Tech blog Gizmodo has been suckerpunched by cyber scoundrels, who placed malware-loaded web ads on the site. Gizmodo is the latest online publication to have been targeted by villainous hackers. The site coughed to the nasty scam and issued an apology today. “Guys, I'm really sorry but we had some malware running on our site in …
mmm, adblock, not only do you make the web easier on the eye, you also save me from malware :)
It seems to me
That adverts present the biggest risk for XSS attacks, particularly ones that are allowed to run scripts just to make them more intrusive (a la 'popovers' and 'pupups'). I see no problem with ads that are bog standard GIFs but anything else, especially flash is unnecessary. My recommendation to everyone would be to run FF with AdBlock and not see any of them anyway. problem is, if everyone did this, we'd have to find some new way of funding the internet. Then again, other than El Reg we probably wouldn't be missing much...
El Reg was here first
El Reg was here first:
Sniping aside, there are a surprising number of bogus ad agencies out there. Increasing, people who buy and sell ad space are on the front line of security these days.. they just don't know it yet.
We really need to rethink web advertising, currently I block everything and I will continue to do so until websites and advertisers get their act together. I would be happy for non-intrusive, static images which take up no more that 10% of a page and do not interrupt the flow of content. Anything more than that is unwanted. I suspect that the number of people blocking adverts will continue to grow until we see responsible advertising on the web.
- Asteroids as powerful as NUCLEAR BOMBS strike Earth TWICE YEARLY
- Got Windows 8.1 Update yet? Get ready for YET ANOTHER ONE – rumor
- Apple stuns world with rare SEVEN-way split: What does that mean?
- Patch iOS, OS X now: PDFs, JPEGs, URLs, web pages can pwn your kit
- Sony Xperia Z2: 4K vid, great audio, waterproof ... Oh, and you can make a phone call