Beware of pickpockets and malware-laced banner ads If you haven't patched that media player or web browser in a while, now might be a good time. MySpace, Excite and Blick have been caught serving banner ads that attempt to install malware on machines running unpatched software. People who visit MySpace chat forums using out-of-date web browsers and media player plugins such as …
...but none that I know of can consistently take care of layer ads yet. And yep, so far I have seen precious little mal-adware for anything other than Windows, so using a different OS helps a little. Of course, once the percentage of non-Windows users rises, they will also be targeted.
@ LaeMi Qian: I have seen tainted ads on otherwise perfectly good and trustworthy web sites -- the owner of the URL can't do much if the ad service is letting malware through without noticing. I once got the message "Your Windows computer is unsafe! Install XXXX (Yes) (cancel)" on the homepage of a renowned newspaper. And no, I was not running Windows...
the ad bolcker should save you
adblock for firefox has a list of the domains to block so the banners are never loaded
(obviously the white listing of sites will circumvent any protection he gets if he tells adblock (or which ever he uses) to load all content on the page and not just ads that are hosted by the website he is visiting)
I use a "default deny" stance. Nothing gets run from any site I don't explicitly trust. Ads are blocked, scripts, flash, anything. Adblock plus, with NoScript and CookieSafe just about take care of this for me.
http://www.ranum.com/security/computer_security/editorials/dumb/ was the article that influenced my security stance the most, and is well worth a read.
I second that. Got just that on Tom's Hardware the other day. I emailed 'em with my findings and got a nice reply back saying they'd identified the bit of scroteware concerned and blacklisted the ad company serving it until they could prove they'd got their house in order.
If all reputable sites behaved this way, the problem would disappear quicker than snow in the Sahara. The ad servers need to be forced to put controls in place to prevent this sort of thing and summarily severing their revenue streams is the only language they understand.
It would help here if the marketing idiots who sign contracts with ad servers would learn to insist on a clause to the effect that any misbehaviour would result in them getting turned off until they'd taken effective steps to remedy the situation rather than happily signing something that says something like: "We the bum-sucking ad servers reserve the right to roger you over the table repeatedly if you so much as dream of interfering in our access to your clients"......
About 4 years ago after Falk (?) got their servers hacked and started serving malware via banner ads, I started using a HOSTS file that came with Kazaa Lite
which alias out a ton of 3rd party cookie and ad servers.
I've since then added Flashblock and NoScript to Firefox ( after the Falk AG incident I stopped using MSIE as my "everyday" browser.
Now I only use IE for mainstream media sites and ones run by public sector agencies.
One aspect missed by your commentators so far (techies, bless 'em!) is the issue of liability. When some harm occurs (from as trivial as a family PC having to be rebuilt at, to them, great inconvenience and cost, upwards), who ought to provide compensation?
I have mailed a UK national newspaper about this in relation to something much more trivial (a button being transparently overlayed by an advert which thus took me to the site of a UK airline) and recieved a holding reply.
Is it the newspaper which is the end deliverer? The advertiser with whom they contract? And so on upstream. My take is that it OUGHT to be the site which I chose to visit, as I have no control over anything upstream (hence the issue in the first place).
I don't know where the law stands.
It's like showing up at the Queen's door in a Yugo.
What was the topic again? Ads? What ads? I haven't seen an ad in quite some time.
Get your hosts file from here:
http://www.mvps.org/winhelp2002/hosts.htm [Updated 01-03-08]
Then use Adblock+ and maybe Flashblock and NoScript.
"Of course, once the percentage of non-Windows users rises, they will also be targeted."
In reality people want to attack corporations and servers not home users, they want to attack the people who actually have the bigger market share than microsoft they want to atatck the countless Linux or Solaris systems out there, the fact is they can't, because they are inherently more secure by design. So they get hordes of insecure windows machines and just bombard the real computers out there with more traffic than they can handle to temporarily take them offline.
When you bring up your own website and you get "somethingnastyashell.exe is an executable what do you want to do with it?" and you realize this may have been going for a long time friends, family, coworkers, the great unwashed public, have been victimized by your site I took down the banner immediately but who knows how much damage was done it's very horrible. I have adsense now and I haven't seen any driveby goodies for two years but I always check there are people I know who won't visit my site still because they got the malware I don't blame them I am not sure I would trust me either.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
