Slashdot Mirror
The Next Ad You Click May Be a Virus
Jay notes a Wall Street Journal report about ad networks unintentionally selling empty space to malware loaders (the link is to a syndicating site that doesn't require a subscription to view). The submitter comments: "The labeling of the fake ad sellers as hackers is pretty bogus; there's no hacking involved. Simply sign up for one of these networks, create your fake site, put up another company's creative, and you're good to go." The incidents being reported go back a few months, but the pattern of this criminal activity seems to be coming clear only recently."EWeek.com, a technology news site owned by Ziff Davis Enterprise, in February displayed an ad on its homepage masquerading as a promotion for LaCoste, the shirt maker. The retailer hadn't placed the ad — a hacker had, to direct users to a Web site where harmful programs would be downloaded to their computers, says Stephen Wellman, director of community and content for Ziff Davis."
I mean really, its all just semantics (and semiotics) and we're all infected...cookie anyone?
/strokes adblock
While the internet is a wonderful thing; I can't help but wonder where did all of the douchebags come from. Every liar, cheat, grifter is taking their shot at fucking up the sandbox we all play in. Its all fun and games when windows users get hosed, but after awhile even that gets old. I am just a tired old man. It makes me sad that my poor view of humanity gets reinforced every time I turn around.
My coworkers and I have been dealing with AntiVirus XP and its variants for the past few months, and it seems to infect computers in exactly this way. Badvertisements. It's hardly a new phenomenon, but it's nice to see the press pick up on it. Better late than never.
Web publishers say they have started limiting the number of companies they outsource their ad selling to and are working with security vendors, such as San Francisco-based ClickFacts, to detect malicious software on their networks and remove it as quickly as possible.
I'm impressed! The Wall Street Journal talked to every Web publisher and got them to agree to do this. We should send Emily to go negotiate peace in the middle east.
...having that "Disable Advertising" checkbox from Slashdot :)
"As our way of thanking you for your positive contributions to Slashdot, you are eligible to disable advertising. "
Thank you for preventing my Gentoo Linux system for being infec...
Oh, wait...
Segmentation Fault in "Life, Universe and Everything" at line 42. Don't Panic.
Wait, they are just now realizing this? And here I had thought this was common knowledge, and that they were actually doing something to fight it.
No wonder I couldn't see anything being done about it.
Welcome to 1990 when Al Gore invented the intertubes.
from 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0
to 45 2F 6E 40 3C DF 10 71 4E 41 DF AA 25 7D 31 3F
... who clicks ads? (other than for click fraud purposes)
Clicking an add will load, via http, an html page (maybe with some javascript) that my web browser will display.
A virus is a program that copies itself onto another program.
How is a web page going to execute arbitrary software of the attacker's choosing, on my machine?
The only way they can do this is if my browser is vulnerable to some kind of exploit.
Web pages cannot contain viruses unless the browser that loads them is fucked up. A decent browser knows to never trust input from the public Internet.
Ads link to malware sites?!? YAWN! Ads themselves are malware and should be blocked.
Or it may win you ... A NEW CAR.
Are you prepared to take that risk?
Hmm ... that's not appearing like it should. It's spelt B-L-I-N-K, right?
Another company's "creative?" What the hell does that mean? Is it some industry term for "crappy banner ad?"
Ads link to malware sites?!? YAWN!
That was quite a loud yawn.
NEVER, NEVER, NEVER, I REPEAT NEVER EVER click an ad banner. If you see somthing you REALLY want to view get the source and go there in another browser window, but clicking thru an ad banner is somthing I can't ever remember doing in the entire time I've been on the net...
errr....umm...*whooosh* *whoosh* Is this thing on ?
We have a little something called Ad Block Plus.
After years of not using a signature, I am going to make one to say the following: Fuck Beta
"direct users to a Web site where harmful programs would be downloaded to their computers, says Stephen Wellman, director of community and content for Ziff Davis."
.exe and .dll again, an exclusive Windows issue disguised as a "PC" issue.
Do these affect Linux or Apple PC's? I'm guessing it's the good old Windows
Why is it that areas where Microsoft want to portray a large market share (either exaggerated by reports from shills or real) they have the words Microsoft and Windows all over the stories, yet when it's something they have an almost 100% market share on (malware compatibility and vulnerability), there's no mention of either Microsoft or Windows; it's all just PCs.
FAO the Microsoft Astroturfers, it was a rhetorical question but feel free to do your job and mod me down for pointing out the obvious. Wait, Ziff Davis does ring a familiar bell, hmmmmm.
I've been cleaning crap off of computers installed by ad popups for the past year now.
Seriously, I can't recall the last time I clicked on an ad.
...click on ads?
One such exploit could be Microsoft ActiveX. (There are legions of people who authorize that stuff without a second thought.)
Not clicking on banner ads isn't enough. For years I've been fine with letting any non-Flash banner ad through, but I a few months ago I finally installed Adblock after finding one too many PDF exploits being loaded through banner ad display code.
It works like this: You are minding your own business browsing some perfectly legitimate web site when suddenly you get a dialog box asking if you would like to execute the JavaScript in "this PDF document". There's no PDF in sight, no other windows, nothing else suspicious.
Oh, but you only get this dialog if you have JavaScript disabled in Acrobat (most people don't).
You don't even need to click the ads. When I was using Adbrite for ads on my website I started getting driveby spyware just by visiting my website. It installed right from the ad (i'm guessing by way of flash). I dropped Adbrite and haven't looked back. Eventually google approved my adsense application and I am now using them...no problems since
Hmm, if such activity continues on an uprise, such a thing could eventually severely hurt ad-sense and the like, which the company I work for makes virtually all their cash from.
I'm being half-serious because I've always wondered how money is being made selling ads. No one I've asked has ever clicked an ad.
people do that?
not only is time travel possible, it's irrelevant.
It must be nice under the rock they've been living under for these past few years...
Since I installed AdBlock Plus (for purposes of lowing annoyance level), I've noticed as a very pleasant side effect that my malware infection level has dropped tremendously.
Barely need to run AdAware & SpyBot & co any more, and when I do [even when their definitions are fully updated], there's barely anything for them to find
I listen to both RIAA and non-RIAA stuff if I like the music, tangential business/politics nonwithstanding.
It's anything but news. And I'm not even talking about shady scareware or "come to the page and you already signed an abo for 2 years and 160 bucks" scams.
Drive-by infection ad pages have appeared in noticable amounts about 2-3 years ago when iframe infections became en vogue. They were (and are) even actually quite professional, not just a copy of another company's page, they appear legit, but usually sell crap no person would actually want to buy (either overpriced or obviously bogus). But that's not the point. The point is to appear legit and like just some other page trying to hawk crap, so people don't wonder why someone would advertise a page with no content.
Not that the average user would wonder, but ...
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
You know, back in the good ol' days of yore, when the internet was young and so were we, we created a beautiful garden. We, the geeks, we came together and we built. We created flowerbeds and hacked away the weed so people could find a path through the wilderness, we invited other geeks to join us in our creation so they would maybe build something even greater on top of ours. We looked at it and saw it was stunning and beautiful, and we looked outside for the "others", the "mundanes", the average guy and we thought, wouldn't it be a great idea if they, too, could see how beautiful and magical it all is? Imagine, when we, a handful of geeks, can create such wonders, what miracles are waiting for us to see if we just let others join in the creation?
Sure, they were no gardeners, so we paved a few ways through our wonderland, lest they got their feet dirty on the muddy paths we used to walk on. And the people came. They came in, and they looked. Few wanted to create, actually, most just enjoyed the view (hey, how many gardening exhibits do you know where you can see exotic plants without having to pay admission?), some tried to plant but soon got fed up when they noticed they'd have to know a bit about gardening.
And of course, in came also the ones that find pleasure in destruction, who wanted nothing but to destroy the creations. We had to fence them in, we had to hire guards for our creations so they wouldn't get destroyed. Often enough, those guards were not good enough and quite a few beauties are no more.
Personally, I wonder if it was a good idea to unlock those doors and pave some ways.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
"The labeling of the fake ad sellers as hackers is pretty bogus; there's no hacking involved. Simply sign up for one of these networks, create your fake site, put up another company's creative, and you're good to go."
.swfs as well as what is refered to as "rich media" which is often a few lines of code pasted into a file (usualy the code sources to a javascript) that serves up a redirected ad from another location. When these files are uploaded the database scans for malware that could potentially harm a computer system. More often than not these files are automatically turned off when the ad server detects an issue and emails the network administrator of the issue (presuming that the database of malicious software has been updated by the service provider a la google, microsoft, etc). Yes, on occasion something sneaks through.
.js file swapped out with the malicious software. Since this file has already passed the initial security check- it is not always scanned again for any potential exploits etc.
well yes and no. What we are dealing with here is a combination of both hacker (as i will describe shortly) and con artist (which i will also describe shortly). Its not quite as easy as you think...
This problem extends well beyond ad networks- but first lets take a look at the ad serving software. The primary databases used for serving ads are DART (now owned by google), Atlas (now owned by microsoft), Zedo and OAS. Ads are uploaded into these databases in a variety of formats. Typically limited to Jpegs, gifs,
Now onto how media is bought and sold. Typically when a site is approached for a request for ads, the publisher will ask the "agency" or "network" for a credit check. This is wear the mechanics break down- more often than not. Salespeople, especially green ones who (like most sales people) are both anxious to close a deal on remnant space AND are not aware of the ad serving technology and the potential for malicious intent, will cut corners and get the ads up. When these ads come in, they are loaded into the server- 99% of the time as real properly functioning ads. They click to the right locations and pass through the ad serving security services. A couple of days later, as the ad has been serving fine, the redirected urls (typically something like ads.somewebsite.com/324234/adserver/creative.js) have their
So- the quick solution is having ad networks and publishers take accountability for their sales people. It does not take much effort to find out if a "agency" can be trusted. I had one company recently try to pass of malicious ads but we traced their address back to a pizza parlor in LA (obviously a fake) after realizing no credit check was run. Second, and most important will be the methods of security taking by the major ad publishing softwares. Unfortunately, if you know anything about working with ad servers- critical updates move about as fast as html5 development (sllloooowww).
This is a good reason to block all ad sites at your corporate firewall. You'll probably cut your Internet bandwidth usage in half, too.
This term is used in all forms of advertising.
Why am I not surprised that this word is invented by a marketroid?
They want their headline back!
AdBlockPlus FTW!
Imagination drew in bold strokes, instantly serving hopes and fears, while knowledge advanced by slow increments...
To be honest, "fake" ads dragging you to a hateful, malware-spewing website is rather tame. The real fun was the banner ads that infected you directly, simply by viewing the flash.
*Sigh*
Just another reason to use adblock and noscript.
This work is licensed under a Creative Commons Attribution 3.0 Unported License.
Foxit won't always help as there have been several security flaws that worked in both foxit and acrobat reader. Some worked as-is while others had to be modified slightly to compensate for things being at different memory addresses. You can make it harder by disabling javascript in foxit (much easer to do than acrobat) so that a malicious pdf can't tailor the exploit used to your specific reader software.
So say someone clicks an ad at a reputable site to support them, which is actually malware which does 'software' damage(lost productivity, loss of PC uptime, etc) to a users PC by injecting something. Who becomes responsible? The end user? The content provider? Ad provider? Guy making the malware? Everyone? Last 3 people in the chain?
Answers to this? I realize those of us in the /. crowd are technically inclined, but the average person isn't. I really do start to expect heads to start rolling over this.
Om, nomnomnom...
That's what you get for clicking on ads. If I see something interesting I type the name of the company myself.
Because I sure as Hell ain't clicking on any ads, Honey. I blame the virus. I'm going to go dispose of these bad bad magazines right now.
I don't see any ads because I've got Firefox with Adblock Plus and Flashblock. In my case it's just a preemptive step to allow me to be able to read the page I'm visiting. Most pages are slathered with ads and the actual content - what I'm there to see - is crammed into a tiny corner of the page. With all the blinking, flashing (and sometimes talking) ads and my borderline epilepsy I would never be able to concentrate on the content.
I know this deprives the site operators of revenue but frankly I don't care. If you're enough of an asshole to put twenty ads on your page to compete with my attention for your content I don't mind shafting you. And I block Google's ads on principle. I don't really want Google to know what I'm doing every minute I'm on the Internet.
The rest of us don't have to worry about this nonsense. If it bothers you, get a mac. They don't have this problem. Instead, we just click merrily away at any old thing that catches our interest for a moment. You would like it. It's called browsing.
Help stamp out iliturcy.
I know there were plenty of scammers specifically targeting Final Fantasy XI community sites with these types of exploits to nab account details from players (and I'm sure WoW and all the other major MMOs were targeted as well). IIRC, that kind of activity was heaviest throughout 2007 and into early '08, although it seems to have died down a lot lately. Folks who got infected found their accounts getting hijacked, with their in-game money and valuables being shuffled off to mule accounts, where they're in turn sold off for real money.
All the more reason to use things like Adblock Plus, FLashblock, and NoScript (if you're using Firefox that is). I haven't seen an ad on my home or work computers in months.
Are YOU using the TOOL, or is the TOOL using YOU? Think about it!
...the next ad you click? Do people still do that?
If they started enforcing some rules and ensuring that the brainless pillock with a small dick and a credit card can only buy stuff from legitimate verified businesses then all the shite in the way of wonky banner ads, malware, scam and phishing sites would disappear overnight.
I haven't even seen an ad in years...what am I going to click on that's not there?
(Firefox-since 0.8ver.-before it was called Firefox, Adblock [plus], noscript, and flashblock)
Does this advirus run on Linux?
(kubuntu 5.04 thru 9.04-presently)
Down With Slashdot BETA!!! I've been around the corner and seen the oliphant; you can only abuse me from your perspecti
... "viral" marketing! Oh, honey, trust me, I'm not infected. I'll lick your abs if you click my ads!
Intellectual Property: an immaterial non-entity, most fiercely contended by those with no proper intellect to speak of.
In case you did not know it: Average click-rates of ads on the Internet are even below the number of random clicks that people do in error. I know, because I worked at a large company, and my colleagues studied exactly that.
0.1% click rate is something, that ad companies will open bottles of champagne about. Usually it's much less.
Which can mean both, that ad-blockers are used more and more, and that people subconsciously click less on ads, even when they did not want to click there.
In my eyes, all ad clicks on the net are such unwanted clicks, (and company-own-bots making some cash, ) and the whole industry is fake.
The biggest joke is, that as those prices, they could also bill the user trough a micropayment. Because if I remember it correctly, 1000 clicks costed roughly 50 €. At 0.05% click rate, this is:
50 € / 1000 clicks * 0.0005 (click rate) = 0.000025 € / page-view = 400 page views per cent that you pay.
Now that is a price that we all can live with, isn't it? Hell, I would pay ten times that, and still be ok with it.
All we need, is some micropayment system that can track all our page views, across all servers... Oh, wait!
Any sufficiently advanced intelligence is indistinguishable from stupidity.
So, who was it who modded me down "-1 Redundant"?
Mr. Webmaster up there whom I replied to??
OR
Was it some blackhat/botmaster/malware maker type???
(Perhaps it was a javascript coder who cannot handle that his "language" is busted badly in its DOM & causes all kinds of trouble online for others????)
Guess what - I truly have "freedom of speech" in my nation, but also here on this website as well (& nothing can stop me either, because the "A/C" post limits certainly do not & haven't for nearly 5++ yrs. here).
(After all - The types I mention now above, are the ONLY people whom my guide affects "adversely", & especially regarding HOSTS file usage & cutting off javascript usage indiscriminately everywhere, using it ONLY where a site cannot function properly w/out it)...
AND, like my topic of my post stated?????
Too bad for you webmasters!
(Get YOUR act's together BETTER, then, along with those that host your bushwhacking adbanners full of bogus scripts)
Because, once more: It's MY LINETIME, I pay for it, & tough cookies if you do not profit by getting adbanner clicks & such, you're NOT going to profit off of myself AND slow me down @ the same time (no way, & I'll tell everyone & anyone about this much + how to avoid it - @ 300,000++ views across 20++ forums or so this year? Good luck, the wave's started & others ARE "getting wind of it" & liking it, going both FASTER online AND more securely/safely also)...
AND, too bad for you botmasters & malware makers, ESPECIALLY! (be they virus/trojan/spyware/worm etc. et al)
See, I say that, because I KNOW that folks like myself are "getting to your kind" finally, as evidenced by Mr. Dancho Danchev's latest postings where YOU LOSERS IN PARTICULAR are definitely showing you're "taking a beating" by your very reactions of naming some of your bushwhacking site pages per ZDNet's Mr. Dancho Danchev's quote here -> http://ddanchev.blogspot.com/ via Mr. Danchev noting it also, via his statement also on that page of:
----
"You know you have a fan club, as well as positive ROI out of your research, when one of the most active blackhat SEO groups for the time being starts cursing you in its multiple redirectors, in this particular case that's seo.hostia .ru/ddanchev-sock-my-dick.php."
http://ddanchev.blogspot.com/ FROM HIS "From Ukrainian Blackhat SEO Gang With Love" ARTICLE
----
LMAO @ the botmasters, malware makers, & idiots of the same general ilk as well... and, to whomever modded me down - I state that, because it's obvious it's one of "your kind" who did so!
(You're the truly "lowest of the low", malware makers, alongside trolls online & the "wannabe english profs" (minus their PHD in English) that infest many sites technical sections on computing, & are totally off-topic w/ their spelling & grammar checking attempts but no actual proof of expertise in the English language to back it up (not that it'd matter - I've probably been speaking & writing this language longer than most of you & this site section isn't about "perfect grammar &/or spelling, making you fakes way, Way, WAY "Off topic"))
And people wonder WHY I post here as "A/C"?
Hey, imo @ least??
Anyone STUPID enough to register here only sets themselves up for EASY TRACKING by trolls (such as the arstechnica bunch, or the 4chan gang & those like they, who are generally so "technically weak", that's about ALL they have, as far as actual technical expertise in this field which is NOT much & IS "off-topic" - I wonder if the coward who "modded me down" has enough cajones to admit it, & then let me "rip him apart" in response? DOUBTFUL - most of that kind are worse "Anonymous Cowards" than us "A/C" posters are, by far).
And I
As a house call tech, I eventually just made up some little 3 inch stickers to put on my customer's monitor: NEVER CLICK ON ADS. Best antivirus tool ever.
~Just as a thing fails if it lacks a kernel, so too it fails if it lacks a skin. ~ Rumi, Discourses
I think you got modded down because your posts read like Timecube.
The name is Lacoste, due to the fact it was founded by legendary tennis player René Lacoste.
Hardly surprising coming from a nation who think McDonalds is a restaurant instead of a burger bar.
Well it sure is a good thing Slashdot just let me disable their ads!
What timing, I tell ya...
Since most ads display in iFrames, and the ads that iframe displays are iframes themselves, couldn't the last iframe be displaying an ad that's actually some HTML containing a drive-by attack? That was the sense I got when I visited a site with infected ads, didn't click on any, and got infected anyway.
P.S. I don't know why people are so hung up on ad block. What's the big deal? Pop-over/under ads are somewhat annoying, but the rest is just background noise. Ignore it.
Since most ads display in iFrames, and the ads that iframe displays are iframes themselves, couldn't the last iframe be displaying an ad that's actually some HTML containing a drive-by attack? That was the sense I got when I visited a site with infected ads, didn't click on any, and got infected anyway.
P.S. I don't know why people are so hung up on ad block. What's the big deal? Pop-over/under ads are somewhat annoying, but the rest is just background noise. Ignore it.
Only Apple computers and PDAs surf the web now? When did that happen? I knew I slept well last night, but I did not think I woke up in an Apple rules web.
If THAT is the "best you have"? Thanks... no technical substance, nothing but trolling (I wonder who the dolt is who "modded you up")?
I was "modded down" here, but even FUNNIER though, nearly the SAME POST from myself in another thread was modded up as "INSIGHTFUL" here -> http://tech.slashdot.org/comments.pl?sid=1255487&cid=28197285 for the same ideas I posted here... lol!
(Funny that, eh? Opinions vary - trolls like YOU though? Never do... & are TOO EASY to blow away, with contrary evidences such as my same ideas being modded up as they were in the link I just posted... lol!)
Thanks for proving my point... & yet, I do not see valid technical disprovals of the points I had made either, & yet!
APK
P.S.=> Anyone is free to read this reply, and my previous one, as well as the same ideas being modded upwards in another thread here, & decide for themselves, so you trolling webmasters/botmasters/malware makers & javascripters? Thanks for making ME look good, & attacting others to my posts, they can decide for themselves here, after reading my replies, and you b.s., after all... I have NO problems with that! apk
I was "modded down" here, but even FUNNIER though, nearly the SAME POST from myself in another thread was modded up as "INSIGHTFUL" here -> http://tech.slashdot.org/comments.pl?sid=1255487&cid=28197285 for the same ideas I posted here... lol!
(Funny that, eh? Opinions vary - trolls like the one that "modded me down" though? Never do, & hide from counter points or facing me directly as usual here... & are TOO EASY to blow away, with contrary evidences such as my same ideas being modded up as they were in the link I just posted... lol!)
If THAT is the "best you have"? Thanks... no technical substance, nothing but trolling directed MY way with the mod down (pitiful boys, & this is "the great slashdot"?) Not impressed guys, you're inconsistent as well!
SO - Thanks for proving my point... & yet, I do not see valid technical disprovals of the points I had made either... as per usual from the "trolls of slashdot"...
APK
P.S.=> Anyone is free to read this reply, and my previous one, as well as the same ideas being modded upwards in another thread here, & decide for themselves, so you trolling webmasters/botmasters/malware makers & javascripters? Thanks for making ME look good, & attracting others to my posts, they can decide for themselves here, after reading my replies, and you b.s., after all... I have NO problems with that! apk
I was "modded down" here, but even FUNNIER though, nearly the SAME POST from myself in another thread was modded up as "INSIGHTFUL" here -> http:///
tech.slashdot.org/comments.pl?sid=1255487&cid=28197285 for the same ideas I posted here... lol!
(Funny that, eh? Opinions vary - trolls like the one that "modded me down" though? Never do, & hide from counter points or facing me directly as usual here... & are TOO EASY to blow away, with contrary evidences such as my same ideas being modded up as they were in the link I just posted... lol!)
Dearest trolls: If THAT is the "best you have"? Thanks... no technical substance, nothing but trolling directed MY way with the mod down (pitiful boys, & this is "the great slashdot"?) Not impressed guys, you're inconsistent as well!
SO - Thanks for proving my point... & yet, I do not see valid technical disprovals of the points I had made either... as per usual from the "trolls of slashdot"...
APK
P.S.=> Anyone is free to read this reply, and my previous one, as well as the same ideas being modded upwards in another thread here, & decide for themselves, so you trolling webmasters/botmasters/malware makers & javascripters? Thanks for making ME look good, & attracting others to my posts, they can decide for themselves here, after reading my replies, and you b.s., after all... I have NO problems with that! apk
I've never clicked on an ad and I never will. Yay, I get to not worry now!
See my subject and this Oliver Day's SECURITYFOCUS.COM article titled "Resurrecting the Killfile" by Oliver Day, 2009-02-04 http://www.securityfocus.com/columnists/491 It seems that security experts tend to agree with you apk. Whoever modded you down is nothing more than some ignorant troll.
See my subject and this Oliver Day SECURITYFOCUS.COM article titled "Resurrecting the Killfile" by Oliver Day, 2009-02-04 http://www.securityfocus.com/columnists/491 It seems that security experts tend to agree with you apk. Whoever modded you down is nothing more than some ignorant troll.
See my subject and this Oliver Day's SECURITYFOCUS.COM article titled "Resurrecting the Killfile" by Oliver Day, 2009-02-04 http://www.securityfocus.com/columnists/491 It seems that security experts tend to agree with you apk. Whoever modded you down is nothing more than some ignorant troll.
"I think you got modded down because your posts read like Timecube." - by Anonymous Coward on Tuesday June 16, @09:06AM (#28346611)
Do you have a PHD in English? No?? Thought not. You have dyslexia, or ADD/ADHD, because your attention span is obviously deficient!
(That, or the topical material was "too much" for your 'dull brain' to 'drink in & digest')...
The latter points about ADD/ADHD, or Dyslexia on your part? That may not be your fault though - you're just "defective goods", lol!
By the by - the SAME post I have made here before, that was 'modded down' above??
LOL, it has been "modded up" before here -> http://tech.slashdot.org/comments.pl?sid=1255487&threshold=-1&commentsort=0&mode=thread&pid=28197285
So, so much for your "thoughts & opinions", which lack ANY technical substance to them, whatsoever!
(Hence, your posting as "A/C", & at least I 'sign off' on my A/C posts here (I don't register, because imo @ least?? Registered users are FOOLS - they are SO EASILY TRACKED HERE, for trolling purposes especially, it is NOT EVEN FUNNY!)
APK
P.S.=> You "trolls", thanks for modding me down actually - it attracts others to my posts (as "there is no 'bad press'"), & my rebuttals (to your substanceless b.s. replies & mod downs which lack any technical substance or proofs vs. my points) blow your kind away, with EASE... TOO easy! apk
As usual ac apk makes another solid point in favor of HOSTS files usage online, and this time, versus the tyrannical oppression going on over in germany lately regarding DNS and port 53 monitoring and how custom hosts files with hardcoded ip addresses can get users around such things as logging requests for udp port 53 here http://slashdot.org/comments.pl?sid=1270901&cid=28364263 so once more my original reply calling whoever modded apk down an ignorant trolls stands and even moreso on top of security experts like securityfocus.com's Oliver Day also noting hosts files may be the thing to return to nowadays versus dns exploits and far more as apk states.
As usual ac apk makes another solid point in favor of HOSTS files usage online, and this time, versus the tyrannical oppression going on over in germany lately regarding DNS and port 53 monitoring and how custom hosts files with hardcoded ip addresses can get users around such things as logging requests for udp port 53 here http://slashdot.org/comments.pl?sid=1270901&cid=28364263 so once more my original reply calling whoever modded apk down an ignorant trolls stands and even moreso on top of security experts like securityfocus.com's Oliver Day also noting hosts files may be the thing to return to nowadays versus dns exploits and far more as apk states in his original post here which was modded down by some troll.
[mods, please don't mod this one up beyond 1. I'm not using my karma bonus either, as I don't want anyone coming across the whole open post at work, without seeing the warning first, just in case there's a humorless censor policy involved. But I stand by my posts and therefore it's not AC. If I lose a potential job as a result, so be it, I'd be unhappy working there anyway.]
I expect all cookies are "tracking cookies" to the malware detector, tho it may not see the per-session cookies at all, because most browsers keep those in memory only -- they never hit disk.
FWIW, for cookies, a decent browser these days allows per-site choice. You set a default (which is off, here, or ask, I'd never consider on a valid cookie default), and then have per-site exceptions. For ask, the default answer to the prompt should then be no, with the remember my choice set, so it remembers it for that site. In this way, in a week or two, the sites one normally makes the rounds of are already set and the level of bother drops dramatically.
Another option that helps is the turn all cookies into session cookies option (IOW, don't honor the expires tag, since no tag is assumed by convention to mean session only). The way I work it here, I have privoxy set to session cookies only, thus stripping the expires tag off of all cookies it sees (it doesn't handle https at all, passing it straight thru unfiltered, so those cookies get thru with the expires tag intact.) Then I set the browser's cookie options as I want, normally off with exceptions tho that's not so critical now, and don't worry about it, because they'll all be forgotten at the end of the session anyway. If I want a particular site's cookies saved, I set an exception in privoxy first, so the cookies for that site now come in with expires tags, and then set the browser options to save cookies for that site (the option can usually handle downn to specific URLs if desired, but per-site is generally good enough and much less management hassle).
If all cookies are treated as session cookies, it eliminates the cookie issues on shopping sites and the like, but login cookies aren't saved between sessions, so you have to login once every new browser session.
FWIW on the condoms thing, it's simply the oil vs water based lube deal. Oil eats rubber, so for both condoms and rubber/silicon/plastic sex toys, oil-based lubes, including vaseline, are a no-no. Water based lubes such as the various glycerin/water based lubricating jellies (KY, and most of the stuff you'd see at sex shops these days too, since oil damage to both condoms and toys is well known in the industry, and it can be a literally life and death thing when you're depending on that condom to prevent AIDS) are fine with rubber, etc. However, water/glycerin based tends to dry out faster than oil under conditions where lube may be needed in the first place, and applying more can make it too thick after awhile, so if that is found to be an issue, rather than going back to oil as one may be tempted to do, consider simply keeping a squirt bottle of water or water pre-thinned lube around, to renew the moisture level only, when necessary.
Wow, I feel like I was just browsing around, and just came across and edited a wikipedia article on some kink or another now, for some reason! =:^)
Duncan
"Every nonfree program has a lord, a master,
and if you use the program, he is your master."
R Stallman
http://slashdot.org/comments.pl?sid=1270901&cid=28364263 So much for your trollish b.s. that has no technical merits whatsoever, eh Trolls? I strongly suspect that would actually work, when not much else would or as easily, vs. udp port 53 DNS requests by users (vs. the tyrannical measure being put in place in Germany lately online).
(Heh - Between that, my original post, & what MEK put up regarding HOSTS from securityfocus.com, it has TRULY been a pleasure watching you all RUN LIKE SCARED RABBITS from backing up your mod down of myself and also lacking any technical backing vs. my original points here, as regards HOSTS file usage)...
APK
P.S.=> Nothing like putting ccwardly trolls in their places... they're the worst "A/C's" of all, & this site? It's RIDDLED with them... apk