Google's DoubleClick ad network has once again been caught distributing malicious banner displays, this time on the home page of eWeek. Unsuspecting end users who browse the Ziff Davis Enterprise Holdings-owned site were presented with malvertisements with invisible iframes that redirect them to attack websites, according to …
If a website agrees to let DoubleClick serve ads on its site, then DoubleClick should SERVE THE ADS FROM THEIR OWN SERVERS. They shouldn't just be providing pointers to images / iframes / flash on 3rd party servers.
That would let DoubleClick actually verify that the ads are harmless. And DoubleClick should be doing default-deny, your ad doesn't get served unless it uses some known-safe subset of the web technologies or it's been manually audited.
Of course that doesn't protect people who _click_ the ads, but it would protect many people.
Just vindicates my decision to block doubleclick about 8 years ago. It has caused some pain with legitimate sites that use doubleclick links within their site for click counting (like InfoWorld) but all in all I think its worth it. I originally did it for cookie blocking/privacy reasons, now its grown into a full on security risk.
DO NOT TRUST WEBSENSE
I got as far as "according to researchers at Websense" and stopped reading. I'm sure same researches are proud of their work with the worlds worst regimes.
I wouldn't trust a word from anyone at websense.
Windows strikes again
At considerable risk of sounding like a cracked record endlessly repeating itself, when I read the m.o. of this malware, my reaction was "what on earth was MS thinking when they devised an OS that allows arbitrary files to be executed on reboot?"
Isn't there anyone with gumption awake and at the wheel at the good ship Redmond? Seems not.
When is MS going to wake up to the fact that their endless efforts to dumb down computing for Joe Sixpack ("Oh, that's too hard for mere citizens to understand!") leaves Windows wide open, legs spread, with pre-applied lubricant?
Reminds me of gay friends who think a Polansky speculum is the acme of fun.
Disable support for iframes. That will block about 90% of web-based attacks. Yes, some legitimate sites use it, but it's never really necessary, and a decently written page will degrade gracefully anyway.
Funny how this works
Not a week after responding to a CNN "reporter" bashing facebook hype (which I agree with), one of his complaints was that facebook was threatening to start tracking users (gasp of surprise). I had to remind him that CNN heavily uses Google analytics and, you guessed it, Google Doubleclick, as does about 95% of the "mainstream" web. It's funny too, because to respond to his "article" (sorry for the heavy use of quotes, but I'm trying to be as non-insulting as possible), one needs to click a "blog" link, which was his BIGGEST complaint.
And they all wonder why we, who know what we are doing, use Firefox with as many add/flash blocking tools as are useful. I long for the good ol' days where all we needed to worry about was GIF image worms/viruses/trojans/another-term-for-virus-no-one-can-comprehend-because-people-only-use-them-out-of-context-now.
Personally I feel adverts and most blogs are more intrusive and annoying than viruses, the way they intrude on my peaceful browsing experience.
But what do I know? Oh wait! I'm credible now, I Twitter! But Mine is actually informative, Of Course!
The drop of a dime
Well, if you don't want it, I'll have it… *munch*
Or any other ad blocking addin in your favourite browser - it's not like you want to view the shit anyway.
I'm with Eddie Johnson
I blocked doubleclick and a few other ad "vendors" about 7or 8 years ago too. I got hit by a dodgy ad that installed some Gator crap onto my computer. I was not impressed. Both Gator and the ad company effectively said "too bad", so I blocked them at our home proxy.
I now block pretty much any ad service I come across (again, at the proxy but now both at home and the 2 sites I work at). If it's domain is specifically for serving ads, it gets blocked. I particularly target those damned hover context ads that appear so many places now. Feels good to see those fail to appear when you reload.
You mean DoubleClick is supposed to be a *reputable* organisation?
I've had these f*ckers blocked for years now. I'd always assumed they were just another dodgy malware enterprise in the Zango / 180solutions / etc. line.
Actually regardless of who owns them, given the thrust of the article maybe I was right all along.
I block doubleclick (and google ads)
Like one of the above posters, i block everything from doubleclick and google ads at my router. I dont do it because of potential malware, i do it because the adverts give the wife ideas and i can't afford her to join any more bingo sites!
Doubleclick has been in my block-list ever since I learned how to block adverts. (So is Google analytics, for that matter.)
I really can't understand why ISPs aren't offering an advert-blocking proxy server for an extra tenner a month or so. No software required -- just insert some proxy settings in your browser. It could even be set up through a Firefox add-on, which would give you a discreet menu option to enable/disable the advert blocker and (as a side benefit) would help ensure people aren't using IE. You know who's paying for the advert-blocker by their IP address, of course, so any requests from anyone who isn't paying get diverted to a page advertising the service
I'm sure most people would rather pay a nominal fee than put up with the stupid flashing adverts .....
Block DoubleClick. Works for me! (Praise be to NoScript and AdBlock).
Right up until web designers code their site so that it won't function properly unless the ads are displayed (seen that once or twice).
just block all that crap
@Eddie Johnson, Kanhef, Stephen Sherry and RW
I agree with most of what you guys have said!
Block EVERYTHING other than the information you are actually looking for. Don't give me the info unless I turn on cookies ? -- okay scumbag, I'll get it from somewhere else ! The internet should be a great source of information of all kinds, easily accessible to ORDINARY people without degrees in data protection. It should NOT be about spying on ordinary people going about their legal use of a great international facility. 'It helps to taylor things for a better user experience' BOLLOCKS !! It tells YOU the scum what WE the FODDER might be thinking about buying !! I would have them hung, drawn and quartered !!!
2. AdBlock the string *DoubleClick*
Added bonus for Eircom users, who drop broadband and go back to using dail-up, pages wil load quicker :-P
Paris, easy & never been blocked up.