You can't trust any site nowadays

[hazel]

Remember my beef about ISP's tracking us? Well, I sent an email round to some of my friends with a link to the original New Scientist article. One of them told me that she clicked on my link and her computer crashed. Two others said their protective software didn't allow them to read the article. All three are Windows users. It looks like someone has infiltrated the site and put something nasty there.

I feel bad about it because my first friend said she wouldn't normally click on a link in an unsolicited email but she did in this case because she could see that the email really did come from me and she trusted me not to give her a link to a dicey site.

Needless to say, I have had no trouble visiting newscientist.com, which is about as respectable a site as you can get, and no-one who posted in the original thread (where I put up the same link) mentioned any problems either, so whatever it is, it is targetted at Windows, like so much malware.

I have heard of this kind of thing being done to websites but is it a coincidence that it should be a story like this that gets corrupted?

[Freston]

Hm... it seems you do need to be a member. I found an article on the site about ISP's tracking your moves for marketing reasons, but I could only read the preview.


A site crashing a browser isn't unheard off. I had trouble going on howtoforge on FF due to what later turned out to be a hugely wide banner that didn't scale well in combination with a specific xorg setting. It could just be an IE bug or setting.


But I dunno... can you post the link to the specific article here?

[cousinlucky]

My heart really goes out to you Hazel.

[hazel]

A site crashing a browser isn't unheard off. I had trouble going on howtoforge on FF due to what later turned out to be a hugely wide banner that didn't scale well in combination with a specific xorg setting. It could just be an IE bug or setting.

I should have said that after that, her system was fried. She just couldn't get it up again.

But I dunno... can you post the link to the specific article here?

The only link I know is the one I gave in the original thread. You're right, it's only a preview. You have to log in to get the whole article. I believe it was at this point that my friends got into trouble.

[smolloy]

I'd really love to hear more about this, cos it's amazing to hear that New Scientist was compromised in such a way that it can wreck someone's system. I thought I would have heard about it from somewhere else.

Do you have any more details? Can you repost the link (with a warning)?

[hazel]

I'd really love to hear more about this, cos it's amazing to hear that New Scientist was compromised in such a way that it can wreck someone's system. I thought I would have heard about it from somewhere else.

Do you have any more details? Can you repost the link (with a warning)?

OK, here is the link. Use it at your own risk.

[cayalee]

no problems for me on ubuntu 6.10 running swiftfox 1.5.07.
also no problems on my windows box (xp sp1 with firefox 2.0)

[questio verum]

Hazel,
I connected to the link using a WinXP (SP2) machine running Kaspersky Internet Security. I felt dirty using windows; but since it was for a good cause, I'll get over it. Anyway, I followed the UK subscription link (the link necessary to view the balance of the article) and took the process up to the point where it asks for a credit card. I had no issues. This was done using IE6 and then Firefox 2. The site might have been compromised temporarily. A phishing scheme perhaps? Ubuntu 8.04 with Firefox2 had no problems either, as you might expect.


qv

[elija]

Using Ubuntu 8.04 and FF3b5 I had no problem. I can't test
in Windows as I dont even have a Windows VM to hand.

Well, I could remote to a server at the company where I
work and try that. But I'm not brave enough

Could it be that your friend was already comprimised and
that the timing was coincidence?

[jayd512]

Could it be that your friend was already comprimised and
that the timing was coincidence?

I have the feeling that this may be the case. I have gone to that link on multiple XP machines, even one that has no AV or Anti-spyware installed. No issues here.