Hacker News new | comments | show | ask | jobs | submit login

I don't understand: you guys CLEARLY have the information on what, specifically, is causing the problem (which JS file, in this case). Yet for the site owner, you don't make it available? Or if it is, it's not at all easy to find the information. It's just this black box "go figure it out yourself" thing. Meanwhile you've essentially killed access to their site. Or is there something I'm missing?

They have access to details, they posted that userprefs.js was to blame.

But wasn't that only after rasmus posted about it on Twitter? And how would that have worked out for someone not running such a high profile site as him?

No, such information is available to any webmaster who verifies their website ownership in Google's Webmaster Tools.

Once you're a confirmed webmaster for a given site, Google provides you with access to exactly what files are infected on your site. To provide that information publicly would be open the site up to further exploitation.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact