On Wed, Jul 8, 2009 at 10:04 PM, Aryeh Gregor <[email protected]<simetrical%[email protected]> > wrote:
> On Wed, Jul 8, 2009 at 10:45 AM, Gregory Maxwell<[email protected]> > wrote: > > Provided your changes didn't break the site, I'd take a > > bet that you could have a malware installer running for days before it > > was discovered. > > What, on enwiki? I'd bet ten minutes before it's noticed someone > using NoScript configured to prompt about cross-site loads or > something. And if you're not a real technical expert who sees "aha, the site where the js comes from is surely NOT wikipedia", it doesn't help anyone. People click away these warnings very often and don't bother to actually read them... this is something most people forget in security themes. Marco -- VMSoft GbR Nabburger Str. 15 81737 München Geschäftsführer: Marco Schuster, Volker Hemmert http://vmsoft-gbr.de _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
