Morning Discussion: Presidents Day Edition
Residents of the USA might have today off work, or perhaps they might not. Here at Shacknews we're in a half-holiday state, where we're doing a few odds and ends but are not pumping video games as hard.
The rest of the world: today is Monday, proceed as per usual.
-
ElPopo
replyBeware everyone ADs on the Shack are spreading trojans again...
-
[deleted]
-
AdBlock Plus + Firefox = heaven.
-
-
Does that really do anything beyond what ABP does? I thought it would interfere with Greasemonkey....
-
-
wow got this too..getting slammed with ad scripts. Hope I can filter individual scripts..I still want to have to block all of the shack.
-
*don't want to
-
-
-
just installed it..what filter list are you using?
-
EasyList (USA) is what I use by default.
-
[deleted]
-
Yeah, I wasn't sure if it was still tempbannable. But it's absolutely necessary at this point -- nobody's done the right thing and pulled the ads until they can figure this shit out.
-
yep I have no problem looking and even clicking ads..but not willing to format my pc for it. :(
-
-
-
[deleted]
-
-
[deleted]
-
I think they layed off the tempbans once trojans entered the picture. It's not about fucking over the shack, it's about protecting yourself now.
-
It's never been about fucking over the shack. That's one of the things that' so insulting.
-
-
[deleted]
-
-
-
I just use Flashblock when browsing. If I need flash for a site I use IE. Most flash ads have a .gif backup and they don't randomly lock down one of your CPU's.
On a side note Windows Defender detected a trojan for the first time in I don't know how many years. I did a MBAM scan and it found a couple more. I think it may have come from the Shack now. I need to apologize to my niece who frequently uses my system on a limited account but has never infected a thing. -
-
Frankly, at this point, if you are browsing the shack without adblock, flashblock, and (optionally) noscript running then you're pretty much asking for something nasty to happen.
-
That's been happening for several weeks now.
-
-
[deleted]
-
-
-
Alt + F4 worked for me.
-
-
You're thinking of Windows Key + F4.
-
-
-
-
-
[deleted]
-
-
-
-
[deleted]
-
-
[deleted]
-
i read it as maintaining a more even perspective, that reddit's website does not do what shacknews/fileshack/shackvideo does and thus perhaps the same standards do not apply in the same way. nobody is saying that "it's okay for shack's advertisers to serve trojans," don't be a dummy.
-
-
-
-
[deleted]
-
With youtube it's really pointless to use shackvideos especially with how bad the video player is at times. Fileshack isn't used by me anymore either
-
I stopped using Fileshack when it started removing the .exe from files. So annoying...
-
-
-
-
And that's what would have happened -- and did happen, on a few occasions -- when Steve owned the site.
-
That would be the most logical, customer-friendly response.
-
-
[deleted]
-
-
-
It really has gone on far too long. It's a great word-of-mouth advertisement for those unmentionable Firefox plug ins. I never turn mine off; it's just stupid to browse websites that server malware without being locked down.
-
-
Thats a negative. I've been getting them using Chrome but Microsoft Security Essentials has found and destroyed all the infections.
-
-
im running a no-ads script for chrome, its preventing it, MSE catches it when I use IE though.
-
-
-
-
OSX + Safari = Safe.
-
-
I prefer it over Chrome and Firefox. It always seems snappier.
-
-
-
I'm thinking about leaving the shack over this. No joke. To be honest, I access the shack a lot at work and I can only use IE.
So where does everyone else gather? :(-
-
[deleted]
-
[deleted]
-
-
well, there's this: http://shack.stonedonkey.com/
-
^^^This is probably your best bet. Unless you do have an iphone.
-
-
Can you access stonedonkeys mobile page?
http://shack.stonedonkey.com/
Doesn't require a phone / special software.
-
-
Yes and I work a lot when I'm home as well but there are down times.
-
-
-
What is the trojan? I got something called AntiVirus Plus. I was wondering where it came from--maybe from here.
-
-
-
Just wait until mace starts paying for his Mercury subscription with rape dollar$
-
-
Register a domain name and name your price, because I would subscribe to this.
-
-
-
[deleted]
-
It's almost impossible for me to Shack on the weekends. We usually have basketball games all Saturday morning, then we'll come home and catch up on LOST or whatever, run errands and stuff. Then Sunday is usually spent cleaning the house and doing homework. When you have 2 adults, 3 kids, 3 dogs and 2 cats in one house - it's nuts. I'm telling you, get some houseplants instead. I love my boys but goddamn I'm exhausted from everything. I'd give a thousand dollars to be able to just sit around in my underwear all day, jerk off when I felt like it and play video games and not have to hear about getting the house picked up every three fucking secondsklajsd;flj;laksdjjkl; asdklfj;;LKDJ
-
Strangely, Phil's wish is my life.
-
Mine Too! I'm living the dream!
-
You know for my birthday every year I ask to do this. I get awesome replies like lets all go to the beach for your birthday.
-
Hey Brah!
-
[deleted]
-
-
-
-
[deleted]
-
Has any other (non-dodgy) site been serving malware ads regularly for months on end?
I really can't buy the excuses about the advertising network anymore when it seems unique to the Shack.
Other sites have this issue very, very rarely. The shack gets a new trojan ever couple of weeks, it seems.
Ridiculous.
-
-
[deleted]
-
Jesus, there are some irate people in those comments.
-
-
A wallpaper site I visit once had a malware ad. It was gone pretty quickly and never came back AFAIK.
A bunch of sites have had bad stuff injected through SQL exploits too. I don't think any site is 100% safe... but the shack seems pretty unique in serving malware again and again for several months now, while making BS excuses for doing it.
-
-
From a couple of weeks ago: http://www.shacknews.com/laryn.x?id=22071902#itemanchor_22071902
greg-m is the person that has been responding to the issues.
-
-
-
so far its has only happened to me here. Kinda fucked up really.
-
-
[deleted]
-
I love the fake "trojan scanner" that scanned my whole hard drive in 3 seconds... RIGHT!!! sure it did.
-
-
shacknews: it gets you virtual STDs
-
-
-
How are you viewing the ads helping the situation though? It isn't
-
Run noscript. You still get the ads, but no horrible scripts. Good compromise.
-
-
-
-
What about just using YesScript. It works the opposite, you put in sites you want to block scripts from.
-
-
[deleted]
-
-
[deleted]
-
[deleted]
-
[deleted]
-
-
-
-
-
NoScript blocks Flash unless you specifically allow it per site (it remembers the site). I use Firefox but it is apparently coming "soon" for Chrome
http://techie-buzz.com/browsers/disable-javascript-images-cookies-in-google-chrome.html
-
-
oh hi2u from linux
-
Hi everyone,
Can we have a non-hyperbole moment here?
Malware may happen. It's unfortunate. The powers that be are working on it. It's not like it's been 3 months straight of OMG VIRUSES, there have been non-trivial efforts to fix the problem. Do many of you work in IT doing malware/virus/phishing support? If so you're probably familiar with how when you knock one source down, another is going to come back. There isn't one simple fix for this stuff, and patience is appreciated.
So that said,
What there won't be is rabble rousing of "lets get the shack blacklisted" or similiar shennanigans. I'll just say that's the opposite of useful and I'm done with it.. If you disagree, great, but that's not a discussion for shacknews. If you really have to get it out of your system, you can message me directly. If you have questions about nukes, then message that moderator or a head moderator such as myself, Helvetica or Ajax.
Is there anything you can do to help? First, keep calm and carry on. Protect yourself. Keep a virus scanner, use no-script and the best browser possible. If you're stuck on IE6, that's unfortunate. If you see the ad that starts something, take a screen shot. If you have a tracing program like fiddler running, then double awesome and those logs will tell tons. Those results can be shackmessaged to greg-m.
Thanks-
if you buy mercury, are you completely safe?
-
[deleted]
-
[deleted]
-
[deleted]
-
Only after you log in.
-
-
i do! but thats only at home, the place of sanity and security
-
hahahaha. Good point.
-
-
-
-
[deleted]
-
It sounds like shacknews has multiple ad streams, maybe they need to bite the bullet and alternately shut one down at a time each week, asking for feedback as they go along so they can at least punt the ball to the correct ad provider.
-
Not "hey man shut off the ads" but what about, "hey man change the ads to a setup that any other website uses because I've not heard of any other website on the planet with this kind of problem this frequently for this long..."
People calling it hyperbole and saying to just ignore the fact that the website keeps trying to infect its readers month after month is a little patronising and from where most of us are sitting the results of the people working hard, whether they are or not, are hard to see.
-
Pretty much this. Shack is hardly the only web community I'm a part of, but it is the only one that's had a longstanding issue with serving malware. This doesn't even directly affect me, being a Mercury subscriber, but it's wrong and dangerous for it to go on like this. It needs to be fixed, and it's not hyperbole to suggest people take reasonable action on it.
-
This is exactly it; how is it that every other site I frequent doesn't have this issue with the same frequency yet shack magically suffers consistently? I'm all for supporting the shack, but pushing me to mercury because your business model involves infecting non sub'd users is bs.
If this isn't the case how can you defend the status quo?
-
-
-
At this point I think it's pretty clear that there's an underlying problem that goes beyond "one of our ad providers had an oops so there are some bad ads floating around". It looks more like there are one or more consistently lax (if not outright malicious) ad providers that are not being removed.
The suggestion that people should do all these things, not as general precautions but to work around regular problems on a supposedly legitimate site, is frankly appalling. Yes this is a community, but the site itself is intermittently hostile not just to the community but to everyone else as well.-
[deleted]
-
Oh, are we now going to play the "you haven't been hit, so you have no business complaining" game? Who was it that was just going on about the community?
I have a lightning bolt. I don't have ad problems directly, but I have a problem with the recurring problem other people are having.-
[deleted]
-
-
[deleted]
-
-
-
[deleted]
-
-
-
^^ this is clearly the best reaction. I miss my [lol] button :(
-
-
HAHAHAHA. You obviously don't know PC gamers very well. It's like website DRM my brotha.
-
[deleted]
-
-
-
-
-
-
-
January 7th, shack seemed to be sending infected PDF files to people:
http://www.shacknews.com/laryn.x?id=21842102#itemanchor_21842102
Unless that was a false alarm? (Never heard of an ad or anything else sending PDF files to people by accident, though.)
-
[deleted]
-
-
-
I've harvested the shacknews botnet and I am presently using it to post to a petitiononline anti shacknews malware petition
make your time -
Hold on a minute here. Don't pull this "it's an IT thing, you won't understand" junk. I am in IT and if a source keeps supplying virus and spyware, I cut them off. If the source is one machine but I can't narrow it down beyond 15,000 machines, I cut off 15,000 machines to stop an attack. Really its not rocket science. Yes we all get infected sometimes but if I allowed multiple repeat attacks to continue I would be fired and probably never find another job in IT again.
-
[deleted]
-
-
The viruses are coming from ads, you cut off the ad network. Of course Shack IT can't because a business decision is preventing them.
-
-
Or any other website I go to.
-
-
-
[deleted]
-
[deleted]
-
[deleted]
-
[deleted]
-
[deleted]
-
I haven't forgotten that.
-
[deleted]
-
[deleted]
-
[deleted]
-
-
-
Uh... Honestly, WTF, man?
a) How is it not a big deal that the last one was in early February when it's only mid-February now and we seem to have yet another one?
a) There was another one on January 7th (as I posted above). So even if there were no others -- believe it or not I haven't been keeping track or looking for these threads -- that's two this month, one last month and one the month before. You really don't find that a bit too much?
-
-
-
-
Sorry, had to work the hyperbole out, I'm good now.
What I'm saying is that they're time specific incidents, and not like we've had OMG VIRAL ADS FOR 4 MONTHS STRAIGHT. If there was an additional incident, then maybe greg-m wasn't aware of it. Which also reinforces why it's important to contact them with these things.
I'm not saying it's not an issue, I'm just saying have some patience and don't be like a South Park Canadian and flip your lid-
Each piece of malware is a specific incident but after, what, five/six or more incidents that's a patter and it shows the current way of dealing with the problem just isn't working.
Something needs to change to stop it happening again. As people keep saying, this pattern of malware ads re-appearing every month (or more often) doesn't seem to affect any other website.
We understand it's difficult, and I think people were patient and understanding at first, but it keeps happening, and only happening here.
-
-
-
[deleted]
-
-
-
-
[deleted]
-
-
-
-
-
I'm sure the mods and the staff of the shack isn't. Their hands are tied.
-
[deleted]
-
For sure! I'm bitching and becoming all Mr. Furious but at the same time I know only some mods and maybe a lone IT staff will read it. It sucks for them too. :(
-
-
-
-
-
because theyre in dire straits he knows all the chords
-
-
[deleted]
-
Fuck that, is all I have to say. We're getting viruses and you're telling us to shut up about it.
It's obvious by now that GF could give to shits about us. You don't have to cover for them anymore. If they really cared they'd have flushed this problem long ago. Fucking viruses. Come on.-
-
"I'll just say that's the opposite of useful and I'm done with it.. If you disagree, great, but that's not a discussion for shacknews. If you really have to get it out of your system, you can message me directly. If you have questions about nukes, then message that moderator or a head moderator such as myself, Helvetica or Ajax."
Is basically a threat of nuke for continued posting on the topic, it seems to me-
[deleted]
-
[deleted]
-
You LEFT OUT the part where what he was referring to was *not* malware discussion or adblock discussion, but efforts to get this site blacklisted by google, which is in no ones' best interest.
*I* nuked that post by the way. Chew me out for that if you want, I don't care about getting chewed out, I've been married.
But please don't accuse geedeck of crimes he has not committed.-
ah, ok.
-
-
I was intimidated
-
and you said please
-
-
[deleted]
-
-
-
-
-
-
-
-
-
So, will you get the advertisers that the shack uses to pay us for the due diligence that they should be doing?
Bottom line is - they should be seeking advertisers that are more proactive about this shit. I got a VirusSoft scare-ware infection from this site and chose not to say anything - but the attitude expressed in this post made me speak up.-
[deleted]
-
-
You're jumping to unfortunate conclusions.
"What there won't be is rabble rousing of "lets get the shack blacklisted" or similiar shennanigans. I'll just say that's the opposite of useful and I'm done with it.. If you disagree, great, but that's not a discussion for shacknews. If you really have to get it out of your system, you can message me directly. If you have questions about nukes, then message that moderator or a head moderator such as myself, Helvetica or Ajax."
That's the over-dramatic part I'm referring to.-
sorry if that above post was a bit dramatic and/or retarded. Please read my more sensible reply below.
http://www.shacknews.com/laryn.x?id=22174293
-
-
-
I volunteer to post here - not facilitate these morons, self included. I have much more scruples than to take that on :P
I wasn't attacking geedeck - I was just pointing out what the request ultimately is asking. I feel for you, geedeck, and other mods that have to stave this ridiculousness off. But, hey, I didn't volunteer for that. I just want to post on a board without having my nightly hijack this or mbam log surprise me.
-
-
[deleted]
-
Shack gets advertiser rates based on our views. Why should I do the work for the people that pay them?
I'm not going to stop coming here (it's inconvenient but I can clean up the kruft that the shack has bled onto me), and this is the first time I've jumped on this bandwagon - the reason I did is it seems silly to expect us to do the QA that the shack should be doing by finding good advertisers or that the advertisers should be doing by screening their uploads.
geedeck states that it hasn't been a virus storm the last three months - my question is then - why have the last three months been plagued by threads like the OP? The attitude I speak of is the 'keep it private' nature geedeck's post suggests. I can understand nuking the link to google's reporting site (I don't know if that was nuked - this is a long thread) but I can understand the idea behind suggesting that - it forces action.
I have worked for a very shady datacenter before in which the owners would allow people to perform nefarious acts until way more than a class C was banned (sometimes our full ASN) - and it got to a point in my battle with ownership to clean up the place where I would begin to make reports anonymously to spamhaus, backbone providers, ARIN, etc so that the problematic/illegal client/we'd get banned quicker and I could clean up our network. I hope that type of mentality isn't necessary here - but I understand the spirit of posting the google report link.
We just want to see action. Continuing to see malware ads makes us doubt that action is being taken. I actually think that the owners being transparent with their conversations with advertisers here would make many much more at ease. Obviously greg-m just stating 'we are on it' is not doing it for the masses.
I have winchatty and stonedonkey and some other api's I'm sure I could use if I really thought it was going to be that bad, but I did want to make a point - this shit is b-a-n-a-n-a-s-
[deleted]
-
heh. tis true - I personally have no problem helping myself - nor did I think/realize I was being particularly admonishing - simply stating the expectation of having the community policing ads is like asking for a crime lead from a girl wearing a "don't snitch" shirt in st. louis. They'll just sew their mouth shut but still find a way to spit in your face.
-
-
-
-
-
-
These threads are like every single WoW forum thread relating to patches and server maintenance. FUCK YOU FOR INCONVENIENCING ME, I COULD DO THIS BETTER THAN YOU, YOU ARE ALL IDIOTS!
lol =( -
Viruses are a serious business nowadays. This aint like in 1997 where a Trojan would just go and wipe out your docs and mp3s. Trojans are used to steal private infos and THIS is VERY FUCKING PROBLEMATIC.
A lot of shackers are posting from works, which is already questionable, but having to risk a trojan infection (And dont worry, 0day infections will bypass a lot of shit), is UNACCEPTABLE.
FIX YOUR STUFF, SHACKGODS
-
-
Honestly, I agree with the calls for a different ad source. Ad bad as IGN's McGriddles AD was it didn't give either their paying subscribers or members of their community any virus's.
Having a single person going through what must be a massive amount of ads trying to find a small amount of bad ones is an idiotic way of fixing the problem, I do appreciate his effort however.
This name calling and squabbling isn't getting us anywhere, and neither is the mods defending an approach that so far hasn't fixed the problem.
-
Shack, we are looking into the claims. We are not seeing this behavior across our network of sites so we are not sure if is the actual cause are bad ads or something related specifically to Shack . We will continue to look into this matter. Any assistance you can provide is helpful. If you have any information that will help identify the problems, please Shack message greg-m or me. Thanks.
-
