Re: ACTION-299: Whack-a-mole definition

Johnathan,
  I added your definition to the draft.  But I need to clean it up a 
little. More in person.

Anil

Johnathan Nightingale wrote:
>
> It came up while discussing the robustness section of the draft 
> recommendations that "whack-a-mole" attacks were being referenced 
> without definition.  Here goes:
>
> -- 
> A "whack-a-mole attack" refers to a type of malicious website which 
> attempts to perform some other action (e.g. installing software) which 
> normally requires user intervention (e.g. by clicking OK on a warning 
> dialog) by exploiting distraction and task-focus.
>
> The web site will deliberately creates a large number of dialog boxes 
> (real or synthesized with web content) in front of some desirable 
> content, motivating the user to attempt to dismiss the dialogs 
> rapidly, without inspecting their contents.  Among the many irrelevant 
> dialog boxes, however, will be the one presented by the user agent 
> indicating the need for a trust decision.  The expectation of the 
> attacker is that, being focused exclusively on getting rid of the 
> dialog boxes, the user will not take the necessary care to make 
> meaningful trust decisions, when they reach the legitimate warning 
> dialog.
> -- 
>
> Too wordy?  I resisted giving etymology of the name, easy enough to 
> google that part.
>
> J
>
> ---
> Johnathan Nightingale
> Human Shield
> johnath@mozilla.com
>
>
>
>

-- 
Anil Saldhana
Project/Technical Lead,
JBoss Security & Identity Management
JBoss, A division of Red Hat Inc.
http://labs.jboss.com/portal/jbosssecurity/

Received on Monday, 1 October 2007 22:41:44 UTC