SoylentNews is people
SoylentNews
from the do-not-run-YOUR-code-on-MY-machine dept.
Mainstream websites, including those published by The New York Times, the BBC, MSN, and AOL, are falling victim to a new rash of malicious ads that attempt to surreptitiously install crypto ransomware and other malware on the computers of unsuspecting visitors, security firms warned.
The tainted ads may have exposed tens of thousands of people over the past 24 hours alone, according to a blog post published Monday by Trend Micro. The new campaign started last week when "Angler," a toolkit that sells exploits for Adobe Flash, Microsoft Silverlight, and other widely used Internet software, started pushing laced banner ads through a compromised ad network.
If you haven't installed a good ad blocker on all your friends' and family's computers, now is the time.
takyon: The article includes an update from Malwarebytes, which found malvertising on the likes of msn.com, nytimes.com, bbc.com, aol.com, my.xfinity.com, nfl.com, realtor.com, theweathernetwork.com, thehill.com, and newsweek.com.
(Score: 3, Insightful) by Pino P on Wednesday March 16 2016, @01:02PM
our browsers should never execute arbitrary code from a website.
Here on SoylentNews, would you prefer to have to reload all comments on a page when you click the little + or - to expand or collapse a comment in a comment tree? Or would you prefer that the operator of SoylentNews and each other web site develop and publish a native application for Windows desktop, a native application for Universal Windows Platform, a native application for X11/Linux, a native application for Android, a native application for OS X, and a native application for iOS?
(Score: 2) by Gravis on Wednesday March 16 2016, @10:38PM
no, i would prefer they use CSS3 like a gentleman. [realcombiz.com]
(Score: 2) by Pino P on Wednesday March 16 2016, @11:14PM
Another comment suggested the same checkbox hack [soylentnews.org]. But as replies pointed out, use of the checkbox hack would require sending all comments on the page to all viewers as if all viewers were browsing at -1. So if the user ends up not expanding the comments, the server ends up having spent usage fees to send, and the user ends up having spent usage fees to receive, possibly hundreds of comments that will never be viewed. At $5 to $15 per GB for mobile Internet, fixed terrestrial wireless (LTE or WiMAX) home Internet, or satellite home Internet, that adds up.
(Score: 2) by The Mighty Buzzard on Thursday March 17 2016, @01:06AM
Usage fees aren't an issue. Also, on a completely unrelated note, I swear, really, it's obvious neither of you pay attention to what goes on on our github repo.
My rights don't end where your fear begins.
(Score: 2) by The Mighty Buzzard on Thursday March 17 2016, @01:21AM
I should expand on why usage fees aren't an issue. Comments are just text and generally don't take up even close to a kilobyte each. Especially with gzipped transfers. Even an extremely heavily commented story for us is going to run well under one meg.
My rights don't end where your fear begins.
(Score: 2) by The Mighty Buzzard on Thursday March 17 2016, @01:04AM
Sheit, why do you think I wrote the API. FOSS. Write your own apps.
My rights don't end where your fear begins.