In thee Olden Daye's of yore, websites were run by guys in Kaftans with beards and sandals. Now they are more likely to be run by "Creative Types" with their Macbooks, their Flashes and their wonderfully complex suites of designy "stuff".

More of an emphasis on Style than Substance.

Geeks = Stability, Simple Content, a lack of Visual Slickness, Technical Knowledge.

Creatives = Webhorrea2.0, Complex Displays, Visual Slickness, Lack of Technical Knowledge.

People without the knowledge of malware, it's symptoms and solutions are now responsible for the vast majority of sites. Why bother taking your site down to fix a security hole that doesn't affect you? You can't see anything wrong, and who'd want to attack your little site anyway?

Paris, as she demonstrates a lot of the skills required nowadays...

There's an entire underground network of computers and servers behind these attacks; in my experience, a poisoned Web site doesn't usually drop malware itself. Rather, it redirects the hapless visitor to another server, which makes extensive and detailed logs about where the visitor came from, before then choosing one of a list of payload sites to further redirect the user to.

I've made a fairly detailed map of part of this underground network at

http://tacit.livejournal.com/238112.html

And, not surprisingly, iPower, Inc. is still leading the world in the number of compromised, poisoned Web sites being hosted by a single Web host. In fact, almost four months after a major security breach which saw thousands of sites hosted by iPower compromised, the breach has not yet been fixed and hackers can compromise and poison any site hosted on iPower servers at will.