Adblock Plus and (a little) more

80% of malware served through ads? · 2007-03-28 03:45 by Wladimir Palant

PC World published an article on the analysis done by security firm Finjan that shows that 80% of all malicious code is served through online advertising. Now as with every statistic their selection might not have been representative, I have strong doubts that this number is accurate. But the trend is clear — there is much to be gained by infiltrating advertising networks, it allows hackers to inject their code into many sites including the ones where users don’t expect it. So the common advise to avoid visiting “shady” sites has once again lost some of its appeal, ads are displayed on “serious” sites as well. But I guess it will not stop most webmasters from trusting third-party content unconditionally by embedding scripts from third-party servers into their web pages. If these third-party servers get compromised their web site will be automatically affected as well, with identity stealing being the least serious consequence.

Read more Comment

Tags:

Usability vs. Security · 2007-03-25 01:53 by Wladimir Palant

Disclamer: This post is only about using NoScript as a security solution, not as a way to block annoyances.

It seems that me pointing out the fundamental flaw in NoScript only inspired another round of madness — that’s the only name I can find for it. Giorgio Maone has developed a solution that will effectively stop untrusted sites from injecting JavaScript through XSS holes in whitelisted sites. He is currently testing it with a development build and from what I can tell it mostly holds what it promises. Is that an achievement? Giorgio has obviously put much thought into this feature but I still have to say: no.

Read more Comment [19]

Tags:

Encouraging innovation · 2007-03-16 23:28 by Wladimir Palant

I had to laugh out loudly on this one. The IEBlog announces the winners of the IE Add-ons Contest. Guess who won the Grand Prize?

Read more Comment [3]

Tags:

Blacklists, whitelists, and security · 2007-03-15 04:13 by Wladimir Palant

I had a lengthy discussion with Giorgio Maone (author of the NoScript extension) about what is a security solution and what isn’t. Starting point was my statement that, while being excellent for getting rid of annoyances, neither Adblock Plus nor NoScript are really security solutions. Both have the potential, so why not?

Read more Comment [9]

Tags:

Why "Save Page As HTML, complete" sucks · 2007-03-15 00:20 by Wladimir Palant

I read a forum question from an Opera user who was upset because Opera 9.10 now saves web pages “like IE and Firefox” – meaning saving them with all the included files. His problem was easily solved with a configuration change but it got me thinking. Generally this doesn’t seem to be such a bad idea, it allows you to open a saved web page and it will look exactly the same. So I tried to understand why this user was so upset and why I almost never use this feature myself. It seems there are three things.

Read more Comment [14]

Tags:

Status of "immediate unblocking" feature · 2007-03-07 03:28 by Wladimir Palant

My post about finding a way to unblock items immediately when the filters change was probably too optimistic. I am finished coding the basics but I hit some problems in Gecko.

Read more Comment [10]

Tags:

Getting back to Oslo · 2007-03-01 12:41 by Wladimir Palant

I already left Darmstadt and I am on my way back to Oslo now. The unpleasant surprise is that Germanwings no longer flies to Oslo. I have no idea why they stopped serving this direction in the middle of the season — I couldn’t find it mentioned anywhere, there are just no more flights between Cologne and Oslo (the webpages of both airports confirm this so this isn’t a glitch in Germanwings’ database). That means that I will fly from Düsseldorf with Norwegian which is slightly less convenient. But at least I will spend a few more days in Cologne.

Read more Comment [6]

Tags:

Filterset.G - I call "bullshit" · 2007-02-13 15:01 by Wladimir Palant

I stumbled upon the Filterset.G article in Wikipedia and noticed that G recently edited it adding some “facts”. The most ridiculous one is: “There are approximately 1.5 million users of Filterset.G”. And these statistics are supposed to back it up. From the look of it G simply took the absolutely meaningless number of sites per month.

Read more Comment [15]

Tags:

Anti-spam protection in the comments · 2007-02-05 12:22 by Wladimir Palant

A few days ago this blog was hit by the first automated comment spam attack since I installed it. I stopped the immediate attack by banning the spammer’s email address, but now I added proper anti-spam protection similar to what is used in the forum to prevent the same thing from happening again. If you notice any issues adding comments please send me a mail.

Read more Comment [6]

Tags:

Mozilla hurting Google by recommending Adblock Plus? · 2007-02-01 15:12 by Wladimir Palant

Quite a few blogs picked up the idea that there is something strange about Mozilla recommending Adblock Plus. They quote Mozilla’s financial statement saying that Mozilla earned $50 million in 2005 from search engine cooperation (mostly Google though at least Yahoo contributed as well) which is indirectly income from advertisements.

Read more Comment [36]

Tags:

Cookie preferences

We use some cookies to give you the best experience on our website. Read more

Cookie preferences

We use some cookies to give you the best experience on our website. By using our site you are aware that we are using cookies and you can change this any time. Learn more

Necessary cookies

Used to remember your privacy preferences. They cannot be switched off.

Tracking cookies

We use these to analyze website traffic.