I had this completely wrong. oboy was I all mixed up. I thought floating elements was cursorjacking.
http://forum.palemoon.org/viewtopic.php?p=22856#p22856
Topic: Floating elements (Read 625 times)
Oh, I get it. Well, the issue is visiting a malicious website in the first place. Nobody will waste time to fool around with your cursor when they can convince to run a java applet or download innocent looking malware. At least that's the way I see it.
Are you sure you have to actually visit a baddie?
That's the point, you don't, it may be any site you visit where you allow scripts through noscript, or have no noscript protection or turn on java through about:config which is default.
Now, just think about all the people that have no idea about this exploit that is running a basic browser without any protection, example: your facebook casual user
I installed comodo dragon, happens to chrome based browsers as well.
The real whole point of this is.
over@ http://forum.palemoon.org/viewtopic.php?p=8299#p8299 explains where you may disable websites can't remove stuff, giving you power over your browser.
Why in the hell is there not a setting to stop websites from controlling your cursor? If there are other setting to stop websites controlling other parts of your browser. http://forum.palemoon.org/viewtopic.php?p=8299#p8299 javascript
It's stupid not to have this kind of setting.
Edit:
So the question remains, can mozilla or google or any web browser developer be able to add a setting to block this kind of behavior??? And if not, why not?
Oh, I get it. Well, the issue is visiting a malicious website in the first place. Nobody will waste time to fool around with your cursor when they can convince to run a java applet or download innocent looking malware. At least that's the way I see it.
Are you sure you have to actually visit a baddie?
So are you implying that a virus could be injected into your system through your cursor, or is it just a case of cursor jacking?
See thats, what I don't know. Everybody is staying silent.
All I know is that they may inject .js into your cursor = what kind of damage?
From this here, I guess it's pretty bad.
http://koto.github.io/blog-kotowicz-net-examples/cursorjacking/
That's pretty damn scary. Glad I'm subscribed.
So are you implying that a virus could be injected into your system through your cursor, or is it just a case of cursor jacking?
See thats, what I don't know. Everybody is staying silent.
All I know is that they may inject .js into your cursor = what kind of damage?
From this here, I guess it's pretty bad.
http://koto.github.io/blog-kotowicz-net-examples/cursorjacking/
&
https://dunnesec.wordpress.com/tag/cursorjacking/
Look, I can't really answer this. Perhaps it's problematic if the cursor manipulation carries on to other site. I believe it's far fetched though.
What I know is that I stay away from forums like those, in the first place. Mozilla, Ubuntu and a few others.
What I know is that I stay away from forums like those, in the first place. Mozilla, Ubuntu and a few others.
So are you implying that a virus could be injected into your system through your cursor, or is it just a case of cursor jacking?
[Edit]
Title fixed.
Just jump to Post#9
[/Edit]
I just might be an idiot but this had got my attention and so I questioned it. So I got backlashed and my thread locked.
Lets continue it here, and if you may, explain to me how is this not a security flaw in any browser. By some coders maybe? Someone fully 100% understands this kind of thing.
I am the OP. If you may, take a long good read, and discuss.
http://forums.mozillazine.org/viewtopic.php?f=38&t=2801231
Self-moderated is enabled to keep it clean.
Title fixed.
Just jump to Post#9
[/Edit]
I just might be an idiot but this had got my attention and so I questioned it. So I got backlashed and my thread locked.
Lets continue it here, and if you may, explain to me how is this not a security flaw in any browser. By some coders maybe? Someone fully 100% understands this kind of thing.
I am the OP. If you may, take a long good read, and discuss.
http://forums.mozillazine.org/viewtopic.php?f=38&t=2801231
Quote
I am not sure if I am the only one that is devastated by this.
Firefox has no added security to disable cursor manipulations and this is a huge security flaw in firefox.
Any website may inject anykind of malicious into your cursor.
On going discussions that I have created.
First it lead me to goto palemoon forums to seek help.
http://forum.palemoon.org/viewtopic.php?f=5&t=3872
Then from there it lead me to NoScript forums.
http://forums.informaction.com/viewtopic.php?p=67767
And now I am here.
Am I the only one worried about this security flaw? And the only one that is expressing it?
Please discuss...
Firefox has no added security to disable cursor manipulations and this is a huge security flaw in firefox.
Any website may inject anykind of malicious into your cursor.
On going discussions that I have created.
First it lead me to goto palemoon forums to seek help.
http://forum.palemoon.org/viewtopic.php?f=5&t=3872
Then from there it lead me to NoScript forums.
http://forums.informaction.com/viewtopic.php?p=67767
And now I am here.
Am I the only one worried about this security flaw? And the only one that is expressing it?
Please discuss...
Self-moderated is enabled to keep it clean.
Jump to: