103 6717
Michael Fesser wrote:
.oO(Bear Bottoms)
>On Mon, 14 Jul 2008 18:59:49 -0500, Michael Fesser <ne*****@gmx.dewrote:
>>Just think logically:
1) What is a website? It's HTML and CSS. It's a document, not a program. You can display it in various formats, but it can't gain kind of an own life to do funny things to your computer outside its rendering context.
Logical conclusion: A website alone doesn't do that.
Micha...this premise is just wrong. Websites can and do contain all kinds of scripts.
Correct, but I consider them just additions to a website. They are
always optional (like images and CSS) and not interpreted by every
browser. But I also mentioned those scripts in my second point.
Micha
Sure Micha, I concede a pure HTML/CSS website can't do much in the way
of controlling your computer (when was the last time you ever saw a
"plain" website?), or a properly setup browser, however, that was never
what this was about. We are talking about someone's system (which
obviously *hasn't* been secured properly) being at risk and the user
wanting to know steps to take to secure it. You know as well as I, a
malware site will never be just "plain". Most websites are now
JS/WSH/ActiveX enabled, multimedia light shows all of which require a
user to have some sort of software installed on their computer just to
access them. It's these systems which are at risk *if* they aren't
secured correctly.
My point is, unless you've previously visited a site, you don't know how
it's going to interact with your browser and therefore, you should
always err on the side of caution and ensure your system is secure,
regardless of whatever O/S you run.
--
Me Here
"The biggest threat [to privacy] is public complacency" -- John Gilmore
fighting regulations about having to show ID when flying.
hummingbird wrote:
On Tue, 15 Jul 2008 00:16:33 +1000 'Me Here'
wrote this on alt.comp.freeware:
>hummingbird wrote:
>>On Mon, 14 Jul 2008 14:23:03 +1000 'Me Here' wrote this on alt.comp.freeware:
Tom wrote: On Sun, 13 Jul 2008 13:45:20 -0400, C A Upsdell wrote: > >If Windows, Ctrl Alt Delete to call up the task manager; select the >browser; kill it. Very inelegant. > When you have a dozen tabs open, killing the browser, kills all the tabs. > When you restart Firefox, it asks if you want to open all the old tabs, but, of course, that will just open the quicksand site all over again. > So, without editing the hosts file and shift reloading, you're forced to say NO to reloading your old tabs ... and you lose them all. > That's why you don't kill the browser session. > Luckily we found a single-click way to solve the problem (type "start -> run -hosts, add the offending domain, and shift reload the browser). This turns the quicksand URL into cement. Voila! Thanks to hummingbird!
If you have other tabs open that you want to keep viewing, then yes, it's a good immediate, albeit 'temporary' solution to the problem. I say temporary because using a Hosts file isn't a good solution. Many malware sites scan and remove their listings from hosts files (and even locking it via the read-only attribute won't protect you). They do it by making you log into a benign site first (one that isn't blocked) and using that to remove their entry from your Hosts file before redirecting you and trapping your browser. Good point MH. I've never experienced that trick, especially since I started safe hexing, but I am aware it can happen.
These days, I seem to be safe with a hosts file to block unwanted sites, plus a supplementary program or two (SpyWareBlaster etc).
Even running free FireFox addons such as NoScript won't protect you unless you've been caught before and know not to allow the site access to Java or JS. You should really be running an IP blocking program like PeerGuardian or if that is too much hassle, do what I do and use OpenDNS. I'm sure there are other solutions, those two just spring to mind. My advice, if you don't want this happening again and you're the type that's likely to run across sites like these often, is to do a bit of research into blocking methods and choose the one that best suits your need.
As I said, a hosts file is great, so long as you protect it otherwise it becomes pointless. Many programs out there now protect things like Home pages and hosts files simply because security companies are aware that they are easily hijacked with things like WSH or ActiveX (or even a crappy FF addon).
Yeah, I must think about protecting my own hosts file. I think
SpyWareBlaster offers this feature.
[rushes off to check]
Yes it does, I use it myself. Even if you use the stock Hosts file
(with no entries other than 127.0.0.1), you should still lock it down
because malwares sites have been known to add security site IP's to
block them in it in an effort to remain undetected (some people don't
run antivirus software locally but prefer to run "online" scans).
--
Me Here
Don't worry about people stealing your ideas. If your ideas are any
good, you'll have to ram them down people's throats. -- Howard Aiken
On Tue, 15 Jul 2008 11:05:10 +1000 'Me Here'
wrote this on alt.comp.freeware:
>hummingbird wrote:
>On Tue, 15 Jul 2008 00:16:33 +1000 'Me Here' wrote this on alt.comp.freeware:
>>hummingbird wrote: On Mon, 14 Jul 2008 14:23:03 +1000 'Me Here' wrote this on alt.comp.freeware:
Tom wrote: >On Sun, 13 Jul 2008 13:45:20 -0400, C A Upsdell wrote: >> >>If Windows, Ctrl Alt Delete to call up the task manager; select the >>browser; kill it. >Very inelegant. >> >When you have a dozen tabs open, killing the browser, kills all the tabs. >> >When you restart Firefox, it asks if you want to open all the old tabs, >but, of course, that will just open the quicksand site all over again. >> >So, without editing the hosts file and shift reloading, you're forced to >say NO to reloading your old tabs ... and you lose them all. >> >That's why you don't kill the browser session. >> >Luckily we found a single-click way to solve the problem (type "start -> >run -hosts, add the offending domain, and shift reload the browser). This >turns the quicksand URL into cement. Voila! Thanks to hummingbird!
If you have other tabs open that you want to keep viewing, then yes, it's a good immediate, albeit 'temporary' solution to the problem. I say temporary because using a Hosts file isn't a good solution. Many malware sites scan and remove their listings from hosts files (and even locking it via the read-only attribute won't protect you). They do it by making you log into a benign site first (one that isn't blocked) and using that to remove their entry from your Hosts file before redirecting you and trapping your browser. Good point MH. I've never experienced that trick, especially since I started safe hexing, but I am aware it can happen.
These days, I seem to be safe with a hosts file to block unwanted sites, plus a supplementary program or two (SpyWareBlaster etc).
Even running free FireFox addons such as NoScript won't protect you unless you've been caught before and know not to allow the site access to Java or JS. You should really be running an IP blocking program like PeerGuardian or if that is too much hassle, do what I do and use OpenDNS. I'm sure there are other solutions, those two just spring to mind. My advice, if you don't want this happening again and you're the type that's likely to run across sites like these often, is to do a bit of research into blocking methods and choose the one that best suits your need.
As I said, a hosts file is great, so long as you protect it otherwise it becomes pointless. Many programs out there now protect things like Home pages and hosts files simply because security companies are aware that they are easily hijacked with things like WSH or ActiveX (or even a crappy FF addon).
Yeah, I must think about protecting my own hosts file. I think SpyWareBlaster offers this feature.
[rushes off to check]
Yes it does, I use it myself. Even if you use the stock Hosts file (with no entries other than 127.0.0.1), you should still lock it down because malwares sites have been known to add security site IP's to block them in it in an effort to remain undetected (some people don't run antivirus software locally but prefer to run "online" scans).
Thanks MH, I'll ponder that.
--
"All truth passes through three stages.
First, it is ridiculed, second it is violently opposed,
and third, it is accepted as self-evident"
(Arthur Schopenhauer)
"Bear Bottoms" <be**********@gmai.comwrote in
news:op***************@bwwlxc1.br.no.cox.net:
On Sun, 13 Jul 2008 08:04:02 -0500, Tom <tw******@hotmail.comwrote:
>How do we get out of the browser infinite loop quicksand when we navigate to web pages designed to lock us in and force us to hit the "pay me" button (whatever they want to force you to do)?
These are just a sample of nasty quicksand web pages I've run into which lock your browser into a loop and won't let you get out until you hit the "install" or "run" or "OK" button... (whatever it is they want you to do).
When you navigate to these quicksand links, you can not get out of their infinite loop with your browser no matter what you do. I'm forced to control alt delete and kill the browser from the task manager ... but I ask ...
Is there a more graceful way, after the fact, to navigate away from quicksand domains which have a hold on your browser, other than control alt deleting the browser process?
Why not just close the tab/page? BTW, some of these links are
dangerous to persons who would navigate to them out of curiosity. Not
a good idea Tom.
Hi Bear Bottoms!
I have forwarded the links onto my associates in the antimalware
community. We will be looking into the offerings on the sites, and if
they are malicious, our programs will offer detection and removal.
--
Regards,
Dustin Cook - http://bughunter.it-mate.co.uk
BugHunter v2.2e AntiMalware Removal Utility
For Windows users, I highly recommend: http://www.malwarebytes.org - MalwareBytes AntiMalware This thread has been closed and replies have been disabled. Please start a new discussion. |