Simple answer: Yes, but not because of anything jdavis said.
All he knows is that the site doesn’t contain malware if the ads are shut off. So any malware had to come from the ads.
But the description by Google makes it pretty likely that there was actual malware. New unrecognized programs started when they visited 1 out of every 1000 SDMB pages. That said, these are likely completely unprotected systems, specifically designed to catch as much malware as possible. We don’t know how dangerous it was for the average Doper who knows about malware protection.
Still, there were enough (around 80) malware hits that Google is very unlikely to have made a mistake.
Possibly. We don’t know. That’s what’s annoying to me. Google never tells you what the vector is, so you can’t know if you’ll be safe by turning things off. I only had an educated guess that any malware would have been served by ads, and not someone hacking an administrator account (which happened fairly recently) and installing some crap.
(The protections they put in place since that attack are part of why I felt safe.)
BTW, if you’re worried about Flash, be sure to install some sort of Flashblock, and only run Flash content when you need it and trust the people who made it.
I apologize for being unnecessarily harsh. I was very annoyed, and it’s not your fault, with the initial and typical knee jerk response from the administration. Saying that Google was the culprit when we’ve had malware issues for ages was just asinine, especially after how long it took for them to actually admit that it was a real issue in the first place. People have been saying for years that this was a big problem, we’ve lost posters because of it and now the chickens have come home to roost.
As Jerry said, now that the ads are gone, we’ll almost certainly be back up and running by midday tomorrow in the U.S. (Which means that people don’t have to keep posting status reports. We have to wait for Google to re-classify us.) If the ads come back, we’ll be back in the same place again in short order. We’ve been told over and over again that there’s nothing that can be done preemptively about malicious advertisers.
Same. I suspect any organization or ISP using web filters may be subscribed to whatever list(s) Google is using, causing SDMB to be automatically blacklisted en mass. The cascading effect may take some time to resolve, if it ever resolves at all.
Jerry says it’s ad-related. Thanks, Jerry! How many threads have been created the past few months complaining of ads (various reasons), with the only response that the problem is kicked upstairs, never to hear of any response from TPTB. Will this issue meet the same fate from TPTB? However, in this case there is a potential the failure to properly address this latest (ad-related) problem could see SDMB banned all over the place. Seems to me fighting ignorance needs to start at home.
When all is said and done I have to say that I am impressed with the diligence shown by Google in the matter of malware. Conversely I am rather unimpressed with the SDMB. Did we really need to wait for Google to kick us up the ass before action was taken on these toxic ads? It’s not as if we were unaware there was a problem. Hardly a day passes without someone complaining that they have been infected by malware here. Sure, Tuba would always take details and pass the report on but what was the point of trying to handle this on a case-by-case basis when it had to be clear that the problem was the company which was providing the ads? I used to be skeptical of such complaints about malware as I never had a problem. It now dawns on me that I never had a problem because I was never exposed to the ads.
Well, at least action will have to be taken now. But the fact that it was not taken long ago is a pretty damning indictment of the SDMB. And by the way I should make it clear that I’m not blaming the mods or admins for this, or even Jerry or Ed. I’m sure they have no say on where the ads come from. The problem lies higher up.
Right, after Al Gore invented the internet he entrusted it to a then little known man in Illinois, who had the brilliant idea to invent ad-based revenue streams for websites.
Do all ad vendors dispense malware now and then or do some vendors have a better reputation than others? I suppose text ads are pretty safe if you don’t click the links, but I’m wondering about banner ads.
Guys! Did you know Google found malware on the SDMB? Ok I read this whole thread and I’m sure you know, but I just got this warning when trying to access SDMB from Google search results (it’s the same warning posted by others):
Copying and pasting the URL into Firefox didn’t give any warning. Maybe FF and Google use different blacklists. Or maybe my FF doesn’t check for malicious sites (FF 24). I’m pretty sure it was a malicious ad, not the actual SDMB software.
Speaking of ads, recently, when surfing the SDMB on Safari on my iPhone, I get App Store popups almost on every page. I mentioned this kind of ad here:
It only affects mobile users, and it’s not really a security breach, but it’s extremely irritating. I didn’t mention it because it happens on almost every ad-supported site now, e.g. Buzzfeed (has the SDMB fallen to Buzzfeed’s level?)
