Not sure who to notify of this anymore, so thought I’d post it here.
Was reading the iCarly thread when a java exploit tried to hit and my system was hit with the “Antivir Solution Pro” variant of the “Antivirus Soft” family. Cleaned the system then hit the same thread to be served the same exploit again, verifying it is coming from this site and probably from an ad being served in that thread.
It nailed me twice in the last 2 days. It’s a nasty mother.
Do you have the latest Java? I’m just curious if it has an exploit already.
That’s one of the reasons I run NoScript. I don’t disable Javascript here, but I do disable Java.
This seems to be a near-continuous problem here. I started a discussion on this a couple rounds ago here.
I was viewing the forum topic list in GQ just now when IE warned me that it had blocked a pop-up.
My investigation from last time revealed that the SDMB is using more than one ad serving outfit. Aside from interactions between them causing problems, this also means that it is difficult to discover which one is serving up the nasties.
This is the only forum (out of many) that routinely serves up annoying ads (pop-ups, sound, and so on) and malware to me. Addressing this, frankly, does not seem to be a priority here.
Are we seeing any screen shots about this problem?
If we don’t know who/what it is that makes it difficult to track the problem.
Need more than just beefing, give us something to work with here, please.
I’d love to give you a screen shot but I can’t even get my original one working – I’m waiting on the IT guy to swab it down. The secong time it happened, on a spare terminal, I jerked the power cord out before it got burrowed in.
Last time (see my linked post in earlier reply) people (including me) provided URLs.
How often do you expect users to get hit by something and then try to get hit again to provide this info?
IMHO, the onus is on management to fix this once and for all. It is obvious (from out here in the cheap seats, anyway) that you have at least one advertising supplier who just doesn’t care if they’re pushing malware.
Eventually, news of these ongoing issues is going to make it to things like SiteAdvisor, and users will get warnings when trying to navigate to this site. That would be bad.
Chiming in again to politely point out that things like this are ***the main reason ***I haven’t yet bought a membership. Plenty of sites function just fine without subjecting their nonpaying members to intrusive advertisements, and yet the SDMB has not only annoying ads but dangerous ones. I *don’t *like feeling that I’m being pushed to subscribe to avoid being infected.
So, in at least one case, your decision to display ads that can be exploited in this way has resulted in a *drop *in revenue for the site.
I was just coming in here to start a thread about this, but I see it’s not a new problem.
I appreciate that it’s difficult to fix a problem we can’t show you an example of, but surely you understand that the example you’re asking for is impossible for us to provide, what with the malware fucking our PCs all to hell, right?
I spent the last hour fixing this. I’m annoyed. It’s not our job to help you remove malware from the site. It’s your job to make sure that your site isn’t destroying my computer.
Of course, one could argue that we shouldn’t have to use an ad blocker just to post here, but it looks like this is our only choice at the moment.
I’d be interested if any of the people whom are being affected by this would answer the question posed by Big T. Since we have some people obviously affected by this, and (I’m assuming) many more times that number unaffected, it might prove helpful to know.
I’m certainly not in the know about such things, but curious why some number x of posters are affected by this, but not some number xxxx.
In IE, I see an option to enable “scripting of Java applets”, but I see no option to disable Java in general. In other words, I’m unclear on Big T’s question.
I’ll note that this is not a user problem, it is ultimately a problem of the SDMB’s ad providers. I suggest that “Become a Member and avoid malware!” is not a strong selling point.
And, I’ll agree with others that when one has idly clicked on a link to a thread, and one’s computer starts going spastic, one is not primarily concerned with taking screen shots. In my experience, there hasn’t even been a screenshot of the SDMB page to take; the browser window has been claimed by the malware.
I don’t think they are interested in the SDMB page.
Well then beefing it is!
Ah, that’s what I’m trying to find out. Is it a user problem, or a board problem. I have no dog in this fight.
I think some light may be shed on the subject if any users who have this problem can respond with information.
I wish I were as knowlegeable as xash. He could possible help.
My question was actually whether you are running the latest version of Java. Some earlier versions definitely have exploits that are well documented. If you are not, you need to upgrade.
The reason for pointing out that I turn Java off on this site is so you understand why I don’t know if running the latest version will fix the problem. It’s just a suggestion.
As for how to do it in IE–I’m guessing it would have something to do with the ability to disallow ActiveX objects. If you don’t mind disabling the Java plugin completely, you can always do it by Tools > Internet Options > Programs > Manage add-ons > Toolbars & Extensions > IE8 -> Tools -> Internet Options -> Programs -> Manage add-ons -> Toolbars & Extensions -> select Java Plug-In and right click + disable.Java Plug-In and right click + disable. There’s honestly very little Java left on the web, so chances are you won’t even notice.
But if so many people are getting this, it may not be a Java exploit at all, or, at least, that may be only one way the problematic code works.
I will remind people not to click on any unexpected “warnings”, and to close out the program (using Ctrl-Alt-Delete) when they appear. And, whatever you do, do not allow a program to download itself. Code that does that is technically not an exploit, and will never be fixed.
Board problem, not user.
Java has some vulnerabilities, but Adobe Reader and Flash are the worst offenders lately. Lots of vulnerabilities in the pdf javascript engine, ads can serve up a pdf file that exploit the engine’s vulns.
Well, I would be willing to bet that there are a number of other posters, or at least one (me) who have just given up reporting this sort of thing and have lost hope that the SDMB might someday become a secure site.
A couple of days ago my Norton caught a couple of intrusion attempts while visiting here. I went to Windows Update and there were a number of security updates available that came out that very day, since I ran the updates I haven’t had further issues. I did not even bother to mention it because the standard response here is that it is the customer’s fault.
So check for updates manually if your computer hasn’t prompted you to yet.
The SDMB tech person(s) appears to be unaware of their level of incompetance, or the admins don’t care, or someone at the ad provider is screwing the right people. I simply don’t care which it is anymore and rely upon my own security programs to protect me while I’m here.
Which they alway do protect me, and they really shouldn’t have to. And these security issues happen no where else that I visit.
My IT guy added a couple of antivirus progams so I’m hoping that will take care of it. I do have the latest upgrade for java, he downloaded it while he was poking around. I would like to add a popup blocker but I need to make sure I download it from a site that is safe. I’m running IE 7; anyone know a safe place to get a pu blocker?
If you want to continue running Internet Explorer, you should upgrade to IE 8; IE 7 is insecure. IE 8 has a built in pop-up blocker.