Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


561 posts

Ultimate Geek
+1 received by user: 84


Topic # 230563 1-Mar-2018 18:35
Send private message

Running Linux, and Firejail Firefox.
But this site (just one listing some books, not a retail site), suddenly threw up a new page, a malware, sign in type.

 

Oh er.....nothing much happened other than I had to KILL to get rid of the page.

 

 

 

But isn't Firejail meant to prevent that sort of thing?


Create new topic
Meow
7447 posts

Uber Geek
+1 received by user: 3585

Moderator
Trusted
Lifetime subscriber

  Reply # 1966705 1-Mar-2018 18:45
Send private message

Firejail is just Firefox inside a chroot jail. It doesn't prevent those dodgy "you have malware - phone this number" type pages with a Javascript loop which ends up chewing up all your resources and eventually crashing your browser. Just prevents Firefox itself from accessing your system drive.

 

It is quite common on Linux to sandbox apps this way - Ubuntu Snap does the same sort of thing (to a degree) where it restricts access to the system.





2431 posts

Uber Geek
+1 received by user: 143


  Reply # 1966731 1-Mar-2018 18:50
Send private message

Nope, it just prevents anything bad from "escaping" the jail.

 

 

You want something like ublock origin to block all the ads that most malvertising hitches a ride via..

 


BDFL - Memuneh
60602 posts

Uber Geek
+1 received by user: 11535

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 1966771 1-Mar-2018 20:17
Send private message

kyhwana2: Nope, it just prevents anything bad from "escaping" the jail. You want something like ublock origin to block all the ads that most malvertising hitches a ride via..

 

 

Except that is not always ads that deliver malware. Sometimes it's a malicious page which try loading Flash, or on Internet Explorer an ObjectX. Or some javascript that injects something or simply the user has installed a browser add-on that modifies pages - not unheard of browser add-ons that started as useful tools and end up being sold by the developer and the next thing you know is all those millions of installations get an update with malware payload.







561 posts

Ultimate Geek
+1 received by user: 84


  Reply # 1966785 1-Mar-2018 21:25
Send private message

I have adblock, same as ublock?

 

 

 

It is a php page...wordpress perhaps? Used to be common with php sites like that when I worked at Webdrive....

 

 

 

 

 

 


BDFL - Memuneh
60602 posts

Uber Geek
+1 received by user: 11535

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 1966786 1-Mar-2018 21:27
Send private message

pctek:

 

I have adblock, same as ublock?

 

It is a php page...wordpress perhaps? Used to be common with php sites like that when I worked at Webdrive....

 

 

Case in point. If ads are already blocked then obviously there's another vector - and again blaming ads for everything is just wrong.





2431 posts

Uber Geek
+1 received by user: 143


Reply # 1966883 2-Mar-2018 09:08
Send private message

freitasm:

pctek:

 

I have adblock, same as ublock?

 

It is a php page...wordpress perhaps? Used to be common with php sites like that when I worked at Webdrive....

 

 

Case in point. If ads are already blocked then obviously there's another vector - and again blaming ads for everything is just wrong.

 

 

This is true, in this case it's crappy web hosts either not patching their boxes or using bad credentials, then getting owned, or not cleaning up after their customers get owned. There are a few NZ web hosts that are guilty of this.

 

 

You'll also find a bunch of phishing sites hosted on the same compromised boxes.

Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

N4L helping TAKA Trust bridge the digital divide for Lower Hutt students
Posted 18-Jun-2018 13:08


Winners Announced for 2018 CIO Awards
Posted 18-Jun-2018 13:03


Logitech Rally sets new standard for USB-connected video conference cameras
Posted 18-Jun-2018 09:27


Russell Stanners steps down as Vodafone NZ CEO
Posted 12-Jun-2018 09:13


Intergen recognised as 2018 Microsoft Country Partner of the Year for New Zealand
Posted 12-Jun-2018 08:00


Finalists Announced For Microsoft NZ Partner Awards
Posted 6-Jun-2018 15:12


Vocus Group and Vodafone announce joint venture to accelerate fibre innovation
Posted 5-Jun-2018 10:52


Kogan.com to launch Kogan Mobile in New Zealand
Posted 4-Jun-2018 14:34


Enable doubles fibre broadband speeds for its most popular wholesale service in Christchurch
Posted 2-Jun-2018 20:07


All or Nothing: New Zealand All Blacks arrives on Amazon Prime Video
Posted 2-Jun-2018 16:21


Innovation Grant, High Tech Awards and new USA office for Kiwi tech company SwipedOn
Posted 1-Jun-2018 20:54


Commerce Commission warns Apple for misleading consumers about their rights
Posted 30-May-2018 13:15


IBM leads Call for Code to use cloud, data, AI, blockchain for natural disaster relief
Posted 25-May-2018 14:12


New FUJIFILM X-T100 aims to do better job than smartphones
Posted 24-May-2018 20:17


Stuff takes 100% ownership of Stuff Fibre
Posted 24-May-2018 19:41



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.