Mark,
Sorry - right, the details of a Viral download could be helpful -
it took me a while to piece it together - still not certain exactly what
happened.
The issue is related to ads, which change,
so I can't really get the same pages on a repetition.
CNet and Java demonstrate this draconian approach -
I also feel bad about missing it - I let my guard down at Source Forge.
The paradigm of my "illness" begins with workflow psychology:
1: I click "Download good.software",
and then I switch attention, expecting the download to take a while
2: Next, the network stalls [somewhere] for some reason
3: I "glance" back at the screen some time later,
and see zero progress, it's not yet on the browser status bar
I see the expected: "If Download Fails to start then click ..."
so I click the nearest "Download" button, [did I this time? I don't know],
maybe click twice as it seems to not accept the first click,
- (I once caught some script playing that game)
4:Finally, a flurry of downloading starts, so I bounce to other work
5: Now a few other windows pop up, looking like install windows,
and offer other software - see Sun/Oracle downloads -
I attempt to steer through this - oddly still not alarmed, [my bad again]
6: However, If a bounced <Enter> or <click> gets in (see 3 above), the virus
gets invited
7. I honestly don't recall adding any downloads,
but the pigin install was intermixed with these other windows -....
7. BUT, the point is that this has become a dangerous site
one which deploys a framework which is exploited to launch a virus.
I'm not incensed and I somewhat understand how this can happen -
although there is definitely at least one bad guy there -
I just want to avoid her/him/them for now.
The neighborhood was much nicer and safer before they put up the billboards -
you know?
But, need the revenue, sigh...
Kindly,
- Bill
)O(
)O( Bill Barrett
)O( Qualcomm – Engineer, Sr Staff
)O( [email protected]
)O( 949-444-1465
)O(
-----Original Message-----
From: Mark Doliner [mailto:[email protected]]
Sent: Tuesday, July 22, 2014 4:33 PM
To: Barrett, William (Bill)
Cc: Dennis Carr; Daniel Atallah; [email protected]
Subject: Re: Virus and Malware city!!
Hi Bill. It's still not clear to me what happened.
If indeed something (e.g. a malicious advertisement) redirected you from the
SourceForge website to a malicious website then please inform SourceForge. With
steps on how someone might reproduce the problem, if possible. Maybe a
screenshot of the malicious ad, operating system and browser name and version,
etc.
If this isn't what happened then please provide us with more information.
--- Begin Message ---
The impact on Pidgin's kind volunteer team
is that they now have a repo which has become sneaky and undesirable.
I'm kind of old school, so I find this behavior reprehensible.
I've come to accept that ads are needed - and sometimes even helpful -
however when the delivery mechanism is intrusive and/or destructive -
everybody loses.
I found the attack and understand it's not Pigin's doing, but ...
a) I was exposed because I was attempting a normal acquisition of Pidgin
b) The next guy might not notice how it arrived, and blame pidgin
c) Source Forge needs to be aware they are endangering clients
which is likely at odds with their charter of attracting clients
So - I'd think that learning that your hard work is being eroded by SoureForge
is significantly " related to Pidgin" [as wondered below].
Sorry if I over ranted this,
Kindly,
- Bill
)O(
)O( Bill Barrett
)O( Qualcomm - Engineer, Sr Staff
)O( [email protected]
)O( 949-444-1465
)O(
-----Original Message-----
From: Dennis Carr [mailto:[email protected]]
Sent: Tuesday, July 22, 2014 12:14 PM
To: Daniel Atallah
Cc: Barrett, William (Bill); [email protected]
Subject: Re: Virus and Malware city!!
On Tue, 22 Jul 2014, Daniel Atallah wrote:
> I don't see how any of this is related to Pidgin.
It's more related to the adverts he came across on the Sourceforge site,
unfortunately.
-Dennis Carr
--- End Message ---
_______________________________________________
[email protected] mailing list
Want to unsubscribe? Use this link:
https://pidgin.im/cgi-bin/mailman/listinfo/support
