[cap-talk] Reducing Ambient user authority in a Type Safe /Memory Safe OS.
Karp, Alan H
alan.karp at hp.com
Mon Dec 21 12:33:05 PST 2009
Ben Kloosterman wrote:
è For a standard browser I can agree with you but im not user here.. since we are displaying rendered windows in a browser though I suppose if there are no security pop ups then click jacking becomes useless.
Clickjacking doesn't depend on security pop ups. The attacker tricks the victim into clicking a button in the UI of the powerful application that takes some action the user doesn't intend to take.
________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
http://www.hpl.hp.com/personal/Alan_Karp
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.eros-os.org/pipermail/cap-talk/attachments/20091221/b416ebc6/attachment.html
More information about the cap-talk
mailing list