You say advertising, I say block that malware

[Reefa]

The real reason online advertising is doomed and adblockers thrive? Its malware epidemic is unacknowledged, and out of control.

 

The Forbes 30 Under 30 list came out this week and it featured a prominent security researcher. Other researchers were pleased to see one of their own getting positive attention, and visited the site in droves to view the list.

 

On arrival, like a growing number of websites, Forbes asked readers to turn off ad blockers in order to view the article. After doing so, visitors were immediately served with pop-under malware, primed to infect their computers, and likely silently steal passwords, personal data and banking information. Or, as is popular worldwide with these malware "exploit kits," lock up their hard drives in exchange for Bitcoin ransom.

 

One researcher commented on Twitter that the situation was "ironic" -- and while it's certainly another variant of hackenfreude, ironic isn't exactly the word I'd use to describe what happened.

 

Quote

The @Forbes website held content until I disabled Ad Blocker. I did so and was immediately given pop-under malware. pic.twitter.com/eDVRAA9ZSu

— Brian Baskin (@bbaskin)

January 4, 2016

 

That's because this situation spotlights what happened in 2015 to billions -- yep, billions -- of people who were victims of virus-infected ads which were spread via ad networks like germs from a sneeze across the world's most popular websites.

 

Less than a month ago, a bogus banner ad was found serving malvertising to visitors of video site DailyMotion. After discovering it, security company Malwarebytes contacted the online ad platform the bad ad was coming through, Atomx. The company blamed a "rogue" advertiser on the WWPromoter network.

 

It was estimated the adware broadcast through DailyMotion put 128 million people at risk. To be specific, it was from the notorious malware family called "Angler Exploit Kit." Remember this name, because I'm pretty sure we're going to be getting to know it a whole lot better in 2016.

 

Last August, Angler struck MSN.com with -- you guessed it -- another drive-by malvertising campaign. It was the same campaign that had infected Yahoo visitors back in July (an estimated 6.9 billion visits per month, it's considered the biggest malvertising attack so far).

 

October saw Angler targeting Daily Mail visitors through poisoned ads as well (monthly ad impressions 64.4 million). Only last month, Angler's malicious ads hit visitors to Reader's Digest (210K readers; ad impressions 1.7M). That attack sat unattended after being in the press, and was fixed only after a week of public outcry.

 

It's crazy to consider what a perfect marriage this is, between the advertisers and the criminals pushing the exploit kits. They have a lot in common.

 

Both try to trick us into giving them something we don't want to. We've recently learned that both entities surveil and track us beyond what we're OK with. And both are hard to get rid of. You know, like those gross toenail and skin condition ad-banners found at the bottom of every cheapo blog you've ever seen, forever burned into the "can't unsee" section of your brain.

 

It actually makes business sense to think about malware attacks like an advertiser. You want to deliver your infection to, and scrape those dollars from, every little reader out there. You need a targeted delivery system, with the widest distribution, and as many clueless middlemen as possible.

 

It's easy to want to blame Reader's Digest, or Yahoo, or Forbes, or Daily Mail, or any of these sites for screwing viewers by serving them malicious ads and not telling them, or not helping them with the cleanup afterward. And it's a hell of a lot easier when they've compelled us to turn off our ad blockers to simply see what brought us to their site.

 

But the problem is coming through them, from the ad networks themselves. The same ones, it should be mentioned, who control the Faustian bargains made by bartering and selling our information.

 

What should the websites do? The ad networks clearly don't have a handle on this at all, giving us one more reason to use ad blockers. They're practically the most popular malware delivery systems on Earth, and they're making the websites they do business with into the same poisonous monster. I don't even want to think about what it all means for the security practices of the ad companies handling our tracking data or the sites we visit hosting these pathogens.

 

 

 

So, to my friend on the Forbes 30 Under 30 list -- a malware researcher, which I'll concede is actually ironic -- I'm sorry I won't be seeing your time in that particular spotlight. What we need is a word for the fact that ad blockers have become our first line of defense against a malware epidemic. Especially during a time when the sites we visit are begging, pleading, demanding and practically tricking us into turning off Ad Block Plus.

http://www.engadget.com/2016/01/08/you-say-advertising-i-say-block-that-malware/

 

[straycat19]

Forbes has removed the adblocker block and the site can now be viewed with adblockers enabled.

[steven36]

12 hours ago, straycat19 said:

Forbes has removed the adblocker block and the site can now be viewed with adblockers enabled.

They force you to use cookies  at there site  . If I'm  visiting site just reading i don't like to having too enable them  so i don't visit forbes  very often . I just catch the news at one the other 1000 news sites.

[SURbit]

12 hours ago, straycat19 said:

Forbes has removed the adblocker block and the site can now be viewed with adblockers enabled.

 

Why would anyone in their right mind want to ever go back there again to their site, 2nd time round it could

even be worst. I dislike any kind of infections - then praying on your interests or likes to me these are bottom feeders.

 

 

19 minutes ago, steven36 said:

They force you to use cookies  at there site  . If I'm  visiting site just reading i don't like to having too enable them  so i don't visit forbes  very often . I just catch the news at one the other 1000 news sites.

 

I use Maxa Cookie Manager and delete all cookies after 15 minutes, sure it lets you navigate sites awhile but - then

with RoboForm if you have to login again to post or something to that extent, it makes short work of it.

http://www.nsaneforums.com/topic/259520-maxa-cookie-manager/

[steven36]

9 minutes ago, SURbit said:

 

Why would anyone in their right mind want to ever go back there again to their site, 2nd time round it could

even be worst. I dislike any kind of infections - then praying on your interests or likes to me these are bottom feeders.

 

 

 

I use Maxa Cookie Manager and delete all cookies after 15 minutes, sure it lets you navigate sites awhile but - then

with RoboForm if you have to login again to post or something to that extent, it makes short work of it.

http://www.nsaneforums.com/topic/259520-maxa-cookie-manager/

I use  cookie  controller addon  in Firefox  and i have cookies turned off by default . I only enable  them if i sign  in and clean them when done .   

Im not going to forbes to read the news  with that have to allow cookie policy . I even block cookies to Google  so why would i allow forbes  ?

[SURbit]

33 minutes ago, steven36 said:

I use  cookie  controller addon  in Firefox  and i have cookies turned off by default . I only enable  them if i sign  in and clean them when done .   

Im not going to forbes to read the news  with that have to allow cookie policy . I even block cookies to Google  so why would i allow forbes  ?

 

Maxa CM works with firefox almost all browsers but it installs as a software / lifetime license with updates and for 2 PC's

for less than $30.00 USD right now ($5.00 savings).

It can set to clear all cookies at different time intervals and browser closing.

 

Think you deleted your cookies? Think again - http://www.cnn.com/2009/TECH/08/12/deleting.cookies.privacy/index.html

Unlike traditional browser cookies, Flash cookies are relatively unknown to web users, and they are not controlled through the cookie privacy controls in a browser. That means even if a user thinks they have cleared their computer of tracking objects, they most likely have not.

What's even sneakier?

Several services even use the surreptitious data storage to reinstate traditional cookies that a user deleted, which is called

're-spawning' in homage to video games where zombies come back to life even after being "killed," the report found.

So even if a user gets rid of a website's tracking cookie, that cookie's unique ID will be assigned back to a new cookie again

using the Flash data as the "backup."

 

Even the Whitehouse.gov showed up in the report, with researchers reporting they found a Flash cookie with the name "userId." The site does say in its privacy policy that it uses tracking technology but it does not mention Flash or tell users how to get rid of the Flash cookie. 

 

Yes it's an old report but just think where cookies were back then and NOW 7 years later !

 

With MAXA Cookie Manager, you can do the following:

1. List all of the types of cookies on your computer
2. Decide yourself or let the program evaluate which cookies are safe and which ones are dangerous
3. Automatically delete cookies as they appear on your computer
4. Block entire domains so that all cookies from an entire website or ad site are blocked
5. Create and manage both white lists and black lists - Increasing productivity by keeping the cookies that you actually need!
6. Delete Cache and History, this efficiently allows you to also get rid of Evercookies and Etag tracking.

 

[steven36]

Tut on how to Delete Evercookies in Firefox

http://phersung.blogspot.com/2013/06/how-to-defeat-evercookie-in-firefox.html

 

BetterPrivacy  to delete  LSO's in firefox

https://addons.mozilla.org/en-US/firefox/addon/betterprivacy/

 

Cookie Controller to delete cookies and dom storge

https://addons.mozilla.org/en-US/firefox/search/?q=cookie+contoer

 

System Cookie Deleters

http://www.nirsoft.net/web_browser_tools.html

 

Cc Cleaner

https://www.piriform.com/ccleaner/download

 

Winapp2 for Cc Cleaner

http://www.winapp2.com/

 

That's my arsenal  for cookies

 

 

[SURbit]

@ steven36

I see you have that base(s) covered well.

Looks like you have put a lot of thought in to this.

Do you use a VPN too?

I'm sure others will find this info. valuable

[Reefa]

I never go to any website unless I'm sandboxed and i only un-sandbox  when an addon or firefox needs to update..Firefox has never remember history enabled all my passwords are on an external device..Ad dons i use are U-block / HTTPS everywhere / BHfirewall /canvas blocker and Random agent spoofer...And my main man SD Sure its hassle updating and restarting i don't mind... But i don't think i have to worry BTW i am paranoid but you have to be or you could be tricked..

[Reefa]

@SURbit PIA is what i use and it's always activated..

[SURbit]

27 minutes ago, F3dupsk1Nup said:

@SURbit PIA is what i use and it's always activated..

 

I've got lifetime to AnonVPN and less than 2 years (614 days) left on Privatoria 8in1 services

• Secure VPN and Anonymous Proxy, that enable you to surf anonymously, change your IP, unblock sites, etc.
• Anonymous E-mail, Secure Chat and Secure Call and Video Call for secure communications
• Secure data transfer via FTP and Secure Data and Message Storage

CG pissed me off and I have lic till Sept but not going to use, CS su_ks and I can't login to change PW.

PUK and receipt # don't work with CG. They over their service sell it too

 

My trouble is I'm pulling wireless internet (or tethering) of my phone that I only have data SIM in to get

PC online. T-M su_ks for signal in my neighborhood with one bar, so I don't care to lower this by VPN

right now till I can afford so kind of signal booster/antenna or such. 

 

I found this-

Unlock all bands of your Qualcomm device

To see about unlocking the band T-M just rolled out recently - that's LTE and penetrates

buildings better. As my version of phone doesn't have it (band 7 ?) I'm thinking. I have read

this is like firmware (software) change and not hardware in relation.

 

[steven36]

26 minutes ago, SURbit said:

@ steven36

I see you have that base(s) covered well.

Looks like you have put a lot of thought in to this.

Do you use a VPN too?

I'm sure others will find this info. valuable

I been using VPN of some type since 2011  , I use all kinds of protection  in my browser  and i monitor traffic and block anything that don't need to connect to the internet with a firewall . I'm sort like F3dupsk1Nup   I  have paranoid security .

[Reefa]

16 minutes ago, steven36 said:

I been using VPN of some type since 2011  , I use all kinds of protection  in my browser  and i monitor traffic and block anything that don't need to connect to the internet with a firewall . I'm sort like F3dupsk1Nup   I  have paranoid security .

 

I'm funny even with my VPN I have to disconnect shut down my browser open and reconnect with different IP every time i log in somewhere different..Loopy hey...

[steven36]

11 minutes ago, F3dupsk1Nup said:

 

I'm funny even with my VPN I have to disconnect shut down my browser open and reconnect with different IP every time i log in somewhere different..Loopy hey...

I have my vpn fixed were when if it disconnect  it closes my browser and deletes cookies ,  qBittorrent  and IDM close as well   

[Reefa]

6 minutes ago, steven36 said:

I have my vpn fixed were when if it disconnect  it closes my browser and deletes cookies ,  qBittorrent  and IDM close as well   

Nice..I love the VPN Kill Switch feature in PIA..Works great for me..

[SURbit]

5 minutes ago, steven36 said:

I have my vpn fixed were when if it disconnect  it closes my browser and deletes cookies ,  qBittorrent  and IDM close as well   

 

That CooL you have it set up like that.

 

I seen this and thought about it for those purposes-

VPNCheck Pro 1.5

http://www.guavi.com/vpncheck_pro.php

 

Unique features:

• Auto-login to OpenVPN, PTPP and L2TP
• DNS leak fix (Prevent ISP monitoring & Data leaks) More info
• Close programs or network when VPN crash
• Options to close or autorun each application
• Router VPN detection
• Unlimited programs supported
• Virtualization support for VMware and Virtualbox
• Notification when VPN is offline

Computer ID protection:

Why is Computer ID protection important?

• Security against WiFi WPA/WPA2 backdoors
• Prevent various Computer ID fishing techniques
• Auto create new computer ID
• Reminder to change computer ID automatically or manually

See I don't understand under the HOOD configuring as you do but know I need to do something

so I look and read for the most all around coverage to implement my for purposes.

                                                                                                                             

 

 

[SURbit]

4 minutes ago, F3dupsk1Nup said:

Nice..I love the VPN Kill Switch feature in PIA..Works great for me..

 

Somewhere I have read that some VPN's Kill Switches are not that good.

Torrentfreak or that Crypto???? something named VPN. I know you know what your

talking about / so please forgive me as I didn't mean it that way. Just some seem to

be questionable, and as you have said you like to be prepared pain staking over prepared.

Have you guys herd of DoubleHop VPN?  https://doublehop.me/about.html

Good Jams Peace Brother - I'm listening now

 

 

[Reefa]

6 minutes ago, SURbit said:

 

Somewhere I have read that some VPN's Kill Switches are not that good.

Torrentfreak or that Crypto???? something named VPN. I know you know what your

talking about / so please forgive me as I didn't mean it that way. Just some seem to

be questionable, and as you have said you like to be prepared pain staking over prepared.

Have you guys herd of DoubleHop VPN?  https://doublehop.me/about.html

Good Jams Peace Brother - I'm listening now

 

 

 

I believe you are correct i had a lot of trouble with the Kill-switch in 8 and 8.1 Windows 7 no such worries..If you can find anymore info i would be interested..

Quote

Good Jams Peace Brother - I'm listening now

Thankyou...

[SURbit]

8 minutes ago, F3dupsk1Nup said:

 

If you can find anymore info i would be interested..

Thankyou...

 

Users who may be connected to two connections simultaneously (ex.: wired and wireless) should not use this feature, as it will only stop 1 active connection type.

http://www.vpnfan.com/blog/best-vpn-kill-switch/

 

Build your own VPN kill switch in Windows

https://www.bestvpn.com/blog/10218/build-your-own-vpn-kill-switch-in-windows-comodo/

 

2 VPN Kill Switches that wont Fail

https://www.liquidvpn.com/vpn-kill-switches/

 

anti-leak protection

active, intensive protection

DNS & webRTC leakblock

protect your IP from leaks

☠ IP6 mayhem averted

we lead the way in anti-IP6 protection

https://cryptostorm.is/

[Reefa]

Quote

Users who may be connected to two connections simultaneously (ex.: wired and wireless) should not use this feature, as it will only stop 1 active connection type.

I Don't have a wireless card so only one connection..

 

 webrtc is disabled in firefox..

 

☠ IP6 ...IS disabled in PIA.. DNS leak protection enabled..

 

So i think i am covered but thanks for the extra info..BTW also Encryption is set to

Data Encryption=AES-256

Data Authentication=SHA256

Handshake=RSA-4096

 

 

[CODYQX4]

I use VPN Kill Switch at the Router level via ASUS Merlin.

 

That also prevents software at the OS Level from leaking the main OS traffic, and WiFi+Ethernet is fine.

 

Really, the only way I can get past the VPN is a VM. A VM depending on net config can use the main WAN. Though the VM is an OS in itself, and it can be given forced VPN as well. Using Shared Network instead of Bridged Network avoids the need for that, but maybe you want that VM to be WAN vs VPN.

[CODYQX4]

I'd say an Ad Blocker these days may be the most effective anti-virus you can have.

 

Most people aren't installing software as much what with more and more running on the web.

 

I've seen the Forbes thing happen. If I can't defeat a website's anti-adblock, I either leave them or view it in a VM or something I don't care about.

 

If your business is benefitting from malware you deserve to fail. You don't have the right to profits no matter how incompetent and careless you are. Most people don't even comprehend the stalking and abuse of their privacy and ID theft risk you cause by selling their info for a dime to any low-life. All they know is you displayed a talking Ford Ad that consumed a 27 inch monitor, that they got malware from a major news site, and that you are an annoyance.

 

The CEO of Twitter uses Tweetbot for iOS, not Twitter for iOS, probably because he doesn't want every scroll on his iPhone to be promoted bullshit. I wouldn't be surprised if Mark Zuckerberg uses uBlock Origin to browse the web.