Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

Malware Installed by LiveJournal Ad 199 199

Jamesday writes "LiveJournal recently introduced an ad-supported level. Over the last few days an advertiser used an ad to install the ErrorSafe malware that tried to trick people into believing they had a fault on the computer that needs them to purchase a fix. The ad used a server-side setting and targetted only those outside the US, to prevent LiveJournal's own checks from noticing it. LiveJournal has apologized for the ad and slow response." Even our readers have had to endure more than one browser-crashing ad campaign from time to time. Thanks for sticking around.
This discussion has been archived. No new comments can be posted.

Malware Installed by LiveJournal Ad

Comments Filter:
  • by Anonymous Coward on Saturday June 24, 2006 @11:56AM (#15596438)
    What part of "The ad used a server-side setting and targetted only those outside the US, to prevent LiveJournal's own checks from noticing it. LiveJournal has apologized for the ad and slow response." did you not read?
  • Re:weak effort (Score:3, Informative)

    by electronerdz (838825) <jgreb@electronerdz.com> on Saturday June 24, 2006 @12:33PM (#15596575) Homepage
    Actually, from their TOS:

    VI. INDEMNITY

    You agree to indemnify and hold LiveJournal, and its subsidiaries, affiliates, officers, agents, co-branders or other partners, and employees, harmless from any alleged claim or demand, including reasonable attorney fees, made by any third party due to or arising out of your Content, your use of the Service, your connection to the Service, your violation of the TOS, or your violation of any rights of another, whether you are a registered user or not. The user is solely responsible for his or her actions when using the Service, including, but not limited to, costs incurred for Internet access.

    and

    XIX. LIMITATION OF LIABILITY

    YOU EXPRESSLY UNDERSTAND AND AGREE THAT LIVEJOURNAL SHALL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL OR EXEMPLARY DAMAGES, INCLUDING BUT NOT LIMITED TO, DAMAGES FOR LOSS OF PROFITS, GOODWILL, USE, DATA OR OTHER INTANGIBLE LOSSES (EVEN IF LIVEJOURNAL HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES), RESULTING FROM: (i) THE USE OR THE INABILITY TO USE THE SERVICE; (ii) THE COST OF PROCUREMENT OF SUBSTITUTE GOODS AND SERVICES RESULTING FROM ANY GOODS, DATA, INFORMATION OR SERVICES PURCHASED OR OBTAINED OR MESSAGES RECEIVED OR TRANSACTIONS ENTERED INTO THROUGH OR FROM THE SERVICE; (iii) UNAUTHORIZED ACCESS TO OR ALTERATION OF YOUR TRANSMISSIONS OR DATA; (iv) STATEMENTS OR CONDUCT OF ANY THIRD PARTY ON THE SERVICE; OR (v) ANY OTHER MATTER RELATING TO THE SERVICE.
  • Re:simple fix (Score:4, Informative)

    by Nutria (679911) on Saturday June 24, 2006 @12:34PM (#15596579)
    My simple fix for the security problems associated with Flash is to not install flash. Let's face it, 99.9% of flash is just obnoxious ads anyway. Who needs it.

    It's for this reason that any webmaster who insists on using 100% flash to view their site deserves a swift kick to the nutsack.


    Google Videos, for one, are all Flash.

    Use Firefox and install Flashblock, then you'll have the benefits of both worlds.
  • by ivan1011001 (751254) on Saturday June 24, 2006 @12:34PM (#15596584)
    The tricky thing about authorization is, by definition [google.com], it requires conscience thought. So one can not authorize something "unaware" of it.
  • by Xserv (909355) on Saturday June 24, 2006 @12:36PM (#15596589)
    TFA had to do with LiveJournal, not MySpace...

    Xserv
  • by Nutria (679911) on Saturday June 24, 2006 @12:38PM (#15596605)
    Yup, yanno why? I'm constantly adminning my home network. CONSTANTLY. pretty hard to set folder permissions and shares and stuff like that when you're not running as admin.

    Sucks to use Windows, doesn't it, not being able to use "su -" and control everything from a command window while logged in as a limited-permissions user?

    Also, Livejournal, before these ads, was a pretty safe and secure site. Now they put in advertising, some of it flash based, and suddenly I'm nailed by one of their ads and malware hits my system.

    Sucks to use IE, doesn't it? Firefox and Flashblocker would have protected you.
  • by khasim (1285) <brandioch.conner@gmail.com> on Saturday June 24, 2006 @12:55PM (#15596657)
    Here is one. But because it is based upon Christ's teachings, it would be more of a Theocracy with "communism" as it's economic model.
    http://www.hutterites.org/ [hutterites.org]

    As for being "moral", as long as they do follow their religious code, they are "moral" by definition.

    Now, whether the code they follow would be considered "moral" by someone following a different code, well, that's because "morality" is subjective, not objective.
  • by larytet (859336) on Saturday June 24, 2006 @01:38PM (#15596836) Homepage
    this is why i block all ads, even google syndication counters. i probably trust cnn servers , but i can't trust to all that IPs my browser pulls the ads from.

    besides slowing down the page download (mostly DNS related issues), disturbing my attention and wasting my time my machine (and IP address) is getting exposed to numerous unknown or little known servers.

    chain of ads suppliers can be very long. ad can go from the initial seller via multiple broker companys to reach my Linux/Win32. in any point on the way it can be intentionally or unintentionally corrupted.

  • Re:Yawn . . . (Score:2, Informative)

    by jofi (908156) on Saturday June 24, 2006 @02:19PM (#15597020)
    According to TFA, it doesn't use an exploit except the one located between the chair and keyboard. It's a little vague, but a non-admin account in XP would have not allowed "ErrorSafe" to install.
  • by Adam9 (93947) on Saturday June 24, 2006 @03:49PM (#15597410) Journal
    Firefox and Flashblocker [mozilla.org] would have protected you.
  • Re:Duh (Score:2, Informative)

    by lightning_queen (861008) on Saturday June 24, 2006 @04:35PM (#15597572)
    Unfortunately, LiveJournal is one of the better ones out there. I've had an account there for three years now, and when I joined, LiveJournal still had the "by invite only" policy. They dropped that policy sometime afterward, then recently implemented the Sponsored+ account option. Although it does mean putting up with ads when reading straight from other people's weblogs, I still have the option not to have them on my own, which means I don't have to put up with them when reading other people's entries from my friends page. Even when I do read from others' pages, the ads aren't generally all that bad, especially compared to the eye-sores that many sites have.

In 1750 Issac Newton became discouraged when he fell up a flight of stairs.

Working...