[C.A.T.S. CEO]

I just got it on this page.

[Person Man]

Originally Posted by Cold Warrior 

beyond the immediate topic: do you think this is an ad company just taking money from anyone, with no interest in what's going on, or have their servers been hijacked?

No. If you read this article, you'll see that a malware company set up an advertising service that looked legit, duped a bunch of high-profile, trusted sites like CNN.com and foxnews.com (please leave political comments OUT of this discussion), etc. into accepting their "ads."

[Kenneth]

Yeap. It redirected me to some traveltray.com page from the main forum.

[Eug]

[Sage]

Just had it happen to me a second time.

Going through my history, these are the URLs:

http://traveltray.com/statsg.php?cam...96568232847.71
Error Detected
PerformanceOptimizer

[turtle777]

Yes, it's a scam.

Everytime I download the stuff, it wouldn't work on my MAC. WTF ? I want my money back

-t

[CaseCom]

Me too: After posting to the Lounge I got hijacked to PerformanceOptimizer.com. WTF?

[edit: OS X 10.4.11 -- Safari 3.0.4]

[Brien]

Well, I just got it again. Traveltray.

[mrtew]

Even if it's finally somehow blocked by MacNN I still get it on other sites too. Apple's gotta fix Safari fast so that it can't happen from these guys or someone even more evil with another ad. It's ridiculous that Safari can be forced to download files. My mom called me other day and told me I was wrong about Macs not having viruses because her iMac has several but she can't run the program that Safari downloaded to get rid of them! And this is after all the warnings I've given her over the years. What if it was and app instead of an exe. Millions of macs would be running it right now. Where did this notion that Macs are somehow secure come from?

[euchomai]

Just happened to me... Any idea when this will be solved?

[Thorzdad]

I just got the same popup/redirect that Eug shows in his post.

[besson3c]

Originally Posted by mrtew 

Even if it's finally somehow blocked by MacNN I still get it on other sites too. Apple's gotta fix Safari fast so that it can't happen from these guys or someone even more evil with another ad. It's ridiculous that Safari can be forced to download files. My mom called me other day and told me I was wrong about Macs not having viruses because her iMac has several but she can't run the program that Safari downloaded to get rid of them! And this is after all the warnings I've given her over the years. What if it was and app instead of an exe. Millions of macs would be running it right now. Where did this notion that Macs are somehow secure come from?

Any browser can be forced to download a file, or at least have a file download requested. What's more important is what happens after this file is downloaded. Apple's "open safe files after downloading" setting, I believe, is on by default. You should uncheck this.

I don't know why this setting is on by default.

[mrtew]

Originally Posted by besson3c 

Any browser can be forced to download a file, or at least have a file download requested.

I'm not sure what you mean by any browser, but it seems like Apple should fix our browser to not be able to be victimized by windows crap like this, (or even worse, crap designed to hit macs). What happens after the forced download is another issue.
.

[Chuckit]

You can't necessarily prevent people from being victimized without breaking a bunch of other stuff and then having people complain about what poor compatibility Safari has.

[besson3c]

I meant any browser. You redirect a browser to an unknown media type, it will offer to download the file.

[mrtew]

Originally Posted by besson3c 

I meant any browser. You redirect a browser to an unknown media type, it will offer to download the file.

I can't tell if you're changing the subject or just have never experienced this ad/attack. It's not an unknown file type that offers to download. It messes up your windows and then downloads the file no matter what you push unless you quit safari, which makes you lose all your other 'work'. I really don't think that's how 'any' browser should work, let alone a 'secure' default Apple browser.

[Cold Warrior]

just one more reason to block third-party ads, or redirects to them. Running adblock plus on Firefox 3 beta, and I have yet to encounter this issue.

[Kevin]

Originally Posted by Cold Warrior 

just one more reason to block third-party ads, or redirects to them. Running adblock plus on Firefox 3 beta, and I have yet to encounter this issue.

Yeah I was trying not to block NN's ads, but until things get fixed....

[brassplayersrock²]

just got it when i visited the bowl thread

[Kevin]

Originally Posted by brassplayersrock² 

just got it when i visited the bowl thread

*high fives brassplayer*

[besson3c]

Originally Posted by mrtew 

I can't tell if you're changing the subject or just have never experienced this ad/attack. It's not an unknown file type that offers to download. It messes up your windows and then downloads the file no matter what you push unless you quit safari, which makes you lose all your other 'work'. I really don't think that's how 'any' browser should work, let alone a 'secure' default Apple browser.

I haven't experienced the ad, but how would you propose a browser prevent something like this?

[brassplayersrock²]

Originally Posted by Kevin 

*high fives brassplayer*

*returns high five*... wait, this is the internet

[mrtew]

Originally Posted by besson3c 

I haven't experienced the ad, but how would you propose a browser prevent something like this?

Gimme a break.

[brassplayersrock²]

sorry, had to be done

[Kevin]

Break me off a piece of that kit-kat bar.

[CharlesS]

Just got the redirect again... I'm starting to think that this is my cue to take a break from this place for a while.

[Big Mac]

Just happened to me again, coincidentally by trying to load this page. Definitely the most obnoxious ad ever.

[besson3c]

Originally Posted by mrtew 

Gimme a break.

I'm no huge fan of Safari, but I do think you need to refine your argument here...

[FireWire]

Happens to me a few times a day, the last time being 5 minutes ago...

[Buckaroo]

I just redirected to the same scam web site about malware, and because I had a bunch of tabs open and I didn't want to loose them, I eventually was able to back up until I got most of the way out of it so I could control my browser again. Another one of the tabs was redirected to a computer equipment sale site.

The other tab was directed to this site: PowerMax Computers | Experts in Used Macs, New Macs, Refurbished Macs and Mac Accessories

WTF???

Macnn, please do something about this crap.

[Chuckit]

Am I the only one who just hits the back button and forgets it ever happened? It seems to be some kind of earth-shattering experience for everyone else.

[mrtew]

Originally Posted by besson3c 

I'm no huge fan of Safari, but I do think you need to refine your argument here...

It seems you're trying to trick me into admitting that I don't know enough about programming and html coding to successfully update Safari myself to prevent it from being hijacked by any possible website. I guess you really got me. I'll just learn to love quitting my browser every time it starts behaving like Internet Explorer did on Windows '98 since according to you it's normal behaviour for any browser and nothing could possibly be done about it aside from pressuring MacNN to stop having ads or block their ads completely. Oh, wait...no...It happens when I go to other sites too, and ads are what keeps most of the internet online so that's not the answer. I know... I'll go to computer programming school for 8 years and get back to you with an answer on how to fix this un-fixable security hole if Apple doesn't update Safari within a week.

[MacosNerd]

Happened again - sigh.

[brassplayersrock²]

don't take this the wrong way mrtew. please...shut up.

[64stang06]

Happened again on the software forum. Took me here: http://scanner2.malware-scan.com/9_s...961_3078_11005

[Kevin]

OK ok ok we know its happening. No one in charge is making any comments either way. Either nothing is going to be done, or they are doing things and just not mentioning it. Either way we know it's still happening.

[scottiB]

Happened to me posting a quick reply in the Lounge >>> Traveltray. My corporate firewall blocked it as a malware site.

[Person Man]

Originally Posted by mrtew 

how to fix this un-fixable security hole if Apple doesn't update Safari within a week.

How do you propose to fix the "hole?" The browser is doing EXACTLY what it's programmed to do. When a Javascript dialog box is run, you can program it to do what you want for each button. The browser has no way of knowing that "OK" and "Cancel" do the same thing. The same thing goes for Flash.

In both cases, the browser did something based on user input. The only possible thing that could be "fixed" would be a dialog box generated by the browser before each and every download, regardless of whether you clicked on something to make it happen or not. In this case, you did click on something and the browser downloaded a file in response. This dialog box would get real old, real quick and people would just click through it the majority of times and wouldn't solve anything except be a huge annoyance.

You can't "fix" social engineering exploits effectively, unless you want to go the way Microsoft went with Vista, which becomes very annoying and people turn it off which defeats the purpose. Efforts would be better spent educating users.

[besson3c]

Originally Posted by mrtew 

It seems you're trying to trick me into admitting that I don't know enough about programming and html coding to successfully update Safari myself to prevent it from being hijacked by any possible website. I guess you really got me. I'll just learn to love quitting my browser every time it starts behaving like Internet Explorer did on Windows '98 since according to you it's normal behaviour for any browser and nothing could possibly be done about it aside from pressuring MacNN to stop having ads or block their ads completely. Oh, wait...no...It happens when I go to other sites too, and ads are what keeps most of the internet online so that's not the answer. I know... I'll go to computer programming school for 8 years and get back to you with an answer on how to fix this un-fixable security hole if Apple doesn't update Safari within a week.

I don't know what programming has to do with this, but anyway...

If you aren't an expert as to what you are talking about (and it sounds like this is the case), why would you assert theories that you cannot defend?

Safari is doing what it is told, its job is to render content. If it is automatically *opening* unsafe files it downloads, Shame on Apple. Otherwise, Safari cannot be blamed for dutifully rendering content. You could make the case that Safari should have more anti-phishing awareness like Firefox has, but in this case this doesn't sound like phishing, but simply an obnoxious ad.

If you aren't prepared to make a sound argument, don't make it, and don't get pissy with people who ask you to defend your argument. I haven't been to programming school for 8 years either.

[Kevin]

Originally Posted by besson3c 

If it is automatically *opening* unsafe files it downloads, Shame on Apple. You could make the case that Safari should have more anti-phishing awareness like Firefox has,

I don't see how this has anything to do with what the topic is about. This isn't a Safari specific thing. Nor is it targeting Safari. I think the forum as a whole realizes your opinion on the Safaro vs Firefox issue. I don't understand the need to constantly interject these FF vs Safari comments were they simply don't belong.


Make "An official" Safari vs Firefox thread and duke it out or something.

[andi*pandi]

Happened again in the main forum list, not a thread. Really obnoxious.

traveltray.com

[besson3c]

Ad blockers are a good thing, perhaps that's why I haven't seen the ad yet (unless some just work better than others).

When you use a CSS based ad blocker, the ad company has *no* idea that you are not seeing their ad, these blockers simply set the CSS display value in your browser to "none" immediately after fetching the page. MacNN is not losing any money this way.

[Railroader]

Originally Posted by besson3c 

Ad blockers are a good thing, perhaps that's why I haven't seen the ad yet (unless some just work better than others).

I finally just saw it a moment ago. I am not using an ad blocker. I don't think it's an ad blocker issue so much as it is a redirect issue.

[Person Man]

Originally Posted by Railroader 

I finally just saw it a moment ago. I am not using an ad blocker. I don't think it's an ad blocker issue so much as it is a redirect issue.

It's an ad that contains a page redirect. So, using an ad blocker prevents the issue from occurring because the ad doesn't load.

And Besson is right about CSS blockers. The ad still loads, but it doesn't display. I just got hit by the redirect a few minutes ago. And I'm using a CSS blocker.

You could turn off JavaScript, but I think it would break the forums.

[besson3c]

Originally Posted by Person Man 

It's an ad that contains a page redirect. So, using an ad blocker prevents the issue from occurring because the ad doesn't load.

And Besson is right about CSS blockers. The ad still loads, but it doesn't display. I just got hit by the redirect a few minutes ago. And I'm using a CSS blocker.

You could turn off JavaScript, but I think it would break the forums.

As well as many other pages... Javascript is used by all sorts of things.

[C.A.T.S. CEO]

I just got the travel try redirect again.

[Oisín]

Second time just now. Relevant URLs:

First one
Second one
Third one

As always, clicking these links now seems harmless.

Edit: Oh, hello, page three, where were you hiding a moment ago?

[turtle777]

*sigh*

Is this ever gonna stop ?

-t

[besson3c]

Originally Posted by turtle777 

*sigh*

Is this ever gonna stop ?

-t

I don't know. Not to sound like a jackass, but firewall blocking the IPs for these abusive ad servers *should* take all of a minute or two. I guess there are some staffing issues or something...

[Railroader]

Originally Posted by besson3c 

I guess there are some staffing issues or something...

I 100% agree. And his name is ... *














* I think we all know who he is, no need to actually name him and get this thread locked and me banned.