- From: Shivani Sharma <notifications@github.com>
- Date: Fri, 06 Dec 2024 07:49:21 -0800
- To: w3ctag/design-reviews <design-reviews@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
- Message-ID: <w3ctag/design-reviews/issues/975/2523539706@github.com>
> If the content shown can affect whether a click occurs, then the embedding context gains information. In the extreme, you might imagine content in the frame that guarantees a click in one case ("click here to enable this free addon") and guarantees no click in another (leaving the area blank or "click here to agree to something awful"), then the information carried by that click (or absence thereof) is high. Maybe it's not perfect, because people are often perverse like that, but you have created a means of exfiltration.
>
> [WICG/turtledove#990](https://github.com/WICG/turtledove/issues/990) goes into more detail about the sorts of things you might do to gain information from the human involved.
Responded to the linked issue https://github.com/WICG/turtledove/issues/990#issuecomment-2511630560 with the mitigations for these attacks, ranging from visited links (which is observable w/o user action) to the grid attack (where multiple fenced frames are shown to the user and clicking on one presents some information).
The captcha style attack is one which does not depend on any click in the FF so has a different underlying threat model, but also requires more concerted action on behalf of the user.
--
Reply to this email directly or view it on GitHub:
https://github.com/w3ctag/design-reviews/issues/975#issuecomment-2523539706
You are receiving this because you are subscribed to this thread.
Message ID: <w3ctag/design-reviews/issues/975/2523539706@github.com>
Received on Friday, 6 December 2024 15:49:25 UTC