[LINK] Gumtree

Rick Welykochy rick at vitendo.ca
Mon Jun 30 01:38:49 AEST 2014


Hi Linkers and SL,

I think the google may be protesting too much. If you follow the links
for the two sites listed, i.e. /*zamcheck.org/ <http://www.google.com/safebrowsing/diagnostic?site=zamcheck.org/>*//*, *//*indolocker.com/ 
<http://www.google.com/safebrowsing/diagnostic?site=indolocker.com/>*//*,*/
no malicious code is reported, i.e. for zamcheck.org:

    Of the 3 pages we tested on the site over the past 90 days, 0 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was
    on 2014-06-28, and the last time suspicious content was found on this site was on 2014-06-28.

    Malicious software includes 16791 exploit(s), 5887 trojan(s), 406 scripting exploit(s).

The last line above is repeated with slightly varying numbers for all
pages reported that I checked. Dunno what it means. Does it apply
to the specific under report or to all sites scanned?

My gut feeling: the google drive-by exploit detector bot ain't terribly
reliable or useful.

As with all things you read, esp on the Interwed, skepticism is to be
liberally applied.

cheers
rickw



Stephen Loosley wrote:
> Thanks Ric .. good man. And one must say that sure, the definition
> and effect of "malicious software" will vary enormously.  However
> it's disappointing that simple visits to more than 30% of Gumtree's
> pages are, apparently, found to "result in malicious software being
> downloaded and installed without user consent." Seems somewhat
> over-the-top for a popular and trusted Australian consumer website.
>
> Cheers,
> Stephen
>
> --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
> Date: Sat, 28 Jun 2014 10:59:30 -0700
> From: rick at vitendo.ca
> To: stephenloosley at outlook.com; link at anu.edu.au
> Subject: Re: [LINK] Gumtree
>
> Hi SL,
>
> I do not use Chrome, but I was interested in finding a so-called "driveby malware tool"
> from google. Here it is, parameterised for the Gumtree site:
>
> *http://www.google.com/safebrowsing/diagnostic?site=http://www.gumtree.com.au/*
>
> It appears that third party sites are to blame, i.e.
>
>     /*Of the 31906 pages we tested on the site over the past 90 days, 9809 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited
>     this site was on 2014-06-28, and the last time suspicious content was found on this site was on 2014-06-28.*//*
>     *//*
>     *//*Malicious software is hosted on 2 domain(s), including *//*zamcheck.org/ <http://www.google.com/safebrowsing/diagnostic?site=zamcheck.org/>*//*, *//*indolocker.com/
>     <http://www.google.com/safebrowsing/diagnostic?site=indolocker.com/>*//*.*//*
>     */
>
>
> There you have it.
>
>
> cheers
> rickw
>
>
>
> Stephen Loosley wrote:
>
>     Doing an ad search of Gumtree, using Crome, doesanybody else currently get this site-wide message?
>
>     The Website Ahead Contains Malware!
>
>     Google Chrome has blocked access towww.gumtree.com.au  <http://www.gumtree.com.au>  for now.
>
>     Even if you have visited this website safely in the past, visiting it now is very likely to infect your computer with malware
>
>     Malware is malicious software that causes things like identity theft, financial loss, and permanent file deletion ...
>     --
>
>     Cheers,
>     Stephen
>
>
>
> -- 
> ------------------------------------
> Rick Welykochy || Vitendo Consulting
>
>
> I agreed with the Americans to allow 40m telephone calls a day to be
> intercepted in Germany; I just want them to stop listening to my phone!
>      -- some German chancellor at some time in the past


-- 
------------------------------------
Rick Welykochy || Vitendo Consulting


Mark Zuckerberg (Facebook) recently spent $30m buying up all the houses
around his own in Palo Alto, California. Because he needs more privacy.
     -- Eben Moglen




More information about the Link mailing list