Scared yet, web devs? Google smears malware warnings over PHP.net Google's Safe Browsing technology is blocking access to PHP.net as a precaution, after apparently detecting that some of its pages were booby-trapped with links to malicious software. The move put warning blocks in the way of accessing a site that's widely used by web developers. Google didn't specify the types of Trojans …
You visit a web page (1 hop) which displays an ad from an ad network (2 hops). That ad contains a link to a malicious file (3 hops).
Now if the advert on that page tries to trick the user into clicking on it (like the download pages on sourceforge used to with a big download now button) it is very easy for a visitor to hit that third hop.
So....
As an alternative, Google include a functional AdBlocker into Chrome, block the ad's and prevent the second and third hops and everyone lives happily ever after.
OK - maybe not the things that make the ad's but they're not people so it's all OK.
I realise this will kill ad-revenue for websites but shutting down the whole Internet would make malware even harder to spread.
4 page(s) resulted in malicious software being downloaded and installed without user consent.
Shurely that's as much or more the fault of the browser downloading and installing files without user consent than of the site hosting links to links to links to such content...?
PHP.net is secure. There's nothing malicious on the site. Some user content apparently contains links to sites which allegedly contain links to malware.
Websites should be able to link to pretty much anything, and they could, if the browser followed the standards and prompted the user for anything out of the ordinary.
It's much easier to NOT write code to automatically download everything than it is to monitor and moderate a website which is designed for user collaboration and is accessed by people around the world.
Wrong, but thanks for letting everyone know that when you're ill informed, you'll still make crap up.
PHP.net confirmed that two of their servers were compromised and used to attack visitors. However, the administrators are still not sure how the attackers accessed the servers.
Source: http://www.csoonline.com/article/742051/php.net-confirms-server-breach-after-google-flags-them-for-malware
That's why you should just turn silly nannying site ranking/search result checking filters like that off. I don't care if it's that McNorton shit, or AVG, or Google's "phishing and malware protection" in Chromium/Chrome it's the wrong approach. You can't blacklist the whole interent.
That kind of "security" just results in sites that no longer have (or never had) malware serving ads being on the shit list, and sites with malicious content that they don't know about unfiltered. That's most of them. It has always been that way ever since the first "Site Ranker" product. (That McAfee bought)
Checking sites against databases is extra gyration that you don't need, too. I turn stuff like that off wherever it exists.
@Grogan. Not really. I've found it to be pretty effective; sites flagged as bad are scanned more frequently so they come up clean pretty shorty after they have been cleaned up. I use Linux, so I won't get viruses and spyware anyway. That said, I'm not about to try to suggest you turn it back on or anything, this is up to you.
Anyway, yes, 1 bad link is 1 too many, a system like this is useless if it knowingly allows *some* malware to get through (just not sites with *too much*.) That said, php.net is loading for me now so it may not have been listed for long.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
