Results 1 to 8 of 8
  1. #1
    2 Star Lounger
    Join Date
    Apr 2009
    Posts
    173
    Thanks
    7
    Thanked 0 Times in 0 Posts

    Potential clearjacking

    When I click on the picture, there is never a change, ie between disguised and revealed. The image seems to 'drop' a fraction of an inch when clicking. I have disabled Adblock Plus on that page. Still no difference in the picture. Could this be a cause? The warning message comes up in AOL's 'Today on AOL' when some of their featured items are clicked. Thank you.

  2. #2
    5 Star Lounger
    Join Date
    Dec 2009
    Location
    S.F. Bay Area, California, USA
    Posts
    735
    Thanks
    15
    Thanked 80 Times in 78 Posts
    When I click on the picture, there is never a change
    Please clarify; I have no idea what you're talking about.

    Zig

  3. #3
    2 Star Lounger
    Join Date
    Apr 2009
    Posts
    173
    Thanks
    7
    Thanked 0 Times in 0 Posts
    My understanding is you are supposed to be able to see elements that are "hidden" and potentially dangerous....

  4. #4
    Plutonium Lounger Medico's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    12,631
    Thanks
    161
    Thanked 936 Times in 856 Posts
    You have to be more specific. What picture, what site, etc. I am as in the dark as Zig is. Please explain in more detail, what site, what picture, what OS and browser, etc. Thanks.
    BACKUP...BACKUP...BACKUP
    Have a Great Day! Ted


    Sony Vaio Laptop, 2.53 GHz Duo Core Intel CPU, 8 GB RAM, 320 GB HD
    Win 8 Pro (64 Bit), IE 10 (64 Bit)


    Complete PC Specs: By Speccy

  5. #5
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts
    Are you using the NoScript extension for Firefox?? It has an anti-clickjacking feature to reveal an object that is intercepting what it thinks is your intended click target. This is called ClearClick and it's located on the Notifications tab. I don't think I've ever seen a notification, but that could be because this exploit is not very common.

    Can you give a URL where this happens?
    Attached Images Attached Images

  6. #6
    2 Star Lounger
    Join Date
    Apr 2009
    Posts
    173
    Thanks
    7
    Thanked 0 Times in 0 Posts

    Potential clearjacking

    Jefferson, Hi -
    I have the same choices as you in Notifications except I do have ‘Show message about blocked scripts’ on.
    Attached Files Attached Files

  7. #7
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts
    I can't seem to re-create the error condition when I visit http://todaypage.mail.aol.com/todayonaol There could be something rotating through that I'm not seeing for one reason or another. (I'm not logged in to AOL because I don't have an account.)

  8. #8
    2 Star Lounger
    Join Date
    Apr 2009
    Posts
    173
    Thanks
    7
    Thanked 0 Times in 0 Posts
    Thanks for trying, Jefferson. I do think it's something to do with AOL because I rarely get such warnings anywhere else. Your time is appreciated.

    Best,
    Mipendance

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •