Recently on Reddit, an admitted botnet operator/malware coder opened up a "Ask Me Anything" so anyone could ask him why he does what he does. In the description of the Q&A, he actually gave some great advice on how to prevent yourself from being subject to what’s known as "driveby" malware infections:
Protip against driveby infections (the ones in the browsers): Disable addons in your browser and only activate the ones you need. Chromium and Chrome for example let you disable all additional content like flash, html5, pdf and java in the options, you will see a grey box instead of the content and can manually run it using right-click -> Run. Chrome options -> Content options -> Plug-Ins -> Disable all or Click-to-play. Chrome also allows you to whitelist sites you trust, like youtube. This will make you immune to driveby infections regardless of the version of your java or adobe reader, because you will only be able to click and run content, that is VISIBLE on the site. Malicious content is ALWAYS hidden in a 0pixel iframe! This also stops the nasty flash advertisements implying you can’t aim precise enough to win an iPad3.
What the malware coder is saying is that you’ll never actually see a driveby browser infection in progress because they’re always hidden in the code, so by purposely setting Chrome to click-to-play for everything, you only enable content for what you see, meaning that what’s not seen (the driveby infection) won’t run because you never enabled it to do so.
This is good, solid and most importantly very effective advice.
Like what you read?
If so, please join over 28,000 people who receive our exclusive weekly newsletter and computer tips, and get FREE COPIES of 5 eBooks we created, as our gift to you for subscribing. Just enter your name and email below:
Pity– there’s no simple click/de-activate option in Internet Explorer…although someone correct me if I’m wrong!
The problem isn’t the savvy user who installs Chrome or Firefox– it’s the average user who thinks the Internet = Internet Explorer. And that a Bright-Busy-Bustling-Wriggling website is what Surfing is all about. They view the web as a kind of Electronic Mall— and the better the Mall, the more attractive and enticing it must be.When I try to get the ladies in my office to get used to Firefox– the more technically ‘clever’ ones eventually figure out how to TURN OFF all the Java & Flash add-ons I installed so they can view their regular websites just as if they were on Internet explorer– With all the Ads, All the Flash, all the bells and firecrackers going off and wiggling.
Thank God I have an enterprise level Firewall that blocks (I hope) the shifty stuff!
And it doesn’t help that a lot of corporate sites, even secure Login corporate sites have many controls that are ONLY visible and operative when FLASH is enabled.
In a way, Software Security Defense is a neverending pyrrhic battle. To turn the tide, the General Public has to learn NOT to only be attracted to a website by glistening eye-candy. But that Good Wesbites should be about FUNCTIONALITY. But I can’t see how we can do that seeing that everytime our children go online, they are being trained– especially the girls — that Bright-Popping websites = Popular Websites = Must-Go-to Websites.
The Malware-Hacker Ecosystem renews itself with every unaware kid that touches a keyboard and looks at the screen.
Can you please explain to a new user how to do this? I’ve hunted through my ver. 19 Chrome for the settings to no avail. Thanks