by Paul Ducklin on August 19, 2011

I'm sure you've heard of hijacking. These days, it usually refers to the takeover by force of an aircraft in flight.

(The word hijack is more interesting than you might think. No-one seems to know its origin. It first appears in the USA in the early 1920s, years before the first aeroplane hijack. Some say it's from Prohibition days - to 'jack', or rob, someone's car on the highway. But others insist that 'jack' in this sense is formed from the word hijack. If you thought computer security was tricky, try being an etymologist or a philologist.)

As close criminal relations, you'll also have heard of carjacking, shipjacking and truckjacking. You'll probably also have heard of analogous computer-related mischief, such as sidejacking, sheepjacking, pagejacking and clickjacking.

Well, now there's a new one. Juicejacking.

When you stop to think about it, juicejacking is an obvious, surprisingly easy, and potentially very lucrative way to plunder shedsful of personal and corporate data.

But almost no-one did stop to think about it before security trio Brian Markus, Joseph Mlodzianowski and Robert Rowley. They thought about it, and decided on a practical and public demonstration to raise awareness at this year's DEFCON conference in Las Vegas.

...