You hope that your computer is secure. Your clients depend on it, and your law firm’s insurance carrier prefers it.
An unsettling discovery by Stanford University computer science student Feross Aboukhadijeh, however, could test that theory. He says that that a malicious website using Adobe Flash, when combined with ‘Clickjacking,’ could actually turn your webcam and microphone on without you knowing it.
No, we’re not making this up.
Adobe’s engineers are currently working to fix this security flaw. Aboukhadijeh says that the company has known about it for a few weeks when he “reported this vulnerability…through the Stanford Security Lab,” but hasn’t heard back from them.
Dan Vu Quoc, a member of Justia’s engineering team thinks that any purported security threat is overblown. He says that it’s not much of a threat if you do not respond to suggestions to click on icons or games at websites that are not trustworthy or reliable.
Oh, and one more thing. The potential peeping and spying threat is real. If you’ve got click-happy kids with computers at home, take a Post-It® note or bandage, and cover up that webcam pronto until Adobe resolves the security flaw.
You can watch Aboukhadijeh explain the Adobe Flash security issue here:
*Clickjacking is a malicious technique of tricking Web users into revealing confidential information or taking control of their computer while clicking on seemingly innocuous web pages.