Jump to content

Photo

That Google malware thing


  • Please log in to reply
186 replies to this topic

#151
bugfire

bugfire

    Newbie

  • Members
  • Pip
  • 16 posts

It's Google Chrome, and Fire Fox using Google's anti-malware service, that blocks the content, not Google Search. As such it would be very easy to simply block a script running from a blacklisted site, rather than the entire site that links to the script.


All the anti-malware features of Chome and Firefox do is check the main url against a blacklist. What you want to do is beyond the scope of the code that has been written. If it is easy then submit your proof of concept code to Mozilla and Google.

Edited by bugfire, 09 February 2013 - 09:50 PM.


#152
Dark0ne

Dark0ne

    Webmaster

  • Admin
  • 16,831 posts

All the anti-malware features of Chome and Firefox do is check the main url against a blacklist. What you want to do is beyond the scope of the code that has been written. If it is easy then submit your proof of concept code to Mozilla and Google.


Which is what Adblocker does; checks a blacklist of scripts and sites and prevents such scripts from running if they're on the blacklist.

I'm very much aware it's beyond the scope of the current code (else it would be in the browser already!), but it's not beyond the realms of very simple possibility. How do I know? Because Adblocker already has this functionality.

#153
syscrusher

syscrusher

    Fan

  • Premium Member
  • 338 posts
Google is a bit draconian (pun intended) on several aspects of intellectual property and site flagging. An acquaintance of mine is a professional musician and songwriter, who sells her original works directly to her audience. Her YouTube postings (YT is also a Google property) were recently flagged as "pirated" even though she personally posted her own performances of songs she wrote. Google is refusing even to accept her written (hardcopy) legal requests to review their robot-detected results.

Google's full of smart people building really well-crafted 'bots, but sometimes those 'bots make bad decisions, and Google's getting so big that their bureaucracy gets in the way of fixing bad 'bot mistakes.

#154
bugfire

bugfire

    Newbie

  • Members
  • Pip
  • 16 posts

Which is what Adblocker does; checks a blacklist of scripts and sites and prevents such scripts from running if they're on the blacklist.

I'm very much aware it's beyond the scope of the current code (else it would be in the browser already!), but it's not beyond the realms of very simple possibility. How do I know? Because Adblocker already has this functionality.


Blacklisting is one of the least effective security measures you can take. It's why very little serious effort goes into it. If you want it to improve you are going to have to make it happen. Either maintain an Adblocker blacklist, or start working with Mozilla and Google to improve the anti-malware functionality.

#155
Dark0ne

Dark0ne

    Webmaster

  • Admin
  • 16,831 posts

Blacklisting is one of the least effective security measures you can take.



:facepalm: Blacklisting is what Google does! It's also what Adblockers use when deciding what scripts and code to block. Hence the whole point of this argument being that, as Google are using blacklists they could quite easily simply block code being run from blacklisted domains, rather than blacklisting domains that unwittingly use scripts from blacklisted sites. There's a big difference, that's been laid bare by this situation.

Imagine if the jQuery site got hacked and a malicious script was uploaded in place of jQuery. Literally half of the sites on the internet would then have to be blacklisted by Google for linking to jQuery's scripts in their code. Surely the logical thing to do is actually to simply blacklist the jQuery site and prevent the jQuery script from being run until such time as Google deem it is safe again? Not ban half the internet. What happened with these ads is the exact same situation.

I'm not quite sure you're in touch with the facts of how it all works.

#156
Wastelander X

Wastelander X

    Regular

  • Members
  • PipPip
  • 55 posts
"An adblocker will mitigate your chances of getting attacked by a malicious ad, but not completely prevent it and it will also severely dampen the Nexus’s ability to stay afloat financially. If you want to use one, that’s your choice, but you do hurt the Nexus by doing it." To this I must say, that I have nothing against some advertisements on sites, for this kind of reasons. But this site also contains at least 9 tracker softwares, which spy on me. I know that this is mostly for advertisement (like Google's ad sense) and for tracking site usage (like Google's analytics). But still, that's data collected from me and even worse to profile me. And there is absolutely no info that this is going on, there is no way to tell how those 3rd party trackers use my data and where they give it and there is no way to get those (data's) removed, or even to tell what has been recorded of me and where it goes. And none of those trackers have even asked my permission to do that anyways. And here comes the interesting part, many of those advertisements contain these trackers and won't even work without them. So I really wouldn't block those adds if I could be sure that they don't spy on me and collect my data for the 3rd party, for non specified usage. Edit: "9 tracker softwares", make it more like 15.... ;)

Edited by Wastelander X, 11 February 2013 - 12:09 PM.


#157
bugfire

bugfire

    Newbie

  • Members
  • Pip
  • 16 posts


Imagine if the jQuery site got hacked and a malicious script was uploaded in place of jQuery. Literally half of the sites on the internet would then have to be blacklisted by Google for linking to jQuery's scripts in their code. Surely the logical thing to do is actually to simply blacklist the jQuery site and prevent the jQuery script from being run until such time as Google deem it is safe again? Not ban half the internet. What happened with these ads is the exact same situation.

I'm not quite sure you're in touch with the facts of how it all works.

 
 
JQuery is a javascript library that gets stored locally. If the website is comprimised then a fresh download from the site could be nasty but andbody who already has the file is in the clear. You would have to block websites with corrupt JQuery library anyway since they host a stored copy of the malware.
 
I'm not quite sure you're in touch with the facts of how it all works.

Edit:
Pardon me JQuery can also be hosted through a third party such as a CDN. Still won't matter if JQuery's website gets hacked.

Edited by bugfire, 11 February 2013 - 10:28 PM.


#158
Arodicus

Arodicus

    Fan

  • Members
  • PipPipPip
  • 334 posts
Lol your advertisers are pretty confused anyways. Every time I clean my cookies out, they start sending me ads for store mannequins. Go figure.

#159
Dark0ne

Dark0ne

    Webmaster

  • Admin
  • 16,831 posts

JQuery is a javascript library that gets stored locally. If the website is comprimised then a fresh download from the site could be nasty but andbody who already has the file is in the clear. You would have to block websites with corrupt JQuery library anyway since they host a stored copy of the malware.

 

Many, many sites pull the jQuery code straight from the jQuery site e.g. http://code.jquery.c...ry-1.9.1.min.js , it's common practise.

 

If jQuery gets hacked and that file is replaced with a malicious script...yeah, bad, and every site linking to the jQuery file directly are then blacklisted by Google. Same with people who remotely embed Google code (which Google often encourages themselves). Another example would be people who embed YouTube videos into their sites. The embed scripts get hacked and oh noes, lots of blacklisted sites.

 

So yeah, you know exactly what I'm getting at and you're just being difficult, and coming off looking worse for it.



#160
fubar1971

fubar1971

    Stranger

  • Members
  • Pip
  • 1 posts
We all love you guys no matter what.....




Page loaded in: 1.204 seconds