I'd say it's news because I think there's some sort of escalated attack going on. We got reports of this all over the place, CNN, WSJ, Huffington Post. Thank God not on eWEEK yet.
But yes, it goes to prove the old transitive trust thing, as I put it when you trust a web site you trust everyone they're in bed with. Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blogs.pcmag.com/securitywatch/ Contributing Editor, PC Magazine [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of silky Sent: Monday, November 12, 2007 9:12 PM To: Dude VanWinkle Cc: [email protected] Subject: Re: [funsec] Some Ad Networks Are Bad News is this really news? story @ 11: you are only secure as your weakest link. orly? let's also not forget that ad's themselves are viral in nature. tricking us into trusting the products they promote so that they can exploit our wallets ... On 11/13/07, Dude VanWinkle <[EMAIL PROTECTED]> wrote: > On Nov 12, 2007 7:53 PM, Paul Ferguson <[EMAIL PROTECTED]> wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > Nice article, Larry. :-) > > > > Via eWeek. > > > > [snip] > > > > You wouldn't go surfing to just any site. You're careful about where > > you go. You only go to sites you trust. > > > > But who are you trusting? A series of recent attacks has resulted in > > seemingly respectable news sites serving malware and redirecting > > users to sites that serve malware. > > > > The problem is in the ads on those news sites. The ads are served by > > advertising networks that weren't careful enough with their own security. > > When you trust a Web site you have to trust everyone it's in bed with. > > > > [snip] > > > > More: > > http://www.eweek.com/article2/0,1759,2215305,00.asp > > > > Also, here's an accompanying article by Lisa Vaas on DoubleClick > > serving up malware ads: > > > > http://www.eweek.com/article2/0,1759,2215635,00.asp > > hmm, doubleclick serving up malware ads.. funny that this is the link > on the ziffdavis atricle :-) > http://ad.doubleclick.net/click;h=v8/3609/0/0/%2a/q;137016197;0-0;0;84 > 02494;3030-160/90;22613468/22631351/2;;~okv=;pos=top;zdid=a219243;zdty > pe=commentary;zdaudience=creativeprofessional;pagetype=article2;zdtopi > c1=securityopinions;tile=2;sz=160x90;~sscs=%3fhttp://clk.atdmt.com/MRT > /go/zffdvity0180000043mrt/direct/01/ > _______________________________________________ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. > -- mike http://lets.coozi.com.au/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
