Comments on: Twitter’s “Don’t Click” prank, explained

By: Web Security: Are You Part Of The Problem? - Smashing Magazine

Web Security: Are You Part Of The Problem? - Smashing Magazine — Thu, 14 Jan 2010 17:03:44 +0000

[...] that read “Don’t click me”. Here is an examples for Jason Kottke’s stream:Twitter’s “Don’t Click” prank, explainedHuman nature being what it is, many people clicked the button, which seemingly did nothing. What it [...]

By: We Done Been … Framed! | PHP Hosts

We Done Been … Framed! | PHP Hosts — Thu, 06 Aug 2009 07:09:40 +0000

[...] fallen prey to a mild clickjacking exploit on Twitter myself! It really does happen — and it’s not hard to [...]

By: We Done Been … Framed! | Design Website

We Done Been … Framed! | Design Website — Fri, 19 Jun 2009 12:54:33 +0000

[...] fallen prey to a mild clickjacking exploit on Twitter myself! It really does happen — and it’s not hard to [...]

By: Willy

Willy — Thu, 18 Jun 2009 13:08:08 +0000

Overlaid, transparent buttons? What idiot thought there was a use for such a thing?

By: Ask SM: PHP/MySQL Security « Dylan Bishop Media

Ask SM: PHP/MySQL Security « Dylan Bishop Media — Sun, 12 Apr 2009 00:11:50 +0000

[...] XSS is the most common form of attack on the Web and can take on malicious behavior, including phishing, cookie/session hijacking and redirecting users to an unsafe website. It’s estimated that well over half of all existing websites have some form of XSS vulnerability, including social media giants like MySpace and Twitter (recently exemplified by the “Don’t Click” prank on Twitter). [...]

By: Ask SM: PHP/MySQL Security | How-To | Smashing Magazine

Ask SM: PHP/MySQL Security | How-To | Smashing Magazine — Wed, 01 Apr 2009 13:01:41 +0000

By: dsandler

dsandler — Sat, 14 Feb 2009 05:07:30 +0000

On the Internet? Unlikely!

By: Phil

Phil — Sat, 14 Feb 2009 02:24:15 +0000

Maybe people will learn not to click buttons that say “Don’t click” on them.

By: Rachel Keslensky

Rachel Keslensky — Fri, 13 Feb 2009 17:17:47 +0000

Clever! I didn’t click anything (apparently I never noticed anyone in my list doing so, except to say “Don’t Click the Don’t Click”, but it does take advantage in a way that shouldn’t be doable. (I use Twitterfox, which wouldn’t have been susceptible as it’s not logged into the browser page itself, but still.)

By: Joey Sanders

Joey Sanders — Fri, 13 Feb 2009 16:32:20 +0000

If this happened to any other site, it wouldn’t be called a “prank.” Twitter has to be one of the worst designed webapps. Only on twitter do users get excited to see a 404 page with the “fail whale.” Twitter is nothing but fail…

By: john

john — Fri, 13 Feb 2009 15:44:40 +0000

No wonder my firefox script blocking plugin was flipping out.

By: THE “DON’T CLICK” EFFECT | Humour: Vidéos, Images, Publicité

Fri, 13 Feb 2009 14:14:35 +0000

[...] are some articles explaining how this trick worked in French and in English here and [...]

By: marilink :: Don’t click

marilink :: Don’t click — Fri, 13 Feb 2009 10:54:02 +0000

[...] inversa o harás lo que te digo que no hagas. Varios cayeron ayer en el clickjacking que se extendió como la pólvora en twitter, una broma molesta que no causa mayor daño, y que por [...]

By: Jeremy Helms

Jeremy Helms — Fri, 13 Feb 2009 08:55:27 +0000

I published a screencast on Vimeo immediately after I saw the spread of “Don’t Click” tweets by the people I follow. The screencast shows people visually what you’re explaining in this post.

http://vimeo.com/3189642

By: John Mark Schofield

John Mark Schofield — Fri, 13 Feb 2009 06:05:03 +0000

Of course, if you used the NoScript Firefox extension ( http://noscript.net/ ), you’d be protected from this and similar attacks. I’m just as much of a clicking monkey as everyone else who got hit, but noscript popped up an alert to let me know what was going on.

By: Twitter hit hard by a social engineering attack — Geek of the Hill

Twitter hit hard by a social engineering attack — Geek of the Hill — Fri, 13 Feb 2009 05:44:14 +0000

[...] clicking the link, through the clever use of a hidden iframe and a bit of CSS (also known as clickjacking), the same message is reposted from your Twitter account. Before long, [...]

By: penas

penas — Fri, 13 Feb 2009 01:04:58 +0000

Thanks
It was scary…!

By: Building The Perfect Beast » Blog Archive » Did You Click This?

Building The Perfect Beast » Blog Archive » Did You Click This? — Thu, 12 Feb 2009 22:56:37 +0000

[...] Here’s and explanation of how it works: Twitter’s “Don’t Click” prank, explained. [...]

By: Chris Shiflett

Chris Shiflett — Thu, 12 Feb 2009 22:51:14 +0000

The frame-busting technique is not a complete solution. The example linked from my post doesn’t redirect you to Twitter if you’re using Firefox or IE:

http://shiflett.org/blog/2009/feb/twitter-dont-click-exploit

By: fscked.co.uk » Where did the Twitter “Don’t Click” attack come from?

Thu, 12 Feb 2009 22:03:01 +0000

[...] a better description of how the attack worked than I could hope to write, see Daniel Sandler’s page. In brief, it was a tiny, simple web page with a button labelled “Don’t Click!”; [...]