What’s the deal with people reporting seeing the warning on every page? I see it once when I restart web browser. This time I didn’t even click “This isn’t an Attack Site” because I don’t want the stupid popup again. Yet I’m opening pages left and right without even so much as a bar on top.
Is it maybe only Chrome doing it?
Doing it this way forces the legitimate site owners to correct whatever security hole allowed the malware to be injected into their site in the first place. Otherwise the malware authors would just update their code to use different domains and put it right back on the compromised websites the same way they got it there before. It is an endless game of whack-a-mole.
By forcing the website that has been compromised to shore up their security the bad guys can no longer use that site to distribute malware from any domain.
There is no security hole on the main content website. That’s Chronos’s whole point. It’s the ad service that has a security hole. It thus makes more sense to block the ad service. No other ads can get through if the entire ad service is blocked.
The content sites still get forced to fix the problem, as their revenue stream stops, but the users, who have nothing at all to do with the problem, are not affected. At most they see a warning in place of where the ads would have been.
Annoying the users just gets them to turn off the warnings. There have already been a few people here who have done it or at least wanted to do it. Imagine what that’s like elsewhere, where you don’t have computerphiles to dissuade them from doing so. You think the guy who visits sketchy porn sites is going to keep the warning on?
There are many ways a website might wind up with malicious code injected - not just ads. A server might get hacked and have malicious code uploaded directly, the webmaster might unknowingly download and install some compromised code, etc.
The ‘security hole’ I refer to in this case is allowing an ad vendor that sends malware to display their adds here.
As I said, blocking that one ad’s domain would just result in them updating the ad to point to another, non-blocked domain and inject it right back onto the SDMB the same way they did before.
I said: “Doing it this way forces the legitimate site owners to correct whatever security hole allowed the malware to be injected into their site in the first place.” That might mean patching a server vulnerability or rethinking a relationship with an ad supplier.
I tend to open most things in new tabs. And at least in Chrome, each tab will give the warning once. So the only time I don’t get the warning is when I change pages in a thread.
Nice turn of phrase. Never heard “jumping on my shit” [upthread] before, either, but I like it and will attempt to use it in conversation.
FTR, happened for the first time just now, through a Google jump to SD from Safari.
Now am I reading that interrupt screen wrong, or what–I found no way to actually continue to the site. A complete lockout. So I copied the URL (a particular thread’s) and went there via the tiny browser with my password security thingy, 1Password, and went right in.
Others here, I gather, have trouble when even knocking directly on the front gate with the SD URL pasted in directly, bypassing Google?
And this thing about being a paid-up member. I am, but what good does it do if you’re trying to enter without the SD password cookie? You can’t get in to even say you don’t see no stinking ads.
I must say, seeing messages from at least three people who I, for one, welcome–Jerry!?, he’s real?–has been some kind of silver lining.
When ad company sites tell browsers to fetch an ad from another site, do they also mention the advertiser’s account? Seems it’d be easy to make them send messages: “fetch ad from <domain>, advertiser <account number>.” Then people would just take note of which advertisers are misbehaving and blacklist them.
Another improvement would be to still not host ads, but handle all redirects. This way, the ad server would only see requests from the ad company, and not be able to display only nice ads to Google and other checks.
Currently, clicking on Google results that link to anything at boards.straightdope.com either hangs in some sort of loop (this may be browser dependent), or takes you to a Google warning page that gives the address of the target page, but does not have a clickable link to it. So presumably straightdope.com is currently losing a lot of search traffic.
While technologically that is quite possible, my guess is that is more processing than Chrome wants to do, or maybe there are some ethics involved, because that would require intercepting the data stream and/or rewriting the HTML code between serving it up and customer’s viewing. Blocking the whole thing with a warning is much simpler.
Yes, it seems odd to talk about ethics when we’re trying to avoid malware, but just how much processing and filtering do you want your browser to do? Intercepting the data stream and substituting one ad for another, without warning, is exactly what some malware does. Do you want to trust someone wearing a white hat to do the same thing the black hat does, but for your own good?
And it occurs to me that while we know SDMB’s thread content can be separated from ads without thread corruption, how does Chrome know that is possible with other sites?
Firefox for the Mac gives the same warning, as does Firefox for Android. Opera for Android does not produce a warning, but if I remember correctly I installed a “lite” version of that browser.
Yep, warning is back. Firefox on PC. I assume that the ads have been switched back on again, Google wouldn’t flag the site otherwise. How many times must we go round this carousel until TPTB actually do something substantial?
It takes time for the clean list to propagate. There’s no way for us peons to tell if that is why we’re still getting the warnings or for some other reason (like Google doesn’t trust us anymore).
It gives the same warning because it’s reading html and made to run cross-platform. But Windows code, good or bad, can’t be read.
Because adblock exists, and only stops you from using pages if you specifically set your page up for it to do so. The only sites I’ve seen that do this are extremely sketchy, and probably should be blocked by Google anyways, seeing as they are all about getting you to buy something to get some illegal software.
I don’t find the processing argument to be very good, either. The only extra step needed is figuring out who the ad provider is. And seeing as ad providers generally have special code they require you to use verbatim, that shouldn’t be so hard.
The processing argument would actually be my argument for saying they shouldn’t worry about blocking everything anyways. Blocklists are just a first line defense, not the be-all-end-all of protection. The way this sort of thing is handled lately has become very paternalistic. It’s the “we know what’s best for you” idea that Google has been using in all their services for a little while now. You know, the same attitude that keeps me away from Apple.
Yeah. Damn those paternalistic assholes at Apple! How dare they not use Windows code so Macs will get infected!
NM
I thought this was interesting and relevant.
Global Raids Target ‘Blackshades’ Hacking Ring
Available soon from Amazon and Walmart. :smack:
One of the biggest hassles with google throwing up red flags is that I now cannot search the SDMB in any fashion. The board’s search function times out every time I try to use it (502 bad gateway), and google search results throw up the “warning: malware” page, which on mobile I can’t see how to get past. The page says I can continue on, but at least on mobile there doesn’t seem to be a button or link to actually do so.
It’s possible, just a real pain on mobile. After you search via Google and get taken to that page, the address bar should look like:
https://www.google.com/interstitial?url=http://boards.straightdope.com/sdmb/showthread.php%3Ft%3D723317
Delete the, “https://www.google.com/interstitial?url=”, replace the %3F after showthread.php with a ?, and change the %3D after t to an =.
That’s really helpful! Thanks, Mithras.
Now I wonder why google couldn’t just put an “I accept the risk” button on the page…