Webmonkey offers a look at “Clickjacking” attacks. The article is interesting.

http://www.webmonkey.com/blog/A_Look_at_the__Clickjacking__Web_Attack_and_Why_You_Should_Worry

The “Clickjacking” attack bothers me because it seems so obvious. Well, obvious to someone who has done JavaScript web development.

Years ago, I worked on a web user interface (wui) where we tried to duplicate all the functionality of a gui using Javascript and XML. This was Ajax before it was called Ajax. I had a demo that basically was a clickjack attack whose intent was to annoy the user or to trigger an event. A prank or a feature, it was trivial to implement with a few lines of code.

Thus the attack is another case of media hype. Giving this attack a clever name like “Clickjacking” seems to be like calling a person who unplugs your network cable a “Cablejacker”.

J Wolfgang Goerlich

(Incidentally, in case anyone is interested, my employer attempted to patent the wui idea. The details are online.)
http://www.freepatentsonline.com/y2003/0088640.html?query=Goerlich&stemming=on