Visual Spoofing

By Deane Barker on February 14, 2004

Visual Spoofing: Very interesting idea and demo. The power is in its simplicity. It won’t fool everyone, but probably enough.

The problem with visual spoofing is that it is difficult to fix with a simple patch. Yes there are ways to fix the problem partially, but I don’t see a way to remove the problem completely because hackers can still create a page with images of overlapping windows to distract the clueless user who tend to keep many windows open.

Good thing Don is one of the good guys.

Gadgetopia

Comments

  1. Browsers should simply not allow webmasters to open pop up windows or change any of the browser items (such as scroll bar, buttons, etc.)

    (Heck, we might get away with JavaScript for the default security zone as far as I’m concerned — people should learn to script server-side for the sake of the Web.)

    Considering that IExplorer-CSS allows actual Windows colors to be used, the spoof might even be advanced to work in different color schemes without becoming visible.

  2. Yet another reason to use a non-standard OS (ie: anything but Windows) and browser; the Winders icons in the spoofed browser window were a dead giveaway in IE and Netscape on an OS 9 Mac.

Comments are closed. If you have something you really want to say, email editors@gadgetopia.com and we‘ll get it added for you.