# HTML Script Virus Warning

This topic is 4458 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

## Recommended Posts

Quote:
 Original post by alunI lost about $600 worth of time as a result of this. I'm curious, do you have a detailed breakdown of how this has cost you$600? I'm sure we could all use the laugh after all this trouble and if you're going to make the claim you should at least back it up.

I'm sure you believe that somehow this whole affair is tragic and has somehow ruined your life ($600 is a lot of money!) and that you are in some way crusading for the good of the users of the site, but in reality you sound nuts. #### Share this post ##### Link to post ##### Share on other sites Advertisement I just used the 4107 Antivirus Suite. No problem here. #### Share this post ##### Link to post ##### Share on other sites Quote:  Original post by alunIs that because you've *still* not patched your machine, or is that because you've infected machines belonging to your users and you'd rather those users were not provided with information about the damage you have done? Clearly you didn't think about it for long enough. What does the payload (the virus that infected users machines) have to do with the delivery mechanism? #### Share this post ##### Link to post ##### Share on other sites Quote:  Original post by Tape_WormI'm curious, do you have a detailed breakdown of how this has cost you$600?

Reformat drives.
Reflash BIOSes/firmware.
Restore ghost image.
Check backups of documents for malware/steganography.
Restore documents.

It takes about 3 hours. (I have a project that requires a high level of paranoia, so I do this every 2 weeks or whenever I suspect my machine has been exposed to malware)

I charge 100 pounds per hour for commercial work (I'm not a kid making games in my bedroom, but I was once). Well, I *mostly* don't make games in my bedroom. :-)

However, I did not raise money as an issue (only responded to 'it cost you nothing'), and it's still not an issue. I'd just like an apology for their attack on my machine, after they'd been notified of the problem.

Quote:
 Original post by Tape_WormI'm sure you believe that ... you are in some way crusading for the good of the users of the site, but in reality you sound nuts.

I'm speaking for me, and nobody other than me. Everybody else is quite capable of posting for themselves.

[Edited by - alun on April 1, 2007 9:55:17 AM]

##### Share on other sites
Quote:
 Original post by alunI'd just like an apology for their attack on my machine, after they'd been notified of the problem.

Emmanuel Deloget: Again, sorry for the lack of information. Hope you'll forgive me.
Oluseyi: We apologize for the inconvenience (and are extremely embarassed).
Gaiiden: Another apology for the long wait for a complete fix.
Oluseyi: We apologize for any inconveniences.

##### Share on other sites
From what I can tell this script is collecting hits using GD.net's traffic. The script sends hits to http://www.51.la/?646210 which is probably some kind of ad company that is paying whoever forced this script up here for pageviews. It's actually pretty genius, this guy is ripping off the ad company for tons of pageviews with his rather unobtrusive iframe. It's too bad that some people are having all kinds of problems with it. My suggestion is to switch to Opera. :)

##### Share on other sites
Quote:
 Original post by alunIt takes about 3 hours. (I have a project that requires a high level of paranoia, so I do this every 2 weeks or whenever I suspect my machine has been exposed to malware)

Why not just buy yourself a second machine and not hook it up to the internet?

##### Share on other sites
Quote:
 Original post by KissMyGritsFrom what I can tell this script is collecting hits using GD.net's traffic. The script sends hits to http://www.51.la/?646210 which is probably some kind of ad company that is paying whoever forced this script up here for pageviews. It's actually pretty genius, this guy is ripping off the ad company for tons of pageviews with his rather unobtrusive iframe.

Uh, where are you seeing this, exactly? As far as I'm concerned we've removed the script in question.

##### Share on other sites
Quote:
 Original post by alunIt takes about 3 hours. (I have a project that requires a high level of paranoia, so I do this every 2 weeks or whenever I suspect my machine has been exposed to malware)

@Alun:

Much as it pains me to say this: Your computer's security is nobody's concern but your own. It's your computer, not ours. We cannot guarantee that we will never, ever be hacked. Nobody can. Even banks get hacked on a depressingly regular basis. Security lapses aren't exactly rare in the commercial world, so why volunteer-run websites should be held to a higher standard escapes me.

The police do their best to keep crime levels down, but they cannot guarantee that your house will never be broken into. Do you expect them to close and lock your windows and doors for you? No. So why do you blame us for your inability to secure your own computer?

For someone who claims to get paid $100 / hour, I'm astonished that you are even using a computer connected to the internet for your paranoia-inducing day-job. At the very least, try surfing the web using a virtualised install of Windows. (Or Linux if space is a problem and you don't mind Firefox or Opera.) When I need to create a Windows build of my game, I run XP in a Parallels VM on my Mac. This was a factor in deciding to leave the site up: not everyone uses IE. Not everyone who browses GDNet even uses Windows. And it's quite possible to lock-down Windows and prevent compromised websites from causing you difficulties. That's why they invented all those anti-virus and anti-spyware apps. And, of course, alternative browsers. (Incidentally, anyone viewing this post in IE6 really does deserve everything they get. It's getting on for six years old.) * @everyone: Everything you see on this website will be swept away by a completely redesigned and rebuilt system courtesy of Superpig and co. Until this new software is ready, we're stuck with the codebase we have at the moment, which is far from fit for purpose. We know it sucks. That's why we're working to replace it. The more time Superpig has to spend firefighting problems with the existing code, the longer it'll take for the new codebase to be built. It's not an easy balancing act, especially as everyone working behind the scenes has a day-job and other commitments which have to take priority. This site is run by _volunteers_, not employees. Superpig is based in the UK, while the server is based in the US, so communications can lag if something goes wrong. There is no built-in support in the GDNet codebase for staff and mods: everything is done either through PMs, IRC, IM tools or forums. Unfortunately, real-time chat systems are fine if you're all awake at the same time, but that's not the case when the staff are spread all over the planet. Email is cool and all, but it's not time-sensitive, so emergencies can slip under the radar occasionally. Cut us some slack, please. We're trying our best. #### Share this post ##### Link to post ##### Share on other sites Quote: Original post by alun Quote:  Original post by Tape_WormI'm curious, do you have a detailed breakdown of how this has cost you$600?

Reformat drives.
Reflash BIOSes/firmware.
Restore ghost image.
Check backups of documents for malware/steganography.
Restore documents.
What the hell? I dropped a glass of water on the floor this morning but I didn't go and tell the people who live below me that there's a risk of structual damage and flooding.
Why don't you go and buy a new PC and add that onto the \$600, it's just as rediculous as flashing your BIOS and completely reformatting because of one piece of malware which can be easily removed.

And if it takes you 3 hours to restore a ghost image, I suggest you get a faster hard drive or better ghosting software - or just refrain from accessing the Internet from your work machine. It takes me about 20 minutes to re-ghost my C drive, and I wouldn't even consider ghosting unless I had obvious effects of malware on my PC which I couldn't remove through other means.

In short: Quit yer bitching.

• 10
• 15
• 12
• 9