Natural SEO - Search Engine Optimization Blog

« « How to write articles that will earn you money online  |  Affiliate Marketing Tracking Software: How It Can Help You To Succed! » »

The Clickjack Fix and Its Side Effects

Monday, October 27th, 2008    Subscribe To Our Feed

Learn More About Clickjacking

Technical news mags such as ZDnet report that clickjacking may be a serious threat that affects any Internet browser.

Clickjacking from the Layperson’s Perspective

In a nutshell, clickjacking is accomplished by a malicious page that hides behind a seemingly safe page. When you click an item on the supposedly safe page, your computer is clickjacked by malicious code which then hijacks your pc’s accessories or other components.This happens without your knowledge.

Typically, clickjacking will affect webcams, but it can also hijack other areas of your computer.   For example, your microphone or sound system can be exploited, or your computer can be taken over in other ways.

Adobe’s Flash Player was especially vulnerable to clickjacking, but Adobe has come out with a fix to address the issue.

What Browsers are Affected?

Clickjacking is a cross-browser malicious code, which affects virtually all Internet browsers.   It cannot be quickly fixed by disabling javascript.

A “No Script” add-on that works with Firefox is the only known solution.

Problems with the Clickjacking Fix

After using No Script for a week or so, I disabled it because it made web surfing a chore. Virtually every site I visted was blocked to some degree because the page contained common elements such as javascript, affiliate ads or YouTube videos.  For instance, the following were all blocked by No Script:

There’s a little bit of good news for Google publishers and advertisers. Adsense is automatically whitelisted by the No Script add-on.   Most of the others need to be manually whitelisted and it is unlikely that the average Internet user is going to do so.

If clickjacking is as bad of a problem as some say it is and if No Script and similar “script blocking” solutions are the only ways to fight back, then online advertising could take a major hit. Adserver Plus and other heavy hitting advertising networks were blocked by the Firefox add-on.

Conclusion:  Maybe the Threat is Overrated

My web browsing experience is back up to speed since I’ve disabled No Script and so far I haven’t been hit by any type of clickjacking activities.   Perhaps the threat is more overrated than it actually is.

The NotGuru blog has posted some videos that show exactly how clickjacking works and how to install fixes.

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • Furl
  • del.icio.us
  • Slashdot
  • Smarking
  • NewsVine
  • SphereIt
  • blinkbits
  • Reddit
  • Blue Dot
  • StumbleUpon
  • BlinkList
  • Spurl
  • Netscape

Posted in Uncategorized | Trackback | del.icio.us | Top Of Page

Site Search Tags: No Tags
Technorati Tags: No Tags
Related Tags: No Tags


Possible Related Posts

Advent Effects, Seo Company India, taking care of your business - Online PR News (press release)How Google Is Screwing Its Own Advertisers with Comparison Ads - Search Engine JournalThe Lure of Black Hat SEO: Take A Walk On the Dark Side - ZDNet (blog)

Leave a Reply