Custom Search
Howdy, Stranger!
It looks like you're new here. If you want to get involved, click one of these buttons!
Categories
- 3.4K All Categories
- 34 Nikon Z lenses
- 77 Nikon Z cameras
- 1.4K Nikon DSLR cameras
- 11 Df
- 237 D6x0/D7x0/D8x0
- 27 D300/D300s/D500
- 29 D3x00
- 45 D3/D4/D5
- 31 D5x00
- 94 D90/D7x00
- 387 Nikon Lenses
- 9 Videos, Nikon et. al.
- 52 Nikon 1
- 18 Nikon Film Cameras
- 56 Nikon Flashes
- 25 Nikon Compact Cameras
- 48 Nikon Software
- 26 Nikon Deals
- 767 General Discussions
- 49 Gear Reviews
- 182 Other Manufacturers
- 105 Fun & Weird
- 128 Photo-a-day
In this Discussion
Who's Online (0)
Flickr Malware Problem?
NSXTypeR
Posts: 2,293Member
For those who do use Flickr, I'm pretty sure you guys know that Flickr is run by Yahoo. Well Yahoo apparently had a malware problem.
http://www.gizmodo.com.au/2014/01/if-you-used-yahoo-this-week-you-might-have-malware/
So my question is, how the heck do we know if we were affected by it? I mean, I use a Mac, but that doesn't mean I'm immune, although I like to think I am.
http://www.gizmodo.com.au/2014/01/if-you-used-yahoo-this-week-you-might-have-malware/
So my question is, how the heck do we know if we were affected by it? I mean, I use a Mac, but that doesn't mean I'm immune, although I like to think I am.
Nikon D7000/ Nikon D40/ Nikon FM2/ 18-135 AF-S/ 35mm 1.8 AF-S/ 105mm Macro AF-S/ 50mm 1.2 AI-S
Disclaimer: This site has no affiliation with Nikon Corporation or any of its subsidiary.
Disclosure: [NR] is sponsored by displaying advertising banners and links.
All trademarks and brands belong to their respective owners.
Want to advertise on NikonRumors.com? Contact [NR].
Copyright © 2008-2017 NikonRumors.com.
See our Privacy Policy.
Disclosure: [NR] is sponsored by displaying advertising banners and links.
All trademarks and brands belong to their respective owners.
Want to advertise on NikonRumors.com? Contact [NR].
Copyright © 2008-2017 NikonRumors.com.
See our Privacy Policy.
Comments
The exploit itself effects anyone who has Java enabled in their browser. Beyond that little is known at this point.
Yahoo confirmed that Mac users were not affected this time.
http://news.yahoo.com/yahoo-says-ads-european-sites-spread-malware-234539138--sector.html
Another 2 PC's to do after this laptop. Thanks PB.
http://www.washingtonpost.com/blogs/the-switch/wp/2014/01/05/worried-about-the-yahoo-malware-outbreak-if-youre-in-u-s-youre-probably-safe/
I mean, the Washington Post would never lie would it?
Bloggers often rely on thirdhand information from other blogs, (or hastily made denials made by companies). Usually the blogs are very well written, just not up to the same rigorous journalistic standards as the rest of the Post.
I know because they've blogged about security issues found by me in the past (about Google not Yahoo):
http://www.washingtonpost.com/wp-dyn/content/article/2009/03/26/AR2009032601120.html
The entire article basically just paraphrased my own blog entry, plus a comment from Google. After much investigation the issue turned up to be much more complex than the Google initial comment implied.
For this Yahoo breach, most reports are similarly just paraphrasing the original security analyst's blog, plus a comment from Yahoo:
http://blog.fox-it.com/2014/01/03/malicious-advertisements-served-via-yahoo/
They seem to be immune for the most part.
Why I do most of my WEB surfing on an iPad 3, and saving thee 'puter for more serious business, like my
RF 6.5 flight SIM. ;-)
SB-910~WG-AS3, SB-50, ME-1, Lexar Professional 600x 64GB SDXC UHS-I 90MB/s* x2, 400x 32GB SDHC UHS-I 60MB/s* x1
Vanguard ALTA PRO 263AT, GH-300T, SBH-250, SBH-100, PH-22 Panhead
Lowepro S&F Deluxe Technical Belt and Harness ~ Pouch 60 AW 50 AW & 10, S&F Toploader 70 AW, Lens Case 11 x 26cm
FE, NIKKOR 2-20mm f/1.8, OPTEX UV 52mm, Vivitar Zoom 285, Kodacolor VR 1000 CF 135-24 EXP DX 35mm, rePlay XD1080
http://www.intego.com/mac-security-blog/hundreds-of-thousands-of-macs-infected-by-flashback-malware/
Intego sells anti-virus for Macs (which I use), but you can also get free ones from Sophos, etc.
I install application software (or authenticate) from an ID that has admin privileges and can therefore update application libraries, but is locked out of the system library. The most common method of introducing real malware into macs is to spoof legitimate software so that the user authorizes something that seems harmless, but is actually installing something different. This approach prevents such spoofing from infecting real system libraries which is where real damage is done. If installing n application (anything not from Apple) requires further aithentication from such an ID, say NO, it is not doing what it claims.
I have one 'superuser' ID who can do anything, but is only logged on when installing an OSX update sourced directly from apple. (never from a link).
It is also useful to disable javascript in your browser, but may have side effects on some websites.
.... H
Nikon N90s, F100, F, lots of Leica M digital and film stuff.
Its pretty freakin scary now. Ignorance is bliss so let's move along and live happy...
If you have a mac and are spooked by all of this, I would recommend the Sophos that Ade mentioned above. Their malware detection is not the greatest but overall their methods of detection are fairly Sophistocated
In addition to the measures I described, a good backup strategy for both data and system (boot) drives is essential, and should include generations of backup that are not continuously connected to a computer or network. Alternate drive copies to a friends house or closet (I do both).
OSX is still much easier to secure than consumer versions of windows. windows allows applications to directly address hardware, if the perimeter is breached, there are no other levels of protection.
Thanks for the suggestion of sophos, I am looking into it.
... H
Nikon N90s, F100, F, lots of Leica M digital and film stuff.