Big red warning page at SDMB

Lately (the last couple of weeks?) when I’m here at SDMB, my browsing is frequently interrupted by a solid red screen with a box that says: “Deceptive Website Warning. This website may try to trick you into doing something dangerous like installing software, or disclosing personal or financial information…” There are a pair of click boxes, one says, “Show Details,” the other says, “Go Back.”
Because I’m suspicious and a coward, I’ve never clicked either box. I just simply quit my browser (Safari 12.0.3) and then relaunch it.
So, Dopers, what’s going on?

[Moderating]

Moving to ATMB, since this is About This Message Board.

Probably the ads. There are malevolent ads here that the Powers that Be accept as a side effect of whichever bargain basement ad provider they use.

A solid red screen? Damn Commies!!! :smiley:

I would probably do just what you are; close and relaunch with cookies cleared. Unless you have some sort of set-up and get the same screen other places I expect its some sort of clik-bait ad pony-backing from the provider.

Precisely correct.

If you know how, one thing you could do is bring up the source code of the page and look for the ad provider. Or you could save the page (Ctrl-S in Google Chrome, so probably Cmd-S in Safari) then open the page in a simple text editor - whatever is the Mac equivalent of Notepad - and search there.

Where are the real warnings, such as “Danger! This site may cause you to spend far too long on pointless arguments! Get some sleep!”

We cannot fairly evaluate what is going on if we don’t know what you’re looking at.

Is it a bad ad being served up to you by the site? That’s always a possibility but increasingly a rare occurrence; the STM advertising department does look out for that sort of thing. If they find a problem ad they not only remove the ad, they stop doing business with the ad supplier. That has gone a long way towards reducing the frequency of this problem. Doesn’t mean 100% won’t ever happen again, there’s always that chance that one got past them; usually that’s how it works, a malicious ad gets slipped into the stream with legitimate ones. But they do police for it regularly.

It’s also possible you may have picked something up in your travels around cyberspace that is being triggered by the ad coding in Straight Dope pages; that kind of delayed trigger is common in dodgy ads. Again, not much we can do about it, as the coding on the site is for legitimate purposes, it’s being hijacked.

This is an older thread on the board on the subject but may be useful:

https://boards.straightdope.com/sdmb/showthread.php?t=538187

If you see this warning again, please make note of it. A screenshot would be even better. Send it to me at TubaDiva@aol.com. That will give me something to show to the tech people and the advertising department and we can start checking it out.

As always, if any of you see anything suspicious or out of the ordinary, please report it. We want your experience to be as good as possible and that means tracking down outside problems like this and removing them from the site. But we can’t fix what we don’t know about.

Thanks.

Jenny
your humble TubaDiva
Administrator

We cannot fairly evaluate what is going on if we don’t know what you’re looking at.

Is it a bad ad being served up to you by the site? That’s always a possibility but increasingly a rare occurrence; the STM advertising department does look out for that sort of thing. If they find a problem ad they not only remove the ad, they stop doing business with the ad supplier. That has gone a long way towards reducing the frequency of this problem. Doesn’t mean 100% won’t ever happen again, there’s always that chance that one got past them; usually that’s how it works, a malicious ad gets slipped into the stream with legitimate ones. But they do police for it regularly.

It’s also possible you may have picked something up in your travels around cyberspace that is being triggered by the ad coding in Straight Dope pages; that kind of delayed trigger is common in dodgy ads. Again, not much we can do about it, as the coding on the site is for legitimate purposes, it’s being hijacked.

This is an older thread on the board on the subject but may be useful:

https://boards.straightdope.com/sdmb/showthread.php?t=538187

If you see this warning again, please make note of it. A screenshot would be even better. Send it to me at TubaDiva@aol.com. That will give me something to show to the tech people and the advertising department and we can start checking it out.

As always, if any of you see anything suspicious or out of the ordinary, please report it. We want your experience to be as good as possible and that means tracking down outside problems like this and removing them from the site. But we can’t fix what we don’t know about.

Thanks.

Jenny
your humble TubaDiva
Administrator

Thanks, all. And thanks, TubaDiva. If it recurs, I’ll send you a screen shot (and the code if I can capture it). Meanwhile, I’ll go work my way through that older thread.

Joe

it’s okay to feel apprehensive … issues such as this should never be taken lightly. as technology advances … so, also, hacker’s deployments advance. if someone ridicules/mocks you for being worried or nervous … they are either a troll, a bully or both. based on what i have been reading … i refuse to click anything (allow-cookies, choose-no-email, survey, block-ads, etc). so, what happens? the page turns 75% black … rendering that webpage/website useless. its their problem and not mine … i will not submit to their bullying tactics … there’s other fish in the sea. i have even gone to the brick-n-mortar library and researched using old-style index-cards … if the info i need is that vital.
[ul]
[li]getting source-code is admirable … but not at the risk of circumventing your computer’s safety.[/li][li]taking a quick screen-cap*(ture)*s is admirable … but, do so while exercising same caution.[/li][li]closing the window and/or browser is best.[/li][/ul]
should this happen again … i would suggest the following:

viewing source-code:

if your browser has a “hot-button” (quick-link) at top of the browser-frame to view source-code, that might be okay to click. your browser also might offer a “hot-key” (keyboard punch) … so your mouse can remain stationary and your fingers interact only with your keyboard. firefox’s hot-key for viewing source-code is “ctrl +u” … chrome may have the same hot-key … check into your browser’s hot-key beforehand. safari is a bit different … default value may be set at ‘disabled’ … need to configure within the preferences.

main thing is … to “view source-code”, do not right-click your mouse inside the browser-window. javascript can capture your mouse’s movements using “onclick” function. in fact … do not allow your mouse-cursor inside the browser-window. if your browser is set at maximum-view, deftly go around perimeter of the browser-frame with your mouse-cursor … since, javascript can also capture mouse-movement using “onfocus” function. if your mouse can get to menu/options/source-code … and you’d move your mouse down to the “view source-code” option … since the mouse is now in front of the browser-window … javascript probably would capture that too … all depends on the ‘dom’ the javascript has been interacting with.

you may not yet be aware of this … if present, malware can infect you by a webpage simply displaying … using javascript “onload” function. these are called ‘drive-bys’ … and they can wreak havoc same as any other infection.

used to be, back in the 90’s, one could add “view-source:” to the front of any website’s url.


so … https://www.straightdope.com  would  then  become  view-source:https://www.straightdope.com  in  the  address  bar.

rather than the webpage appearing, a text-document would be displayed inside the browser-window … containing the source-code of the page. as far as i’ve researched … this method would not initiate/engage any javascript actions. in fact, i tested the above ‘pre-url’ just now … https does allow this feature. you might wish to try this right now.

even though certain websites disable “view source-code” by using javascript or php coding … the above pre-url feature overrides/circumvents that barrier. more importantly, this feature should work across all browsers … not certain about working across all devices. it should be noted … there’s also websites that you can paste a webpage-url into … and that website will display the webpage’s source-code for you within it’s own webpage. i will offer a link below. keep in mind, those websites are offering a *‘free’ * service. since nothing is ever free … you and i can pretty well ascertain the website offering this service is also collecting data from us. this probably is documented within their ‘eula’ (privacy, terms, conditions, etc.) webpage.

at any rate … your computer’s safety is more important than reading/copying any source-code … so, don’t bother … unless you feel comfortable doing so.

obtaining screen-cap(tures)s:

since this, obviously, is not the first time you’ve questioned ads (and other nefarious goings-on) … you should already know how to make screen-cap*(ture)*s. on windows, it is the prt-scrn on top-right of keyboard. if your device is a laptop, use prtsc while depressing the fn key. mac-users have different keys to press … shift/command/3 … which auto-saves to *.png image file on desktop. i have no idea about other devices such as cell-phone, tablet or whatever (i don’t use 'em) … am sure each device can garner a screen-cap.

closing browser-window:

if the browser stops responding, and you feel trapped, click ctl/alt/del keys (windows) and choose “end-process” of your browser … for mac-os, think it’s command/option/escape keys. another option … unplug the data-stream cable from your computer. yet another option … pull the power-cord from the electric outlet. will you lose connection to smdb or other websites, of course … but that’s much better than losing your computer (or worse).

another thing … the scenario above should never occur while you are logged into sensitive websites (banking, insurance, utilities, investments, etc.) where you have registered account*(s)* … basically, any website in which you interact with your personal private information. for those, you should only have a single tab/window open … and only for that specific website. in other words … you should not have email tab open and amazon tab open and facebook tab open and bank-tab open … etc. when you wish to do any personal data activity such as these … always start by closing/reopening your browser. stick with only that website and no other website. when finished with that website … close the browser.

if you do force a browser closed … when reopening the browser, it may open previous windows that you had been viewing before close. in this case, very quickly close the infected webpage first (probably most recent). do this as soon as the browser starts opening the tab/window … do not wait for the page to fully load. if you are quick enough, that page’s javascript will not have yet been accessed. opening the browser in “safe-mode” may also circumvent previous loaded pages from opening again.

maintaining perspective:

couple other things to keep in mind:
[ul]
[li]keep your os*(operating system)* up to date … 'specially with security updates.[/li][li]keep your browser up to date[/li][li]keep your browser’s addons up to date (ghostery, noscript, abp, nocoin, etc.)[/li][li]keep your av*(anti-virus)* up to date[/li][li]keep all other security sentries up to date (malwarebytes, spwareblaster, adaware, ransomfree, etc.)[/li][/ul]
when accessing your email … do not click any link. doesn’t matter if the email is from your best friend or from your employer or from your bank or from hr-block or from irs or from the government or from the fbi or from god himself … do not click any link! the fbi, irs and government (welface, soc-sec, etc.) will not interact with you via email. open your account the email pertains to (hrblock, bank, amazon, facebook, twitter, etc) … and process your interaction with them on their website. there should be notification of some sort within that website … if they truly sent you an email. as for your employer … call hr-dept and process your commerce with them via phone. if it’s your friend … call them on the phone and verify they sent you the email and ask them what the link is for.

one final point i wish to cover … many of you are accessing the internet while at your work-place. this practice is dangerous. not only could your computer be exploited … the whole infrastructure of your company’s intranet could be sabotaged or crippled (or worse). the violation/infection could also piggy-back to customers/clients of the company. so … my suggestion would be to bring your cell-phone and play your games on your cell-phone only … this is not connected to your employer’s infrastructure. better yet … first, discuss this with your supervisor and with it/hr-depts.

epilogue:

i have elaborated on the above procedures to benefit anyone coming across this webpage. knowledge is power … knowledge should always be free … the absence of knowledge is ignorance.
also, i have only touched bases and have not discussed everything … would take a book to do so.
additionally … landscapes are never static … things always change … tomorrow some of these facts may no longer be relevant or accurate.

thanks for your time.

ref: