Browser makers, Facebook plot to stop click-jacking.

BROWSER VENDORS are talking with Facebook about finding a way to stop click-jacking.

The need to go to browser vendors, none of which were identified, underlines the seriousness and difficulty of solving click-jacking. The issue for users of the social notworking website is that they get malware when they click on links that have been hijacked.

"It's a very clever hack. We do have click-jacking [protection] techniques and we don't talk about them. We have some ideas [to stop it] with browser vendors and we'll see if they come to fruition," said Facebook's engineering manager Jason Sobel. He didn't mention a timeframe for that fruition.

Another security effort by Facebook also looks to become a longer term effort, the use of HTTPS. Facebook is slowly rolling out HTTPS for secure access across its website. The problem is that with the way HTTPS works now it can noticeably slow down the user experience.

Indicating how entrenched this issue is, Facebook's senior open programmes manager David Recordon told The INQUIRER that his employer and others, such as Google, are looking at how to overcome this.

Despite people's preference to update their status on the go with mobile devices and the security issues that must surely arise, Recordon said that Facebook has less than 100 people working on mobile devices out of its workforce of over 2,000. µ