Google is planning on engineering JavaScript modals to work on a per-tab basis, rather than the per-window approach used today to make it easier for users to close potentially malicious popups. Fraser Kyne, EMEA CTO at Bromium commented below.
Fraser Kyne, EMEA CTO at Bromium:
“Google has clearly acknowledged that this is a problem, and its actions are certainly a step in the right direction. However, this solution is far from fool proof, and some users will always be panicked into clicking malicious pop-ups. Ideally, there should be a safety net beneath them. For example, micro-virtualisation can ensure that every web page and tab is launched in its own, fully isolated environment. As a result, any malicious pop-ups and the malware they link to are trapped within that virtual machine, posing no risk to the rest of the system. If they find themselves clicking in the wrong place, the user can simply close the page down and the problem goes away.”
The opinions expressed in this article belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.