Security Now (Audio) SN 1040: Clickjacking "Whac-A-Mole" - Inside the Password Manager Clickjacking Frenzy and What It Means
29 snips
Aug 27, 2025 Alarm bells ring over a potential browser zero-day threat, but is it really that serious? The discussion dives into clickjacking and its implications for password security. Germany may outlaw ad blockers, raising privacy concerns. There's also news about the UK backing off its demands from Apple and Microsoft throttling new tenants. AI's dual role in advertising and cybersecurity is explored, along with vulnerabilities in Linux systems and password managers. Finally, the balance between user control and advertising impact is examined.
AI Snips
Chapters
Transcript
Episode notes
Clickjacking Is Whac-A-Mole
- The DEFCON clickjacking story is more whac-a-mole than apocalypse; it's one more technique in a long-running class of browser UI tricks.
- Steve emphasizes that browsers' complexity makes perfect protection impossible while keeping autofill convenience.
German Ruling Threatens Ad/Tracker Blocking
- Germany's Supreme Court revived an Axel Springer suit that could treat rendered webpage artifacts as 'protected programs', threatening ad and tracker blockers.
- Steve warns this could chill extensions and DNS filtering by equating page modification with copyright violation.
Fair Use Will Reshape AI And Publishing
- Many AI copyright lawsuits ask whether model training is 'transformative' and thus fair use.
- If courts reject fair use, AI vendors must license sources and reshape the web's information economy.