So what am I supposed to do about these tainted ads?
March 17, 2016 9:53 AM   Subscribe

Please explain to me what I should be doing regarding the tainted ads mentioned in this thread from yesterday.

I've read each of the links and looked through all the comments in that thread but I still don't understand what I, a novice computer user who can't even remember if a gigabite is bigger than an megabite (seriously, I have to google it every time), am supposed to do to protect myself from these tainted ads. That Ublock Origin link is like Greek to me. Could someone please spell out in the most layman terms what I need to download and from where?

My computer is a MacBook running OS X Lion 10.7.5 and I primarily use Firefox and Safari. I'm pretty sure I haven't visited any of those sites mentioned as having been infected but I can't be sure.

Posts about viruses and malware on the blue always include a lot of inside baseball (as well they should) but it leaves lame-os like me worried and with no idea what to do about it. And I don't really know how to ask questions in threads like that because it can be kind of intimidating.

I appreciate any help you can give me. And thank you all for your help!
posted by Hey Dean Yeager! to Computers & Internet (6 answers total) 14 users marked this as a favorite
 
Best answer: First, as a general rule, always make sure you have a backup of your important files someplace other than your dwelling. Not just for malware reasons - drives fail, fires happen - loosing precious memories and needed financial documents over not buying a $50 external hard drive and leaving it at a friend's house is painful. Also remember that a backup isn't "safe" until you've proven that you can restore the files - at the very least, copy a few sample documents onto another computer and make sure you can open them.

I believe that Apple has stopped putting out security updates for 10.7.5, which leaves you potentially vulnerable. There is less malware targeting OS X and it's generally more secure than Windows, which gives you some protection, but someone that's more familiar with whether 10.7.5 has any support is better equipped to tell you how much risk you have there. If your version of Safari is no longer being patched by Apple, you should discontinue using it and only use Firefox and Chrome for OS X. When the browser tells you that there's an update available, be sure to apply it - in Chrome the hamburger bar in the upper right hand corner will go red when there's an important update and Firefox will give you a pop up box notification. I'm not aware of attempts to spoof the notices for those browsers on OS X, but only use the update feature available from the pull down menus within the browser rather than accepting and running a downloaded file.

Configuring your browser to only run plugins when you tell it to is the single easiest way to increase browsing security, beyond making sure all your software is up to date.
posted by Candleman at 10:10 AM on March 17, 2016 [1 favorite]


If you're curious why I don't mention anything about ad blocking, if you're worried about malicious code exploiting vulnerable software, just blocking ads is not sufficient - criminals compromise and put malware code on many perfectly innocent sites too. Blocking ads might stop malicious ads but won't stop those attacks. Whereas preventing Flash from ever running unless you want it to will prevent any site from attacking you using it.
posted by Candleman at 10:20 AM on March 17, 2016


Best answer: That link in the FPP yesterday was to the code itself. For firefox, you'd want the packaged add-on: https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/

I don't believe Safari supports ublock origin, but you can use Adblock Plus, which is similar:
https://adblockplus.org/category/adblock-plus-safari/
posted by thewumpusisdead at 10:47 AM on March 17, 2016


Best answer: >MacBook running OS X

First off take a deep breath. As a Mac user you are genetically immune to 99% of the bugs out there. It's just not as easy for an ad to infect a Mac computer due to how the system runs.

Second, the only Mac crypto variant I know of was included in a hacked bittorrent client. If you don't regularly install software from websites, you should be even more protected.

Third, as candleman says - update your software and make sure you have offline backups. That's best practices for a very good reason and will help put your mind at ease.

>Could someone please spell out in the most layman terms what I need to download and from where?

There is no version of Ublock Origin that runs on Safari. I no longer consider Firefox a secure modern browser and I recommend strongly against using it. You can install ublock on safari to block ads, but I'm not sure how well it's supported or how trustworthy the owners are. I think you would need to install it then go into the configuration and disable "allow some ads". Maybe someone else can chime in about Safari ad blocking.
posted by anti social order at 10:52 AM on March 17, 2016 [1 favorite]


Best answer: Oh, unless you have a compelling reason to have it enabled, turn off access to Java from all web browsers. It is virtually never used for anything other than some internal applications at businesses now, but is an attack vector sometimes used against Macs.

https://support.mozilla.org/en-US/kb/how-to-turn-off-java-applets
https://support.apple.com/en-us/HT202447
https://nakedsecurity.sophos.com/how-to-disable-java-chrome/

And uninstall Silverlight if you don't need it.
posted by Candleman at 11:13 AM on March 17, 2016 [1 favorite]


Response by poster: Thank you all very much!
posted by Hey Dean Yeager! at 9:32 AM on March 18, 2016


« Older Skill of the month   |   Front-loading washer fills up with water overnight Newer »
This thread is closed to new comments.