One of our readers, Walter, wrote to us today with a request to owners of websites: please block any third-party advertisements that contain scripts or any form of mobile code.
Why? Well, consider this scenario:
1) Sleazy vendor (or rogue affiliate) "rents" compromised home computers from a bot-farmer
This is not a new problem. We covered cases like this in the past where an entire ad server gets compromised and the advertisements it is generating contain malware that gets injected via an iframe. The correct solution is to only accept images from advertisers that are linked to another website, and no mobile code. You clearly can't control what happens on that web site, but at least no mobile code is injected into your user's browsers just because they visited you.
Marcus H. Sachs
Jun 23rd 2007
1 decade ago