

Bank of America Website Still Down – Cyber Attack? - gdltec
http://ontechies.com/2011/10/01/bank-of-america-website-still-down-cyber-attack/

======
tzs
Warning for iPad users: the submitted site has the OnSwipe malware installed.
(Yes, it is malware--it is typically installed without the site owner's
knowledge and it crashes visitors browsers)

~~~
gdltec
You are funny... the submitted site is a blog hosted by wordpress.com.

~~~
tzs
Yes, and wordpress.com by default checks the user agent, and if the user is on
an iPad it replaces the theme chosen by the blog author with the OnSwipe
theme. (The blog author can disable this by going to their blog settings, and
finding the setting laughably labeled something like "optimize for mobile
devices" and turning that off).

There's no obvious warning when you set up a blog at wordpress.com that it
will do this, and I expect it is contrary to what most blog owners expect--one
of the whole points of iPad is that you do NOT need a special mobile site for
it.

There is a link at the bottom of the OnSwipe theme to switch to the standard
site. Unfortunately by that point the damage has been done. OnSwipe uses a lot
of memory--enough that if you have any other pages open they are likely to be
forced out of cache, which is annoying. Worse, there's a good chance that it
will run iPad Safari out of memory completely and cause it to crash.

If it actually did something useful, there might be some excuse for this, but
for most blogs the OnSwipe theme isn't more readable than the theme the blog
author picked, and the OnSwipe them has horrible scrolling performance. (It
apparently is handling scrolling itself via JavaScript, overriding the native
scrolling in the browser, so the result is the scrolling is jerky and doesn't
feel like any other scrolling on the iPad).

Hence, I have concluded it is malware, because it provides no benefit to the
user, and often provides harm (such as browser crashing), and neither the user
reading the page nor the blog author whose blog it is on consented
specifically to it (any consent was buried in some wordpress terms and
conditions saying they could mess with your blog if they wanted to).

------
libria
Of the 30k they're planning to lay off, they may want to whitelist a few
network security guys.

