| |||||||||||||
Another good reason to disable JavaScriptAnother good reason to disable JavaScriptPosted Sep 17, 2009 16:22 UTC (Thu) by Cato (subscriber, #7643)In reply to: Another good reason to disable JavaScript by anton Parent article: All the malware that's fit to print
I doubt if the malware is actually hosted on the nytimes.com domain, so it's still somewhat safe to enable JavaScript for *.nytimes.com, I would hope. Running AdBlock is the other obvious way to stop this sort of attack - when combined with NoScript and FlashBlock, you are safe against a lot of the most obvious attacks.
(Log in to post comments)
Another good reason to disable JavaScript Posted Sep 18, 2009 4:01 UTC (Fri) by njs (guest, #40338) [Link]
The malware itself is not hosted on nytimes.com, but the javascript that loads it is. A quick look at the current source for the nytimes.com frontpage shows what's clearly some code provided by a 3rd party and then pasted into the source. The one I see uses document.write to insert a <script> tag pointing at a 3rd party page, but it could just as well fetch the source code and call eval() to really get around any javascript security limitations.
Of course, they won't bother because malware writers are after the general population, and the general population doesn't write site-by-site javascript security rules. Of course, if you're willing to rely on that fact, then there's no much point in worrying in the first place, because the general population doesn't run Linux and most (though not all) malware that breaks security through technical means is going to rely on some windows-specific stack-smashing code.
Sort of fascinating actually how much info they include in the source, actually -- search for "ADXINFO".
|
|||||||||||||