![]() I had a look at the seemingly infinite couple of lines of obfuscated code that constituted most of the script’s code, and found strings like chromePDFPopunderNew, adblockPopup, flashFileUrl, escaped tags, and even a string containing an inline PDF. js extension and just a number as an URL. On a site offering, amongst others, illegal streaming of table tennis matches, I noticed (in the list of JavaScripts in the DevTools Network tab) amongst third-party libraries, standard UI scripts and the all-too-frequent duplicate inclusion of the Google Analytics library (ouch!), a strangely named script with no. I went through a couple of sites, looking carefully at the scripts they included with Chromium’s DevTools. Then I decided to move over to sites offering links to illegal streaming of sporting events. ![]() I looked at some Pirate Bay proxies, with no luck. Which means, basically, sites where the user is trying to do something bordering on the illegal to begin with. I then thought that the best place to look for “scary” stuff would be sites whose owners won’t risk a legal action if they do something “scary” to their users. In these cases, most of what the scripts do is send data to a server, and since you have little way of knowing what the server’s actually doing with the data, it would have been very difficult to dissect them. I tried some reputable news sites, to see if there was anything interesting, but all I found were tons and tons of standard tracking scripts (and JavaScript errors in the console logs). It seems that companies supplying ads have become much better in spotting suspicious scripts by automating the vetting process, I assume. Where to look for such a script? I tried to find one of the aforementioned intrusive ads on legitimate websites, but couldn’t find any. One of the things I was looking for was uses of a variation of the infamous Evercookie (aka “undeletable cookie”) which would be a clear sign of shady tracking techniques. I installed the latest version of Ubuntu on the VM, opened the browser and went hunting. This way, if the sites I visited and the scripts contained therein tried to do something scary to my computer, I would just need to erase the VM without compromising my precious laptop. ![]() The first thing I did was to set up a Virtual Machine with Virtual Box on my main Ubuntu development PC. The idea was to look for, to quote Chris, “bits of JavaScript that do surprisingly scary things.” I hope I can share some of the fun with you. It looked like a fairly daunting task, but I’ve learned quite a few things from it, and in the end had a lot of fun doing it. Has it ever happened to you that your browser gets hijacked and innumerable pop-ups come up, and you seem to be unable to close them without quitting the browser altogether, or clicking 25 times on the “Back” button? You do feel in danger when that happens, don’t you?įollowing input from Chris here at CSS-Tricks, I decided to look for a script that does exactly that, and see what happens under the hood. ![]() After all, we’ve given them permission to do so, by reading pages and pages of legalese in their T&C pages (we all did, didn’t we?) and clicking on the “Accept” button.īut what can a site do to you, or to your device, without your explicit consent? What happens when you visit a slightly “improper” site, or a “proper” site you visited includes some third-party script that hasn’t been thoroughly checked? By now, we all know that the major tech behemoths like Facebook or Google know everything about our lives, including how often we go to the bathroom (hence all the prostate medication ads that keep popping up, even on reputable news sites).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |