Spyware infiltrates blogs ...from ZDNet...

Hackers are using blogs to infect computers with spyware, exposing serious security flaws in self-publishing tools used by millions of people on the Web.

The problem involves the use of JavaScript and ActiveX, two common methods used to launch programs on a Web page. Security experts said malicious programmers can use JavaScript and ActiveX to automatically deliver spyware from a blog to people who visit the site with a vulnerable Web browser.

Spyware tools also have been hidden inside JavaScript programs that are offered freely on the Web for bloggers to use to enhance their sites with new features such as music. As a result, bloggers who use infected tools could unwittingly turn their sites into a delivery platform for spyware.

more - http://news.zdnet.com/2100-1009_22-5587710.html?tag=zdnn.alert

because of the ActiveX risk or disable it completely if you must use IE. George Guninski showed how easy it is to spoof valid certificates. JS allows the "circle jerk" trick and ActiveX installs dialers, hijacks home pages etc.

90%+ of sites will load without either enabled.

That's a good article...bookmarked.

edit: speld rong

more and more sites wont work correctly if you turn javascript off.

peace

This sounds to be a CMC/MSM scare tactic.

Hmmm.... Sound the BS klaxon!

The problem only affects Web surfers using Microsoft's
Internet Explorer who fail to choose the highest IE
browser security settings, security experts said.

Just one more reason to use an alternative browser such as Opera.

I am never bothered by Popups or Spyware or Adware and cannot even fall prey to Phishing because of Opera's sophistcation and security.

The recent IDN exploit proves that point. So, yes you can be a phishing victim with Opera even though it is a more secure browser than Internet Explorer.

The other browsers affected by the IDN exploit are Firefox and Safari. Internet Explorer is only affected if you installed the IDN plug-in.

Don't solely rely on a browser to keep you safe from nasties.

My "honey pot" laptop has developed an infection
which won't allow me to install FireFox...

Hmmm, who could be behind that one? I asks ya.

stop over at the computer help forum and lets see if we can help you.

Nothing is fool proof or 100% invulnerable, but OS X is a a safer bet. Just ask Apple board member Al Gore ; )

Not only *that*... But, every two-bit would-be hacker
in the world doesn't have a Mac.

I'm not very techno-savvy. But don't the smileys and other animated images use Java? Or is it something else?

-wildflower

DU runs very "clean".

This affects going onto sites that have a lot of graphics and bells & whistles...generally one with lots of ads...especially the more obnoxious ones.

If you're just sticking on DU, I have never had my "alarms" for spyware or other "critters" go off. That's not the case if you go to another site or follow some of the more questionable links. For example personal web pages set up for political parodies...those can be rat traps for all sorts of viruses and spyware that load in on the pictures and other graphics.

I can't seem to figure this out; that is, what animates images.

-wildflower

Those are little animated pictures, just like cartoons, that are joined together. Programs like Paint Shop Pro Animator and GIF Construction set put them together to make them dance.

Cheers!

:hi:

-wildflower

Javascript and/or ActiveX?

thx

that problem. In Opera, to turn off JavaScript, you just hit F12 to make quick changes to settings.

Zone Alarm is excellent as a Firewall, but it cannot protect from these other vulnerabilities like ActiveX.

Having your Anti-Virus, such as Grisoft's free AVG, updated will also protect your computer. Lately, AVG has been updating almost daily. There must be LOTS of nasties around . . .

Are there any other programs I can run to check for spyware, other than what I have?

preferable something free, for starters?

Also, among the stuff I've mentioned, is there anything within their aegises (sp?) that will allow me to check, or do I have to use something else?

I do appreciate the advice, btw, as I had to get rid of my old computer because it got so badly infested.

thx again

open IE, select TOOLS from menu bar, then INTERNET OPTIONS then select the SECURITY tab then the CUSTOM LEVEL button then scroll down and check the radio button titled ACTIVE SCRIPTING then click APPLY and exit. Works straight away without reboot. To reverse do the above as far as SECURITY tab and click DEFAULT LEVEL.

:eyes: