from Robert

Thanks to Adobe, Microsoft, Firefox, Apple and the various other vendors and people who have been helpful/supportive and care to fix the issue.

Now just make sure that your browser is updated.

Reblog this post [with Zemanta]

web services tutorial:a lightweight introduction

i’ve just found a very lightweight tutorial about web services. it’s different from most tutorial you find on the internet when you type “web services tutorial” in google’s search box. it also plays as a web services search engine to help you find web services providers out there. it’s something i’ve been looking for all this time. please click here to read it.