Framing attacks
نویسندگان
چکیده
While many popular web sites on the Internet use frame busting to defend against clickjacking, very few mobile sites use frame busting. Similarly, few embedded web sites such as those used on home routers use frame busting. In this paper we show that framing attacks on mobile sites and home routers can have devastating effects. We develop a new attack called tap-jacking that uses features of mobile browsers to implement a strong clickjacking attack on phones. Tap-jacking on a phone is more powerful than traditional clickjacking attacks on desktop browsers. For home routers we show that framing attacks can result in theft of the wifi WPA secret key and a precise geolocalization of the wifi network. Finally, we show that overlay-based frame busting, such as used by Facebook, can leak private user information.
منابع مشابه
A Threshold Signature Scheme Based on TPM
For the traditional threshold signature mechanism does not considers whether the nodes which generate part signature are trusted and the traditional signature strategy doesn’t do well in resisting internal attacks and external attacks and collusion attacks, so this paper presents a new threshold signature based on Trusted Platform Module (TPM), based on TPM the signature node first should finis...
متن کاملAn Efficient Electronic Payment System Withstanding Parallel Attacks
A new blind signature protocol based on Schnorr signatures is presented that can be used in payment systems. Apart from its simplicity and efficiency, an important feature of the protocol is that it can be argued to imply a withdrawal protocol that is resistant to parallel attacks by a collusion of users. An essential property of the blind signature protocol is that the signer has complete know...
متن کاملEffect of Frame of Mind on Users' Deception Detection Attitudes and Behaviours
As the World Wide Web grows, the number and variety of deceptive attacks targeting online consumers likewise increases. Extant research has examined online deception from an information processing perspective, that is, how users process information when they encounter deceptive attacks. However, users’ ability to process information is based on what the users are thinking or their frame of mind...
متن کاملFraming Bias in the Interpretation of Quality Improvement Data: Evidence From an Experiment
Background A growing body of public management literature sheds light on potential shortcomings to quality improvement (QI) and performance management efforts. These challenges stem from heuristics individuals use when interpreting data. Evidence from studies of citizens suggests that individuals’ evaluation of data is influenced by the linguistic framing or context of that information an...
متن کاملFully Anonymous Attribute Tokens from Lattices
Anonymous authentication schemes such as group signatures and anonymous credentials are important privacy-protecting tools in electronic communications. The only currently known scheme based on assumptions that resist quantum attacks is the group signature scheme by Gordon et al. (ASIACRYPT 2010). We present a generalization of group signatures called anonymous attribute tokens where users are ...
متن کامل