(www.paulosyibelo.com)

237 points shinzub | 1 comments | 14 Jan 25 04:44 UTC | HN request time: 0s | source

Show context

steven_noble ◴[18 Jan 25 04:57 UTC] No.42745957[source]▶

The article’s headline says it’s a new technique. The article’s body does not really say this.

Too ◴[18 Jan 25 06:04 UTC] No.42746249[source]▶

This is just a variation of a trick that is as old as the internet. Most old attacks were using timing instead of double-clicking, usually by tricking the user to click on a bouncing monkey to win a price, instead hitting what was behind.

The real question is, how have browser vendors still not learned. Don't allow any clicks the first moments after a focus change.

replies(1): >>42747662 #

1. mylastattempt ◴[18 Jan 25 11:42 UTC] No.42747662[source]▶

>>42746249 #

If they implement that without an opt-out in the settings, even if buried deep, using the web as a 'power user' will become even more painful!

↑

DoubleClickjacking: A New type of web hacking technique