Malware Installed by LiveJournal Ad 199
Jamesday writes "LiveJournal recently introduced an ad-supported level. Over the last few days an advertiser used an ad to install the ErrorSafe malware that tried to trick people into believing they had a fault on the computer that needs them to purchase a fix. The ad used a server-side setting and targetted only those outside the US, to prevent LiveJournal's own checks from noticing it. LiveJournal has apologized for the ad and slow response." Even our readers have had to endure more than one browser-crashing ad campaign from time to time. Thanks for sticking around.
Breaking News (Score:3, Insightful)
This just in: Capitalism and Morals do not necessarily go hand in hand.
Are there any humans around? (Score:4, Insightful)
Re:Breaking News (Score:3, Insightful)
Re:This isn't too surprising (Score:5, Insightful)
Re:Are there any humans around? (Score:4, Insightful)
I know publishers hate ad-blockers... (Score:5, Insightful)
... but they and the advertisers are the ones driving people to them.
No seriously, is it any wonder people turn to ad-blockers? Try reading an informative bit of text when there's a Flash advertisement of box jumping around and flashing like a student at Mardi Gras. I don't care if you are trying to tell me I'm your millionth visitor. You misspelled congratulations! The box makes me wish I had no peripheral vision! FOAD.
Now I know publishers want to make a buck (I have a few websites [sans-advertising] myself), but if the advertisers are going to use annoying/underhand methods, people will take steps to protect themselves. A lot of these companies would do well to look at the sort of program Google offers: inoffensive, targeted, text ads.
In short: make your advertising better -- advertisers AND publishers -- or lose that which you supposedly value. Eyeballs.
Re:Are there any humans around? (Score:5, Insightful)
A better question is why displaying an ad can install software on your computer. The LiveJournal posts say it was a Flash ad, so until we get real information it's logical to guess that it exploits one of the vulnerabilities in the Shockwave player.
simple fix (Score:2, Insightful)
It's for this reason that any webmaster who insists on using 100% flash to view their site deserves a swift kick to the nutsack.
Adverts? (Score:5, Insightful)
Identify the Advertiser (Score:4, Insightful)
The way to discourage this kind of nonsense is to make sure that the advertisers are identified and given a large public black eye. Probably that's not appropriate if the ad just uncovered a bug in the Flash player, but I think it certainly is in the case where an ad installs spyware.
Did the advertiser know this was going to be done? Quite possibly not, but they are still the ones responsible for the ad: they want the good consequences (more sales), so they have to take the bad ones as well. If their bottom line is hurt, they'll start paying more attention to what their ad agencies and other agents are doing. (This is just an application of Murphy's Golden Rule: the guy who has the gold makes the rules.)
weak effort (Score:5, Insightful)
(1) they failed to post a notice or provide links for the removal of the malware. At best in the blog there are references that such removal instructions exist, peppered with a warning that some of them are actually malware themselves. They should have made the fix EASY and FOOLPROOF to obtain after getting their readers infected. It's been how long since they got their subscribers infected and they have done nothing more than to stop more of them from getting infected. They helped to break the computers, they should play an active roll in fixing them.
(2) the impression I got from their posts in their blog was that "oops sorry not our fault, not our advertiser's fault, it's one of the ad companies that subscribed to our advertiser". This is a cop-out. When you provide a service like they do, your advertisement is a bundle that comes with your service, and as such you are responsible for its content. I don't care if it's a 3rd party. You take on the responsibility for the content you deliver, regardless of how you get it. You can have legal arrangements with your content providers that provide YOU with a legal remedy, but the grief passes through you. You get sued, and then you sue the ones upsteam that caused you to get sued. You do not "pass the buck" and point a finger up the chain three levels and say not my problem good luck getting anything out of them, because the consumer has no legal recourse against those people. You as the content provider do have a legal recourse against your advertiser, and they have recourse against their affiliate who caused the problem in the first place. This pass the buck mentality is cheap and lazy, and they should be ashamed for trying to pull it.
Re:This isn't too surprising (Score:2, Insightful)
You're using Windows from an account that has Administrator privs, aren't you?
Re:Google (Score:3, Insightful)
Seriously, people should be making use of the adblocking functionality in their browsers, or better yet, installing filtering proxies like proxo [proxomitron.info] to halt this crap before it gets to the browser.
Re:Breaking News - spin (Score:5, Insightful)
Caveat Emptor
Doesn't matter if its politics, economics, religion, software, hardware, or even information.
The fact that there are people running businesses with questionable ethics in no way reflects on the morality of the underlying economic philosophy. History easily shows that people who have questionable morals have no difficulty working within the structure of any social philosophy which gains any significant following whether it be economic, religious, or governmental in nature.
So when someone comes around selling their alternative economic philosophy based on the idea that the current system inherently lacks morality, caveat emptor.
burnin
Re:Breaking News (Score:4, Insightful)
Google AdWords = good (Score:4, Insightful)
You know, Google ads are the only ads I look at any more. (Hell, I run them on my own site!) They are short, not ugly (because Google cares [google.com] about the viewer's experience), and quite often very pertinent to the content. I have to try really hard not to puke when I log in to something like Yahoo! Mail! and I see flashing banner ads for "Get your Credit Rating" or "Cheap Mortgages" or "Warning: Your system is broadcasting an IP address! Ph33rz0r teh RFC!". They are the most useless ads ever. The only reason I think they might survive is if the ad networks charge per impression, not per click--because almost nobody would click on them!
Re:Breaking News (Score:3, Insightful)
In other words, it runs counter to human nature. People are instinctually selfish, and it will never change.
Won't hold water in the end... (Score:3, Insightful)
Moreover, if the malware violates unauthorized-access statutes, the TOS would be well and truly trumped by such legislation.
Overall, they're in a very weak legal position; a reasonable person would conclude that the best course of action is to mitigate the damage to users, FAST and well, rather than take a ho-hum-not-our-fault attitude. Their response speaks volumes about them...
Re:Are there any humans around? (Score:3, Insightful)
Re:Breaking News (Score:5, Insightful)
Exactly, and that's not necessarily a bad thing. It is precisely because of self interest that others are willing to offer us their goods and services. One of my favorite quotes puts it much better than I can:
Re:Breaking News (Score:2, Insightful)
No self-interest? How is that achieved? The only way you could do this was to provide everyone with everything they wanted - but no economic system can do that. As you say, we need Star Trek replicators. It's not communism which gets rid of the self-interest - it's the replicators. In a society with unlimited resources, economics doesn't really have much meaning anymore.
There is no need for contracts that bind the consumer to the advantage of the vendor.
Well, just as people often confuse communism with communist states, don't confuse capitalism with the corporatism we see in the US. Contracts like this are state intervention, and not something inherent in capitalism.
I might as well propose another system: Moral capitalism. It works just like capitalism, but everyone is nice to each other.
See, it's easy to come up with moral systems when you can assume how people behave...
Comment removed (Score:3, Insightful)
Re:Just one ad? (Score:5, Insightful)
Re:Obligatory serious responce to smartaleckiness (Score:2, Insightful)
Re:Are there any humans around? (Score:3, Insightful)
I'm just a bystander too, but I beleive you're missing the GP's point.
Do newspapers clear an ad, then send their paper off to the advertiser with blank sections in pages for the advertiser to fill in with whatever they want?
The internet advertising industry is broken, because the advertisers have too much control, and when they abuse that like this, it is time to take that control back. Send me your flash animation, animated GIF or whatever, and I will add it to my page. You'll have to trust me on page hits, or get an independant third party to measure them, because the ad will be served from my server. This is the way it works in print media, and for a good reason which this case demonstrates.