That’s got nothing to do with whether or not you view ads. It only has to do with whether or not you use a browser that subscribes to Google’s “badware” warnings.
They throw the warning to everyone, without consideration for users’ safety precautions like antivirus or adblock. It’s not customised for the user. In fact, I think there was only one malicious ad, meaning the odds of actually getting it were quite low (<1%, I guess), but that was enough to flag the site.
Seems odd that they do this on a site basis, when it would be much more efficient to note the ad provider and flag everything by that provider. It would, er, greatly encourage them to prevent bad ads as well. I know some malware is on the site itself, not from ads; there’s no reason they can’t flag on either basis.
Google doesn’t flag a site for one malicious ad. And the danger was not only present yesterday. Over the last 3 months it’s found a whole bunch of malware, that’s why the flag went up. And I’m bloody grateful that Google does this.
From upthread someone posted the details from Google.
The problem is still here. As usual McAfee immediately puts a black bar on Firefox. “We tested this page and blocked content that comes from potentially dangerous or suspicious sites.”
Every day. Every time I visit the SDMB. Won’t be long and Google will block the site again. Their test is probably similar to what McAfee does.
Whatever gets blocked doesn’t impact the actual message postings. I see them fine. I’m not clicking View All Blocked Content to find out. :dubious:
I’m running Flashblock. Not running AdBlock. Maybe its time that I do?
I agree. 'Twas your analogy, though.
I wouldn’t dream of coming to this site now without an adblocker. It’s far too risky, even for a member. Nor would I recommend this site to a friend who wasn’t computer-savvy. If they keep the same ad supplier I’d be putting my friend’s computer in harm’s way.
Can an ad infect your computer with a virus just by showing up on your screen? Or do you have to click on something?
You do not need to click on something.
Can you tell me how that works? Having an ad appear on my screen can infest my computer how?
This Wikipedia article does a good job of explaining it.
This part is interesting:
I wonder how difficult it would be for this board to scan ads here prior to making them active.
According to the Wikipedia article the infection happens when the ad is clicked on. Here is the quote:
“Websites or web publishers unknowingly incorporate a corrupted or malicious advertisement into their page. Once the advertisement is in place, and visitors begin clicking on it, their computer can become infected: ‘the user clicks on the ad to visit the advertised site, and instead is directly infected or redirected to a malicious site. These sites trick users into copying viruses or spyware usually disguised as Flash files, which are very popular on the web.’”
I still don’t see any way the infection can happen without the ad being clicked on. I do see how the website gets infected but not how a person’s computer can be infected without some action other than just passively having an ad appear on screen. What am I missing?
Ads can incorporate various scripting functions, Flash, or other things that automatically run when you just visit the page the ads are on.
So if there’s a security vulnerability in Flash, for example, the ad can exploit that vulnerability because it runs when you visit the page the ad is on.
Most ads nowadays aren’t just a HTML link, each one is effectively a full little program running on your machine.
-
You don’t have to click on a malware ad to get infected. However, it is a lot easier to exploit holes that do require clicking than ones that don’t. The non-click holes are less common and more regularly patched. There are so many need-to-click holes being found all the time that those are just plain hard to keep up with.
-
Adobe is notoriously bad at software quality. Flash, Reader, etc., are just poorly designed and unmaintainable messes. Even their new cloud service is out of service since Wednesday afternoon. (Which puts a really big hurt on their clients, who should have known better.)
Adobe products are so bad that malware writers rather spend time finding holes in their products than Microsoft’s.
- Ad services don’t host the ads. They don’t see the ads. They just provide a service to websites that says link to something from this other site. This saves them hosting costs. The actual ad providers have to provide their own site and bandwidth. This also reduces bottlenecks of millions of ads being fed every second since they are distributed from many remote sites.
Neither the ad service nor the Dope can reliably do their own ad scanning under this system. Malware distributors have been known display “safe” ads to address blocks associated with the ad service and the end site.
If things are going to ever change for the better, this remote ad hosting crap has to end. People need to bite the bullet. The ad services need to host, scan, and distribute 100% of the ads. Sites like the Dope need to only sign with services that implement this policy.
Otherwise, this nonsense will continue and ad blockers will only continue to gain ground to the detriment of web sites.
From the wiki article:
From footnote [7] “Five-month malvertising campaign serves up silent infections”. Infosecurity. Reed Exhibitions. Retrieved 18 March 2013.
Here
Keep your software up-to-date.
Ain’t that the truth.
Wow. Is this… retribution or something? This is beyond inept and bad luck.
That means flash and windows update.
If you don’t need it, uninstall Java entirely. It’s a POS security wise. If you do need it, then keep it up to date.
There are a number of .pdf viewers not made by Adobe. I’m unclear about their relative safety, though I will express distrust of a company that would even think of having macros run automatically when a file is opened as Adobe (and Microsoft) once did.
I generally agree with Merneith’s admonition to not turn off the check for badsites in your browser. However, I turned the Google badsites checking off in my browser for 3 reasons:
-
I run noscript in Firefox (on Linux), and keep the sites that are allowed very narrow. It prevents the browser from loading java/javascript/Flash on any site that you haven’t already allowed. I disallow several sites that noscript allows by default. Other than that, I load javascript/flash/java as needed. It makes browsing a little primitive, and sometimes a pain if I want to watch a video or order something, but it’s worth it for many reasons. I originally did it because I was sick of sites’ Flash ads grinding my ancient laptop’s processor to a halt. After a few weeks of enjoying it, I realized that those extensions are the most common routes of infection. Now, nothing is totally secure, and I’m sure there will probably be an exploit for someone’s HTML interpreter soon, but closing off the common routes will make you generally safe.
-
I’m sure the data is reasonably anonymous, but I don’t see any reason to report every site I visit to any central point. There’s no way that at least the site you’re visiting and your IP isn’t being sent to the server providing the block list, Google has the capability and inclination to store it, and I don’t trust any private entity to resist the urge to collect/use this data.
-
If you are going to block content, and you can identify the original source, why block a third party? The reports provided show that they know the original domain the infections came from, why block someone who is an unwitting consumer of a malicious source?
Perhaps you could make the argument that if everyone reports that they are blocked, the consumer of the malicious source will no longer be unwitting, and stop using the source. I’d say that might work, blocking the domain and IP address that the software was originating from also would work. The people distributing malicious software could change domain names, but that would probably also get around the ad services removing them.
If you’re not doing something very similar to item 1, don’t worry about 2 or 3. Getting your machine owned can be much worse than leaking some paltry data or not visiting your favorite message board for a day. Trust me, I’m a professional.
Just got the warning again after two days or so of no warning.
Firefox 29 with AdBlock FWIW.