Browser security
Posted: Tue Mar 25, 2008 3:55 am
A big security problem nowadays is people getting tricked into clicking stuff on websites. You probably all know the popups on websites, looking almost like system notify windows, telling "Your PC is infected, run this scanner program" or something like that. You know, even the close icon X is in fact not a regular close button, but will perform the malicious action.
The websites I visit most often don't have those popups so it's not bothering me, but there must be so many people coming to these sites and being tricked into clicking and thereby downloading stuff.
I was thinking, why is it even possible that a browser window is changed by a website? Why would you, as a browser developer, even let that happen? Think about it, if all those strange popups would be contained within a regular browser window, complete with address bar, buttons, etc, it would be totally obvious to most users that the screen shown is not a legitimate system popup but just an attempt to scam.
It is my browser program. With my action buttons (back, forward, home, etc), my address bar, etc. There's a room dedicated to showing the contents of the webpage I'm visiting. A website shouldn't be able, in any way, to change anything to my browser (also not the size! but that's another story).
What are your thoughts?
The websites I visit most often don't have those popups so it's not bothering me, but there must be so many people coming to these sites and being tricked into clicking and thereby downloading stuff.
I was thinking, why is it even possible that a browser window is changed by a website? Why would you, as a browser developer, even let that happen? Think about it, if all those strange popups would be contained within a regular browser window, complete with address bar, buttons, etc, it would be totally obvious to most users that the screen shown is not a legitimate system popup but just an attempt to scam.
It is my browser program. With my action buttons (back, forward, home, etc), my address bar, etc. There's a room dedicated to showing the contents of the webpage I'm visiting. A website shouldn't be able, in any way, to change anything to my browser (also not the size! but that's another story).
What are your thoughts?