Good!
Amities
Philippe
Le 17 déc. 2016 à 14:21, Chris Trask <christrask@xxxxxxxxxxxxx> a écrit :
> I found the culprit in the Earthlink webmail page, thanks to a burp in
> viewing yesterday evening. There are two instances where the HTML code is
> calling "Google_ad" for the top banner, left tower, and right tower:
>
> /wam/brand/earthlink/google_ad_top_banner.jsp
>
> and
>
> /wam/brand/earthlink/google_ad_left_tower.jsp
>
> and
>
> /wam/brand/earthlink/google_ad_right_tower.jsp
>
> This is a somewhat innocuous function, the real culprit being Google_Ads,
> which is downloading malware that bypasses ad blocking. Yet another piece of
> evidence that justifies the efforts in removing anything related to Google
> (deGoogleisation) from my machines, the only exception being Google Earth on
> the laptop I'm presently using.
>
> What worries me about this is that the activity indicator for my dialup
> dialer showed that my machine was sending data as well as receiving during
> these periods of activity. That could very likely mean that Google was using
> the pubads.js script as a means of harvesting data, for which Google has long
> been suspected.
>
>>
>> I've had this laptop running all afternoon, sitting on the webmail page
>> all the time. The only activity I've seen has probably been the NETTIME
>> clock synchroniser interrogating the online NIST standard.
>>
>>>
>>> Soon after I did this, I restarted the laptop and watched for any
>>> activity. Whenever there is a data download taking place, a small window
>>> appears at the bottom informing you where the data is being downloaded
>>> from. Sure enough, there were downloads taking place from the
>>> "securepubads.g.doubleclick.net" URL. So, I added that to the "hosts"
>>> file as well, then restarted and watched for any activity.
>>>
>>> There hasn't been any activity for almost 30 minutes, so this appears
>>> to have put the kabosh on that intrusion.
>>>
>>
>
>
> Chris
>
> When the going gets weird, the weird turn pro
> - Hunter S. Thompson
> --
> _________________________________________________________________
> Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
> Archives: http://lists.thomasclausen.net/mailman/private/olympus/
> Themed Olympus Photo Exhibition: http://www.tope.nl/
>
--
_________________________________________________________________
Options: http://lists.thomasclausen.net/mailman/listinfo/olympus
Archives: http://lists.thomasclausen.net/mailman/private/olympus/
Themed Olympus Photo Exhibition: http://www.tope.nl/
|