{"id":24759,"date":"2019-05-01T08:25:32","date_gmt":"2019-05-01T13:25:32","guid":{"rendered":"http:\/\/huewhite.com\/umb\/?p=24759"},"modified":"2019-05-01T08:25:32","modified_gmt":"2019-05-01T13:25:32","slug":"word-of-the-day-466","status":"publish","type":"post","link":"https:\/\/huewhite.com\/umb\/2019\/05\/01\/word-of-the-day-466\/","title":{"rendered":"Word Of The Day"},"content":{"rendered":"<p><em>Clickjack<\/em>:<\/p>\n<blockquote><p><b>Clickjacking<\/b>\u00a0(classified as a\u00a0<b>User Interface redress attack<\/b>,\u00a0<b>UI redress attack<\/b>,\u00a0<b>UI redressing<\/b>) is a\u00a0<a title=\"Malware\" href=\"https:\/\/en.wikipedia.org\/wiki\/Malware\">malicious technique<\/a>\u00a0of tricking a\u00a0<a title=\"User (computing)\" href=\"https:\/\/en.wikipedia.org\/wiki\/User_(computing)\">user<\/a>\u00a0into clicking on something different from what the user perceives, thus potentially revealing\u00a0<a title=\"Confidentiality\" href=\"https:\/\/en.wikipedia.org\/wiki\/Confidentiality\">confidential<\/a>\u00a0information or allowing others to take control of their computer while clicking on seemingly innocuous objects, including\u00a0<a title=\"Web page\" href=\"https:\/\/en.wikipedia.org\/wiki\/Web_page\">web pages<\/a>.<sup id=\"cite_ref-1\" class=\"reference\"><a href=\"https:\/\/en.wikipedia.org\/wiki\/Clickjacking#cite_note-1\">[1]<\/a><\/sup><sup id=\"cite_ref-2\" class=\"reference\"><a href=\"https:\/\/en.wikipedia.org\/wiki\/Clickjacking#cite_note-2\">[2]<\/a><\/sup><sup id=\"cite_ref-3\" class=\"reference\"><a href=\"https:\/\/en.wikipedia.org\/wiki\/Clickjacking#cite_note-3\">[3]<\/a><\/sup><sup id=\"cite_ref-4\" class=\"reference\"><a href=\"https:\/\/en.wikipedia.org\/wiki\/Clickjacking#cite_note-4\">[4]<\/a><\/sup><\/p>\n<p>In web browsers<i>,<\/i>\u00a0clickjacking is a\u00a0<a title=\"Browser security\" href=\"https:\/\/en.wikipedia.org\/wiki\/Browser_security\">browser security<\/a>\u00a0issue that is a\u00a0<a title=\"Vulnerability (computing)\" href=\"https:\/\/en.wikipedia.org\/wiki\/Vulnerability_(computing)\">vulnerability<\/a>\u00a0across a variety of\u00a0<a class=\"mw-redirect\" title=\"Web browsers\" href=\"https:\/\/en.wikipedia.org\/wiki\/Web_browsers\">browsers<\/a>\u00a0and\u00a0<a class=\"mw-redirect\" title=\"Platform (computing)\" href=\"https:\/\/en.wikipedia.org\/wiki\/Platform_(computing)\">platforms<\/a>. Clickjacking can also take place outside of web browsers, including applications.<i><sup id=\"cite_ref-:0_5-0\" class=\"reference\"><a href=\"https:\/\/en.wikipedia.org\/wiki\/Clickjacking#cite_note-:0-5\">[5]<\/a><\/sup><\/i><\/p>\n<p>A clickjack takes the form of embedded\u00a0<a title=\"Source code\" href=\"https:\/\/en.wikipedia.org\/wiki\/Source_code\">code<\/a>\u00a0or a script that can execute without the user&#8217;s knowledge, such as clicking on a\u00a0<a title=\"Button (computing)\" href=\"https:\/\/en.wikipedia.org\/wiki\/Button_(computing)\">button<\/a>that appears to perform another function.<sup id=\"cite_ref-6\" class=\"reference\"><a href=\"https:\/\/en.wikipedia.org\/wiki\/Clickjacking#cite_note-6\">[6]<\/a><\/sup><\/p>\n<p>Clickjacking is an instance of the\u00a0<a title=\"Confused deputy problem\" href=\"https:\/\/en.wikipedia.org\/wiki\/Confused_deputy_problem\">confused deputy problem<\/a>, wherein a computer is innocently fooled into misusing its authority.\u00a0<em>[<a href=\"https:\/\/en.wikipedia.org\/wiki\/Clickjacking\" target=\"_blank\" rel=\"noopener noreferrer\"><strong>Wikipedia<\/strong><\/a>]<\/em><\/p><\/blockquote>\n<p>Noted in &#8220;<a href=\"https:\/\/www.newscientist.com\/article\/2199360-how-hackers-use-tricks-to-make-money-from-your-clicks\/\" target=\"_blank\" rel=\"noopener noreferrer\"><em>How hackers use tricks to make money from your clicks<\/em><\/a>,&#8221; Donna Lu, <em><strong>NewScientist<\/strong><\/em> (20 April 2019, paywall):<\/p>\n<blockquote><p>So certain websites contain tricks to get people to click. For example, an apparent link to a news story may actually take users to an advertising site earning the owner ad money, invisible objects that cover parts of a page could register as ad clicks when clicked, and hyperlinks that open an ad first before redirecting to the intended website also result in stolen clicks without the clicker realising.<\/p>\n<p>The team scoured the internet\u2019s top 250,000 most popular websites and found 613 sites with so-called clickjacking code. Though this totalled less than 1 per cent of the websites they looked at, it amounted to a total daily traffic of 43 million visits. On these pages, more than 3000 hyperlinks had been secretly inserted.<\/p><\/blockquote>\n<p>Just a random thought: Is this going to be like cancer? The Web so thoroughly ruined by the unprincipled that, one day, the whole thing just collapses as people stop using it?<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Clickjack: Clickjacking\u00a0(classified as a\u00a0User Interface redress attack,\u00a0UI redress attack,\u00a0UI redressing) is a\u00a0malicious technique\u00a0of tricking a\u00a0user\u00a0into clicking on something different from what the user perceives, thus potentially revealing\u00a0confidential\u00a0information or allowing others to take control of their computer while clicking on seemingly innocuous objects, including\u00a0web pages.[1][2][3][4] In web browsers,\u00a0clickjacking is a\u00a0browser security\u00a0issue \u2026 <a class=\"continue-reading-link\" href=\"https:\/\/huewhite.com\/umb\/2019\/05\/01\/word-of-the-day-466\/\"> Continue reading <span class=\"meta-nav\">&rarr; <\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"nf_dc_page":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-24759","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/huewhite.com\/umb\/wp-json\/wp\/v2\/posts\/24759","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/huewhite.com\/umb\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/huewhite.com\/umb\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/huewhite.com\/umb\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/huewhite.com\/umb\/wp-json\/wp\/v2\/comments?post=24759"}],"version-history":[{"count":1,"href":"https:\/\/huewhite.com\/umb\/wp-json\/wp\/v2\/posts\/24759\/revisions"}],"predecessor-version":[{"id":24760,"href":"https:\/\/huewhite.com\/umb\/wp-json\/wp\/v2\/posts\/24759\/revisions\/24760"}],"wp:attachment":[{"href":"https:\/\/huewhite.com\/umb\/wp-json\/wp\/v2\/media?parent=24759"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/huewhite.com\/umb\/wp-json\/wp\/v2\/categories?post=24759"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/huewhite.com\/umb\/wp-json\/wp\/v2\/tags?post=24759"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}