Linked by Thom Holwerda on Sat 28th Jul 2007 11:07 UTC
Bugs & Viruses A lot of people have been emailing us about an issue we are having with one of our ads taking over OSNews. Thank you all for emailing us, the information provided is of good use to us. We are currently working on the problem, and will let you know once it has been fixed. We would like to apologise for the inconvenience. Update by DA: I think that I've tracked down the offender. Read more for details Update 2: This time I think we really fixed it.
Thread beginning with comment 259160
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Stop blocking ads!
by Peter Besenbruch on Sun 29th Jul 2007 08:26 UTC in reply to "Stop blocking ads!"
Peter Besenbruch
Member since:
2006-03-13

I really hate that mentality. Ads are your form of payment for this and other websites and services.

Unfortunately, ads are something else, a security threat. Any Web site a person visits can be potentially dangerous. If the site isn't malicious, there is also the possibility of someone taking elements of it over, the better to capture at least some of the site's readers.

The risk increases when you add third party content, as each third party offers something to commandeer. Images can have Javascript in the tags that call them. The images themselves can be used to trigger buffer overflows. Many ads are loaded via Javascripts from third party servers. Flash adds and cookies offer significant privacy concerns. Flash also has had some major security issues on all platforms.

Microsoft frequently responds to a security issue in Internet Explorer by suggesting we visit only "trusted sites." Unfortunately, as OSNews has learned the hard way, any Web site that makes use of third party content cannot be considered trusted.

The OSNews staff may already have asked the question: Does the revenue they receive from advertising offset the risk of multiple visitors suing them for infecting their machine? The continued presence of ads from Doubleclick indicates at least a tentative "yes" for now, but if the staff isn't nervous, they should be.

For the users, it's a question of minimizing risk. At the very least one should browse with third party Javascripts blocked. Unfortunately, Firefox with Noscript is the only way I know to do this gracefully. I use the Adblock Plus extension with element hider, and Flashblock. I also throw in a huge hosts file for good measure. I subscribe to updatable block lists.

No, OSNews' ads aren't all that annoying, but I don't block ads because they annoy me. I block because they are a security risk. Browsing is a potentially dangerous activity, and the safety and security of my data comes first.

Is it better for this site to be around with ads, or not to be around at all?

I hope there there are other alternatives. I'm not sure what they might be, but having enough other people expose their computers to potential attack so I can view OSNews content isn't very satisfying.

Reply Parent Score: 5

RE[2]: Stop blocking ads!
by aent on Sun 29th Jul 2007 19:48 in reply to "RE: Stop blocking ads!"
aent Member since:
2006-01-25

I keep my browser up to date, and I never have had ANY security issues. If your current browser has security problems, use another one. I'm not saying click yes to the security dialogs for viewing an ad, and if necessary, increase your security level in the browser. If an ad needs more privileges, you have every right to say no.

Reply Parent Score: 2