[webappsec] New clickjacking research published

Our UI Safety co-editor, David Lin-Shung Huang, has been doing some stellar anti-clickjacking research in the last year and a half.  We've been discussing ideas and implications from his research for the full lifetime of the WG, and I'm happy to announce that the final paper is now available to read after he presented it at USENIX Security last week:

http://websec.sv.cmu.edu/clickjacking/clickjacking.pdf

Congratulations to David, and highly recommended reading for anyone interested in the new spec.

Also of interest, Sebastian Lekies presented at the WOOT workshop co-located with USENIX, "On the Fragility and Limitations of Current Browser-Provided Clickjacking Protection Schemes".

https://www.usenix.org/conference/woot12/fragility-and-limitations-current-browser-provided-clickjacking-protection-schemes

-Brad Hill

Received on Monday, 13 August 2012 18:37:29 UTC