Re: ACTION-299: Whack-a-mole definition

  I added your definition to the draft.  But I need to clean it up a 
little. More in person.


Johnathan Nightingale wrote:
> It came up while discussing the robustness section of the draft 
> recommendations that "whack-a-mole" attacks were being referenced 
> without definition.  Here goes:
> -- 
> A "whack-a-mole attack" refers to a type of malicious website which 
> attempts to perform some other action (e.g. installing software) which 
> normally requires user intervention (e.g. by clicking OK on a warning 
> dialog) by exploiting distraction and task-focus.
> The web site will deliberately creates a large number of dialog boxes 
> (real or synthesized with web content) in front of some desirable 
> content, motivating the user to attempt to dismiss the dialogs 
> rapidly, without inspecting their contents.  Among the many irrelevant 
> dialog boxes, however, will be the one presented by the user agent 
> indicating the need for a trust decision.  The expectation of the 
> attacker is that, being focused exclusively on getting rid of the 
> dialog boxes, the user will not take the necessary care to make 
> meaningful trust decisions, when they reach the legitimate warning 
> dialog.
> -- 
> Too wordy?  I resisted giving etymology of the name, easy enough to 
> google that part.
> J
> ---
> Johnathan Nightingale
> Human Shield

Anil Saldhana
Project/Technical Lead,
JBoss Security & Identity Management
JBoss, A division of Red Hat Inc.

Received on Monday, 1 October 2007 22:41:44 UTC