Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google AdSense Click Fraud Made Possible By Uncloaking Advertisers' Sites

Posted by samzenpus on Monday September 28, 2015 @09:15AM from the protect-ya-neck dept.

An anonymous reader writes: A Spanish researcher claims to have uncovered a vulnerability in the security procedures of Google's AdSense program which would allow a third party to manipulate clicks on Google's syndicated ad service by 'de-cloaking' the obfuscated advertiser URLs that Google AdSense placements provide as links. He has also provided downloadable PHP files to show the exploit in action.

1 of 50 comments (clear)

Min score:

Reason:

Sort:

Re:Java != javascript by Anonymous Coward · 2015-09-28 09:46 · Score: 2, Informative

It's absolutely not. Look at Figure 1 of the PDF you linked. They show JavaScript code (that is clearly identified as such for someone who doesn't even know what it is), but call it Java code. They even go on to call JavaScript files Java files. These are two totally different things. I didn't bother reading any more, but I am sure this is consistently wrong throughout the paper.