
Big-name sites hit by rash of malicious ads spreading crypto ransomware - manyxcxi
http://arstechnica.com/security/2016/03/big-name-sites-hit-by-rash-of-malicious-ads-spreading-crypto-ransomware/
======
manyxcxi
> The campaign underscores the vital role that smart browsing plays in staying
> secure online. One of the most important things users can do is to decrease
> what researchers refer to as their "attack surface." That means uninstalling
> things like Adobe Flash, Oracle Java, Microsoft Silverlight, and other
> third-party browser extensions unless absolutely necessary...

Funny how Ars doesn't mention the fact that using a good ad blocker would also
be immensely helpful. In fact, it almost sounds like they're saying NOT to run
an ad blocker, since it is a third party extension.

At the end of the day, if the companies relying on advertising don't even know
who they're getting their ads from, why should I let them risk MY IDENTITY for
their profit?

I get that I'm visiting their site and they're producing the content that I
was there for (in some cases), but if I have to worry about every single link
I may follow then I'm going to take steps to protect myself. When I encounter
a company that is acting ethically (like StackOverflow, off the top of my
head) I make sure they get added to the whitelist.

I can't rely on disabling JS if I also want to enjoy using the 'net, so I do
the best thing that I have available, kill the third party ad network
requests.

