原站：http://www.readwriteweb.com/..._click_no_really_dont_even.php

“Comments for Don't Click! No Really! Don't Even Thin”的内容更新

累计：14 篇（自 2009-02-13 起）

更新：约5篇/年，最后更新1100 天前

Comments for Don't Click! No Really! Don't Even Think About it!

Don't Click! No Really! Don't Even Think About it!

Twitter is falling prey to a major security flaw right now. The service is getting swamped with messages that say: "Don't Click" and a URL. Apparently, this hack has been around for over two weeks, but it only really took off today. If you actually click on the link while you are logged into Twitter, another "Don't Click" message will be posted to your T... (309 天前)

http://inezha.com/w/srdw2xj

Comments for Don't Click! No Really! Don't Even Think About it!

Comment from Andreas Klinger on 2009-02-12

its an hidden iframe and you click the submit button of your twitter status when clicking on the normal buttonhere you go for the sourcecode: http://pastie.org/387315best wishes from viennahttp://twitter.com/andreasklinger ... (309 天前)

http://inezha.com/w/wim5bx3

Comments for Don't Click! No Really! Don't Even Think About it!

Comment from Scott on 2009-02-12

I looked at the code and it's really just a simple iframe button submit. Nothing more than that, so no need to change your password or anything.... (309 天前)

http://inezha.com/w/lawvjxi

Comments for Don't Click! No Really! Don't Even Think About it!

Comment from Sean O on 2009-02-12

You are immune to this exploit if using Google Chrome. Yet another reason to use the fastest (safest?) browser for the PC.(I do miss a few FF plugins, though, and still can't live without FF/Firebug for development)... (309 天前)

http://inezha.com/w/ksdnyxb

Comments for Don't Click! No Really! Don't Even Think About it!

Comment from John on 2009-02-12

It's a click-jacking attack; a transparent iframe over the "Don't click" button. So when you click, you actually click "update" on the twitter page in the hidden iframe posting a new status. You can learn more about the type of attack from the Security Now Episode on Clickjacking (http://twit.tv/sn168)... (309 天前)

http://inezha.com/w/d1mouxz

Comments for Don't Click! No Really! Don't Even Think About it!

Comment from Nic on 2009-02-12

Love Jeff Attwood but I don't know where he got his ideas about this. If you look at the source it's just an iframe of your twitter homepage with the "Don't Click" status. If I had to guess without digging any further, they're overlaying the Twitter update status button in the iframe directly over the "Don't Click" button on the page. Giving the illusion... (309 天前)

http://inezha.com/w/idwyrww

Comments for Don't Click! No Really! Don't Even Think About it!

Comment from Nic on 2009-02-12

On a side note- it looks like if you go to the link now, the page is redirected completely to the source of the iframe. Is this Twitter's fix?... (309 天前)

http://inezha.com/w/vhd42w1

订阅者 ( 1 )

相关订阅源