Clickjacking beware!

[Nisse]

I just found out about this through another community, and it looks quite scary.

http://blogs.zdnet.com/security/?p=1972
http://blogs.zdnet.com/security/?p=1973
NoScript Addon for Firefox

[aine]

Thanks Nisse. I appreciate your telling us and how nice of you to put the noscript link right there! I have it installed now.

[Wylonus]

i had seen couple of those web jackings on testing browsers.
not that good anyway. it take several hours to find and confirm.

if getting infected, make sure you close any programs, and go to "restore" to previous late known date that are safe, dont save any back files while rebooting to last previous dates.
however, do not attempt to log out and start up later, or you might get unrecognized "security" screen that replace your wallscreen and everything get froze up and making taskbar or start button unclickable.

reformat is painful and time consuming to get back on, and all the patches redo, game updates, window updates, and reconfigurate any new hardwares you installed that didnt come with pre-package from mantifactures.
reformat isnt taken lightly, more you reformated, the more that thin "eraser" sheet become brittle and thinner.

known sites that are heavy infected are Emulator sites, some torrent downloaders, some questionable music sites, and most adult sites are prone to webtrackers and can track whereever you go without your knowledges.

my first computer (back in 1999), i used for 2 years, and i had 2 police officers knocking on my door while i slept, woke me up, and they said i had dailed 911 help hotline, i was surprised and check my line and found my computer got mind of it own, and i pulled it out.

just recently last year, i read the news, some 16 yrs old was arrested without his knowledges, and his parent's lawyer got the boy home, and stating the computer is "zombified" by virus writer, 16yr old boy said he never visited those sites.
what it was, he send one of playboy's playmate bunny of a month, but he didnt know there was another "layer" hidden with illegal photos, so someone else used his e-mail but not same address.
if that boy lost the case and he would be facing 30-50 years or more in jail term (6 years for each photos send out).
eventaully police found true web hacker and serving life term without parole, convicted had several thousands of photos and hacked over 200 zombified accounts.
that scary, and he may not be only one, there are thousands of different types of hackers and crackers.
some are only doing for thrill of funs but some are very malaicious and mean that want to harm and destroy computers by infecting.

make the notes, and keep your record of browse pages on papers, and make "black list of not to visit", i am sure computers has that unwanted site blocker list in your tool menu.
but the list is growing and faster, and those well known sites need to get updated security for clients and costumers to protect..

just for your information, it is common sense.
"Never give your account passwords if they ask" (most companies never do and they dont) if you recieved in email, dont reply.
companies already have your name, log-in names, and accounts in secured files and they dont need to ask for them again, they dont use your e-mail for passwords and stuffs.
those who ask for it are bogus and when in doubt, use the offical access phone number and ask for verify, if they respond with no, then you know there is someone is trying to scam.

i just personally feel that we do need updated version of company's policy and keep it sticked for reminder and to help potiental new players and old players, and help protect us from scam artists and account hackers.

also try to avoid getting your computer zombiefied.