Malware Delivered By Yahoo, Fox, Google Ads
WrongSizeGlass writes "CNET is reporting that Avast has tracked over 2.6 million instances of malware that have been served up to unsuspecting web surfers since last December by ad services such as Yahoo's Yield Manager, Fox Audience Network's Fimserve.com and even some from Google's DoubleClick. Some high-profile sites include The New York Times, Drudge Report.com, TechCrunch and WhitePages.com. The practice has been dubbed 'malvertising.'
I usually suspect the users of 'careless web activity' when I delouse a PC, but now I'm going to have to give some the benefit of the doubt."
rather than a poor pathetic web, because there's no money to be made, because everyone blocks ads
so go ahead and block ads if you like, but shut up about it. there's no joy in boastfully "advertising" the practice. only a less vibrant web for everyone
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
Yes becasue it is an established fact that Fox has no bias, and will free the vegetables watching alternate news sources. Your post is so stupid. Did you know there are such things as LESS biased news sources than Fox or MSNBC? (Notice I didn't try to claim news sources with NO bias. That would be impossible.) Try getting news about your country from various news sources OUTSIDE your country. Then see how funny you stupid little joke is. You will discover that the world is laughing at you.
"Clicking not necessary." - by julesh (229690) on Tuesday March 23, @10:24AM (#31583344)
That's right... & here is an answer for you - CUSTOM HOSTS FILES and why/how they are SUPERIOR TO BROWSER ADDONS:
----
1.) HOSTS files eat no CPU cycles like browser addons do no less!
2.) HOSTS files are also NOT severely LIMITED TO 1 BROWSER FAMILY ONLY... browser addons, are. HOSTS files cover & protect (for security) and speed up (all apps that are webbound) any app you have that goes to the internet (specifically the web).
3.) HOSTS files allow you to bypass DNS Server requests logs (via hardcoding your favorite sites into them to avoid not only the TIME taken roundtrip to an external DNS server, but also for avoiding those logs OR a DNS server that has been compromised (see Dan Kaminsky online, on that note)).
4.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than DNS servers can by FAR.
5.) HOSTS files also allow you to not worry about a DNS server being compromised, or downed (if either occurs, you STILL get to sites you hardcode in a HOSTS file anyhow in EITHER case).
6.) HOSTS files are EASILY user controlled, obtained (for reliable ones -> http://en.wikipedia.org/wiki/Hosts_file ) & edited too.
7.) HOSTS files aren't as vulnerable to "bugs" either like programs/libs/extensions of that nature are, OR even DNS servers.
8.) HOSTS files are a solution which also globally extends to EVERY WEBBOUND APP YOU HAVE
9.) HOSTS files are also EASILY secured well, via write-protection "read-only" attributes set on them, or more radically, via ACL's even.
10.) ADBLOCK DOES NOT ALLOW A USER DIRECT EASILY EDITABLE CONTROL OVER WHAT IT BLOCKS & HOSTS do, via texteditors like notepad.exe (afaik, @ least - feel free to correct me IF I am in error here (thanks)).
11.) AND, LASTLY? SINCE MALWARE GENERALLY HAS TO OPERATE ON WHAT YOU YOURSELF CAN DO (running as limited class/least privlege user, hopefully, OR even as ADMIN/ROOT/SUPERUSER)? HOSTS "LOCK IN" malware too, vs. communicating "back to mama" for orders (provided they have name servers + C&C botnet servers listed in them, blocked off in your HOSTS that is) - you might think they use a hardcoded IP, which IS possible, but generally they do not & RECYCLE domain/host names they own, & this? This stops that cold, too! Bonus...
----
Want a GREAT HOSTS FILE, that's kept up to date, daily? See here:
http://hosts-file.net/?s=Download
(Mine's actually BETTER than that too! (As I combine it with ALL THE KNOWN SOURCES for reliable HOSTS files -> http://en.wikipedia.org/wiki/Hosts_file (and far more too, like Spybot S&D & other reliable/reputable sources NOT listed on the wikipedia page for HOSTS files))
I "integrate them" into my HOSTS file using a tool I wrote to do so... It currently parses & processes (removes repeated entries for a form of 1NF type "normalization" (sort of, this is NOT a database is why I note that much) & for 2NF normal form, I remove trailing blanks from entries PLUS I alphabetize them (for faster B-Tree inserts processing in the local diskcache, because odds are, it uses that (binary trees & binary searches ROCK for speed... Tri-E is even a bit better imo)).
It does almost 1 million KNOWN BAD SITES &/or SERVERS (Name servers & botnet C&C servers too) in about 1.1 hours time...
Which is NOT bad, considering its my "2nd round prototype" written in Borland Delphi 7.1x + Inlined Assembly code, for the FASTEST POSSIBLE STRING PROCESSING TIMES THERE ARE, bar-none (faster than MSVC++ @ least even)) & considering I don't have a thing like Access' "JET ENGINE"
"1 is flat-out false." - by geekboy642 (799087) on Tuesday March 23, @11:53AM (#31584656)
Tell us then, how does a mere filter (which is all HOSTS are really) eat CPU cycles compared to ADBLOCK or other webpage parsing tools? You load the HOSTS file & the IP stack avoids those sites is all... this is FAR LESS CPU CONSUMPTION than ADBLOCK has, which has to parse every page you visit.
----
"4, while true, is pointless. A far better (and simpler, easier) job of this can be done with a local caching DNS server." - by geekboy642 (799087) on Tuesday March 23, @11:53AM (#31584656)
LOL, ask Dan Kaminsky about DNS servers (especially recursive ones), ok?
----
"6 is stupid and wrong. Text editors that can easily handle 30MB of text are rare under Windows, and nobody should ever do that anyways." - by geekboy642 (799087) on Tuesday March 23, @11:53AM (#31584656)
Now who's telling falsehoods? I have been editing files that large on Windows (both 32 & 64 bit) for DECADES, & they are larger than 30mb!
----
"7 is completely stupid. There might be bugs in Window's HOSTS implementation. If there are, they will never be corrected. An AdBlock bug, or a DNS server bug, will be corrected within hours at the longest." - by geekboy642 (799087) on Tuesday March 23, @11:53AM (#31584656)
The name tossing & profanities are your undoing - again: Lookup Dan Kaminsky & tell us that DNS servers are "completely reliable", lol...
(Give me a break, & learn a thing or two, ok?)
----
"9 is completely false. Any malware that doesn't have admin access can get it trivially, under any Windows platform. It is impossible to lockdown the HOSTS file to the point that an admin-level malware cannot interfere with it." - by geekboy642 (799087) on Tuesday March 23, @11:53AM (#31584656)
Oh, really? Tell you what then, get to mine... ok??
(Good luck!)
APK
P.S.=> By the way, LEARN TO READ (I said it was NOT A DB... my god, illiteracy seems to abound here, as well as skimmning):
"It takes you over an hour to process one million db entries? That's shameful. What are you doing that takes 4ms per entry? And why wouldn't "cat HOSTS | sed -e 's/[\t ]+/ /g' -e 's/[ ]+$//g' | sort -dfu" be faster and easier than processing text in assembler?by geekboy642 (799087) on Tuesday March 23, @11:53AM (#31584656)
Again, here is what I said, so learn to read (please?) & I wonder who the fool is who "modded you up" for all your screwups here was??
http://tech.slashdot.org/comments.pl?sid=1592276&cid=31583826
"I "integrate them" into my HOSTS file using a tool I wrote to do so... It currently parses & processes (removes repeated entries for a form of 1NF type "normalization" (sort of, this is NOT a database is why I note that much) & for 2NF normal form, I remove trailing blanks from entries PLUS I alphabetize them (for faster B-Tree inserts processing in the local diskcache, because odds are, it uses that (binary trees & binary searches ROCK for speed... Tri-E is even a bit better imo)). - by Anonymous Coward on Tuesday March 23, @10:58AM (#31583826)
Again, literacy... it's not your "Strong suit", apparently. Those are my own words quoted.
apk