[cap-talk] An write-up of clickjacking from a Confused Deputy perspective
Kevin Reid
kpreid at mac.com
Tue Oct 14 17:42:50 CDT 2008
On Oct 14, 2008, at 17:20, Tyler Close wrote:
>> From what I've read so far in the blogosphere, I think the crux of
>> the
> clickjacking problem is being misunderstood. I've written up a short
> document explaining the attack and its relationship to Confused Deputy
> at:
>
> http://waterken.sourceforge.net/clickjacking/
>
> Any feedback appreciated.
* "This model for using authority is called ambient because requests
don't explicitly specify what authority should be used." -- I think
this should be clarified; I strongly associate "requests" here with
HTTP requests, browser->server, whereas you're referring to document-
>browser requests which *cause* HTTP requests.
* "the on-screen positioning of private information" -- I think
"information" is a poor choice of words here. "Private information"
makes me think of "my SSN", not "the button which will leak my SSN if
I push it".
* Despite these points, I think this is a reasonably good document and
the important thing right this minute is to *make people aware of it*,
before more dreadful access-policy patches are made to fix the
perceived problem.
* How do you see rights amplification (e.g. being able to edit a
publicly read-only document) working in this world?
--
Kevin Reid <http://homepage.mac.com/kpreid/>
More information about the cap-talk
mailing list