·j´M
Áô¨·Æ¹«¤§«áªºClickjacking§ðÀ»
°ª¬ì§Þ¸o¥Ç¥i¯à¤w¸g§ä¨ìÅý¨Ï¥ÎªÌ¦b¤£ª¾±¡¤§¤U¡AÂI¿ï´c·N³nÅ骺¤èªk¡C§óÁVªº¬O¡A´c®{¬Æ¦Ü¯à±q»·ºÝ¶}±Ò¨ü®`¹q¸£ªº³Á§J·©ÎÃèÀY¡A¶i¦æÅÑÅ¥©M°½¿s¡C
©Ò¿×ªºClickjacking§ðÀ»¡A¬O§ðÀ»ªÌ¤Þ»¤¨Ï¥ÎªÌÂI¿ï¬Y¼Ëµu¼È°{¹L¿Ã¹õªºªF¦è¡CÁöµM³oºØ§ðÀ»¥Dn¬O³z¹Lºô¸ôÂsÄý¾¹¡A¥]¬AAdobe Flash¡B·L³nSilverlight©Mª@¶§ªºJava¡A¤]·|¨ü¨ì¼vÅT¡C
³Ì¦h¥i¯à§t¦³¥b¥´¯S©w®zÂIªºClickjacking¦¦b¦h¦~«e´N¥X²{¡A¦ý¤@ª½¨ì³Ìªñ¤~¤Þ°_½u¤W¸o¥Ç©M¦w¥þ¬ã¨sûª`·N¡C¨ä¤¤¤@¦ì¬OWhiteHat Security¤½¥qªº§Þ³Nªø Jeremiah Grossman¡C¥L¯S§O±µ¨ü¥»¯¸°OªÌªº¹q¸Ü³X°Ý¡C
Grossman«ØijFirefox¨Ï¥ÎªÌ¡AÀ³¦Ò¼{¨Ï¥ÎNoScript¥~±¾µ{¦¡¡A¨Ã±N¨ä³]©w¬°¸T¤îIFrame¤º®e¡C±ýÁA¸Ñ¦p¦ó¦w¸Ë³]©wNoScript¥Hªý¾×¦¹Ãþ§ðÀ»ªº¸Ô²Ó¸ê°T½ÐÂI¤J¡C¨¾Å@¨ä¥LÂsÄý¾¹ªºÃB¥~US-CERT¯µ³Z½ÐÂI¦¹¡C¡]³¯´¼¤åĶ¡^
![¥[¤J§Úªº¹Ï®ÑÀ]](/member/graphics/btn_add2library.gif)
¥[¤Jºô¸ô®ÑÅÒ>
|
|
|
|
|
|
|
|
| 
¦@1¶ ¶¦¸¡G
[1]
ª©Åv©Ò¦³ © 2008 CNET Networks, Inc.Áô¨pÅvÁn©ú
2.Lak ©ó 2008/10/13 19:16 ¦^À³
to #1¡G¼gªº¯u¤£¿ù¡AÀ³¸Ó¤W¤Wº¶ºw..hoho
1.¸ò¥Í¬¡¤@¼Ë ©ó 2008/10/13 15:28 ¦^À³
¹q¸£³nÅé¶V¨Ó¶VÁͪñ²{¹ê¥»¨Ó³nÅé¯à°÷¸g§A¦P·N«áª½±µ¶i§A®a¶}±Ò§Aªºwebcam©Mmic
´N¦n¹³®aùØ쥻¤W¤FÂê¡A¶}Âê«á¶}©ñµ¹¯S©w¤H¤h¨Ï¥Î
²{¦b³QÃz®Æ¥X¡A¥ô¦ó¨ä¥L«D¬ÛÃö¤Hµ¥¤]¯à±þ¶i¥h¶}±Ò
±µµÛ´N¶}©l¦³¤H·|·Qn¥h°µ»{ÃÒ¡B¥[±KÂê¡B²Ä¤T¤è«O¥þ¡Kµ¥§óÁcªº¤u§@
¨Ó¨¾¤î²ö¦W©_§®»P«D¬ÛÃö©Ê½èªº¤J«I(«Dªk)¨Ï¥Î
¥¼¨Ó³nÅén°Ñ¦Òªº´N¬O¡G
¤Hªº§Ô¨ü«×¦³¦h¤Ö
´N¥un³]p¨ì¨ºùØ´N¦n¤F
ª÷®w¯ëªº¦w¥þ¤£¬O¤H¤H³£»Ýnªº¡I¡I