Die flash, die.

[Elixer]

Seriously, Flash has caused so many issues, why doesn't everyone use a ad blocker / flash blocker?

http://arstechnica.com/security/201...-huffpo-other-sites-downloaded-extortionware/

Two ad network merchants became an unwitting accomplice to attackers with similar Flash-based ads, displaying them on multiple legitimate sites. The Huffington Post advertisement—a fraudulent Hugo Boss ad which also appeared on other major legitimate sites (including the real estate site Zillow.com)—was spread through DoubleClick via the ad network AdButler, according to Malwarebytes, which tracked the attack. That attack attempted to download Cryptowall ransomware to victims' PCs

I would think that google wouldn't serve flash ads knowing how bad flash is.
There really should be a class action lawsuit against google to stop this crap, and adobe for releasing the crap in the first place.

Just let it die.

 

[PliotronX]

Ah, that would explain at least two different systems in two different localities getting hit with it about the same time. Like a broken record, they don't back up their important data. Yes, Flash needs to go away. We are now to the point with HTML5 where we can run without Flash or Java installed and still have a media-rich browsing experience.

 

[master_shake_]

and that is why adblock remains on everyone of my family and friends machines.

thanks for making that decision an easy one.

 

[John Connor]

I agree, flash needs to die!

 

[Zodiark1593]

Ad block and No Script ftw.

 

[Cerb]

Seriously, Flash has caused so many issues, why doesn't everyone use a ad blocker / flash blocker?

http://arstechnica.com/security/201...-huffpo-other-sites-downloaded-extortionware/


I would think that google wouldn't serve flash ads knowing how bad flash is.
There really should be a class action lawsuit against google to stop this crap, and adobe for releasing the crap in the first place.

Just let it die.

Too many parties, and they can and do pass the buck.

https://blog.malwarebytes.org/malvertising-2/2015/04/flash-ek-strikes-again-via-googles-doubleclick/

Look at that diagram. Look at it. It's easily worth 1000 words, as far as how the system is simply broken on the hosting/distributing side of things.

 

[Elixer]

Too many parties, and they can and do pass the buck.

https://blog.malwarebytes.org/malvertising-2/2015/04/flash-ek-strikes-again-via-googles-doubleclick/

Look at that diagram. Look at it. It's easily worth 1000 words, as far as how the system is simply broken on the hosting/distributing side of things.

True, but, it seems like a simple fix too me.
Stop allowing flash based ads.
You know if the biggest ad serving company on the planet says no more... flash will pretty much die overnight.

 

[Cerb]

True, but, it seems like a simple fix too me.
Stop allowing flash based ads.
You know if the biggest ad serving company on the planet says no more... flash will pretty much die overnight.

As it stands, that will require direct hosting of the ads, though.

 

[PliotronX]

Too many parties, and they can and do pass the buck.

https://blog.malwarebytes.org/malvertising-2/2015/04/flash-ek-strikes-again-via-googles-doubleclick/

Look at that diagram. Look at it. It's easily worth 1000 words, as far as how the system is simply broken on the hosting/distributing side of things.

Holy cow, I sure hope the people who implanted the malicious code have some connection with Cryptowall and can lead to arrests.

 

[Elixer]

Holy cow, I sure hope the people who implanted the malicious code have some connection with Cryptowall and can lead to arrests.

Fat chance of that, usually these 'rogue' people are in areas that could care less about laws.
This is highly organized crime, they pay off everyone.

I guess the best way to handle all these threats is to be using VMs to mitigate the damage that they can cause. It is just too bad that using a VM is a bit too difficult for the "normal" user to use.

 

[lxskllr]

As it stands, that will require direct hosting of the ads, though.

Perfect. Web ads should work like newspaper ads. A company buys a fixed amount of time, and they get a static image for the amount of time they buy. Not as valuable as ads launched just-in-time, customized to the viewer(who's tracked around the web), but much more valuable than what they get from me(nothing). A benefit is that kind of ad is harder to block, and I wouldn't bother since it would no longer be a malware/spy vector.

 

[John Connor]

Another reason why Flash just needs to freaking die already!!!!

http://www.engadget.com/2015/04/18/russian-hackers-use-zero-day-attacks/

 

[Cerb]

Perfect. Web ads should work like newspaper ads. A company buys a fixed amount of time, and they get a static image for the amount of time they buy. Not as valuable as ads launched just-in-time, customized to the viewer(who's tracked around the web), but much more valuable than what they get from me(nothing). A benefit is that kind of ad is harder to block, and I wouldn't bother since it would no longer be a malware/spy vector.

But, the advertisers don't trust that the view/click counts are accurate. That's the main reason it's like it is. Frankly, I don't think they should have to get such data (since it clearly presents some risk, that, were it not so distributed, they would be getting sued over by now), though, and just like more traditional ads, should have to consider popularity (or lack thereof) of the surrounding content as a risk that affects what they value their ad for (and thus to whom they buy space/time/bandwidth from).

 

[xgsound]

You all have excellent points, but here is one thing flash was good for ... Santa and his reindeer singing the Drifters version of White Christmas. https://www.youtube.com/watch?v=Ooc5eJc5SHA Never miss a laugh because you can't catch up!

Jim

 

[John Connor]

Actually, that was rendered in HTML5 with the addon YouTube Center.