PDA

View Full Version : SDMB session hijacked by advertisment


Tranquilis
01-03-2011, 11:35 AM
Whilst viewing this thread (http://boards.straightdope.com/sdmb/showthread.php?p=13311850#post13311850), at 11:27 US EST, my page (and session) was hijected and redirected to the following page:

http://ib.adnxs.com/tt?id=65439

That means that the advert on the page was running some kind of script that did, with intent, take over and redirect my browser.

Vista (SP1)
IE 7.0.6001.x

TubaDiva
01-03-2011, 11:52 AM
Reported.

Indyellen
01-03-2011, 01:14 PM
Just another voice to say I got hijacked by that one too, in this (http://boards.straightdope.com/sdmb/showthread.php?t=591385) thread.

Windows 7
IE 8

Quartz
01-03-2011, 07:08 PM
This (http://www.theinquirer.net/inquirer/news/1932033/firms-offering-hdd-malware) article may be of interest.

srzss05
01-03-2011, 07:14 PM
I've got adblocker and flash blocker turned on (IE8) and both of the above threads bypassed it, with the same ad on both.

Idle Thoughts
01-03-2011, 07:51 PM
Just happened to me while on the main page of forums. It was redirected to a Toyota ad.

samclem
01-03-2011, 08:06 PM
This (http://www.theinquirer.net/inquirer/news/1932033/firms-offering-hdd-malware) article may be of interest.

Tut, tut. We've been assured by a former moderator of a very large board, that this kind of thing only happens at the SDMB. No one has been able to produce evidence that this is happening on other boards. Just the SDMB. :rolleyes:

Garfield226
01-03-2011, 09:09 PM
Tut, tut. We've been assured by a former moderator of a very large board, that this kind of thing only happens at the SDMB. No one has been able to produce evidence that this is happening on other boards. Just the SDMB. :rolleyes:
And just how does that article provide evidence that it's happening on other boards? Can you name one, using that article?

:rolleyes: yourself.

samclem
01-03-2011, 09:48 PM
Tut, tut. We've been assured by a former moderator of a very large board, that this kind of thing only happens at the SDMB. No one has been able to produce evidence that this is happening on other boards. Just the SDMB. :rolleyes:

And just how does that article provide evidence that it's happening on other boards? Can you name one, using that article?

:rolleyes: yourself. I assume that this article wouldn't be just based on our experience at the SDMB. Wouldn't you? I doubt we're that big a deal. I could be wrong.

Garfield226
01-03-2011, 10:09 PM
I assume that this article wouldn't be just based on our experience at the SDMB. Wouldn't you? I doubt we're that big a deal. I could be wrong.

So you can't name one then? After that incredibly condescending, high-and-mighty post, you can't actually name another board that has been affected, based on that single article posted not by a mod or admin (who have been repeatedly asked which other boards are affected, when they make those claims), but by a member?

Not one?

The article talks about ad networks. Which may or may not serve message boards. It doesn't, as far as I could tell (in either the linked article or the blog post linked from the article) mention message boards at all. I don't think anyone here is surprised to find out that ad networks serve up malware. We know. All too well, in some cases.

Further, I don't think anyone has seriously suggested that this sort of thing doesn't ever happen, even on reputable Web sites. The linked blog post mentions an msn.com subdomain and msnbc.com.

What many members have questioned was that there are other message boards of the SDMB's size and generally non-scuzzworthy topic matter who have recurring problems with malware.

Can you name one?

Tut, tut. We've been assured by a former moderator of a very large board, that this kind of thing only happens at the SDMB. No one has been able to produce evidence that this is happening on other boards. Just the SDMB. :rolleyes:

Come on, Sam, was that response really warranted?

Can you name one of those other boards?

The answer to both of those questions is the same.

As an aside, TubaDiva handled this appropriately. That is appreciated.

SkipMagic
01-04-2011, 11:49 AM
Posting solely as a board member (as opposed to, at this point, a sometimes staff member used as a gunslinger for board technical issues), I'm wondering why, since malware advertising is an industry-wide problem for all kinds of sites, reputable and not, there's this push to come up with examples of other message boards having this problem. Since the majority of--if not all--of the major ad networks are being tricked into showing malware ads, I think it stands to reason that out of the billions of ad-supported message boards out there, there are going to be quite a few who suffer from unintentional malware. Common sense will tell you that the SDMB does not stand alone.

Rubicon has its fair share of problem ads, sure; however, Yahoo, Google and Microsoft have the exact same problems, and they're much larger than Rubicon when it comes to ad delivery. Plus, downstream of those providers, high profile sites such as The New York Times, TechCrunch and the Drudge Report (http://news.cnet.com/8301-27080_3-20000898-245.html) have been victims much like the SDMB.

But, okay, while I think examples of other message boards aren't really going to add anything to the conversation (except to satisfy a demand that is nonsensically specific), here are a few:

Gaia Online (http://www.gaiaonline.com/forum/site-feedback/help-us-track-down-malware-ads-updated-2-26/t.38309615_1/)
Gaia Online (https://www.gaiaonline.com/forum/questions-assistance/gaia-ads-malware-cookie-mur-firefox-crash/t.51235591/)
IGN Boards (http://vnboards.ign.com/board_updates_issues_questions/b5335/110197654/p1/?5)

The two Gaia links are separated by a year ending in 2009. They continue to have problems, though, as evidenced by numerous threads posting about malware in the middle of December, 2010 (http://www.gaiaonline.com/forum/chatterbox/is-gaia-carrying-malware/t.67845255/?_gaia_t_=3934). Their approach, from what I could find, is to do the same as the SDMB:

Yes, some of the sponsored offers have been known to install malware on your computer. Be sure to report which ones you did to Gaia that gave you malware so they can remove them.

Basically: "Let us know who the villains are and we'll axe the ads."

Both Gaia Online and the IGN Boards are, according to BigBoards, a couple of the largest boards currently running, with Gaia holding the top position. So, regardless of size, and as mentioned above, this is an industry wide issue affecting quite a few reputable ad-supported sites.

Lord Ashtar
01-04-2011, 12:06 PM
I think Garfield226 is taking a gratuitous shot at ShotfromGuns.

samclem
01-04-2011, 07:23 PM
I think Garfield226 is taking a gratuitous shot at ShotfromGuns.
Nope. He was getting on me for taking such a gratuitous shot.

But, as Skip nicely provided, the SDMB isn't the only one getting these problems.

BigT
01-04-2011, 09:15 PM
Posting solely as a board member (as opposed to, at this point, a sometimes staff member used as a gunslinger for board technical issues), I'm wondering why, since malware advertising is an industry-wide problem for all kinds of sites, reputable and not, there's this push to come up with examples of other message boards having this problem.

It's because most of the sites we visit don't have this problem. And it isn't unheard of for the mods to defend Ed even when he's demonstratively wrong. Plus, there's the whole thing that happened back 2008 that splintered the board and created a lot of animosity that is still being felt to this day. Animosity means aggressive nitpicking.

I've known for a while that the Flash advertising system is inherently insecure, and have advocated using Firefox with Adblock Plus for the layman who doesn't want to put up with FlashBlock and NoScript. Flash is just allowed to do way too many things.

But even I'd been convinced by all the people claiming that the Dope got it worse than anywhere else. That's how strong this is.

elbows
01-05-2011, 08:02 AM
If my computer gets hit by malware, I am not savy enough to deal with it myself. I wouldn't know where to start, honestly. I'd be forced to pay someone to fix it for me, money I can't afford just now. The risk of getting reinfected would keep me from returning.

Believe I'm the only one in that position, if it helps you sleep at night.

I think it's telling that posts that are deemed 'trolling' are dealt with swiftly, disappeared without a trace, mods vigilantly on top of it.

But ads serving up malware to paying customers, get a trite 'reported', (to whom? and their action will be, to do what exactly? Respond quickly and effectively?), and then the same old excuses get offered up.

It's happening everywhere! No, it's not. It is happening other places, but it does not affect many, many other sites (frequented by posters) with the frequency of this one. This point never gets addressed, is always glossed over. What are those sites doing differently?

In my opinion it's time to stop appealing to the mods to address an issue they either cannot or will not take seriously enough to do anything about. They are clearly incapable of assisting us. CLEARLY. I don't care if their hands are tied, blah, blah, blah, that don't help me.

We're freaking weary of hearing the same old story; 'happens to everyone, we'll report it'. Clearly they are powerless to do otherwise. And, understadably, have grown deaf to our issues, over time.

From this point forward I think we should stop complaining to these people about this.

In future, I believe, all issues regarding the appalling lack of customer service on this, should be sent directly to Creative Loafing.

Seriously, how would it be any different to be ignored by them? Six of one, half dozen of the other, to my mind. Who knows, perhaps they'll find it as annoying, as say, malware?

And maybe, just maybe, we can get someone, anyone, to care enough to take action. Action, not excuses, is what's called for.