* Posts by Alan Jay

4 posts • joined 23 Sep 2007

Malware authors play Mario on Daily Mail website

Alan Jay

Associated News run an ad network

One thing that people should think about when spreading blame is that the Daily Mail's parent Associated News have an ad network that they offer to third parties. So in this case the network in question may have been themselves.

The problem for the Advertising Networks is that these things can be well disguised so I have a small amount of sympathy for them unfortunately the tools that spot these things often make it impossible to work out which advert caused it by not providing or removing the needed data.

One day everyone will be on the same page fighting the people trying to run these scams rather than pushing blame on the sites that run the adverts or the advertising networks.

Alan Jay
Thumb Up

Google Site Advisory - is it excessive?

I wonder what people think about all of this. The fact that people attack advertising networks is nothing new and advertising networks need to be on their guard about this.

However when I first saw (what I think was this) I got a message from Google Safe Browsing http://google.com/safebrowsing/diagnostic?tpl=safari&site= the message in Google Crome and Safari blocks access to the site and is "quite" negative to non sophisticated user.

In this case the site was dangerous one day in the last 90 and yet if anyone trys to load something off that site it puts up this message (rather than say loading the page WITHOUT the content from that page and putting up a pop up warning).

It always strikes me that this kind of thing makes new people fear the internet where it should be making people understand the risks and stopping them being attacked. This makes the risk appear much worse than it is and so doesn't help the situation. In addition for those that know there really isn't enough information to diagnose the true cause of the error when it is delivered via an advertising network.

Great article.



Only Sky can save digital TV

Alan Jay
Thumb Up

Amazing how subeditors can change the perspective of an article

Hi had a look at the original blog that this article is based on it it titled "OFCOM: DTT Headache" although there are some odd aseritions in the article (TopUp TV and which DTT channels have PSB heretige) on the whole the article makes the case for what it is saying quite well.

The key point that he seems to be making is "DSat will basically be the only economic alternative for people suffering poor reception and the BBC just does not want BSkyB to be seen saving the DSO."

This has always been the obvious solution and OFCOM should have mandated it as a solution rather than have the PSB channels invest a huge amount of money in new secondary transmitters for substantially more than the cost of providing all the people who receive signals from them with satellite dishes and receivers (of any kind).

But the scary BSkyB might want to muscle in on this and so the broadcasters and OFCOM have gone down an expensive route which they can't afford and which will still leave people unable to receive the DTT signal.


Google malware watchdogs bite mom-and-pop shops

Alan Jay

If Google want to play at being god...

I think the point that many of you are missing is that where adverts are the issue that Goolge has the technology to help stop the adverts being served but instead of providing that information so that the adverts can be stoped they tell you the page that they were being served from.

Now anyone who has a site that serves adverts will know this is less that useful. The minimum you need is (1) "where was the advert called from - the country - to deal with geo-targeting of advertsing systems" (2) the time it was called (3) the name of the malware being directed towards (4) the advertsing server / network the file is being loaded off and (5) if possible the name of the advert file that is the problem - at the moment usually a flash swf file.

In fact the final bit of information will often be enough.

I'm pretty certain that when they set their test suite on a site that it records this information and if that is the case they could stop the advert being delivered which is surely their goal.

Hopefully Google's Policy team will realise that they can help the situation more by providing enough information to allow the advert to be stopped than the current policy which is to hide their head in the sand and blame the site that was unfortunate enough to have the advert served on there site.

For those who say the sites should be more careful I would say that the example we say was subtle in the way it worked it didn't attack always and didn't appear to be harmful at all. Even more sophisticated all the celver code was held on a remote server which was interrogated in some hidden code to see if it should deply the badware. This is non trivial (if you don't know what you are looking for) and hard if you do.

It has taught us to be much more circumspect but also highlighted the fact that there is an organisation out there that could really help fight this problem but they choose to sit on their hands while waving them shouting "its there" when in fact it is somewhere else.

The additional problem is that as people see more of these "warnings" against sites they use regularly they will loose their effectiveness. A warning that really means something is worthwhile otherwise users will think that Google is "crying woolf" and start ignorning then and problem is that they also use this same warning for sites that have been compromised by hackers and which are dangereous to all visitors rather than being dangerous to 1 in 250,000.



Biting the hand that feeds IT © 1998–2017