Thanks.
This argument is either misinformed or intentionally misleading. The javascript used to display AdSense ads is written and maintained by Google. The reason flash and java applets are risky is that you’re running code that is written by 3rd party jokers that are actively trying to install malware by exploiting bugs in the plugins that execute them. If AdSense allowed advertisers to stick javascript in their ads to make them interactive, then there would be a problem with it, but it’s in Google’s best interest to keep their little bit of bootstrap javascript code lean, mean and safe. If you limit your site to displaying only text and image based ads via AdSense (or some other reputable ad server whose javascript you can trust), you and your users really have nothing to worry about.
The idea that you can’t display ads without giving your users a risk of malware infection is a joke. Yeah, limiting the ads to safe formats is going to cost you some money, because annoying advertisers are willing to pay more to have their ads jump up in your face, do a dance when the mouse moves over them, and make noise (or have the option of poking at security holes). Catering to these types of advertisers is short-sighted: you know your site isn’t big enough to make a lot of money via non-sleazy advertising, so you lower your standards for a buck and reduce the quality of the site even further. It’s not a winning strategy, in my opinion.
But what the heck, I paid my membership again this year (hey, it’s half price, right? can’t let go of that bargain!), so shame on me etc. More and more it seems like paying someone to not abuse me, which doesn’t really feel right (I don’t really think it’s intentionally like a mafia protection racket, but the analogy strikes a chord). We’ll see if I’ve totally lost interest next year, I guess. Ooh, big threat, I know. 
Quoted for fucking truth.
Google.
Google ads don’t have links?
They do, of course. I misread the post.
[quote=“ntucker, post:122, topic:549941”]
I know that, thats why I mentioned very early on that I do not think Google is the problem.
Hey folks, I just got hit with this today. This is not the first time I got infected by an exploit. Last time it was an Adobe thing (not from this site). This is what happens when I don’t update right away, and this is why I hate Adobe / Sun.
Basically I rebooted into Safe Mode and ran MalwareBytes. I’m good now but still rattled.
Here’s a screen cap of the fake AV piece of crap in action
Is this where Linux / Mac users make fun of us PC users? teehee
I just got this piece of shit via SDMB.
Thisworked. Thank you.
Well, then I must have misunderstood your point in post 84. When someone suggests that the google ads are not a problem because the problems come from flash and java, and you respond that the google ads contain javascript, then it appears as though you’ve 1) confused java and javascript (a natural mistake for the layman, which you obviously are not), and 2) are trying to imply that the problems are not that big a deal, because the google ads are a potential source of the same problems. This would obviously be stupid, so please accept my apologies since that’s not what you meant. What did you mean?
I should note that when I got the infection, I was browsing with ADBLOCK disabled. Lesson learned.
I promise! It’s not me!
What do you know. I finally got hit with it! Same thing as in the quoted post. Screen cap would be useless, because all you would see is the post I was reading (ads were at top or bottom, off screen) and that piece of shit’s shit over top of it. All I can tell you is that it came around after I had been on the page quite a while.
I have noticed that every now and then, the pages here refresh, apparently loading new ads. Since it came along suddenly, after I had been on the page a while, it seems almost certain that it came about because of an “ad refresh”. Which of your ad brokers does that? I’m guessing Rubicon, because all the previous threads seem to indicate that they are clueless wonders.
Anyway, it took me several hours, but I now have a copy of it for my malware collection. Anyone want a copy, with instructions on how to install (shudder) and uninstall it? It only took me about 10 minutes to figure out how to disable it. The rest of the time was spent tracking all it’s traces down and copying them to my collection before deleting them, then figuring out how to reinstall it. Malwarebytes recognizes it, but AVG-free doesn’t, and is useless against it.
I think nasaspaceflight daht com used/uses ‘in-house’ ad serving. I haunted that Forum for years and recall when the option of adding banners/etc came about and how it was wanting to be kept in-house for such as SDMB is experiencing (and likely other reasons). The site has a Level II membership (subscription-based, but basic use is free) and with the subscrip you get access to LOTS of fresh/current ‘non-public’ data/info regarding ‘space/rocket’ stuff, and the fees feed the servers, iirc. SDMB does not have such a carrot to hang regarding memberships, imho. (Level II is amazing for what you get related to rocketry and imagery, etc…not selling it, but letting the geeks know if they are so inclined to see such details/iamges, I have no involvement with NSF whatsoever).
NasaSpaceFlight is a Forum with a high-% of engineers, govt-contractors, and other ‘pros’ that will not tolerate problems with info/system-security as a LOT of those folks are posting from NASA/govt systems and other ‘dont-mess-with’ systems. Perhaps looking at how Chris (Bergin, the founder/owner/main-man at NSF and VERY proud of his site) keeps his Forum malware ‘proof’ can give insight? I do see a little ‘Google Ads’ box that appears when AdBlock is turned off and page reloaded, so I may be very ignorant on what NSF does per its ad policy.
That site has grown exponentially (seems like anyways!) and I can’t recall folks having ~malware problems from there. Hopefully, I am not missing any past issues(??). The site may be too ‘orange’ to make an apple-to-apple comparison - ymmv on the similarity, of course.
I wish I could comfortably turn off AdBlock here, but worry about malware, fwiw. I want to allow ad-companies to pay SDMB for the display on my monitor of their often-silly ads - but seems odds are too high currently on the user-end…
If SDMB knows of a problem and isn’t going to fix the problem, then it should at least give users fair notice, a helping hand, and an ounce of prevention.
SDMB should put up a big sticky in each forum entitled
CAUTION: SIMPLY BROWSING THIS MESSAGE BOARD MAY CAUSE MALWARE!
The sticky should include the following:
(1) A clear bold warning that simply browsing SDMB may cause sudden loading of malware onto the user’s computer without further action by the user;
(2) A warning that users browse SDMB at their own risk;
(3) A warning that SDMB does not intend to remedy the problem;
(4) An offer of a step-by-step fix for those infected; and
(5) An offer of a link to preventative measure such as AdBlock
I think it’s the least you can do.
If you think extortion makes good marketing sense, I suppose SDMB could suggest people pay for memberships and paid members will not be at risk of malware.
I use Avast, and it stops a threat almost every time I am surfing the SDMB. No other forum I frequent suffers from this.
Avast just now blocked a threat, and I took a screen shot that I pasted to a Word document. Here is what Avast had to say, hand typed by me:
**EXPLOIT BLOCKED
avast! Web Shield has blocked a threat.
No further action is required.
Object: http: //celicanto.com/5NHC6342DBN017R/tmp/col.pdf
Infection: JS:Pdfka-ACS [Expl]
Action: Connection aborted
Prcess: C:\Program Files\Internet Explorer/iexplore.exe
The threat was detected and blocked while downloading an item from the web. **
I added a space between the http: and // to disable the auto hyperlink when I hit Preview Post. This popped up in cosmodan’s “Great Movies You’ve seen too many times.” thread in Cafe Society.
just got a 2nd fake antivirus malware from the SDMB in three days. Pretty discouraging from visiting a board I enjoy. Don’t want to deal with this crao every few days though.
I got it as well. Firefox, latest version. I hope updating AdBlock Pro will help.
Is there any pattern to those who are experiencing this, or is everyone getting hit? (I wonder because, among other things, it might help narrow things down.)