Language Selection

English French German Italian Portuguese Spanish

Firefox add-on blocks 'clickjacking' attacks

Filed under
Moz/FF
Security

A popular Firefox add-on designed to block scripts and plug-ins has been updated to stymie the new "clickjacking" class of attacks, the extension's developer said today.

The latest version of NoScript, a free extension for Mozilla Corp.'s Firefox browser, now boasts something that Italian developer and security researcher Giorgio Maone calls "ClearClick" to protect users from clickjacking attacks.

"Rather than relying on frame/plug-in blocking, which were already available, I decided to move on and add a brand new feature, developed from scratch, for people who couldn't bear blocking frames outright," said Maone in an interview conducted via instant messaging.

In a blog post earlier this week, Maone spelled out what ClearClick does in greater detail. "Whenever you click or otherwise interact, through your mouse or your keyboard, with an embedded element which is partially obstructed, transparent or otherwise disguised, NoScript prevents the interaction from completing and reveals [to] you the real thing in 'clear,'" he said.

At that point, users can decide for themselves whether to continue clicking, or free up the mouse from the underlying -- and potentially exploitive -- content.

More Here




More in Tux Machines

ARM boosts Big.Little with DynamIQ, and launches Linux dev kit

ARM unveiled a more flexible version of its Big.Little multi-core scheme called DynamIQ, and launched an Embedded Linux Education Kit based on the Udoo Neo. ARM Ltd. announced a more advanced version of its Big.Little heterogeneous multi-processing technology for balancing core loads on multi-core Cortex-A SoCs. The new DynamIQ multi-core scheme enables more flexible core configurations that were not possible with Big.Little, says ARM. Meanwhile, ARM’s educational unit released a new ARM Embedded Linux Education Kit based on the i.MX6 SoloX based Udoo Neo hacker SBC (see farther below). Read more

Four Things a New Linux User Should Know

If you’re making the move from Windows or Mac (or even from Android or iOS), welcome to our world. These days, using Linux for doing everyday computer tasks isn’t that much different than using other operating systems — meaning the learning curve is only slight. In fact, my colleague Phil Shapiro works at a library that uses Linux on the computers its patrons use and says that hardly anyone even notices they’re not using Windows. It’s that easy. Read more

Arch Linux-Based ArchEX Has Linux Kernel 4.10.5, Yaourt, and Calamares Installer

Arne Exton announced today the release of a new build of his Arch Linux-based ArchEX GNU/Linux distribution built around the lightweight LXQt desktop environment. Read more

DragonFly BSD 4.8 Released with EFI & eMMC Support, Improved Kernel Performance

The developers of the DragonFly BSD operating system were proud to announce today, March 27, 2017, the release and immediate availability for download of DragonFly BSD 4.8. Read more Also: DragonFlyBSD 4.8 Released With Performance Improvements, EFI Support & More DragonFly BSD 4.8