![]() Users will freely enter their login information for the current website (thank you AOL!), which can be used to compromise the account. Ad servers can be (maliciously) configured to request the user's password for the website they are currently visiting using browser-based authentication dialogs.These tools reduce the potential attack surface of the web browser. This reason alone should be sufficient to immediately install AdBlock Plus (or equivalent) because, if the ad server can't serve anything in the first place, it can't deliver malware to your computer or other devices. AdBlock Plus (and, to some extent Ghostery) should be considered to be part of a comprehensive security solution beyond what your anti-virus software and hardware firewall solutions offer. This actually happens and it happens because there is no accountability in the ad server world and the people responsible are reactive instead of being proactive. Meanwhile, the ad is being served up to all sorts of users around the world. In some instances, the ad runs before payment even clears! If the flighted ad is placed on what is known as a "remnant ad provider", it can take 6 to 8 hours after discovery of the malware to get it taken offline. ![]() They send over their malicious creative and it runs without being analyzed. It is not uncommon for a hacker to use a stolen credit card to flight malware ads on an ad server platform. Ad server operators are notorious for running any ad, including ads that deploy malware.Here are a few reasons as to why you should be running *at least* AdBlock Plus: I run them because NOT running these tools introduce security vulnerabilities and serious performance degradation into the web browser stack and those using ad servers do not follow the law. However, the reason I run these tools is not the usual "ads are annoying" or "privacy is important" reasons that I see bandied about. I trust both plugins because they do their job VERY well, are generally trusted products by millions of people, and, most importantly, are open source software. That got me thinking about why I really run both AdBlock Plus and Ghostery. A few topics came up on my radar recently that questioned whether or not AdBlock Plus is a security risk because several websites are now asking users to disable it for their website and claimed AdBlock Plus is a security risk.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |