Computers-Hacking
See other Computers-Hacking Articles
Title: My browser visited Weather.com and all I got was this lousy malware [also Drudge, Wunderground, Yahoo]
Source:
Ars Technica
URL Source: http://arstechnica.com/security/201 ... -i-got-was-this-lousy-malware/
Published: Aug 15, 2015
Author: Dan Goodin
Post Date: 2015-08-15 11:27:29 by Tooconservative
Keywords: None
Views: 16441
Comments: 77
Millions of people visiting weather.com, drudgereport.com, wunderground.com, and other popular websites were exposed to attacks that can surreptitiously hijack their computers, thanks to maliciously manipulated ads that exploit vulnerabilities in Adobe Flash and other browsing software, researchers said. The malvertising campaign worked by inserting malicious code into ads distributed by AdSpirit.de, a network that delivers ads to Drudge, Wunderground, and other third-party websites, according to a post published Thursday by researchers from security firm Malwarebytes. The ads, in turn, exploited security vulnerabilities in widely used browsers and browser plugins that install malware on end-user computers. The criminals behind the campaign previously carried out a similar attack on Yahoo's ad network, exposing millions more people to the same drive-by attacks. Update: A few hours after Ars published this article, Malwarebytes updated the blog post to say the campaign had moved to yet another ad network, which happens to be associated with AOL. Visitors to eBay were among those who were exposed to the malicious ads distributed through the newly discovered network. Malvertising is a particularly pernicious form of attack because it can infect people who do nothing more than browse to a mainstream site. Depending on the exploit, it can silently hijack computers even when visitors don't click on links. Some browser makers have responded by implementing so-called click-to-play mechanisms that don't render Flash or Java content unless the end user actively permits the plugin to run on a particular site. Some users have resorted to ad blockers, which have the unfortunate side effect of depriving publishers of much-needed advertising revenue. The campaign used against the AdSpirit and Yahoo networks connected to servers run by Microsoft's Azure service. Ultimately, the booby-trapped ads led to attack code distributed through the Angler exploit kit, a software package sold on the black market that makes it easy for criminals to exploit vulnerabilities in Flash, Java, and other software. The AdSpirit attacks were particularly hard to trace because most of the websites involved in the attack were using the transport layer security protocol to obscure the address and encrypt the data. There's no indication the attacks were exploiting vulnerabilities in fully patched software. That underscores the importance of installing security updates as soon as they become available. Poster Comment: Install adblockers to be more secure. Ad Block Plus is the classic extension most people use. It has started to allow some "safe non-abusive" ads to slip through. So, after years of being loyal to ADP, I gave it up and moved to uBlock Origin 1.0.0.1 recently. 
Post Comment Private Reply Ignore Thread
Top • Page Up • Full Thread • Page Down • Bottom/Latest
#1. To: TooConservative (#0)
Your lite-weight recommendations for surfing the web are not just silly but invites further intrusion into one's privacy.
Pardon me if I think your opinion is worthless. Adblockers have proven their value over and over at resisting malware and reducing network congestion. It isn't even debatable among tech types.
You don't need ad blockers. You need a REAL browser.
What "real browser" are you using that is malware-resistant without adblockers/NoScript/Ghostery/etc.? Lynx? Name this browser.
I just downloaded and installed uBlock Origin 1.0.0.1 is there anything else I need do before going to drudgereport?
Nope. It's free and it mostly Just Works. You should see a little red uBlock icon at the upper right of your URL bar. If you come across a website that won't work with adblockers, you can disable uBlock on that site. There are a few other options there as well, you can hover over the icons in the uBlock control window to see what those are. For the big blue button, you can click to disable uBlock for the entire website you are on. Or you can CTRL-click it to disable uBlock only on the page you are looking at. The eyedropper lets you click on page elements one at a time, to allow single ads on a page to display. There are four more similar options in the bottom of the uBlock window. One nice benefit of uBlock is that it really cuts back on bandwidth traffic and CPU use. So it makes web pages load faster and doesn't hog the CPU. Nice for older computers so they don't get bogged down on ad-infested pages. For years, ads only annoyed us or made the pages run slow. But now we see steady attacks by hackers on the ad networks to turn them into a way to attack user security. Let me know if you have any problems. I haven't had any because it is so simple to use. I haven't found any websites that I use trying to block uBlock so far.
anonymous
IOW, you don't have any such browser but don't want to just admit it.
Incorrect, TC. I control my Internet interface is all.
You're awfully reticent. What, are you editing a hosts file endlessly? I'm not sure why you guys always act so ashamed or like you have some huge secret. People have done that since before dialup was popular. Or are you trusting some crapware firewall to do it all for you? That's the other usual means from people too chicken to admit what they use for security.
TOR with TAILS (thumb)?
Tor is horribly slow to start with, even more so if you allow all the ads and scripts to load. And Tor doesn't do anything to protect you from browser attacks, either from malicious websites or hacked ad server networks. Can't be Tor.
Tor with Tails on a thumb drive leaves your computer totally immune. How does it get attacked?
I'm not sure where you read that but it isn't true. Even assuming that Tor was secure and anonymous, it does nothing to protect your browser from malicious websites and hacked ad server networks. Nothing, nada. No more than using VPN or other proxies protect you from server-based attacks.
Even assuming that Tor was secure and anonymous, it does nothing to protect your browser from malicious websites and hacked ad server networks. Nothing, nada. No more than using VPN or other proxies protect you from server-based attacks. If I'm running an operating system on a thumb drive, what are you hacking besides the thumb drive? TAILS - The Amnesiac Incognito Live System. No new programs. No saves. Upon shutoff, it leaves a completely blank slate of all history. It worked for Edward Snowden. Apparently, it works for Glenn Greenwald. http://www.theverge.com/2014/4/29/5664884/this-is-the-most-secure-computer-you-ll-ever-own [extract]
UBlock work with tablets too?
"When Americans reach out for values of faith, family, and caring for the needy, they're saying, "We want the word of God. We want to face the future with the Bible.'"---Ronald Reagan
They have versions of Ad Block Pro that work on tablets. ABP is open-source. So there are several versions of it available on Android. It actually works pretty well on Android. Lots of ads just disappear. Not just in the web browser but even ads in other apps. You should not pay for it. The block lists are free, the source code is open. The people who wrote it and maintain the blocklists and filter lists didn't try to make money from it so you shouldn't pay some scammer for a copy of it. I think there are 3-4 versions of it on Android (and Chrome Store).
Not much different than using the LiveCDs or DVDs with MAC spoofing. It isn't as secure as people think. If NSA or others are operating the TOR exit nodes (a good bet they'll succeed in providing directly or compromising some exit nodes), a man-in-the-middle attack works well. In addition, a distro of this type still has a browser fingerprint, in part because people just keep using the same version of the distro. You also have traffic analysis where a person browses to various sites, over and over. Like GMail or Yahoo Mail or online forums. Tor has never become popular enough to truly shield all its users. That means there are far fewer users to identify, making it easier for NSA/FBI. And those users are nearly all drug traffickers, child porno types, online criminals. Which means they are high-value targets for NSA and law enforcement. Very few people are willing to go to the trouble of playing Spy V. Spy like Snowden. How many people are going to reboot their home computer to fire it up with a Tor/TAILS stick on a daily basis? Almost no one. It is also hard to find USB write-protected flash drives. There used to be some around but I haven't seen them in years. These were made by less-known producers like Ritek and Imation and PQI. I'm not sure if they even make them any more. Other people address the same problems using virtual machines. They keep a small virtual machine with their favorite software pre-installed. They copy it the VM image, use it once, then delete it. Same result as Tor/TAILS (you could even run a Tor/TAILS distro as your VM) but you don't have to keep rebooting but it isn't very portable. But this thread is about preventing browser hijacks to protect users' daily browsers on their home machines from tracking and attack by malicious ad networks. I assume that you realize that using a Tor/TAILS stick as you mention is a red flag, moving you to the head of the list for scrutiny by LEO and national security agencies? This was true before Snowden, even more so now. To use a library or internet cafe to run a Tor/TAILS stick, you have to find one that still allows you to plug in a USB stick and that is set to prioritize USB booting over booting the hard drive. So do you know of an internet cafe or library in your area that actually allows you to use their USB ports and that allow you to alter the BIOS settings to boot from USB before hard drive (and has no password-protected BIOS settings)? Let me know if your local library or internet cafe has such machines in those configurations. I think you won't find any of those still around even if they were available some years back. Most likely, you'll end up using your own laptop, booting with a Tor/TAILS stick and operating off a free WiFi hotspot at a restaurant or hotel or similar location. And is that really your advice to people on how to protect their home machines from drive-by attacks by malicious ad networks? On this little forum of maybe 25 regular posters, how many are going to do that and know how to use such a distro securely? On this forum, Neil would know how to use it. I would. But do we actually go to that trouble? I know I don't.
TooConservative - You don't know what the fuck you are talking about. And it is your thread.
You don't like it when someone tells you something you don't like. Tor is not embraced by millions. It has a very limited audience and always has been quite small. The idea that Granny is using Tor to read email and post cat pictures is ridiculous. People pursuing (the illusion of) that kind of secrecy are painting a target on their backs with LEO and NSA. And they are far more often than not using Tor for criminal purposes or to try to cover their tracks when they visit websites like TrannyGoatIncest.com.
ROTFL. Yeah, like Yukon's silly home web page, correct? The truth is: Surfing the Internet should be used by ALL tools at your disposal to protect your anomymity; not one or two or making product endorsements or disendorsements as you usually perform.
So are you using Tor/TAILs now? Or...what exactly? I notice you are awfully quick to sneer at others but refuse to even identify your browser, what software you use, etc. So I conclude you are largely unprotected or are using a goofball firewall or something similar. Because you are hiding from offering any info at all. You're only here to be the "secretive contrarian expert". Even though you demonstrate no actual expertise or any real knowledge at all. Why so secretive, bucky? You aren't contributing anything to this thread (which is about how to protect your browser from malicious ad networks). I'm not impressed. Any more than I think nolu chan is sitting at home, booted off a Tor/TAILS stick. You two are full of it.
From the TAILS website: Posted Sun 09 Aug 2015 01:02:03 AM CEST Numerous security holes in Tails 1.4 Posted Sun 28 Jun 2015 01:02:03 AM CEST TAILS 1.5 is now out. How secure is TAILS if they find new and "numerous security holes" every 10 days or so? And, nolu, are you actually posting here at LF right now using TAILS? Do you actually use what you are recommending for others to use?
So how you like browing ad-free with uBlock Origin? I was hooked on AdBlock Plus for years but it got greedy (IMO). I now prefer the blocking of uBlock and find it less intrusive. BTW, they both use most of the same adblocking pattern files so the actual work they do is very similar. I'd also be interested if you find pages are loading a little faster, especially if your machine is a few years old. Letting ads run wild actually slows browsers to a crawl, use lots of memory and bandwidth. AdBlock does stop some of the bandwidth issues but it uses a lot of RAM. uBlock uses far less RAM which is a Good Thing. You really see a big difference if you try to load a page/site that has a lot of ads. National Review Online is a good example.
Tor has never become popular enough to truly shield all its users. That means there are far fewer users to identify, making it easier for NSA/FBI. And those users are nearly all drug traffickers, child porno types, online criminals. Which means they are high-value targets for NSA and law enforcement. The article addresses the problem of advertising with malware. What it is not discussing is attacks carried out by the NSA on a Windows computer. Lynx? Name this browser. [buckeroo #7] anonymous Running a specially designed operating system from a USB drive that has no ability to write anything to the computer, and stores nothing, avoids vulnerability to the ad attacks discussed in the article. It did that and more for Edward Snowden. If someone really just wants to surf without endangering their precious computer, they can just spend a few hundred bucks for a Chromebook. No programs can be installed on a Chromebook, not even security software. It boots in about 7 or 8 seconds. It's not vulnerable to the usual crap attack. Keep it basic, do not create cloud storage, and don't get crapified. It is not anonymous, but the article was not addressing anonymity. That is just an added benefit of Tor with Tails.
So you are admitting you don't follow the advice you're handing out on this thread? You don't use Tor/TAILS yourself? But if you do use Tor/TAILS, have you downloaded and updated your USB stick three times in the last 10 days just to fix the "numerous security holes" they found in it? It is a 1GB IOS image and is only being seeded by ~500 torrent users with another 600 leeching it at present. If people want a Chromebook, they can buy one. But we don't see that as a very popular option. That is not a general-use PC which is what nearly everyone is using to visit Weather.com, Wunderground, Drudge. You might as well recommend that people use the old text-only Lynx browser. Or use some defunct machine (NEXT or Amiga or whatnot) so they aren't a target for malicious adware. Or you could tell them to download Firefox source code and completely disable scripting on their binary. But that isn't what this article addresses and no one is going to actually do those things. So it isn't a solution to the problem of drive-by malware attacks from compromised ad networks.
Posted Sun 09 Aug 2015 01:02:03 AM CEST Numerous security holes in Tails 1.4 Posted Sun 28 Jun 2015 01:02:03 AM CEST http://www.theverge.com/2014/4/29/5664884/this-is-the-most-secure-computer-you-ll-ever-own Tails is the secure system that protected Edward Snowden. Here's how it works. By Russell Brandom on April 29, 2014 01:34 pm From the moment you boot up, your computer leaves footprints. Websites leave tracking cookies, following you from page to page and session to session, alongside the usual traces left by your IP address. Persistent logins from Google and Facebook tie each site visit to your offline identity. If anyone really wants to go after you, they can also make a direct attack, targeting malware to track your movements in the background. With the right tools, a computer is an open book. Not this computer, though. It's running Tails, an open-source operating system designed to leave as little trace as possible, launching version 1.0 today after more than five years of open development. It's an amnesiac system, which means it's completely fresh every time you boot up. There are no save files, no new programs, and most importantly, it becomes a blank slate the moment you shut down. It's the digital equivalent of buying a new computer for a single session and tossing it into the river once you're done. That trick has earned Tails a lot of attention. It’s already standard software at Glenn Greenwald’s First Look Media, where he’s called it “vital to my ability to work securely on the NSA story.” Tor researcher Jacob Appelbaum praised the project onstage at this year's Chaos Communications Congress, and in March Tails received a $50,000 grant to keep the project going. Nearly 8,500 computers booted up with Tails on a given day in March, 500 more than the month before. Those are surprisingly high numbers for a project that’s this hard to use, and does this little. But if you need a secure line, Tails is the best way to get it. In the era of the NSA, that’s a rare thing. Tails works by booting your computer off of an external disk — usually a USB drive, an SD card or a CD — but getting Tails onto the right storage drive is harder than it sounds. Ideally, you’d keep it on a CD: once it’s burned into the plastic, the code can't be changed, making it completely immune to malware. But with new versions being released every few months (and plenty of laptops going without CD drives), a USB stick can be more convenient. We used Rufus to make a bootable version on a USB drive and SD card, but even then, certain flash drives simply won’t work with Tails. There are ways to add encrypted storage or persistent programs too, but each extra feature is also a new chance for security problems. Getting Tails onto a computer isn’t straightforward either. There’s a long list of computers that can’t run the OS, and it includes most of the computers made by Apple. We spent the better part of a day trying to launch it on a Toshiba Kirabook, only to have Windows 8 punch through every time. It ends up working best on machines that are Linux-friendly, without anything like a high-powered video card to trip things up. There are a few different stable setups, but lots of ways to accidentally break your own security. In exchange for all the troubleshooting, you get an unusual kind of anonymity. Keeping the operating system on a disk means you’re operating independent of the computer, picking nothing up and leaving nothing behind. It also makes your setup portable. You can launch Tails from an internet cafe and know that none of the programs on the public computer will get in the way of what you’re doing. The new versions of Tails will even hide you within a local network, randomizing the computer’s MAC address to make you even harder to track. None of the methods are completely impenetrable, but together they add up to a major headache for anyone trying to follow you across the web. "Even if the developers wanted to put in a backdoor, they couldn't" Getting there has been a five-year process, with developers working in their spare time on a miniscule budget — less than $60,000 a year in donations, before the recent grant. The code has been open for review at every stage, and after each release, auditors have found holes in Tails' security, creative ways an attacker might circumvent the program. The holes are patched a few months later, then new holes are discovered, then those holes are patched a few months after that. By now, this process has repeated more than 30 times. It's the nature of open-source development, a messy, public process that produces secure software through a slow grind of bug hunts. That parade of public security failings is meant to make users feel safe. If there's a problem in security at any level, you'll know about it, and the team will be under pressure to fix it as soon as possible. It's the same open workflow that built Tor and PGP, and stumbled more recently with the Heartbleed bug. But it means that even if the developers wanted to put in a backdoor, they couldn't. Even more remarkable, no one knows who's behind it all. The development team works under pseudonyms and their legal names have never been publicly revealed. "Some of us want to remain anonymous," the Tails developers told me from a group email account. "Some of us simply believe that our work, what we do, and how we do it, should be enough." As open source software, the LINUX source code is under constant review. Security problems are reported. Who thinks Windows is more secure than LINUX? Tails is a live operating system, that you can start on almost any computer from a DVD, USB stick, or SD card. It aims at preserving your privacy and anonymity, and helps you to: use the Internet anonymously and circumvent censorship; all connections to the Internet are forced to go through the Tor network; leave no trace on the computer you are using unless you ask it explicitly; use state-of-the-art cryptographic tools to encrypt your files, emails and instant messaging. Homepage - https://tails.boum.org/
Add using TOR to being a lawyer and being a combat hero to the list of things I have not claimed. Phishing expedition /fail
How do you know it isn't NSA and/or FBI? You don't. This reminds me of the Firefox special versions that had Tor baked in. Turns out, it was an FBI version that allowed Langley to insert malicious Javascript into anyone running that version. It took months for it to be detected. TheHackerNews: Firefox Zero-Day Exploit used by FBI to shutdown Child porn on Tor Network hosting; Tor Mail Compromised Marques was arrested on a Maryland warrant that includes charges of distributing and promoting child porn online. He faced four charges relating to alleged child pornography offenses with a total of 30 years jail, reportedly dubbed by the FBI as “the largest facilitator of child porn on the planet.” That need has been particularly heightened with the many revelations of the US Prism program and other cyber spying initiatives. You don't suppose the feds seized all his gear and forced him to inform on his users, do you? eHackingNews: Almost Half of Tor sites compromised by FBI [Exclusive details] And that is just the FBI who are amateurs compared to NSA. You are naive about Tor and its limits. You'll notice how much child-porn was going through these Tor-hosted sites, exactly as I said.
Yep. You don't use Tor/TAILS yourself even if you want to wallpaper this thread about using Tor/TAILS to prevent malicious ad network attacks from sites like Drudge. "Use Tor/TAILS. Buy a Chromebook." This is not useful advice to solve a very real and existing problem that users of this site face when visiting sites that nearly all of us visit regularly, like Weather.com, Wunderground, Drudge. And it is clear that you don't practice what you're preaching on this thread.
I can not tell a lie and will not let the cats out of the bag. Stone has repeatedly indicated that I use many, Many, MANY IP addresses to log into his website. No body can duplicate my use, either. Stone can also vouch for chan's IP addresses. They are the same each and every tyme unless his Provider, is set to refresh the user lists (very rare) since he is a broadband subscriber.
Kinda like he treats posters regarding presidential candidates. Quick to shit on them all... refuses to announce who he supports. That kind of deception should send up alarms towards his credibility. Bucky is only here to disrupt. He is and always has been a troll. I'm the infidel... Allah warned you about. كافر المسلح
Take your pick. https://en.wikipedia.org/wiki/UBlock https://addons.mozilla.org/en-us/firefox/addon/ublock/ https://addons.mozilla.org/en-us/firefox/addon/ublock/reviews/ µBlock - 214,818 users https://addons.mozilla.org/en-us/firefox/addon/adblock-plus/ https://addons.mozilla.org/en-us/firefox/addon/adblock-plus/reviews/ AdBlock Plus - 19,564,935 users - - - - - https://addons.mozilla.org/en-US/firefox/addon/adblock-plus-pop-up-addon/ https://addons.mozilla.org/en-US/firefox/addon/adblock-plus-pop-up-addon/reviews/ AdBlock Plus, Pop-up Addon - 1,164,851 users - - - - - https://addons.mozilla.org/en-Us/firefox/addon/adblock-edge/ AdBlock Edge - Discontinued
All anyone has to perform to easily eliminate user ad tracking is to clean their cache memories from tyme to tyme; no specialized "ad blocker crap." It is easy, too; while not using any pull-down menus from ANY browser. But ad tracking software is just one symptom of loss of anonymity. Why not just become anonymmous?
You don't. It's open source. You really think NSA/FBI is behind the open source development of TAILS? You can download "special" copies from bogus sites set up by the NSA or FBI. Shocker. If you want to be secure from the FBI/NSA, your solution of µBlock isn't going to do it. The solution to that is stay off the grid.
Whatever you say. You would know better than I what I use and do not use.
Anyone can use proxies, paid or free. So what? That still does nothing to protect your (unnamed) browser from driveby malicious ad network attacks.
TooConservative isn't too savvy about serious GNU software. We frequectly use signatures to authenticate software besides the website (itself). Often the software is not a download exectable file. It is an ISO image. Or we use torrent. His fears leave him in the dust. I doubt he has programmed with any high level program.
I am not using a proxie.
True. If you look in the Chrome Store or the Google Play store, you'll find tons more. That's because it is open-source stuff and easy to crank out new versions. And they all use the same blacklists/whitelists, it seems.
Comments (41 - 77) not displayed.
Top • Page Up • Full Thread • Page Down • Bottom/LatestInstall adblockers to be more secure. Ad Block Plus is the classic extension most people use. It has started to allow some "safe non-abusive" ads to slip through. So, after years of being loyal to ADP, I gave it up and moved to uBlock Origin 1.0.0.1 recently.(1 image)
#2. To: buckeroo (#1)
#3. To: TooConservative (#2)
#4. To: buckeroo (#3)
You don't need ad blockers. You need a REAL browser.
#5. To: TooConservative (#0)
#6. To: BobCeleste (#5)
I just downloaded and installed uBlock Origin 1.0.0.1 is there anything else I need do before going to drudgereport?
#7. To: TooConservative (#4)
Name this browser.
#8. To: buckeroo (#7)
anonymous
#9. To: TooConservative (#8)
#10. To: buckeroo (#9)
I control my Internet interface is all.
#11. To: buckeroo, TooConservative (#7)
anonymous
#12. To: nolu chan (#11)
TOR with TAILS (thumb)?
#13. To: TooConservative (#12)
Tor is horribly slow to start with, even more so if you allow all the ads and scripts to load. And Tor doesn't do anything to protect you from browser attacks, either from malicious websites or hacked ad server networks.
#14. To: nolu chan (#13)
Tor with Tails on a thumb drive leaves your computer totally immune. How does it get attacked?
#15. To: TooConservative (#14)
Tor with Tails on a thumb drive leaves your computer totally immune. How does it get attacked?
I'm not sure where you read that but it isn't true.
In exchange for all the troubleshooting, you get an unusual kind of anonymity. Keeping the operating system on a disk means you’re operating independent of the computer, picking nothing up and leaving nothing behind. It also makes your setup portable. You can launch Tails from an internet cafe and know that none of the programs on the public computer will get in the way of what you’re doing. The new versions of Tails will even hide you within a local network, randomizing the computer’s MAC address to make you even harder to track. None of the methods are completely impenetrable, but together they add up to a major headache for anyone trying to follow you across the web.
#16. To: TooConservative (#6)
#17. To: redleghunter (#16)
UBlock work with tablets too?
#18. To: nolu chan, Pinguinite (#15)
TAILS - The Amnesiac Incognito Live System. No new programs. No saves. Upon shutoff, it leaves a completely blank slate of all history. It worked for Edward Snowden. Apparently, it works for Glenn Greenwald.
#19. To: TooConservative (#18)
Tor has never become popular enough to truly shield all its users. That means there are far fewer users to identify, making it easier for NSA/FBI. And those users are nearly all drug traffickers, child porno types, online criminals. Which means they are high-value targets for NSA and law enforcement.
#20. To: buckeroo (#19)
#21. To: TooConservative (#20)
Tor is not embraced by millions. It has a very limited audience and always has been quite small.
The idea that Granny is using Tor to read email and post cat pictures is ridiculous. People pursuing (the illusion of) that kind of secrecy are painting a target on their backs with LEO and NSA. And they are far more often than not using Tor for criminal purposes or to try to cover their tracks when they visit websites like TrannyGoatIncest.com.
#22. To: buckeroo, nolu chan (#21)
#23. To: nolu chan (#15)
Numerous security holes in Tails 1.4.1
#24. To: BobCeleste (#5)
#25. To: TooConservative, buckeroo (#18)
[TooConservative #18] It isn't as secure as people think. If NSA or others are operating the TOR exit nodes (a good bet they'll succeed in providing directly or compromising some exit nodes), a man-in-the-middle attack works well. In addition, a distro of this type still has a browser fingerprint, in part because people just keep using the same version of the distro. You also have traffic analysis where a person browses to various sites, over and over. Like GMail or Yahoo Mail or online forums.
[article] Millions of people visiting weather.com, drudgereport.com, wunderground.com, and other popular websites were exposed to attacks that can surreptitiously hijack their computers, thanks to maliciously manipulated ads that exploit vulnerabilities in Adobe Flash and other browsing software, researchers said.
[TooConservative #4] What "real browser" are you using that is malware-resistant without adblockers/NoScript/Ghostery/etc.?
#26. To: nolu chan (#25)
Running a specially designed operating system from a USB drive that has no ability to write anything to the computer, and stores nothing, avoids vulnerability to the ad attacks discussed in the article. It did that and more for Edward Snowden.
If someone really just wants to surf without endangering their precious computer, they can just spend a few hundred bucks for a Chromebook. No programs can be installed on a Chromebook, not even security software. It boots in about 7 or 8 seconds. It's not vulnerable to the usual crap attack. Keep it basic, do not create cloud storage, and don't get crapified. It is not anonymous, but the article was not addressing anonymity. That is just an added benefit of Tor with Tails.
#27. To: TooConservative, (#23)
Numerous security holes in Tails 1.4.1
This is the most secure computer you’ll ever own
Published on Aug 14, 2015
#28. To: TooConservative (#26)
So you are admitting you don't follow the advice you're handing out on this thread? You don't use Tor/TAILS yourself?
#29. To: nolu chan, buckeroo (#27)
(Edited)
Even more remarkable, no one knows who's behind it all. The development team works under pseudonyms and their legal names have never been publicly revealed. "Some of us want to remain anonymous," the Tails developers told me from a group email account. "Some of us simply believe that our work, what we do, and how we do it, should be enough."
Eric Eoin Marques, 28 year-old man in Ireland believed to be behind Freedom Hosting, the biggest service provider for sites on the encrypted Tor network, is awaiting extradition on child pornography charges. It is understood the FBI had spent a year trying to locate Mr Marques.
#30. To: nolu chan (#28)
(Edited)
Phishing expedition /fail
#31. To: TooConservative, nolu chan, A K A Stone (#22)
(Edited)
Why so secretive, bucky?
#32. To: TooConservative (#22)
(Edited)
I notice you are awfully quick to sneer at others but refuse to even identify your browser, what software you use, etc.
#33. To: TooConservative (#0)
Install adblockers to be more secure.
#34. To: nolu chan, TooConservative (#33)
#35. To: TooConservative (#29)
How do you know it isn't NSA and/or FBI?
#36. To: TooConservative (#30)
Yep. You don't use Tor/TAILS yourself even if you want to wallpaper this thread about using Tor/TAILS to prevent malicious ad network attacks from sites like Drudge.
#37. To: buckeroo (#31)
Stone has repeatedly indicated that I use many, Many, MANY IP addresses to log into his website. No body can duplicate my use, either.
#38. To: nolu chan, TooConservative (#35)
#39. To: TooConservative (#37)
#40. To: nolu chan (#33)
Take your pick.
.
.
.
[Home] [Headlines] [Latest Articles] [Latest Comments] [Post] [Mail] [Sign-in] [Setup] [Help] [Register]