Solve : Forbes Web site hit by Chinese cybber thugs.?

1.	Solve : Forbes Web site hit by Chinese cybber thugs.?
Answer» The story is almost a month old. Here is one report from the Washington Post. Forbes Web site was compromised by Chinese cyberespionage group, researchers say Quote Chinese HACKERS hijacked Forbes.com and used the site as part of an attack on the U.S. DEFENSE and financial industry, according to cybersecurity researchers at iSIGHT Partners and Invincea. For three days late last year, the news site's “Thought of the Day” widget, which appears when readers visit the site, was compromised — seamlessly redirecting visitors from certain organizations to another site where their computers could be infected with malware without their knowledge. Researches have linked similar malware controlled by the same server used in the Forbes attack to breaches of Web sites frequented by domestic Chinese dissident groups. Some AV programs do not find it. This is why things like Adobe Flash and Java Applets are terrible.Quote from: BC_Programmer on March 10, 2015, 12:27:46 PM This is why things like Adobe Flash and Java Applets are terrible. OK, Now would you like to elaborate? Without Java, what would we use as cross-platform tool? As for Adobe flash, Is MS Silver Light more secure?Nope...Quote Without Java, what would we use as cross-platform tool? Java Applets. Java is FINE for desktop applications. Java Applets are pretty much useless garbage. Quote As for Adobe flash, Is MS Silver Light more secure? Probably not. What I'm saying is these extensions that basically run at the browser level and are designed simply to allow more crap to run within the browser. The Adobe Flash Plugin is built and compiled to native code for each system it runs on. it runs at the same privilege level as the browser. Effectively the same with Java Applets. Browser plugins that sit on top of the browser, running within the browser process for the purpose of allowing other PROGRAMMING to EXECUTE. A security problem in Java or Adobe Flash (or silverlight)- in this case, will make any browser security considerations obsolete, because once the browser turns over execution control to the plugin it can't do anything security-wise. HTML5 thankfully makes most of these trashy plugins obsolete, and at least isolates security issues to the browser implementation.

Answer»

The story is almost a month old. Here is one report from the Washington Post.

Forbes Web site was compromised by Chinese cyberespionage group, researchers say
Quote

Chinese HACKERS hijacked Forbes.com and used the site as part of an attack on the U.S. DEFENSE and financial industry, according to cybersecurity researchers at iSIGHT Partners and Invincea.

For three days late last year, the news site's “Thought of the Day” widget, which appears when readers visit the site, was compromised — seamlessly redirecting visitors from certain organizations to another site where their computers could be infected with malware without their knowledge.

Researches have linked similar malware controlled by the same server used in the Forbes attack to breaches of Web sites frequented by domestic Chinese dissident groups.

Some AV programs do not find it. This is why things like Adobe Flash and Java Applets are terrible.Quote from: BC_Programmer on March 10, 2015, 12:27:46 PM

This is why things like Adobe Flash and Java Applets are terrible.

OK, Now would you like to elaborate? Without Java, what would we use as cross-platform tool? As for Adobe flash, Is MS Silver Light more secure?Nope...Quote

Without Java, what would we use as cross-platform tool?

Java Applets. Java is FINE for desktop applications. Java Applets are pretty much useless garbage.

Quote

As for Adobe flash, Is MS Silver Light more secure?

Probably not. What I'm saying is these extensions that basically run at the browser level and are designed simply to allow more crap to run within the browser. The Adobe Flash Plugin is built and compiled to native code for each system it runs on. it runs at the same privilege level as the browser. Effectively the same with Java Applets. Browser plugins that sit on top of the browser, running within the browser process for the purpose of allowing other PROGRAMMING to EXECUTE.

A security problem in Java or Adobe Flash (or silverlight)- in this case, will make any browser security considerations obsolete, because once the browser turns over execution control to the plugin it can't do anything security-wise.

HTML5 thankfully makes most of these trashy plugins obsolete, and at least isolates security issues to the browser implementation.

Solve : Forbes Web site hit by Chinese cybber thugs.?

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment