<article>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#article10_03_23_1256211</id>
	<title>Malware Delivered By Yahoo, Fox, Google Ads</title>
	<author>CmdrTaco</author>
	<datestamp>1269353640000</datestamp>
	<htmltext>WrongSizeGlass writes <i>"CNET is reporting that Avast has tracked over  <a href="http://news.cnet.com/8301-27080\_3-20000898-245.html?tag=newsLeadStoriesArea.1">2.6 million instances of malware</a> that have been served up to unsuspecting web surfers since last December by ad services such as Yahoo's Yield Manager, Fox Audience Network's Fimserve.com and even some from Google's DoubleClick.  Some high-profile sites include The New York Times, Drudge Report.com, TechCrunch and WhitePages.com. The practice has been dubbed 'malvertising.'
I usually suspect the users of 'careless web activity' when I delouse a PC, but now I'm going to have to give some the benefit of the doubt."</i></htmltext>
<tokenext>WrongSizeGlass writes " CNET is reporting that Avast has tracked over 2.6 million instances of malware that have been served up to unsuspecting web surfers since last December by ad services such as Yahoo 's Yield Manager , Fox Audience Network 's Fimserve.com and even some from Google 's DoubleClick .
Some high-profile sites include The New York Times , Drudge Report.com , TechCrunch and WhitePages.com .
The practice has been dubbed 'malvertising .
' I usually suspect the users of 'careless web activity ' when I delouse a PC , but now I 'm going to have to give some the benefit of the doubt .
"</tokentext>
<sentencetext>WrongSizeGlass writes "CNET is reporting that Avast has tracked over  2.6 million instances of malware that have been served up to unsuspecting web surfers since last December by ad services such as Yahoo's Yield Manager, Fox Audience Network's Fimserve.com and even some from Google's DoubleClick.
Some high-profile sites include The New York Times, Drudge Report.com, TechCrunch and WhitePages.com.
The practice has been dubbed 'malvertising.
'
I usually suspect the users of 'careless web activity' when I delouse a PC, but now I'm going to have to give some the benefit of the doubt.
"</sentencetext>
</article>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583960</id>
	<title>You can't tell the enemy from your friends...</title>
	<author>rickb928</author>
	<datestamp>1269360420000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>4</modscore>
	<htmltext><p>I have a running dialogue with a webmaster of a celebrity paps site (ok, sue me) about the various bits of malware that are being served up by her various advertisers.  This began a few months ago, and it took a while before I figured out they could not be expected to know this was happening.  She has tracked down the source of these adverts to an agency that offered her triple the usual rate.  Now she knows, among other things, that if it's too good to be true, there is a reason why.</p><p>But, she and I have synched clocks so she can know to the few seconds what I got.  She has to report back precise details to get her advertisers to figure out what happened, cause most of her direct advertisers are contracting out ads to other agencies, and they sell other ads, and the chain gets long and obscure in no time at all.</p><p>So far, she is helpful, but last week I sent her a screenshot of a nasty one installing that 2010 antivirus onto one of my virtual machines, and it turned out to be her oldest and most loyal sponsor, and an entirely legitimate ad that had gotten hijacked on the way to her server.  Yup, her server is compromised, and some ads are being re-written on the fly from other sources.  Makes sense to me, just another vector.  This is not good - even honest webmasters are vulnerable, though she called in a team/favor to fix up her server, which is supposed to be monitored for this stuff.  Oh well.</p><p>Is there any defense?  I'm using VPC2007 to run browsers just to be able to look at the nasty stuff being inflicted on me (not the celebs, thank you) and I can't imagine the fun of doing this from my desktop.  Ewww.</p><p>When the NYT is being used, we are past blaming the source.</p><p>Not to mention the waiting time I see for ad servers.  I want the damned content I asked for, thank you, perhaps webmasters need to find a way to ditch slow ads and let us see what we wanted to in the first place, ok? Thanks!</p></htmltext>
<tokenext>I have a running dialogue with a webmaster of a celebrity paps site ( ok , sue me ) about the various bits of malware that are being served up by her various advertisers .
This began a few months ago , and it took a while before I figured out they could not be expected to know this was happening .
She has tracked down the source of these adverts to an agency that offered her triple the usual rate .
Now she knows , among other things , that if it 's too good to be true , there is a reason why.But , she and I have synched clocks so she can know to the few seconds what I got .
She has to report back precise details to get her advertisers to figure out what happened , cause most of her direct advertisers are contracting out ads to other agencies , and they sell other ads , and the chain gets long and obscure in no time at all.So far , she is helpful , but last week I sent her a screenshot of a nasty one installing that 2010 antivirus onto one of my virtual machines , and it turned out to be her oldest and most loyal sponsor , and an entirely legitimate ad that had gotten hijacked on the way to her server .
Yup , her server is compromised , and some ads are being re-written on the fly from other sources .
Makes sense to me , just another vector .
This is not good - even honest webmasters are vulnerable , though she called in a team/favor to fix up her server , which is supposed to be monitored for this stuff .
Oh well.Is there any defense ?
I 'm using VPC2007 to run browsers just to be able to look at the nasty stuff being inflicted on me ( not the celebs , thank you ) and I ca n't imagine the fun of doing this from my desktop .
Ewww.When the NYT is being used , we are past blaming the source.Not to mention the waiting time I see for ad servers .
I want the damned content I asked for , thank you , perhaps webmasters need to find a way to ditch slow ads and let us see what we wanted to in the first place , ok ?
Thanks !</tokentext>
<sentencetext>I have a running dialogue with a webmaster of a celebrity paps site (ok, sue me) about the various bits of malware that are being served up by her various advertisers.
This began a few months ago, and it took a while before I figured out they could not be expected to know this was happening.
She has tracked down the source of these adverts to an agency that offered her triple the usual rate.
Now she knows, among other things, that if it's too good to be true, there is a reason why.But, she and I have synched clocks so she can know to the few seconds what I got.
She has to report back precise details to get her advertisers to figure out what happened, cause most of her direct advertisers are contracting out ads to other agencies, and they sell other ads, and the chain gets long and obscure in no time at all.So far, she is helpful, but last week I sent her a screenshot of a nasty one installing that 2010 antivirus onto one of my virtual machines, and it turned out to be her oldest and most loyal sponsor, and an entirely legitimate ad that had gotten hijacked on the way to her server.
Yup, her server is compromised, and some ads are being re-written on the fly from other sources.
Makes sense to me, just another vector.
This is not good - even honest webmasters are vulnerable, though she called in a team/favor to fix up her server, which is supposed to be monitored for this stuff.
Oh well.Is there any defense?
I'm using VPC2007 to run browsers just to be able to look at the nasty stuff being inflicted on me (not the celebs, thank you) and I can't imagine the fun of doing this from my desktop.
Ewww.When the NYT is being used, we are past blaming the source.Not to mention the waiting time I see for ad servers.
I want the damned content I asked for, thank you, perhaps webmasters need to find a way to ditch slow ads and let us see what we wanted to in the first place, ok?
Thanks!</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583374</id>
	<title>Re:Yup....seen it.</title>
	<author>Nos.</author>
	<datestamp>1269357960000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>2</modscore>
	<htmltext><p>I work in the security group and we had a few machines on our help desk get infected with the Antivirus Live malware.  After some research, we determined that it came through a legitimate site (help desk site that emulates various OS... can't think of the name), or more specifically the ads on the site.</p><p>We do run WebSense, but this was a legitimate site that our help desk uses quite frequently.  All machines were up to date with McAfee, but it was a new variation.  We ran it through VirusTotal.com within hours of the infection and I believe there were only two on the list that picked it up at that time.</p><p>So it wasn't the fault of the user and it can't be blamed on our choice of AV vendor.  Obviously we need a better way of detecting malware.  McAfee does have Artemis, but it failed on VirusTotal as well.</p></htmltext>
<tokenext>I work in the security group and we had a few machines on our help desk get infected with the Antivirus Live malware .
After some research , we determined that it came through a legitimate site ( help desk site that emulates various OS... ca n't think of the name ) , or more specifically the ads on the site.We do run WebSense , but this was a legitimate site that our help desk uses quite frequently .
All machines were up to date with McAfee , but it was a new variation .
We ran it through VirusTotal.com within hours of the infection and I believe there were only two on the list that picked it up at that time.So it was n't the fault of the user and it ca n't be blamed on our choice of AV vendor .
Obviously we need a better way of detecting malware .
McAfee does have Artemis , but it failed on VirusTotal as well .</tokentext>
<sentencetext>I work in the security group and we had a few machines on our help desk get infected with the Antivirus Live malware.
After some research, we determined that it came through a legitimate site (help desk site that emulates various OS... can't think of the name), or more specifically the ads on the site.We do run WebSense, but this was a legitimate site that our help desk uses quite frequently.
All machines were up to date with McAfee, but it was a new variation.
We ran it through VirusTotal.com within hours of the infection and I believe there were only two on the list that picked it up at that time.So it wasn't the fault of the user and it can't be blamed on our choice of AV vendor.
Obviously we need a better way of detecting malware.
McAfee does have Artemis, but it failed on VirusTotal as well.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583228</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583718</id>
	<title>Re:Yup....seen it.</title>
	<author>Anonymous</author>
	<datestamp>1269359460000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext>Ouch. The two news sites I browse most often. Good thing I run AdBlock and NoScript, and I wrote myself a Greasemonkey script to rewrite all the internal links to point to the print-friendly (read: ad-free) versions of the articles.</htmltext>
<tokenext>Ouch .
The two news sites I browse most often .
Good thing I run AdBlock and NoScript , and I wrote myself a Greasemonkey script to rewrite all the internal links to point to the print-friendly ( read : ad-free ) versions of the articles .</tokentext>
<sentencetext>Ouch.
The two news sites I browse most often.
Good thing I run AdBlock and NoScript, and I wrote myself a Greasemonkey script to rewrite all the internal links to point to the print-friendly (read: ad-free) versions of the articles.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583228</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583228</id>
	<title>Yup....seen it.</title>
	<author>Anonymous</author>
	<datestamp>1269357420000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>5</modscore>
	<htmltext><p>At my work, we allow unrestricted access to the net, but log everything.  We had a recent spate of vundo variants come through, and when we went through the logs, almost all of them were via the NYTimes or Wa Post.  Frustrating, when large companies like this make work for you.  For the most part, the allow everything, log it and using IDPS on the front-end(s) has helped quite a bit.</p></htmltext>
<tokenext>At my work , we allow unrestricted access to the net , but log everything .
We had a recent spate of vundo variants come through , and when we went through the logs , almost all of them were via the NYTimes or Wa Post .
Frustrating , when large companies like this make work for you .
For the most part , the allow everything , log it and using IDPS on the front-end ( s ) has helped quite a bit .</tokentext>
<sentencetext>At my work, we allow unrestricted access to the net, but log everything.
We had a recent spate of vundo variants come through, and when we went through the logs, almost all of them were via the NYTimes or Wa Post.
Frustrating, when large companies like this make work for you.
For the most part, the allow everything, log it and using IDPS on the front-end(s) has helped quite a bit.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583350</id>
	<title>Re:One lesson to learn</title>
	<author>Anonymous</author>
	<datestamp>1269357840000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>From the article:</p><blockquote><div><p>Users don't need to click on anything to get infected; a computer becomes infected after the ad is loaded by the browser, Avast said.</p></div>
</blockquote></div>
	</htmltext>
<tokenext>From the article : Users do n't need to click on anything to get infected ; a computer becomes infected after the ad is loaded by the browser , Avast said .</tokentext>
<sentencetext>From the article:Users don't need to click on anything to get infected; a computer becomes infected after the ad is loaded by the browser, Avast said.

	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583254</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31602850</id>
	<title>Re:I'm a professional Malware removal guy. Literal</title>
	<author>\_KiTA\_</author>
	<datestamp>1269422100000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>Why use Adobe Reader in the first place?  There are alternatives out there which are less embarrassingly insecure.  You should be telling your customers to switch from Adobe Reader, if possible.</p></div><p>Oh, there certainly are alternatives.</p><p>But my average user is not "technically savvy".  To the point that getting them to type in the URL of our website, then find the icon for our service, is very difficult.</p><p>It doesn't help that the company I pinch hit for (the stupidity of which inspired the Dilbert comic) has decided to give our service any of 4 different names depending on which website, state, etc you are in, and decided to hide our icon literally off the screen.</p><p>No, literally, you have to scroll down and to the right to find it.</p><p>My typical call entails taking 10-20 minutes to get a customer to type in a simple URL (domain.com/servicename), explaining that the My Web Search bar is not the address bar, explaining that again, explaining that you can't put a space in our URL, explaining that I wanted them to spell out the word minus instead of typing in -, etc etc.</p><p>Oh, and a VERY large number of these people are running IE6.  Or are running machines with 128/256 megs of ram and can't run anything else.  Or have tried installing IE8 (it thinks it can run on 64 megs of ram and will auto-install) on a WinXP machine with 128 megs of ram and are upset the machine is slow...</p><p>Er, sorry, lost myself for a second.  I guess what I'm saying is that these people can't even SPELL "PDF", yet alone uninstall Reader and install a different program.  And since my metrics -- i.e., the thing keeping me from being fired -- is based on getting customers off the phone as fast as possible...</p><p>(Oh, and our parent phone company does NOT want us giving tech advice or suggesting alternatives to programs like Reader, cause "they're not in the toolkit"...)</p></div>
	</htmltext>
<tokenext>Why use Adobe Reader in the first place ?
There are alternatives out there which are less embarrassingly insecure .
You should be telling your customers to switch from Adobe Reader , if possible.Oh , there certainly are alternatives.But my average user is not " technically savvy " .
To the point that getting them to type in the URL of our website , then find the icon for our service , is very difficult.It does n't help that the company I pinch hit for ( the stupidity of which inspired the Dilbert comic ) has decided to give our service any of 4 different names depending on which website , state , etc you are in , and decided to hide our icon literally off the screen.No , literally , you have to scroll down and to the right to find it.My typical call entails taking 10-20 minutes to get a customer to type in a simple URL ( domain.com/servicename ) , explaining that the My Web Search bar is not the address bar , explaining that again , explaining that you ca n't put a space in our URL , explaining that I wanted them to spell out the word minus instead of typing in - , etc etc.Oh , and a VERY large number of these people are running IE6 .
Or are running machines with 128/256 megs of ram and ca n't run anything else .
Or have tried installing IE8 ( it thinks it can run on 64 megs of ram and will auto-install ) on a WinXP machine with 128 megs of ram and are upset the machine is slow...Er , sorry , lost myself for a second .
I guess what I 'm saying is that these people ca n't even SPELL " PDF " , yet alone uninstall Reader and install a different program .
And since my metrics -- i.e. , the thing keeping me from being fired -- is based on getting customers off the phone as fast as possible... ( Oh , and our parent phone company does NOT want us giving tech advice or suggesting alternatives to programs like Reader , cause " they 're not in the toolkit " ... )</tokentext>
<sentencetext>Why use Adobe Reader in the first place?
There are alternatives out there which are less embarrassingly insecure.
You should be telling your customers to switch from Adobe Reader, if possible.Oh, there certainly are alternatives.But my average user is not "technically savvy".
To the point that getting them to type in the URL of our website, then find the icon for our service, is very difficult.It doesn't help that the company I pinch hit for (the stupidity of which inspired the Dilbert comic) has decided to give our service any of 4 different names depending on which website, state, etc you are in, and decided to hide our icon literally off the screen.No, literally, you have to scroll down and to the right to find it.My typical call entails taking 10-20 minutes to get a customer to type in a simple URL (domain.com/servicename), explaining that the My Web Search bar is not the address bar, explaining that again, explaining that you can't put a space in our URL, explaining that I wanted them to spell out the word minus instead of typing in -, etc etc.Oh, and a VERY large number of these people are running IE6.
Or are running machines with 128/256 megs of ram and can't run anything else.
Or have tried installing IE8 (it thinks it can run on 64 megs of ram and will auto-install) on a WinXP machine with 128 megs of ram and are upset the machine is slow...Er, sorry, lost myself for a second.
I guess what I'm saying is that these people can't even SPELL "PDF", yet alone uninstall Reader and install a different program.
And since my metrics -- i.e., the thing keeping me from being fired -- is based on getting customers off the phone as fast as possible...(Oh, and our parent phone company does NOT want us giving tech advice or suggesting alternatives to programs like Reader, cause "they're not in the toolkit"...)
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585110</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583964</id>
	<title>Re:Adblocker</title>
	<author>ajs</author>
	<datestamp>1269360420000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>You could always whitelist ads on sites that you want to support while turning off JavaScript (e.g. using noscript). Most ads will still display (unless they're flash, and then it really was their choice, wasn't it?)</p><p>That's what I do. I even leave Slashdot's ad opt-out checkbox unchecked.</p></htmltext>
<tokenext>You could always whitelist ads on sites that you want to support while turning off JavaScript ( e.g .
using noscript ) .
Most ads will still display ( unless they 're flash , and then it really was their choice , was n't it ?
) That 's what I do .
I even leave Slashdot 's ad opt-out checkbox unchecked .</tokentext>
<sentencetext>You could always whitelist ads on sites that you want to support while turning off JavaScript (e.g.
using noscript).
Most ads will still display (unless they're flash, and then it really was their choice, wasn't it?
)That's what I do.
I even leave Slashdot's ad opt-out checkbox unchecked.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583460</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583552</id>
	<title>Who Pays for These Ads?</title>
	<author>Anonymous</author>
	<datestamp>1269358680000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Seems like it should be easy to track and either immediately shut down the compromised accounts used or decapitate the morons responsible. If it's not easy then the payment systems need to be completely re-engineered such that it is.  There's no excuse in this privacy-impaired online global society for not being able to track down where the money comes from.  Heck, just ask the fraking RIAA for help if you can't figure out it's really a 70 year old grandmother without  a computer who is placing these ads.</p></htmltext>
<tokenext>Seems like it should be easy to track and either immediately shut down the compromised accounts used or decapitate the morons responsible .
If it 's not easy then the payment systems need to be completely re-engineered such that it is .
There 's no excuse in this privacy-impaired online global society for not being able to track down where the money comes from .
Heck , just ask the fraking RIAA for help if you ca n't figure out it 's really a 70 year old grandmother without a computer who is placing these ads .</tokentext>
<sentencetext>Seems like it should be easy to track and either immediately shut down the compromised accounts used or decapitate the morons responsible.
If it's not easy then the payment systems need to be completely re-engineered such that it is.
There's no excuse in this privacy-impaired online global society for not being able to track down where the money comes from.
Heck, just ask the fraking RIAA for help if you can't figure out it's really a 70 year old grandmother without  a computer who is placing these ads.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583376</id>
	<title>Re:One lesson to learn</title>
	<author>ygthb</author>
	<datestamp>1269358020000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>So who says they clicked,  it could be auto delivered.  I have seen many arenas where they mandate anti-virus (usually crap) and do nothing about malware.</p><p>Not many know about locking down host files, using ad-aware, spybot s&amp;d, or the like.  I still use javacools stuff.</p></htmltext>
<tokenext>So who says they clicked , it could be auto delivered .
I have seen many arenas where they mandate anti-virus ( usually crap ) and do nothing about malware.Not many know about locking down host files , using ad-aware , spybot s&amp;d , or the like .
I still use javacools stuff .</tokentext>
<sentencetext>So who says they clicked,  it could be auto delivered.
I have seen many arenas where they mandate anti-virus (usually crap) and do nothing about malware.Not many know about locking down host files, using ad-aware, spybot s&amp;d, or the like.
I still use javacools stuff.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583254</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584626</id>
	<title>Re:One lesson to learn</title>
	<author>L0rdJedi</author>
	<datestamp>1269363000000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>It might be Windows only, but it certainly is not limited to Internet Explorer.  I use FireFox at home exclusively and ran into one of these.  It threw up a screen that looks just like the Windows security center telling me I might be infected.  Before seeing this, I always thought people were just being careless.  After seeing it, I was pissed that a site like the NY Times would allow such an ad on their site.  Suddenly, the "safe sites" aren't so safe anymore.</p></htmltext>
<tokenext>It might be Windows only , but it certainly is not limited to Internet Explorer .
I use FireFox at home exclusively and ran into one of these .
It threw up a screen that looks just like the Windows security center telling me I might be infected .
Before seeing this , I always thought people were just being careless .
After seeing it , I was pissed that a site like the NY Times would allow such an ad on their site .
Suddenly , the " safe sites " are n't so safe anymore .</tokentext>
<sentencetext>It might be Windows only, but it certainly is not limited to Internet Explorer.
I use FireFox at home exclusively and ran into one of these.
It threw up a screen that looks just like the Windows security center telling me I might be infected.
Before seeing this, I always thought people were just being careless.
After seeing it, I was pissed that a site like the NY Times would allow such an ad on their site.
Suddenly, the "safe sites" aren't so safe anymore.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583810</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583316</id>
	<title>Good thing</title>
	<author>Jaysyn</author>
	<datestamp>1269357780000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Good thing the combo of AdBlock, NoScript &amp; FlashBlock will basically prevent these kinds of attacks.</p></htmltext>
<tokenext>Good thing the combo of AdBlock , NoScript &amp; FlashBlock will basically prevent these kinds of attacks .</tokentext>
<sentencetext>Good thing the combo of AdBlock, NoScript &amp; FlashBlock will basically prevent these kinds of attacks.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31602470</id>
	<title>Re:CUSTOM HOSTS FILES ARE THE SUPERIOR ANSWER</title>
	<author>Anonymous</author>
	<datestamp>1269463740000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><a href="mailto:apk4776239@hotmail.com" title="mailto" rel="nofollow">Mr. Alexander</a> [mailto] <a href="http://www.vclcomponents.com/authors/Alexander\_Peter\_Kowalski" title="vclcomponents.com" rel="nofollow">Peter Kowalski</a> [vclcomponents.com]<br><a href="http://www.zillow.com/homes/903-East-Division-Street-syracuse\_rb/" title="zillow.com" rel="nofollow">903 East Division Street</a> [zillow.com]<br>Syracuse, N.Y. 13208</p><p>We are <a href="http://maps.google.com/maps?q=903+East+Division+Street+syracuse&amp;ie=UTF8&amp;hq=&amp;hnear=903+E+Division+St,+Syracuse,+Onondaga,+New+York+13208&amp;gl=us&amp;ei=jmmqS7WJOo7itgO15fX3BQ&amp;ved=0CAcQ8gEwAA&amp;ll=43.066799,-76.147093&amp;spn=0.00163,0.004506&amp;t=h&amp;z=19" title="google.com" rel="nofollow">watching you</a> [google.com], AlecStaar.</p></htmltext>
<tokenext>Mr. Alexander [ mailto ] Peter Kowalski [ vclcomponents.com ] 903 East Division Street [ zillow.com ] Syracuse , N.Y. 13208We are watching you [ google.com ] , AlecStaar .</tokentext>
<sentencetext>Mr. Alexander [mailto] Peter Kowalski [vclcomponents.com]903 East Division Street [zillow.com]Syracuse, N.Y. 13208We are watching you [google.com], AlecStaar.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583826</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585662</id>
	<title>So what do I do to protect the family network?</title>
	<author>techie42</author>
	<datestamp>1269366720000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>This new form of attach makes me sad as I recently chewed out my kid for infecting two differtent computers at home.

But, last night I got hit by a side panel ad that set off my AV alert. I have also seen some unusual firewall alerts so there is still something there under the hood. The last time I got hit I accendently clicked on a questionable ad while attempting to scroll down the page. But at least I knew that I had clicked.

What to do about this?

Do I run web browing and email sandboxie? Do I setup VMplayer copies of Windows to browse and email? Are there other (better) solutions?

Tea-Timer and the rest seem to drive my wife and Teen age daughter nuts with prompts (and they are never sure what is okay anyway.)</htmltext>
<tokenext>This new form of attach makes me sad as I recently chewed out my kid for infecting two differtent computers at home .
But , last night I got hit by a side panel ad that set off my AV alert .
I have also seen some unusual firewall alerts so there is still something there under the hood .
The last time I got hit I accendently clicked on a questionable ad while attempting to scroll down the page .
But at least I knew that I had clicked .
What to do about this ?
Do I run web browing and email sandboxie ?
Do I setup VMplayer copies of Windows to browse and email ?
Are there other ( better ) solutions ?
Tea-Timer and the rest seem to drive my wife and Teen age daughter nuts with prompts ( and they are never sure what is okay anyway .
)</tokentext>
<sentencetext>This new form of attach makes me sad as I recently chewed out my kid for infecting two differtent computers at home.
But, last night I got hit by a side panel ad that set off my AV alert.
I have also seen some unusual firewall alerts so there is still something there under the hood.
The last time I got hit I accendently clicked on a questionable ad while attempting to scroll down the page.
But at least I knew that I had clicked.
What to do about this?
Do I run web browing and email sandboxie?
Do I setup VMplayer copies of Windows to browse and email?
Are there other (better) solutions?
Tea-Timer and the rest seem to drive my wife and Teen age daughter nuts with prompts (and they are never sure what is okay anyway.
)</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31586280</id>
	<title>Re:I'm a professional Malware removal guy. Literal</title>
	<author>darkain</author>
	<datestamp>1269369120000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>No need for an OS reinstall yet. Actually, it isn't too bad... <br> <br>

I used a clean machine to export the registry keys for the EXE file association to a<nobr> <wbr></nobr>.REG file.  Reboot the infected machine into safe mode, import the<nobr> <wbr></nobr>.REG file, and then use a program such as System Explorer or Security Task Manager to help clean up any bad processes.<br> <br>

Next, locate the exact filename of the virus (av.exe as one example).  Rename/Remove the virus EVE file.  Then create a DIRECTORY with same name in the same path (so a directory named "av.exe") - While the virus creators have been finding craftier and craftier ways to get it to execute itself on systems, this is an absolute stupid simple way to prevent it from even being writable (until they change the filename or path for where it saves itself).<br> <br>

Oh, and there is always PeerBlock with a daily updated list, which is great at blocking 3rd party malware servers entirely (this has worked much MUCH better at being up-to-date with Malware lists than any AV application as of recent) - <a href="http://www.peerblock.com/" title="peerblock.com">http://www.peerblock.com/</a> [peerblock.com]</htmltext>
<tokenext>No need for an OS reinstall yet .
Actually , it is n't too bad.. . I used a clean machine to export the registry keys for the EXE file association to a .REG file .
Reboot the infected machine into safe mode , import the .REG file , and then use a program such as System Explorer or Security Task Manager to help clean up any bad processes .
Next , locate the exact filename of the virus ( av.exe as one example ) .
Rename/Remove the virus EVE file .
Then create a DIRECTORY with same name in the same path ( so a directory named " av.exe " ) - While the virus creators have been finding craftier and craftier ways to get it to execute itself on systems , this is an absolute stupid simple way to prevent it from even being writable ( until they change the filename or path for where it saves itself ) .
Oh , and there is always PeerBlock with a daily updated list , which is great at blocking 3rd party malware servers entirely ( this has worked much MUCH better at being up-to-date with Malware lists than any AV application as of recent ) - http : //www.peerblock.com/ [ peerblock.com ]</tokentext>
<sentencetext>No need for an OS reinstall yet.
Actually, it isn't too bad...  

I used a clean machine to export the registry keys for the EXE file association to a .REG file.
Reboot the infected machine into safe mode, import the .REG file, and then use a program such as System Explorer or Security Task Manager to help clean up any bad processes.
Next, locate the exact filename of the virus (av.exe as one example).
Rename/Remove the virus EVE file.
Then create a DIRECTORY with same name in the same path (so a directory named "av.exe") - While the virus creators have been finding craftier and craftier ways to get it to execute itself on systems, this is an absolute stupid simple way to prevent it from even being writable (until they change the filename or path for where it saves itself).
Oh, and there is always PeerBlock with a daily updated list, which is great at blocking 3rd party malware servers entirely (this has worked much MUCH better at being up-to-date with Malware lists than any AV application as of recent) - http://www.peerblock.com/ [peerblock.com]</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584260</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584860</id>
	<title>Difficult change in habbits</title>
	<author>LoudMusic</author>
	<datestamp>1269364020000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p> I usually suspect the users of 'careless web activity' when I delouse a PC, but now I'm going to have to give some the benefit of the doubt."</p></div><p>I too have found myself in this situation and it is really difficult for me to not immediately jump to conclusions. To this day the only malware detected on my computers were put there by software I should have known better than to install. When I stopped installing that software I stopped having problems. But I know a lot of people who get viruses regularly and never use any warez and claim to be very careful about what they open from emails and where they browse on the web and which browsers they use.</p></div>
	</htmltext>
<tokenext>I usually suspect the users of 'careless web activity ' when I delouse a PC , but now I 'm going to have to give some the benefit of the doubt .
" I too have found myself in this situation and it is really difficult for me to not immediately jump to conclusions .
To this day the only malware detected on my computers were put there by software I should have known better than to install .
When I stopped installing that software I stopped having problems .
But I know a lot of people who get viruses regularly and never use any warez and claim to be very careful about what they open from emails and where they browse on the web and which browsers they use .</tokentext>
<sentencetext> I usually suspect the users of 'careless web activity' when I delouse a PC, but now I'm going to have to give some the benefit of the doubt.
"I too have found myself in this situation and it is really difficult for me to not immediately jump to conclusions.
To this day the only malware detected on my computers were put there by software I should have known better than to install.
When I stopped installing that software I stopped having problems.
But I know a lot of people who get viruses regularly and never use any warez and claim to be very careful about what they open from emails and where they browse on the web and which browsers they use.
	</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585844</id>
	<title>Re:The real defense line</title>
	<author>Anonymous</author>
	<datestamp>1269367440000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Sigh.</p><p>You think that because your browser runs locally you're safe?  Listen up... and repeat after me.  The fact that a local user can't infect that entire computer doesn't mean *your account* can't be infected as a local user.</p><p>You run firefox as something not root.  Big deal.  Local access is enough for me to spawn a netcat reverse tunnel bound to your bash shell and hunt around for a local exploit.  And you know you have them.  If you don't know you have them--you either don't know enough about your system, or you're on something so hardened you haven't had any non-security updates in over three years, and you're probably running at most firefox 2.x.</p><p>If your system gets jacked, hacking firefox is as simple as copying the relevant binary, somewhere hidden deeeep in your<nobr> <wbr></nobr>/home/.someapplicationstuff and injecting whatever the hell I feel like into it after modifying your little firefox icon and user path to launch mine. But that's a stupid hack--why even bother--it'd be easier to just install a local application that binds into your bashrc or registry equivalent and browse around as you at my convenience.  After getting an exploit to run on firefox I can do anything you could anyway.</p><p>If I don't have root access I can't use an lkmod rootkit...I can still do 95\% of what's interesting as a local user, can *probably* find a local exploit, and even if I can't, 95\% of the world will NEVER NOTICE anyway.</p><p>Getting rid of root gets rid of trivial remote installation of rootkits.  At that point you'll just see people go back to the drop, stage, and infect pattern.</p></htmltext>
<tokenext>Sigh.You think that because your browser runs locally you 're safe ?
Listen up... and repeat after me .
The fact that a local user ca n't infect that entire computer does n't mean * your account * ca n't be infected as a local user.You run firefox as something not root .
Big deal .
Local access is enough for me to spawn a netcat reverse tunnel bound to your bash shell and hunt around for a local exploit .
And you know you have them .
If you do n't know you have them--you either do n't know enough about your system , or you 're on something so hardened you have n't had any non-security updates in over three years , and you 're probably running at most firefox 2.x.If your system gets jacked , hacking firefox is as simple as copying the relevant binary , somewhere hidden deeeep in your /home/.someapplicationstuff and injecting whatever the hell I feel like into it after modifying your little firefox icon and user path to launch mine .
But that 's a stupid hack--why even bother--it 'd be easier to just install a local application that binds into your bashrc or registry equivalent and browse around as you at my convenience .
After getting an exploit to run on firefox I can do anything you could anyway.If I do n't have root access I ca n't use an lkmod rootkit...I can still do 95 \ % of what 's interesting as a local user , can * probably * find a local exploit , and even if I ca n't , 95 \ % of the world will NEVER NOTICE anyway.Getting rid of root gets rid of trivial remote installation of rootkits .
At that point you 'll just see people go back to the drop , stage , and infect pattern .</tokentext>
<sentencetext>Sigh.You think that because your browser runs locally you're safe?
Listen up... and repeat after me.
The fact that a local user can't infect that entire computer doesn't mean *your account* can't be infected as a local user.You run firefox as something not root.
Big deal.
Local access is enough for me to spawn a netcat reverse tunnel bound to your bash shell and hunt around for a local exploit.
And you know you have them.
If you don't know you have them--you either don't know enough about your system, or you're on something so hardened you haven't had any non-security updates in over three years, and you're probably running at most firefox 2.x.If your system gets jacked, hacking firefox is as simple as copying the relevant binary, somewhere hidden deeeep in your /home/.someapplicationstuff and injecting whatever the hell I feel like into it after modifying your little firefox icon and user path to launch mine.
But that's a stupid hack--why even bother--it'd be easier to just install a local application that binds into your bashrc or registry equivalent and browse around as you at my convenience.
After getting an exploit to run on firefox I can do anything you could anyway.If I don't have root access I can't use an lkmod rootkit...I can still do 95\% of what's interesting as a local user, can *probably* find a local exploit, and even if I can't, 95\% of the world will NEVER NOTICE anyway.Getting rid of root gets rid of trivial remote installation of rootkits.
At that point you'll just see people go back to the drop, stage, and infect pattern.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583498</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583782</id>
	<title>Re:Good thing</title>
	<author>Anonymous</author>
	<datestamp>1269359760000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>How exactly are Mac an *nix users vulnerable?</p><p>All of the malware being delivered only runs on Windows.</p></htmltext>
<tokenext>How exactly are Mac an * nix users vulnerable ? All of the malware being delivered only runs on Windows .</tokentext>
<sentencetext>How exactly are Mac an *nix users vulnerable?All of the malware being delivered only runs on Windows.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583492</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585212</id>
	<title>So whats going to be done about it?</title>
	<author>Stan92057</author>
	<datestamp>1269365220000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext>So whats going to be done about it? I see allot of use ad block and such,but thats not going to put the criminals who are stealing resources to spread there malware. If they get caught it should be high profile news and the punishment every painful as in length of prison time,not insert blunt obj in rectum kinda pain lol. Anyways i always see allot of talk but not any action against the criminals,this anti virus scam has been going on for years. Don't ya think its time to stop them?</htmltext>
<tokenext>So whats going to be done about it ?
I see allot of use ad block and such,but thats not going to put the criminals who are stealing resources to spread there malware .
If they get caught it should be high profile news and the punishment every painful as in length of prison time,not insert blunt obj in rectum kinda pain lol .
Anyways i always see allot of talk but not any action against the criminals,this anti virus scam has been going on for years .
Do n't ya think its time to stop them ?</tokentext>
<sentencetext>So whats going to be done about it?
I see allot of use ad block and such,but thats not going to put the criminals who are stealing resources to spread there malware.
If they get caught it should be high profile news and the punishment every painful as in length of prison time,not insert blunt obj in rectum kinda pain lol.
Anyways i always see allot of talk but not any action against the criminals,this anti virus scam has been going on for years.
Don't ya think its time to stop them?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583936</id>
	<title>Adblock and Noscript</title>
	<author>erroneus</author>
	<datestamp>1269360300000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Once again, we cannot trust advertising that does not come directly from the web site being contacted.  No surprise there.  Further, there are times when we cannot trust advertising that DOES come from the site being contacted.</p><p>The only safe content, so far, is based on simple text and pictures.</p><p>Are you listening advertisers?  TRUST the people you are advertising through to host and deliver your ads appropriately.  RESPECT your audience enough to avoid using flash and other nonsense.  Do this and people will not block your ads so much.  People block not only because it is annoying, it is a risk to do otherwise.</p></htmltext>
<tokenext>Once again , we can not trust advertising that does not come directly from the web site being contacted .
No surprise there .
Further , there are times when we can not trust advertising that DOES come from the site being contacted.The only safe content , so far , is based on simple text and pictures.Are you listening advertisers ?
TRUST the people you are advertising through to host and deliver your ads appropriately .
RESPECT your audience enough to avoid using flash and other nonsense .
Do this and people will not block your ads so much .
People block not only because it is annoying , it is a risk to do otherwise .</tokentext>
<sentencetext>Once again, we cannot trust advertising that does not come directly from the web site being contacted.
No surprise there.
Further, there are times when we cannot trust advertising that DOES come from the site being contacted.The only safe content, so far, is based on simple text and pictures.Are you listening advertisers?
TRUST the people you are advertising through to host and deliver your ads appropriately.
RESPECT your audience enough to avoid using flash and other nonsense.
Do this and people will not block your ads so much.
People block not only because it is annoying, it is a risk to do otherwise.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31586610</id>
	<title>Re:Make the Ads Safe</title>
	<author>psydeshow</author>
	<datestamp>1269370380000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>as long as these sites rely on third party advertisers that are more concerned with eyeball collection than system security, we have a stalemate.  If sites want me to see their ads, they have the burden of making sure the ads are safe (less annoying, would also be good).  If I lower my guard out of "friendship" for a site, only to get a drive by download as a reward, I'm going to take it as a major breech of trust.</p></div><p>Bingo. If your site relies on ad revenue to survive, maybe you should be the one serving the ads so that you have control over what's appearing next to your precious content.</p><p>Because here's the thing: <b>ad blockers do not block server-included ads</b>. Right? They block 3rd-party ads that are placed using client-side includes.</p><p>If you (as a content provider) trust your advertisers enough to serve the ads from your own site (and take responsibility for redistributing any malware they hand you, yes?) then I won't try to block your ads. It would be like blocking the photos embedded in your stories, or the graphics of your ui. It just wouldn't make sense.</p><p>The problem is that most sites are apparently so desperate for money that they will allow *anyone* to put *anything* on their pages. They may not intend for that to be the case, but that's the nature of client-side includes. When you use them, you have no control over what some other site is going to decide to do.</p></div>
	</htmltext>
<tokenext>as long as these sites rely on third party advertisers that are more concerned with eyeball collection than system security , we have a stalemate .
If sites want me to see their ads , they have the burden of making sure the ads are safe ( less annoying , would also be good ) .
If I lower my guard out of " friendship " for a site , only to get a drive by download as a reward , I 'm going to take it as a major breech of trust.Bingo .
If your site relies on ad revenue to survive , maybe you should be the one serving the ads so that you have control over what 's appearing next to your precious content.Because here 's the thing : ad blockers do not block server-included ads .
Right ? They block 3rd-party ads that are placed using client-side includes.If you ( as a content provider ) trust your advertisers enough to serve the ads from your own site ( and take responsibility for redistributing any malware they hand you , yes ?
) then I wo n't try to block your ads .
It would be like blocking the photos embedded in your stories , or the graphics of your ui .
It just would n't make sense.The problem is that most sites are apparently so desperate for money that they will allow * anyone * to put * anything * on their pages .
They may not intend for that to be the case , but that 's the nature of client-side includes .
When you use them , you have no control over what some other site is going to decide to do .</tokentext>
<sentencetext>as long as these sites rely on third party advertisers that are more concerned with eyeball collection than system security, we have a stalemate.
If sites want me to see their ads, they have the burden of making sure the ads are safe (less annoying, would also be good).
If I lower my guard out of "friendship" for a site, only to get a drive by download as a reward, I'm going to take it as a major breech of trust.Bingo.
If your site relies on ad revenue to survive, maybe you should be the one serving the ads so that you have control over what's appearing next to your precious content.Because here's the thing: ad blockers do not block server-included ads.
Right? They block 3rd-party ads that are placed using client-side includes.If you (as a content provider) trust your advertisers enough to serve the ads from your own site (and take responsibility for redistributing any malware they hand you, yes?
) then I won't try to block your ads.
It would be like blocking the photos embedded in your stories, or the graphics of your ui.
It just wouldn't make sense.The problem is that most sites are apparently so desperate for money that they will allow *anyone* to put *anything* on their pages.
They may not intend for that to be the case, but that's the nature of client-side includes.
When you use them, you have no control over what some other site is going to decide to do.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583714</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585488</id>
	<title>Re:I'm a professional Malware removal guy. Literal</title>
	<author>mzs</author>
	<datestamp>1269366180000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I second this. I see exactly this with PDF files routinely. I have simply uninstalled acrobat (aka adobe reader) on all on the Windows machines at this point and use SumatraPDF instead. It is only a matter of time until they start using zero-day exploits.</p></htmltext>
<tokenext>I second this .
I see exactly this with PDF files routinely .
I have simply uninstalled acrobat ( aka adobe reader ) on all on the Windows machines at this point and use SumatraPDF instead .
It is only a matter of time until they start using zero-day exploits .</tokentext>
<sentencetext>I second this.
I see exactly this with PDF files routinely.
I have simply uninstalled acrobat (aka adobe reader) on all on the Windows machines at this point and use SumatraPDF instead.
It is only a matter of time until they start using zero-day exploits.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584260</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584790</id>
	<title>Re:ORLY?</title>
	<author>shoehornjob</author>
	<datestamp>1269363720000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Every major av vendor I know of (Symantec, Mcafee, Panda, Trend Micro, Kaspersky etc) do something like this so I disagree that there is a hidden agenda here. We saw the NY Times exploit on Slashdot a while back so they're not spreading FUD. As far as digging into the real problem, I guess it depends on the audience.</htmltext>
<tokenext>Every major av vendor I know of ( Symantec , Mcafee , Panda , Trend Micro , Kaspersky etc ) do something like this so I disagree that there is a hidden agenda here .
We saw the NY Times exploit on Slashdot a while back so they 're not spreading FUD .
As far as digging into the real problem , I guess it depends on the audience .</tokentext>
<sentencetext>Every major av vendor I know of (Symantec, Mcafee, Panda, Trend Micro, Kaspersky etc) do something like this so I disagree that there is a hidden agenda here.
We saw the NY Times exploit on Slashdot a while back so they're not spreading FUD.
As far as digging into the real problem, I guess it depends on the audience.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583528</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583484</id>
	<title>So at what point does Adobe become liable?</title>
	<author>Anonymous</author>
	<datestamp>1269358440000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Since the attact vector isn't Flash itself, but the implementation that 99.9999999\% of people have installed.</p></htmltext>
<tokenext>Since the attact vector is n't Flash itself , but the implementation that 99.9999999 \ % of people have installed .</tokentext>
<sentencetext>Since the attact vector isn't Flash itself, but the implementation that 99.9999999\% of people have installed.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585110</id>
	<title>Re:I'm a professional Malware removal guy. Literal</title>
	<author>Anonymous</author>
	<datestamp>1269364920000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Why use Adobe Reader in the first place?  There are alternatives out there which are less embarrassingly insecure.  You should be telling your customers to switch from Adobe Reader, if possible.</p></htmltext>
<tokenext>Why use Adobe Reader in the first place ?
There are alternatives out there which are less embarrassingly insecure .
You should be telling your customers to switch from Adobe Reader , if possible .</tokentext>
<sentencetext>Why use Adobe Reader in the first place?
There are alternatives out there which are less embarrassingly insecure.
You should be telling your customers to switch from Adobe Reader, if possible.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584260</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583460</id>
	<title>Adblocker</title>
	<author>wisnoskij</author>
	<datestamp>1269358320000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>4</modscore>
	<htmltext><p>I would like to support sites by viewing their ads but if it leaves you more open to viruses even on high-profile sites then it is not worth the risk.</p></htmltext>
<tokenext>I would like to support sites by viewing their ads but if it leaves you more open to viruses even on high-profile sites then it is not worth the risk .</tokentext>
<sentencetext>I would like to support sites by viewing their ads but if it leaves you more open to viruses even on high-profile sites then it is not worth the risk.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31589190</id>
	<title>Re:I'm a professional Malware removal guy. Literal</title>
	<author>DMUTPeregrine</author>
	<datestamp>1269338100000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>I, too, clean many malware infested machines. I've never had a problem with<nobr> <wbr></nobr>.exe handling being rewritten, because I do all my cleaning from a boot CD. Why you'd ever try to clean a machine from an infected install is beyond me. OS reinstall is pretty much never necessary, though it can be cheaper (when the time needed to backup data, install OS, install apps, &amp; restore data is smaller than the time needed to clean the infection.)</htmltext>
<tokenext>I , too , clean many malware infested machines .
I 've never had a problem with .exe handling being rewritten , because I do all my cleaning from a boot CD .
Why you 'd ever try to clean a machine from an infected install is beyond me .
OS reinstall is pretty much never necessary , though it can be cheaper ( when the time needed to backup data , install OS , install apps , &amp; restore data is smaller than the time needed to clean the infection .
)</tokentext>
<sentencetext>I, too, clean many malware infested machines.
I've never had a problem with .exe handling being rewritten, because I do all my cleaning from a boot CD.
Why you'd ever try to clean a machine from an infected install is beyond me.
OS reinstall is pretty much never necessary, though it can be cheaper (when the time needed to backup data, install OS, install apps, &amp; restore data is smaller than the time needed to clean the infection.
)</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584260</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583616</id>
	<title>OK, if the ad networks won't police this</title>
	<author>WCMI92</author>
	<datestamp>1269358980000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext><p>Then we should start blocking the ad networks from our networks.</p><p>If lots of people started doing that, I wonder how quick Google, Yahoo, et all would start screening advertisers for malware?</p></htmltext>
<tokenext>Then we should start blocking the ad networks from our networks.If lots of people started doing that , I wonder how quick Google , Yahoo , et all would start screening advertisers for malware ?</tokentext>
<sentencetext>Then we should start blocking the ad networks from our networks.If lots of people started doing that, I wonder how quick Google, Yahoo, et all would start screening advertisers for malware?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585572</id>
	<title>What The Fuck Do They Expect?</title>
	<author>sexconker</author>
	<datestamp>1269366420000</datestamp>
	<modclass>None</modclass>
	<modscore>-1</modscore>
	<htmltext><p>When you run 3rd-party, unaudited code to serve up 4th-party, unaudited ads, you're really just giving up control of your fucking server.</p><p>Yes, I'm calling them 4th party.  There's no direct communication between the site owners and the advertisers, and they often remain anonymou.  Even if the ad is for ValidThingX, that doesn't mean anyone affiliated with ValidThingX made the ad.</p><p>Any site that thinks the ad revenue is worth the risk is fucking retarded.  Pro tip:  You've probably got a marketing department if you're big enough to have significant advertising income, and you can draw advertisers directly to you, where you can check the ads.  If you're running a blog or a hobby site, how about you just pony up the, at most, couple hundred bucks a year and have a site that isn't riddled with shit?</p><p>If your best friend who you completely trust (hello Google fanboys) came to you and said he's running a program where he pays people money to house strangers, would you sign up for the few bucks profit and let random strangers into your house?  No.  No you fucking wouldn't.</p><p>Flash has more gaping holes than Congress, so let's use it for ads!  Javascript runs client side and can do all sorts of fun stuff, so let's use it for ads!  Remember those jpeg exploits a while back?  Every site ever should have shut down all 3rd-party advertising immediately upon news of the exploit.</p><p>Bububu money, unreasonably.  No, fuck off.  Toyota's fucking themselves in the ass with their recall.  Johnson &amp; Johnson pulled every Tylenol pill off the market in 1982 when some schlub in Chicago was lacing shit with cyanide (in stores).  This is the proper response.  (Compare that to how they handled the recall 2 months ago though...)  Exploit being used in the wild?  In ads?  Possibly on my site?  Google will take care of it while I continue to scratch my ass.</p></htmltext>
<tokenext>When you run 3rd-party , unaudited code to serve up 4th-party , unaudited ads , you 're really just giving up control of your fucking server.Yes , I 'm calling them 4th party .
There 's no direct communication between the site owners and the advertisers , and they often remain anonymou .
Even if the ad is for ValidThingX , that does n't mean anyone affiliated with ValidThingX made the ad.Any site that thinks the ad revenue is worth the risk is fucking retarded .
Pro tip : You 've probably got a marketing department if you 're big enough to have significant advertising income , and you can draw advertisers directly to you , where you can check the ads .
If you 're running a blog or a hobby site , how about you just pony up the , at most , couple hundred bucks a year and have a site that is n't riddled with shit ? If your best friend who you completely trust ( hello Google fanboys ) came to you and said he 's running a program where he pays people money to house strangers , would you sign up for the few bucks profit and let random strangers into your house ?
No. No you fucking would n't.Flash has more gaping holes than Congress , so let 's use it for ads !
Javascript runs client side and can do all sorts of fun stuff , so let 's use it for ads !
Remember those jpeg exploits a while back ?
Every site ever should have shut down all 3rd-party advertising immediately upon news of the exploit.Bububu money , unreasonably .
No , fuck off .
Toyota 's fucking themselves in the ass with their recall .
Johnson &amp; Johnson pulled every Tylenol pill off the market in 1982 when some schlub in Chicago was lacing shit with cyanide ( in stores ) .
This is the proper response .
( Compare that to how they handled the recall 2 months ago though... ) Exploit being used in the wild ?
In ads ?
Possibly on my site ?
Google will take care of it while I continue to scratch my ass .</tokentext>
<sentencetext>When you run 3rd-party, unaudited code to serve up 4th-party, unaudited ads, you're really just giving up control of your fucking server.Yes, I'm calling them 4th party.
There's no direct communication between the site owners and the advertisers, and they often remain anonymou.
Even if the ad is for ValidThingX, that doesn't mean anyone affiliated with ValidThingX made the ad.Any site that thinks the ad revenue is worth the risk is fucking retarded.
Pro tip:  You've probably got a marketing department if you're big enough to have significant advertising income, and you can draw advertisers directly to you, where you can check the ads.
If you're running a blog or a hobby site, how about you just pony up the, at most, couple hundred bucks a year and have a site that isn't riddled with shit?If your best friend who you completely trust (hello Google fanboys) came to you and said he's running a program where he pays people money to house strangers, would you sign up for the few bucks profit and let random strangers into your house?
No.  No you fucking wouldn't.Flash has more gaping holes than Congress, so let's use it for ads!
Javascript runs client side and can do all sorts of fun stuff, so let's use it for ads!
Remember those jpeg exploits a while back?
Every site ever should have shut down all 3rd-party advertising immediately upon news of the exploit.Bububu money, unreasonably.
No, fuck off.
Toyota's fucking themselves in the ass with their recall.
Johnson &amp; Johnson pulled every Tylenol pill off the market in 1982 when some schlub in Chicago was lacing shit with cyanide (in stores).
This is the proper response.
(Compare that to how they handled the recall 2 months ago though...)  Exploit being used in the wild?
In ads?
Possibly on my site?
Google will take care of it while I continue to scratch my ass.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583650</id>
	<title>Re:Yup....seen it.</title>
	<author>Anonymous</author>
	<datestamp>1269359160000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>vundo's nothing.  try virut</p></htmltext>
<tokenext>vundo 's nothing .
try virut</tokentext>
<sentencetext>vundo's nothing.
try virut</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583228</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584236</id>
	<title>Why I don't run ads</title>
	<author>KingSkippus</author>
	<datestamp>1269361500000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>5</modscore>
	<htmltext><p>Yup, I've seen it, too.  I run a gaming web site that gets around 2 million page loads a month.  A long time ago, I made a deliberate decision not to run ads.  My rationale at the time was that I didn't mind paying the hosting cost because it's my hobby.  Some people pay a lot on woodworking, some people pay a fortune on golf.  My hobbyist indulgence is paying the monthly fee for a VPS to host the site.</p><p>A while back, when I needed more power for the site and the hosting costs went up, I made a deal to move the site (which was a MediaWiki-based wiki) to Wikia.  They promised me that there would only be one ad on the site, that it would never be injected in the content, that it wouldn't be obtrusive, and other such things.  After the site was moved, they proceeded to go back on these promises, and several more.</p><p>After less than a year, the other administrators and I decided to re-host the site ourselves, and ask for donations.  Again, we don't run ads, and thanks to donations, I'm almost breaking even on the hosting costs.</p><p>Recently, someone pointed me back to Wikia's site.  It is a tragedy.  Aside from being woefully out of date, there were six or eight ads, including javascript and Flash ads that obscure parts of the screen and injected into the articles.  Worst of all, some of the "malvertising" discussed in this article.</p><p>Here's what's kind of bad.  Because Wikia uses SEO crappy games, their site still comes up on top of the search results in Google.  (You should see the page titles, they're 10 or 15 words long.)  I recently posted a message on the game's official forums warning people of the malevolent advertising, because I wanted to make sure people used the right URL for our wiki, and it was a good chance to reiterate how important it is to us to keep the site ad-free.</p><p>A week or so ago, one of the guys at Ars Technica ranted in an article about how people who use ad blocking are stealing content.  It's the same argument I've seen higher profile people (Rubert Murdoch, I'm looking at you...) make the same claim.  I said then, and I still maintain, that using ad blocking and Flash blocking is not just a matter of convenience, but a matter of maintaining the security of my system.</p><p>Fortunately, I like sites like Ars Technica, because they provide an alternate means of reading their content without "stealing" it, and I have a paid subscription to the site.  However, as long as a site's only business model is advertising, I don't feel one iota of guilt in protecting my system.  If they block content if ad blockers are being used, more power to them, I'll find another site to read.</p><p>But stories like this, stories I've actually felt first-hand, are why I support sites without advertising, I do what I can to opt out of advertising, and I don't force advertising on visitors to sites I run myself.</p></htmltext>
<tokenext>Yup , I 've seen it , too .
I run a gaming web site that gets around 2 million page loads a month .
A long time ago , I made a deliberate decision not to run ads .
My rationale at the time was that I did n't mind paying the hosting cost because it 's my hobby .
Some people pay a lot on woodworking , some people pay a fortune on golf .
My hobbyist indulgence is paying the monthly fee for a VPS to host the site.A while back , when I needed more power for the site and the hosting costs went up , I made a deal to move the site ( which was a MediaWiki-based wiki ) to Wikia .
They promised me that there would only be one ad on the site , that it would never be injected in the content , that it would n't be obtrusive , and other such things .
After the site was moved , they proceeded to go back on these promises , and several more.After less than a year , the other administrators and I decided to re-host the site ourselves , and ask for donations .
Again , we do n't run ads , and thanks to donations , I 'm almost breaking even on the hosting costs.Recently , someone pointed me back to Wikia 's site .
It is a tragedy .
Aside from being woefully out of date , there were six or eight ads , including javascript and Flash ads that obscure parts of the screen and injected into the articles .
Worst of all , some of the " malvertising " discussed in this article.Here 's what 's kind of bad .
Because Wikia uses SEO crappy games , their site still comes up on top of the search results in Google .
( You should see the page titles , they 're 10 or 15 words long .
) I recently posted a message on the game 's official forums warning people of the malevolent advertising , because I wanted to make sure people used the right URL for our wiki , and it was a good chance to reiterate how important it is to us to keep the site ad-free.A week or so ago , one of the guys at Ars Technica ranted in an article about how people who use ad blocking are stealing content .
It 's the same argument I 've seen higher profile people ( Rubert Murdoch , I 'm looking at you... ) make the same claim .
I said then , and I still maintain , that using ad blocking and Flash blocking is not just a matter of convenience , but a matter of maintaining the security of my system.Fortunately , I like sites like Ars Technica , because they provide an alternate means of reading their content without " stealing " it , and I have a paid subscription to the site .
However , as long as a site 's only business model is advertising , I do n't feel one iota of guilt in protecting my system .
If they block content if ad blockers are being used , more power to them , I 'll find another site to read.But stories like this , stories I 've actually felt first-hand , are why I support sites without advertising , I do what I can to opt out of advertising , and I do n't force advertising on visitors to sites I run myself .</tokentext>
<sentencetext>Yup, I've seen it, too.
I run a gaming web site that gets around 2 million page loads a month.
A long time ago, I made a deliberate decision not to run ads.
My rationale at the time was that I didn't mind paying the hosting cost because it's my hobby.
Some people pay a lot on woodworking, some people pay a fortune on golf.
My hobbyist indulgence is paying the monthly fee for a VPS to host the site.A while back, when I needed more power for the site and the hosting costs went up, I made a deal to move the site (which was a MediaWiki-based wiki) to Wikia.
They promised me that there would only be one ad on the site, that it would never be injected in the content, that it wouldn't be obtrusive, and other such things.
After the site was moved, they proceeded to go back on these promises, and several more.After less than a year, the other administrators and I decided to re-host the site ourselves, and ask for donations.
Again, we don't run ads, and thanks to donations, I'm almost breaking even on the hosting costs.Recently, someone pointed me back to Wikia's site.
It is a tragedy.
Aside from being woefully out of date, there were six or eight ads, including javascript and Flash ads that obscure parts of the screen and injected into the articles.
Worst of all, some of the "malvertising" discussed in this article.Here's what's kind of bad.
Because Wikia uses SEO crappy games, their site still comes up on top of the search results in Google.
(You should see the page titles, they're 10 or 15 words long.
)  I recently posted a message on the game's official forums warning people of the malevolent advertising, because I wanted to make sure people used the right URL for our wiki, and it was a good chance to reiterate how important it is to us to keep the site ad-free.A week or so ago, one of the guys at Ars Technica ranted in an article about how people who use ad blocking are stealing content.
It's the same argument I've seen higher profile people (Rubert Murdoch, I'm looking at you...) make the same claim.
I said then, and I still maintain, that using ad blocking and Flash blocking is not just a matter of convenience, but a matter of maintaining the security of my system.Fortunately, I like sites like Ars Technica, because they provide an alternate means of reading their content without "stealing" it, and I have a paid subscription to the site.
However, as long as a site's only business model is advertising, I don't feel one iota of guilt in protecting my system.
If they block content if ad blockers are being used, more power to them, I'll find another site to read.But stories like this, stories I've actually felt first-hand, are why I support sites without advertising, I do what I can to opt out of advertising, and I don't force advertising on visitors to sites I run myself.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583228</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584592</id>
	<title>Re:So at what point does Adobe become liable?</title>
	<author>ShadowRangerRIT</author>
	<datestamp>1269362880000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>That's what EULAs are for. Software is much harder to do right than hardware, so people accept a certain amount of misbehavior in exchange for more powerful software that doesn't cost an arm and a leg. We could do bug free software, but it drastically limits the scope of the software and drastically increases the cost. The software used for aircraft control is usually subject to this level of testing, along with that used in a lot of embedded systems. But for a general purpose computer, you need to do things like conditional code, interacting processes, etc., that make it nearly impossible to do 100\% thorough tests. Yeah, Adobe is doing worse than it should, but the only solution to that is to stop using it. And until everyone does, Adobe will continue to get away with it.</htmltext>
<tokenext>That 's what EULAs are for .
Software is much harder to do right than hardware , so people accept a certain amount of misbehavior in exchange for more powerful software that does n't cost an arm and a leg .
We could do bug free software , but it drastically limits the scope of the software and drastically increases the cost .
The software used for aircraft control is usually subject to this level of testing , along with that used in a lot of embedded systems .
But for a general purpose computer , you need to do things like conditional code , interacting processes , etc. , that make it nearly impossible to do 100 \ % thorough tests .
Yeah , Adobe is doing worse than it should , but the only solution to that is to stop using it .
And until everyone does , Adobe will continue to get away with it .</tokentext>
<sentencetext>That's what EULAs are for.
Software is much harder to do right than hardware, so people accept a certain amount of misbehavior in exchange for more powerful software that doesn't cost an arm and a leg.
We could do bug free software, but it drastically limits the scope of the software and drastically increases the cost.
The software used for aircraft control is usually subject to this level of testing, along with that used in a lot of embedded systems.
But for a general purpose computer, you need to do things like conditional code, interacting processes, etc., that make it nearly impossible to do 100\% thorough tests.
Yeah, Adobe is doing worse than it should, but the only solution to that is to stop using it.
And until everyone does, Adobe will continue to get away with it.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583484</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584212</id>
	<title>Yeah, this does not square with Googles analysis..</title>
	<author>Tran</author>
	<datestamp>1269361380000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>The other day someone posted a nice link to Google's facebook analysis, so I tried some of the pages mentioned above.<br>For example:<br><a href="http://google.com/safebrowsing/diagnostic?site=drudgereport.com/" title="google.com">http://google.com/safebrowsing/diagnostic?site=drudgereport.com/</a> [google.com]</p><p>Seems that Google has a different opinion on this information.</p></htmltext>
<tokenext>The other day someone posted a nice link to Google 's facebook analysis , so I tried some of the pages mentioned above.For example : http : //google.com/safebrowsing/diagnostic ? site = drudgereport.com/ [ google.com ] Seems that Google has a different opinion on this information .</tokentext>
<sentencetext>The other day someone posted a nice link to Google's facebook analysis, so I tried some of the pages mentioned above.For example:http://google.com/safebrowsing/diagnostic?site=drudgereport.com/ [google.com]Seems that Google has a different opinion on this information.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583528</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585660</id>
	<title>Re:I'm a professional Malware removal guy. Literal</title>
	<author>E-Sabbath</author>
	<datestamp>1269366720000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>2</modscore>
	<htmltext><p>Same experience except: my sneaky trick is to install mbam on the infected computer, then run the same version of it off a flash drive. Surprisingly, it works.</p><p>Also, do you think using Foxit instead of Adobe might help? For that matter, setting PDFs to not auto-open?</p></htmltext>
<tokenext>Same experience except : my sneaky trick is to install mbam on the infected computer , then run the same version of it off a flash drive .
Surprisingly , it works.Also , do you think using Foxit instead of Adobe might help ?
For that matter , setting PDFs to not auto-open ?</tokentext>
<sentencetext>Same experience except: my sneaky trick is to install mbam on the infected computer, then run the same version of it off a flash drive.
Surprisingly, it works.Also, do you think using Foxit instead of Adobe might help?
For that matter, setting PDFs to not auto-open?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584260</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583508</id>
	<title>Scary</title>
	<author>Anonymous</author>
	<datestamp>1269358500000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>I recently loaded the website of a local paintball facility in Firefox 3.5.7 with NoScript and the site somehow added itself to the NoScript allowed sites and attempted to install one of the Antivirus XP 2010 type pieces of crapware.  This was on Vista and the installation went nowhere; testing on an XP machine yielded full and complete installation with no user interaction beyond opening the original web site.  Pretty scary.</p></htmltext>
<tokenext>I recently loaded the website of a local paintball facility in Firefox 3.5.7 with NoScript and the site somehow added itself to the NoScript allowed sites and attempted to install one of the Antivirus XP 2010 type pieces of crapware .
This was on Vista and the installation went nowhere ; testing on an XP machine yielded full and complete installation with no user interaction beyond opening the original web site .
Pretty scary .</tokentext>
<sentencetext>I recently loaded the website of a local paintball facility in Firefox 3.5.7 with NoScript and the site somehow added itself to the NoScript allowed sites and attempted to install one of the Antivirus XP 2010 type pieces of crapware.
This was on Vista and the installation went nowhere; testing on an XP machine yielded full and complete installation with no user interaction beyond opening the original web site.
Pretty scary.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583254</id>
	<title>One lesson to learn</title>
	<author>Anonymous</author>
	<datestamp>1269357480000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Never ever click an ad!</htmltext>
<tokenext>Never ever click an ad !</tokentext>
<sentencetext>Never ever click an ad!</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583780</id>
	<title>Re:The real defense line</title>
	<author>Anonymous</author>
	<datestamp>1269359700000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Even without admin rights malware can still cause you tremendous grief.  The real problem is two fold:</p><p>1. Automatic download and execution without the user's knowledge or consent.<br>2. User education / trust</p><p>Fix the first issue and you solve a big chunk of the problem; Microsoft is getting better at it, but it still happens.<br>The second issue is harder.  Even today we STILL read about people who siphon all their life savings off to some Nigerian scumbag.  You think these same people wouldn't click through some dialogs to download and run "Fuck.Up.My.Pc.exe"?  I think most people just don't understand enough about how computers work to know any better.</p></htmltext>
<tokenext>Even without admin rights malware can still cause you tremendous grief .
The real problem is two fold : 1 .
Automatic download and execution without the user 's knowledge or consent.2 .
User education / trustFix the first issue and you solve a big chunk of the problem ; Microsoft is getting better at it , but it still happens.The second issue is harder .
Even today we STILL read about people who siphon all their life savings off to some Nigerian scumbag .
You think these same people would n't click through some dialogs to download and run " Fuck.Up.My.Pc.exe " ?
I think most people just do n't understand enough about how computers work to know any better .</tokentext>
<sentencetext>Even without admin rights malware can still cause you tremendous grief.
The real problem is two fold:1.
Automatic download and execution without the user's knowledge or consent.2.
User education / trustFix the first issue and you solve a big chunk of the problem; Microsoft is getting better at it, but it still happens.The second issue is harder.
Even today we STILL read about people who siphon all their life savings off to some Nigerian scumbag.
You think these same people wouldn't click through some dialogs to download and run "Fuck.Up.My.Pc.exe"?
I think most people just don't understand enough about how computers work to know any better.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583498</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31591836</id>
	<title>Re:Ad CDNs have been a nightmare</title>
	<author>Anonymous</author>
	<datestamp>1269350220000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>I call FUD: Flash doesn't come with Windows.  Either you installed from a copy bundled with Flash (i.e., not Windows XP), or you installed Flash before you updated.  Thus, it's your fault.</p><p>QED</p></htmltext>
<tokenext>I call FUD : Flash does n't come with Windows .
Either you installed from a copy bundled with Flash ( i.e. , not Windows XP ) , or you installed Flash before you updated .
Thus , it 's your fault.QED</tokentext>
<sentencetext>I call FUD: Flash doesn't come with Windows.
Either you installed from a copy bundled with Flash (i.e., not Windows XP), or you installed Flash before you updated.
Thus, it's your fault.QED</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584444</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584250</id>
	<title>Re:'careless web activity'</title>
	<author>delinear</author>
	<datestamp>1269361560000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>I'm more than happy to tolerate ads if it supports my continued free access to some great web content and services. To be honest, I pretty much never notice them anyway so if the site owner benefits from them being there and I don't suffer any detriment, that's a true win-win situation (I've never blocked<nobr> <wbr></nobr>/. ads for the same reason, even though they kindly give me the option to disable them, I'm happy enough with the service they provide). If, however, I was similarly infected by visiting a reputable site I'd seriously rethink that policy. Google got so big on the back of offering very basic, minimal intrusion advertising so why do we need yet more dancing monkeys when they're a possible threat to my security?</htmltext>
<tokenext>I 'm more than happy to tolerate ads if it supports my continued free access to some great web content and services .
To be honest , I pretty much never notice them anyway so if the site owner benefits from them being there and I do n't suffer any detriment , that 's a true win-win situation ( I 've never blocked / .
ads for the same reason , even though they kindly give me the option to disable them , I 'm happy enough with the service they provide ) .
If , however , I was similarly infected by visiting a reputable site I 'd seriously rethink that policy .
Google got so big on the back of offering very basic , minimal intrusion advertising so why do we need yet more dancing monkeys when they 're a possible threat to my security ?</tokentext>
<sentencetext>I'm more than happy to tolerate ads if it supports my continued free access to some great web content and services.
To be honest, I pretty much never notice them anyway so if the site owner benefits from them being there and I don't suffer any detriment, that's a true win-win situation (I've never blocked /.
ads for the same reason, even though they kindly give me the option to disable them, I'm happy enough with the service they provide).
If, however, I was similarly infected by visiting a reputable site I'd seriously rethink that policy.
Google got so big on the back of offering very basic, minimal intrusion advertising so why do we need yet more dancing monkeys when they're a possible threat to my security?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583506</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31606986</id>
	<title>Re:I'm a professional Malware removal guy. Literal</title>
	<author>LeonPierre</author>
	<datestamp>1269447780000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I'd like to know which company you work for...</p></htmltext>
<tokenext>I 'd like to know which company you work for.. .</tokentext>
<sentencetext>I'd like to know which company you work for...</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584260</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583714</id>
	<title>Make the Ads Safe</title>
	<author>The Angry Mick</author>
	<datestamp>1269359460000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>4</modscore>
	<htmltext><blockquote><div><p> <i>I would like to support sites by viewing their ads but if it leaves you more open to viruses even on high-profile sites then it is not worth the risk.</i></p></div> </blockquote><p>Very good point, especially in light of Ars Technica's <a href="http://arstechnica.com/business/news/2010/03/why-ad-blocking-is-devastating-to-the-sites-you-love.ars" title="arstechnica.com">recent plea</a> [arstechnica.com] to users to stop blocking ads.
</p><p>I, too, would be than more willing to disable the protective measures I've got in place, but as long as these sites rely on third party advertisers that are more concerned with eyeball collection than system security, we have a stalemate.  If sites want me to see their ads, they have the burden of making sure the ads are safe (less annoying, would also be good).  If I lower my guard out of "friendship" for a site, only to get a drive by download as a reward, I'm going to take it as a major breech of trust.</p></div>
	</htmltext>
<tokenext>I would like to support sites by viewing their ads but if it leaves you more open to viruses even on high-profile sites then it is not worth the risk .
Very good point , especially in light of Ars Technica 's recent plea [ arstechnica.com ] to users to stop blocking ads .
I , too , would be than more willing to disable the protective measures I 've got in place , but as long as these sites rely on third party advertisers that are more concerned with eyeball collection than system security , we have a stalemate .
If sites want me to see their ads , they have the burden of making sure the ads are safe ( less annoying , would also be good ) .
If I lower my guard out of " friendship " for a site , only to get a drive by download as a reward , I 'm going to take it as a major breech of trust .</tokentext>
<sentencetext> I would like to support sites by viewing their ads but if it leaves you more open to viruses even on high-profile sites then it is not worth the risk.
Very good point, especially in light of Ars Technica's recent plea [arstechnica.com] to users to stop blocking ads.
I, too, would be than more willing to disable the protective measures I've got in place, but as long as these sites rely on third party advertisers that are more concerned with eyeball collection than system security, we have a stalemate.
If sites want me to see their ads, they have the burden of making sure the ads are safe (less annoying, would also be good).
If I lower my guard out of "friendship" for a site, only to get a drive by download as a reward, I'm going to take it as a major breech of trust.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583460</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583536</id>
	<title>Disable JavaScript</title>
	<author>Anonymous</author>
	<datestamp>1269358620000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Disable JavaScript and 3rd party cookies.<br>Obviously, don't use IE and configure it at the highest possible internet security options to stop accidental use by users or other programs hard coded to use it.</p></htmltext>
<tokenext>Disable JavaScript and 3rd party cookies.Obviously , do n't use IE and configure it at the highest possible internet security options to stop accidental use by users or other programs hard coded to use it .</tokentext>
<sentencetext>Disable JavaScript and 3rd party cookies.Obviously, don't use IE and configure it at the highest possible internet security options to stop accidental use by users or other programs hard coded to use it.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584118</id>
	<title>AdBlockPlus and Ghostery</title>
	<author>XB-70</author>
	<datestamp>1269361080000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>I install Firefox on every machine I set up and then add AdBlockPlus and Ghostery. It's amazing what these two block. Mind you, they are not perfect and sometimes you have to allow some code to get through with Ghostery or the site does not work. Lastly, of course, you should use Linux. That helps a lot...</htmltext>
<tokenext>I install Firefox on every machine I set up and then add AdBlockPlus and Ghostery .
It 's amazing what these two block .
Mind you , they are not perfect and sometimes you have to allow some code to get through with Ghostery or the site does not work .
Lastly , of course , you should use Linux .
That helps a lot.. .</tokentext>
<sentencetext>I install Firefox on every machine I set up and then add AdBlockPlus and Ghostery.
It's amazing what these two block.
Mind you, they are not perfect and sometimes you have to allow some code to get through with Ghostery or the site does not work.
Lastly, of course, you should use Linux.
That helps a lot...</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583854</id>
	<title>Are you kidding me?</title>
	<author>Anonymous</author>
	<datestamp>1269360000000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>The simple act of browsing the web should never under any circumstances infect your computer. The web browser is simply a viewer. It should only have permission to save bookmarks, cookies, and maybe a few other things to disk. If your operating system allows the web browser to infect your computer or to modify itself without prompting you first, someone seriously dropped the ball when designing your OS. Relying on anti-virus protection or only visiting reputable web-sites is like piling sandbags in front of your house when you shouldn't have built in a flood-plane in the first place.</p></htmltext>
<tokenext>The simple act of browsing the web should never under any circumstances infect your computer .
The web browser is simply a viewer .
It should only have permission to save bookmarks , cookies , and maybe a few other things to disk .
If your operating system allows the web browser to infect your computer or to modify itself without prompting you first , someone seriously dropped the ball when designing your OS .
Relying on anti-virus protection or only visiting reputable web-sites is like piling sandbags in front of your house when you should n't have built in a flood-plane in the first place .</tokentext>
<sentencetext>The simple act of browsing the web should never under any circumstances infect your computer.
The web browser is simply a viewer.
It should only have permission to save bookmarks, cookies, and maybe a few other things to disk.
If your operating system allows the web browser to infect your computer or to modify itself without prompting you first, someone seriously dropped the ball when designing your OS.
Relying on anti-virus protection or only visiting reputable web-sites is like piling sandbags in front of your house when you shouldn't have built in a flood-plane in the first place.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583830</id>
	<title>Re:One lesson to learn</title>
	<author>stony3k</author>
	<datestamp>1269359880000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Use Noscript - it warns you when a URL hijack attempt occurs</htmltext>
<tokenext>Use Noscript - it warns you when a URL hijack attempt occurs</tokentext>
<sentencetext>Use Noscript - it warns you when a URL hijack attempt occurs</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583344</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31587632</id>
	<title>Re:I'm a professional Malware removal guy. Literal</title>
	<author>Anonymous</author>
	<datestamp>1269373860000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>How about not running any plug-ins at all?<br>I got this nice checkbox "aktivate plugins" in Opera. It is always unchecked unless I need to see a video.</p></htmltext>
<tokenext>How about not running any plug-ins at all ? I got this nice checkbox " aktivate plugins " in Opera .
It is always unchecked unless I need to see a video .</tokentext>
<sentencetext>How about not running any plug-ins at all?I got this nice checkbox "aktivate plugins" in Opera.
It is always unchecked unless I need to see a video.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584260</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31592276</id>
	<title>Re:I'm a professional Malware removal guy. Literal</title>
	<author>Anonymous</author>
	<datestamp>1269352980000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>I've had users hit with these things several times over the last few months.  Some of them do prevent you from doing ANYTHING to the running system.  The one thing they can't stop though, is the 'hook the drive up as a secondary in another pc to clean it' method.  I've even seen a couple of them installing stuff in the boot sectors.</p></htmltext>
<tokenext>I 've had users hit with these things several times over the last few months .
Some of them do prevent you from doing ANYTHING to the running system .
The one thing they ca n't stop though , is the 'hook the drive up as a secondary in another pc to clean it ' method .
I 've even seen a couple of them installing stuff in the boot sectors .</tokentext>
<sentencetext>I've had users hit with these things several times over the last few months.
Some of them do prevent you from doing ANYTHING to the running system.
The one thing they can't stop though, is the 'hook the drive up as a secondary in another pc to clean it' method.
I've even seen a couple of them installing stuff in the boot sectors.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584260</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31587132</id>
	<title>Re:Good thing</title>
	<author>Anonymous</author>
	<datestamp>1269372000000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext>Well, if you encounter a site running 1800banners ads, and if you're using Google Chrome so you don't have detailed JS controls, then you won't get infected but you'll find your browser wandering off to other sites and performing irritating Flash tricks.  So your *nix machine won't get infected, but you'll have browsing awkwardness.</htmltext>
<tokenext>Well , if you encounter a site running 1800banners ads , and if you 're using Google Chrome so you do n't have detailed JS controls , then you wo n't get infected but you 'll find your browser wandering off to other sites and performing irritating Flash tricks .
So your * nix machine wo n't get infected , but you 'll have browsing awkwardness .</tokentext>
<sentencetext>Well, if you encounter a site running 1800banners ads, and if you're using Google Chrome so you don't have detailed JS controls, then you won't get infected but you'll find your browser wandering off to other sites and performing irritating Flash tricks.
So your *nix machine won't get infected, but you'll have browsing awkwardness.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583782</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584014</id>
	<title>Re:Yup....seen it.</title>
	<author>Anonymous</author>
	<datestamp>1269360660000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><blockquote><div><p>Frustrating, when large companies like this make work for you.</p></div> </blockquote><p>
I remember when Yahoo mail (even Yahoo Mail Classic) was usable without Javashit activated.
</p><p>
About a year or two ago, about the time they integrated some sort of "chat" functionality into their webmail services, they broke the old webmail service.  Today, if you try to check your inbox with Javshit disabled (even if you've opted for the "classic" mail, and even if you've deactivated the "chat" bullshit) , the screen auto-refreshes rapidly, and after a few moments, the the Y! servers protect themsevles against a perceived DOS, and lock the user out with a "999 error".
</p><p>
It's not just Yahoo's negligence in policing their ad networks, it's Yahoo's active maliciousness in turning even "old" or "classic" services that worked perfectly fine without Javashit, into ones that won't work unless the user compromises their own client's security.</p></div>
	</htmltext>
<tokenext>Frustrating , when large companies like this make work for you .
I remember when Yahoo mail ( even Yahoo Mail Classic ) was usable without Javashit activated .
About a year or two ago , about the time they integrated some sort of " chat " functionality into their webmail services , they broke the old webmail service .
Today , if you try to check your inbox with Javshit disabled ( even if you 've opted for the " classic " mail , and even if you 've deactivated the " chat " bullshit ) , the screen auto-refreshes rapidly , and after a few moments , the the Y !
servers protect themsevles against a perceived DOS , and lock the user out with a " 999 error " .
It 's not just Yahoo 's negligence in policing their ad networks , it 's Yahoo 's active maliciousness in turning even " old " or " classic " services that worked perfectly fine without Javashit , into ones that wo n't work unless the user compromises their own client 's security .</tokentext>
<sentencetext>Frustrating, when large companies like this make work for you.
I remember when Yahoo mail (even Yahoo Mail Classic) was usable without Javashit activated.
About a year or two ago, about the time they integrated some sort of "chat" functionality into their webmail services, they broke the old webmail service.
Today, if you try to check your inbox with Javshit disabled (even if you've opted for the "classic" mail, and even if you've deactivated the "chat" bullshit) , the screen auto-refreshes rapidly, and after a few moments, the the Y!
servers protect themsevles against a perceived DOS, and lock the user out with a "999 error".
It's not just Yahoo's negligence in policing their ad networks, it's Yahoo's active maliciousness in turning even "old" or "classic" services that worked perfectly fine without Javashit, into ones that won't work unless the user compromises their own client's security.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583228</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583732</id>
	<title>Re:Yup....seen it.</title>
	<author>Hadlock</author>
	<datestamp>1269359520000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Hell, just last week (last Friday!) a flash ad on TechCrunch (linked to from Google News, no less!) opened a new tab in Google Chrome and downloaded a PDF to my desktop under XP SP3. That was an eye opening experience....</p></htmltext>
<tokenext>Hell , just last week ( last Friday !
) a flash ad on TechCrunch ( linked to from Google News , no less !
) opened a new tab in Google Chrome and downloaded a PDF to my desktop under XP SP3 .
That was an eye opening experience... .</tokentext>
<sentencetext>Hell, just last week (last Friday!
) a flash ad on TechCrunch (linked to from Google News, no less!
) opened a new tab in Google Chrome and downloaded a PDF to my desktop under XP SP3.
That was an eye opening experience....</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583228</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585608</id>
	<title>Nice Solution</title>
	<author>bizitch</author>
	<datestamp>1269366540000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Try Ghostery  - the ad script killing plugin for Firefox - nukes everything - awesome</p></htmltext>
<tokenext>Try Ghostery - the ad script killing plugin for Firefox - nukes everything - awesome</tokentext>
<sentencetext>Try Ghostery  - the ad script killing plugin for Firefox - nukes everything - awesome</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583506</id>
	<title>'careless web activity'</title>
	<author>Anonymous</author>
	<datestamp>1269358500000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>3</modscore>
	<htmltext><p>&gt; I usually suspect the users of 'careless web activity' when I delouse a PC...</p><p>They are guilty of 'careless web activity': not blocking ads.</p></htmltext>
<tokenext>&gt; I usually suspect the users of 'careless web activity ' when I delouse a PC...They are guilty of 'careless web activity ' : not blocking ads .</tokentext>
<sentencetext>&gt; I usually suspect the users of 'careless web activity' when I delouse a PC...They are guilty of 'careless web activity': not blocking ads.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585928</id>
	<title>Re:Make the Ads Safe</title>
	<author>Anonymous</author>
	<datestamp>1269367740000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>FWIW, I consider any ad that automatically begins playing sound another kind of breach of trust.</p><p>It's one thing to show an ad, even if it's epilepsy-inducing, but one which unexpectedly blares sound and voices over my speakers from somewhere in my stack of tabs is a transgression demanding harsh retribution.</p></htmltext>
<tokenext>FWIW , I consider any ad that automatically begins playing sound another kind of breach of trust.It 's one thing to show an ad , even if it 's epilepsy-inducing , but one which unexpectedly blares sound and voices over my speakers from somewhere in my stack of tabs is a transgression demanding harsh retribution .</tokentext>
<sentencetext>FWIW, I consider any ad that automatically begins playing sound another kind of breach of trust.It's one thing to show an ad, even if it's epilepsy-inducing, but one which unexpectedly blares sound and voices over my speakers from somewhere in my stack of tabs is a transgression demanding harsh retribution.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583714</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584986</id>
	<title>Re:Good thing</title>
	<author>TheRaven64</author>
	<datestamp>1269364500000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Maybe it also runs under WINE?  After I installed VirtualPC on my old PowerPC Mac, all of the viruses I was sent via email got a nice Windows icon on them, maybe you can do something similar with WINE on *NIX now?</htmltext>
<tokenext>Maybe it also runs under WINE ?
After I installed VirtualPC on my old PowerPC Mac , all of the viruses I was sent via email got a nice Windows icon on them , maybe you can do something similar with WINE on * NIX now ?</tokentext>
<sentencetext>Maybe it also runs under WINE?
After I installed VirtualPC on my old PowerPC Mac, all of the viruses I was sent via email got a nice Windows icon on them, maybe you can do something similar with WINE on *NIX now?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583782</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583810</id>
	<title>Re:One lesson to learn</title>
	<author>Anonymous</author>
	<datestamp>1269359820000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>FTA: "Users don't need to click on anything to get infected; a computer becomes infected after the ad is loaded by the browser."</p></div><p>Which probably <strong>actually</strong> means :</p><p>Users don't need to click on anything to get infected; a Microsoft <strong>Windows</strong> OS becomes infected after the ad is loaded by Microsoft <strong>Internet Explorer</strong>.</p></div>
	</htmltext>
<tokenext>FTA : " Users do n't need to click on anything to get infected ; a computer becomes infected after the ad is loaded by the browser .
" Which probably actually means : Users do n't need to click on anything to get infected ; a Microsoft Windows OS becomes infected after the ad is loaded by Microsoft Internet Explorer .</tokentext>
<sentencetext>FTA: "Users don't need to click on anything to get infected; a computer becomes infected after the ad is loaded by the browser.
"Which probably actually means :Users don't need to click on anything to get infected; a Microsoft Windows OS becomes infected after the ad is loaded by Microsoft Internet Explorer.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583306</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583306</id>
	<title>Re:One lesson to learn</title>
	<author>Anonymous</author>
	<datestamp>1269357720000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>4</modscore>
	<htmltext><p>FTA: "Users don't need to click on anything to get infected; a computer becomes infected after the ad is loaded by the browser."</p></htmltext>
<tokenext>FTA : " Users do n't need to click on anything to get infected ; a computer becomes infected after the ad is loaded by the browser .
"</tokentext>
<sentencetext>FTA: "Users don't need to click on anything to get infected; a computer becomes infected after the ad is loaded by the browser.
"</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583254</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584688</id>
	<title>Careless web activity SHOULD NOT be a problem</title>
	<author>Anonymous</author>
	<datestamp>1269363360000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>There's no such a thing.  I don't buy the "web user stupidity" argument from all the paid M$ astroturfers that dodge the fundamental underlying issue.</p><p>Unless a user purposely download and install and enter the admin password, he's not being careless.  The OS is.  And that is an entirely different topic.</p><p>How on earth is it possible that by simply surfing the Web from your browser your PC can become part of a botnet?</p><p>The answer is simple: sloppy security, from the browser up to the OS.</p><p>A carefully conceived OS doesn't "get rooted" by surfing the Web.  A carefully conceived browser does NOT leave anything escape its sandbox.</p><p>Truth is: most browsers are abysmal piece of ***t developed by security-clueless programmers and regarding Windows, my views are not printable, not even as an AC.</p></htmltext>
<tokenext>There 's no such a thing .
I do n't buy the " web user stupidity " argument from all the paid M $ astroturfers that dodge the fundamental underlying issue.Unless a user purposely download and install and enter the admin password , he 's not being careless .
The OS is .
And that is an entirely different topic.How on earth is it possible that by simply surfing the Web from your browser your PC can become part of a botnet ? The answer is simple : sloppy security , from the browser up to the OS.A carefully conceived OS does n't " get rooted " by surfing the Web .
A carefully conceived browser does NOT leave anything escape its sandbox.Truth is : most browsers are abysmal piece of * * * t developed by security-clueless programmers and regarding Windows , my views are not printable , not even as an AC .</tokentext>
<sentencetext>There's no such a thing.
I don't buy the "web user stupidity" argument from all the paid M$ astroturfers that dodge the fundamental underlying issue.Unless a user purposely download and install and enter the admin password, he's not being careless.
The OS is.
And that is an entirely different topic.How on earth is it possible that by simply surfing the Web from your browser your PC can become part of a botnet?The answer is simple: sloppy security, from the browser up to the OS.A carefully conceived OS doesn't "get rooted" by surfing the Web.
A carefully conceived browser does NOT leave anything escape its sandbox.Truth is: most browsers are abysmal piece of ***t developed by security-clueless programmers and regarding Windows, my views are not printable, not even as an AC.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583632</id>
	<title>google ads?</title>
	<author>pikine</author>
	<datestamp>1269359040000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I thought the text-only ads from Google will not allow an advertiser to embed Javascript. Not sure about their newer Flash ads which can embed ActionScript, but one would think Google will be more careful with that. Maybe it is possible that Google still unknowingly redirects you to a malware page after you click on an ad, but the pie chart in TFA does not show Google DoubleClick (probably an insignificant amount under Others). In addition, Google may use the automated method behind stopbadware.org to determine whether an ad is clean or not. I'd be surprised if they're not already doing that.

</p><p>What is interesting is, although the chart does not show Google, the article still lumps Google Ads to their headline. Why? It's more catchy to sling mud on Google? What kind of irresponsible journalism is that?</p></htmltext>
<tokenext>I thought the text-only ads from Google will not allow an advertiser to embed Javascript .
Not sure about their newer Flash ads which can embed ActionScript , but one would think Google will be more careful with that .
Maybe it is possible that Google still unknowingly redirects you to a malware page after you click on an ad , but the pie chart in TFA does not show Google DoubleClick ( probably an insignificant amount under Others ) .
In addition , Google may use the automated method behind stopbadware.org to determine whether an ad is clean or not .
I 'd be surprised if they 're not already doing that .
What is interesting is , although the chart does not show Google , the article still lumps Google Ads to their headline .
Why ? It 's more catchy to sling mud on Google ?
What kind of irresponsible journalism is that ?</tokentext>
<sentencetext>I thought the text-only ads from Google will not allow an advertiser to embed Javascript.
Not sure about their newer Flash ads which can embed ActionScript, but one would think Google will be more careful with that.
Maybe it is possible that Google still unknowingly redirects you to a malware page after you click on an ad, but the pie chart in TFA does not show Google DoubleClick (probably an insignificant amount under Others).
In addition, Google may use the automated method behind stopbadware.org to determine whether an ad is clean or not.
I'd be surprised if they're not already doing that.
What is interesting is, although the chart does not show Google, the article still lumps Google Ads to their headline.
Why? It's more catchy to sling mud on Google?
What kind of irresponsible journalism is that?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583306</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583736</id>
	<title>malvertising?</title>
	<author>Anonymous</author>
	<datestamp>1269359520000</datestamp>
	<modclass>Funny</modclass>
	<modscore>3</modscore>
	<htmltext><p>how about badvertising?</p></htmltext>
<tokenext>how about badvertising ?</tokentext>
<sentencetext>how about badvertising?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31586766</id>
	<title>Are All These Comments From Windows Users?</title>
	<author>Anonymous</author>
	<datestamp>1269370800000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>Are all these comments regarding being infected coming from windows users? Or are some of these infections on Linux Machines too... say for instance via Flash/Firefox. This is an honest question.</p><p>I really would like to know, because from what I read, there is no easy way to tell if a Linux machine is infected, besides digging through network traffic, guessing that some processes might be a bad one, etc.  There is no antivirus signature checking and REMOVAL software for Linux right?</p><p>I always thought when reading about Linux security that it's great that it is so secure compared to other OS's but when people post to message boards that they think that they are infected, the responders post back that there is no way to really know for sure and no way to remove Trojans from an infected Linux machine with any sense of certainty. Not to prop up windows, but as I read it, with windows antivirus software, one can remove viruses from an infected machine with some realm of certainty that it is gone, without the need to reinstall the whole OS.</p><p>Thanks, Please comment.</p></htmltext>
<tokenext>Are all these comments regarding being infected coming from windows users ?
Or are some of these infections on Linux Machines too... say for instance via Flash/Firefox .
This is an honest question.I really would like to know , because from what I read , there is no easy way to tell if a Linux machine is infected , besides digging through network traffic , guessing that some processes might be a bad one , etc .
There is no antivirus signature checking and REMOVAL software for Linux right ? I always thought when reading about Linux security that it 's great that it is so secure compared to other OS 's but when people post to message boards that they think that they are infected , the responders post back that there is no way to really know for sure and no way to remove Trojans from an infected Linux machine with any sense of certainty .
Not to prop up windows , but as I read it , with windows antivirus software , one can remove viruses from an infected machine with some realm of certainty that it is gone , without the need to reinstall the whole OS.Thanks , Please comment .</tokentext>
<sentencetext>Are all these comments regarding being infected coming from windows users?
Or are some of these infections on Linux Machines too... say for instance via Flash/Firefox.
This is an honest question.I really would like to know, because from what I read, there is no easy way to tell if a Linux machine is infected, besides digging through network traffic, guessing that some processes might be a bad one, etc.
There is no antivirus signature checking and REMOVAL software for Linux right?I always thought when reading about Linux security that it's great that it is so secure compared to other OS's but when people post to message boards that they think that they are infected, the responders post back that there is no way to really know for sure and no way to remove Trojans from an infected Linux machine with any sense of certainty.
Not to prop up windows, but as I read it, with windows antivirus software, one can remove viruses from an infected machine with some realm of certainty that it is gone, without the need to reinstall the whole OS.Thanks, Please comment.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31586160</id>
	<title>Sue DoubleClick</title>
	<author>Animats</author>
	<datestamp>1269368640000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>5</modscore>
	<htmltext><p>
A big class action against DoubleClick, etc. would be appropriate.  They "exceeded authorized access", as defined in the Computer Crime and Abuse Act.  That they got the attack from someone else isn't an absolute defense.  The ad network obtained "something of value" for the attack.  If they sent out one attack after they'd been informed, they were doing so "knowingly".
</p><p>
The ad network has the right to find and sue the source of the ad, but that's their problem, not the end user's problem. This is well-established law.  In general, you can sue the party you dealt with, and they can sue the next party up the chain.</p></htmltext>
<tokenext>A big class action against DoubleClick , etc .
would be appropriate .
They " exceeded authorized access " , as defined in the Computer Crime and Abuse Act .
That they got the attack from someone else is n't an absolute defense .
The ad network obtained " something of value " for the attack .
If they sent out one attack after they 'd been informed , they were doing so " knowingly " .
The ad network has the right to find and sue the source of the ad , but that 's their problem , not the end user 's problem .
This is well-established law .
In general , you can sue the party you dealt with , and they can sue the next party up the chain .</tokentext>
<sentencetext>
A big class action against DoubleClick, etc.
would be appropriate.
They "exceeded authorized access", as defined in the Computer Crime and Abuse Act.
That they got the attack from someone else isn't an absolute defense.
The ad network obtained "something of value" for the attack.
If they sent out one attack after they'd been informed, they were doing so "knowingly".
The ad network has the right to find and sue the source of the ad, but that's their problem, not the end user's problem.
This is well-established law.
In general, you can sue the party you dealt with, and they can sue the next party up the chain.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584102</id>
	<title>Sites complain about adblockers then serve viri</title>
	<author>Anonymous</author>
	<datestamp>1269360960000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>I read a couple posts last week about how ad blockers are destroying ad revenue for sites and how ad blockers will destroy the sites you love...but if ads are serving that many viruses then how can you justify not using an ad blocker.</p></htmltext>
<tokenext>I read a couple posts last week about how ad blockers are destroying ad revenue for sites and how ad blockers will destroy the sites you love...but if ads are serving that many viruses then how can you justify not using an ad blocker .</tokentext>
<sentencetext>I read a couple posts last week about how ad blockers are destroying ad revenue for sites and how ad blockers will destroy the sites you love...but if ads are serving that many viruses then how can you justify not using an ad blocker.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31588642</id>
	<title>Re:Good thing</title>
	<author>metamatic</author>
	<datestamp>1269335640000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Yes, but NoScript functionality really needs to be <a href="https://bugzilla.mozilla.org/show\_bug.cgi?id=388963" title="mozilla.org">part of the core Firefox product</a> [mozilla.org]. Security shouldn't be something that you have to download plugins to get.</p><p>(Meanwhile, Mozilla devs are working on adding address books to the browser. Yeah, nice sense of priorities there.)</p></htmltext>
<tokenext>Yes , but NoScript functionality really needs to be part of the core Firefox product [ mozilla.org ] .
Security should n't be something that you have to download plugins to get .
( Meanwhile , Mozilla devs are working on adding address books to the browser .
Yeah , nice sense of priorities there .
)</tokentext>
<sentencetext>Yes, but NoScript functionality really needs to be part of the core Firefox product [mozilla.org].
Security shouldn't be something that you have to download plugins to get.
(Meanwhile, Mozilla devs are working on adding address books to the browser.
Yeah, nice sense of priorities there.
)</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583316</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31587932</id>
	<title>Re:Why I don't run ads</title>
	<author>bzipitidoo</author>
	<datestamp>1269375240000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I don't allow ads because some of my hardware is very old and slow.  Firefox 3.6 takes 30 seconds to come up on a 133 MHz Pentium system.  Flash is so slow I seldom install it.  Ok, ok, hardware that old ought to be thrown out.  Not worth even the electricity it takes to power them, let alone the time it takes me to install the latest OSes.  But I like to keep them around.  I sometimes find such machines useful for performance testing.  Gives you an appreciation for how bloated KDE, Gnome, and even XFCE is.  If I'm scratching around looking for every little performance boost, I'm sure not overlooking ads.  I'm not keeping ads if I'm giving up compositing and anti-aliasing.</p></htmltext>
<tokenext>I do n't allow ads because some of my hardware is very old and slow .
Firefox 3.6 takes 30 seconds to come up on a 133 MHz Pentium system .
Flash is so slow I seldom install it .
Ok , ok , hardware that old ought to be thrown out .
Not worth even the electricity it takes to power them , let alone the time it takes me to install the latest OSes .
But I like to keep them around .
I sometimes find such machines useful for performance testing .
Gives you an appreciation for how bloated KDE , Gnome , and even XFCE is .
If I 'm scratching around looking for every little performance boost , I 'm sure not overlooking ads .
I 'm not keeping ads if I 'm giving up compositing and anti-aliasing .</tokentext>
<sentencetext>I don't allow ads because some of my hardware is very old and slow.
Firefox 3.6 takes 30 seconds to come up on a 133 MHz Pentium system.
Flash is so slow I seldom install it.
Ok, ok, hardware that old ought to be thrown out.
Not worth even the electricity it takes to power them, let alone the time it takes me to install the latest OSes.
But I like to keep them around.
I sometimes find such machines useful for performance testing.
Gives you an appreciation for how bloated KDE, Gnome, and even XFCE is.
If I'm scratching around looking for every little performance boost, I'm sure not overlooking ads.
I'm not keeping ads if I'm giving up compositing and anti-aliasing.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584236</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584444</id>
	<title>Ad CDNs have been a nightmare</title>
	<author>Coopjust</author>
	<datestamp>1269362220000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>3</modscore>
	<htmltext>Two weeks ago, someone asked me to reinstall Windows XP for them. Their disk was XP SP3.
<br> <br>
I reinstall, and open IE to visit Windows Update
<br> <br>
Instantly, I get a Vundo variant from a malicious ad attacking the out-of-date Flash Player that came with XP that installs without any user intervention whatsoever.
<br> <br>
This only served to reinforce that I was right and not a webmaster/free content hating jerk when I block ads online.</htmltext>
<tokenext>Two weeks ago , someone asked me to reinstall Windows XP for them .
Their disk was XP SP3 .
I reinstall , and open IE to visit Windows Update Instantly , I get a Vundo variant from a malicious ad attacking the out-of-date Flash Player that came with XP that installs without any user intervention whatsoever .
This only served to reinforce that I was right and not a webmaster/free content hating jerk when I block ads online .</tokentext>
<sentencetext>Two weeks ago, someone asked me to reinstall Windows XP for them.
Their disk was XP SP3.
I reinstall, and open IE to visit Windows Update
 
Instantly, I get a Vundo variant from a malicious ad attacking the out-of-date Flash Player that came with XP that installs without any user intervention whatsoever.
This only served to reinforce that I was right and not a webmaster/free content hating jerk when I block ads online.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583748</id>
	<title>Re:One lesson to learn</title>
	<author>Anonymous</author>
	<datestamp>1269359580000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>At least when using Windows.</p><p>I guarantee 100\% of the malware being delivered is Windows only.</p></htmltext>
<tokenext>At least when using Windows.I guarantee 100 \ % of the malware being delivered is Windows only .</tokentext>
<sentencetext>At least when using Windows.I guarantee 100\% of the malware being delivered is Windows only.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583254</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31589916</id>
	<title>Re:I'm a professional Malware removal guy. Literal</title>
	<author>kalirion</author>
	<datestamp>1269342000000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><i>Combofix will also remove most of these, and usually with "Security Center" or "XP AV 2010" we give up and run Combofix immediately.</i></p><p>I hadn't heard of combofix before, so I googled it.</p><p>From <a href="http://combofix.net/" title="combofix.net">combofix.net</a> [combofix.net]:</p><p><i> Known issues<br>
&nbsp; &nbsp; &nbsp; &nbsp; * ComboFix is made to only run on 32-bit versions of Microsoft Windows 2000, Windows XP and Windows Vista.</i></p><p><i>
&nbsp; &nbsp; &nbsp; &nbsp; * Some antivirus software may detect ComboFix as malicious; for example it uses NirCmd, which is considered as a backdoor by many antivirus software.</i></p><p><i>
&nbsp; &nbsp; &nbsp; &nbsp; * ComboFix may disrupt internet connectivity.The majority of times only a simple fix is required.</i></p><p><i>
&nbsp; &nbsp; &nbsp; &nbsp; * ComboFix may attempt deletion all files from the system drive on systems infected with a rootkit.</i></p><p>That last one might give me pause....</p></htmltext>
<tokenext>Combofix will also remove most of these , and usually with " Security Center " or " XP AV 2010 " we give up and run Combofix immediately.I had n't heard of combofix before , so I googled it.From combofix.net [ combofix.net ] : Known issues         * ComboFix is made to only run on 32-bit versions of Microsoft Windows 2000 , Windows XP and Windows Vista .
        * Some antivirus software may detect ComboFix as malicious ; for example it uses NirCmd , which is considered as a backdoor by many antivirus software .
        * ComboFix may disrupt internet connectivity.The majority of times only a simple fix is required .
        * ComboFix may attempt deletion all files from the system drive on systems infected with a rootkit.That last one might give me pause... .</tokentext>
<sentencetext>Combofix will also remove most of these, and usually with "Security Center" or "XP AV 2010" we give up and run Combofix immediately.I hadn't heard of combofix before, so I googled it.From combofix.net [combofix.net]: Known issues
        * ComboFix is made to only run on 32-bit versions of Microsoft Windows 2000, Windows XP and Windows Vista.
        * Some antivirus software may detect ComboFix as malicious; for example it uses NirCmd, which is considered as a backdoor by many antivirus software.
        * ComboFix may disrupt internet connectivity.The majority of times only a simple fix is required.
        * ComboFix may attempt deletion all files from the system drive on systems infected with a rootkit.That last one might give me pause....</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584260</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585328</id>
	<title>Re:Make the Ads Safe</title>
	<author>unixpgmr</author>
	<datestamp>1269365640000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I agree entirely with that statement.  As long as third party scripting is done, I am very wary. Once a breach of trust is made, It will be very hard for the site to win back my trust.</p></htmltext>
<tokenext>I agree entirely with that statement .
As long as third party scripting is done , I am very wary .
Once a breach of trust is made , It will be very hard for the site to win back my trust .</tokentext>
<sentencetext>I agree entirely with that statement.
As long as third party scripting is done, I am very wary.
Once a breach of trust is made, It will be very hard for the site to win back my trust.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583714</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31588422</id>
	<title>Re:Ars Technica</title>
	<author>shadowbearer</author>
	<datestamp>1269377640000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>
 I will definitely second that, I am cleaning up a computer right now that got hit with a drive-by infection; ended up with a TDSS variant and enough other crap on it to make the machine nearly unusable. The user swears up and down that he didn't click on any ads, and his browsing history reflects that.

 I've been seeing a lot more infections like this lately, even on machines whose users know better than to click ads (old customers).  Took some time to track down where these were coming from; this news comes as no surprise to me.

  Back about two months ago one of my home machines here got infected that way - and not only is it thoroughly locked down with up to date antivirus and antispyware, I was using it at the time, and I KNOW I didn't cause the infection myself.  Tracked it to an advertisement loaded at the same time I was viewing a NYT article. I knew for certain that I hadn't clicked on any ads; this just confirms my hypothesis at the time.

 I spend nearly all my time fixing computers just removing infections.  If this is going to continue, it is going to make it nearly impossible for even the most careful users to keep their machines clean.  I agree that the main hosts need to start being careful who they host their ads from, it is ultimately their responsibility to ensure they don't host malware drive-by advertising.

SB</htmltext>
<tokenext>I will definitely second that , I am cleaning up a computer right now that got hit with a drive-by infection ; ended up with a TDSS variant and enough other crap on it to make the machine nearly unusable .
The user swears up and down that he did n't click on any ads , and his browsing history reflects that .
I 've been seeing a lot more infections like this lately , even on machines whose users know better than to click ads ( old customers ) .
Took some time to track down where these were coming from ; this news comes as no surprise to me .
Back about two months ago one of my home machines here got infected that way - and not only is it thoroughly locked down with up to date antivirus and antispyware , I was using it at the time , and I KNOW I did n't cause the infection myself .
Tracked it to an advertisement loaded at the same time I was viewing a NYT article .
I knew for certain that I had n't clicked on any ads ; this just confirms my hypothesis at the time .
I spend nearly all my time fixing computers just removing infections .
If this is going to continue , it is going to make it nearly impossible for even the most careful users to keep their machines clean .
I agree that the main hosts need to start being careful who they host their ads from , it is ultimately their responsibility to ensure they do n't host malware drive-by advertising .
SB</tokentext>
<sentencetext>
 I will definitely second that, I am cleaning up a computer right now that got hit with a drive-by infection; ended up with a TDSS variant and enough other crap on it to make the machine nearly unusable.
The user swears up and down that he didn't click on any ads, and his browsing history reflects that.
I've been seeing a lot more infections like this lately, even on machines whose users know better than to click ads (old customers).
Took some time to track down where these were coming from; this news comes as no surprise to me.
Back about two months ago one of my home machines here got infected that way - and not only is it thoroughly locked down with up to date antivirus and antispyware, I was using it at the time, and I KNOW I didn't cause the infection myself.
Tracked it to an advertisement loaded at the same time I was viewing a NYT article.
I knew for certain that I hadn't clicked on any ads; this just confirms my hypothesis at the time.
I spend nearly all my time fixing computers just removing infections.
If this is going to continue, it is going to make it nearly impossible for even the most careful users to keep their machines clean.
I agree that the main hosts need to start being careful who they host their ads from, it is ultimately their responsibility to ensure they don't host malware drive-by advertising.
SB</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583500</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583348</id>
	<title>Re:Say No To Flash</title>
	<author>Anonymous</author>
	<datestamp>1269357840000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>But..but...but...Flash Video Porn! </p><p>Stop<nobr> <wbr></nobr>...sp....looking to porn? </p><p>I thought it was the safe way instead of MP3s?!?</p></htmltext>
<tokenext>But..but...but...Flash Video Porn !
Stop ...sp....looking to porn ?
I thought it was the safe way instead of MP3s ? !
?</tokentext>
<sentencetext>But..but...but...Flash Video Porn!
Stop ...sp....looking to porn?
I thought it was the safe way instead of MP3s?!
?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583258</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31587872</id>
	<title>Re:Good thing</title>
	<author>daeley</author>
	<datestamp>1269374940000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>The blockers aren't the ones responsible for making the Web unusable. It's the people trying to turn the Internet into television.</p></htmltext>
<tokenext>The blockers are n't the ones responsible for making the Web unusable .
It 's the people trying to turn the Internet into television .</tokentext>
<sentencetext>The blockers aren't the ones responsible for making the Web unusable.
It's the people trying to turn the Internet into television.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583554</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31586440</id>
	<title>Re:One lesson to learn</title>
	<author>citizenr</author>
	<datestamp>1269369780000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><div class="quote"><p>FTA: "Users don't need to click on anything to get infected; a computer becomes infected after the ad is loaded by the browser."</p></div><p>noo, its like "Users don't need to click on anything to get infected; a computer becomes infected after the ad is loaded by Internet Explorer."</p></div>
	</htmltext>
<tokenext>FTA : " Users do n't need to click on anything to get infected ; a computer becomes infected after the ad is loaded by the browser .
" noo , its like " Users do n't need to click on anything to get infected ; a computer becomes infected after the ad is loaded by Internet Explorer .
"</tokentext>
<sentencetext>FTA: "Users don't need to click on anything to get infected; a computer becomes infected after the ad is loaded by the browser.
"noo, its like "Users don't need to click on anything to get infected; a computer becomes infected after the ad is loaded by Internet Explorer.
"
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583306</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583500</id>
	<title>Ars Technica</title>
	<author>Anonymous</author>
	<datestamp>1269358500000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>5</modscore>
	<htmltext><p>And Ars Technica says I shouldn't block ads.</p><p>I repeatedly told their staff that I don't block Ars Technica, but I do block ad servers. If they want to send me ads let them server them from their own domain.</p><p>Sites resposible for ad-vectored infections should be hit with hundreds of small claims court lawsuits to recoup the costs to clean up the infections.</p><p>Maybe then they'll learn.</p></htmltext>
<tokenext>And Ars Technica says I should n't block ads.I repeatedly told their staff that I do n't block Ars Technica , but I do block ad servers .
If they want to send me ads let them server them from their own domain.Sites resposible for ad-vectored infections should be hit with hundreds of small claims court lawsuits to recoup the costs to clean up the infections.Maybe then they 'll learn .</tokentext>
<sentencetext>And Ars Technica says I shouldn't block ads.I repeatedly told their staff that I don't block Ars Technica, but I do block ad servers.
If they want to send me ads let them server them from their own domain.Sites resposible for ad-vectored infections should be hit with hundreds of small claims court lawsuits to recoup the costs to clean up the infections.Maybe then they'll learn.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583950</id>
	<title>i hope the folks at Ars see this</title>
	<author>fightinfilipino</author>
	<datestamp>1269360360000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><a href="http://arstechnica.com/business/news/2010/03/why-ad-blocking-is-devastating-to-the-sites-you-love.ars?" title="arstechnica.com" rel="nofollow">i understand their position, but they're got to realize ours</a> [arstechnica.com].  hours wasted cleaning out malware/spyware does not make for a good browsing experience, period.</htmltext>
<tokenext>i understand their position , but they 're got to realize ours [ arstechnica.com ] .
hours wasted cleaning out malware/spyware does not make for a good browsing experience , period .</tokentext>
<sentencetext>i understand their position, but they're got to realize ours [arstechnica.com].
hours wasted cleaning out malware/spyware does not make for a good browsing experience, period.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583528</id>
	<title>ORLY?</title>
	<author>SpicyBrownMustard</author>
	<datestamp>1269358560000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext>Let's see here... an anti-malvertising/malware firm reporting lots and lots of malicious "bad things" being served up by those terrible pesky Internet ads... no agenda here.

The report failed to follow-through and dig into the real problem with malicious payloads associated with online ads, the ad network daisy-chain. If network-A has no impression for you, you're handed off to network-B, which may have no impression and then gives you to network-C... and so on. As your impression traverses the daisy chain, the likelihood of hitting a low-tier ad network that allows any wanker with a (stolen) credit card to order millions of impressions increases... where the malware begins.

We scan our ad tags daily, using two methods -- a dozens-of-times-an-hour service, and our own script on a minimally-protected PC. We've never seen malware from a advertising assets delivered by a top-tier ad network... when we see malware, it's ALWAYS from a provider down the daisy-chain.</htmltext>
<tokenext>Let 's see here... an anti-malvertising/malware firm reporting lots and lots of malicious " bad things " being served up by those terrible pesky Internet ads... no agenda here .
The report failed to follow-through and dig into the real problem with malicious payloads associated with online ads , the ad network daisy-chain .
If network-A has no impression for you , you 're handed off to network-B , which may have no impression and then gives you to network-C... and so on .
As your impression traverses the daisy chain , the likelihood of hitting a low-tier ad network that allows any wanker with a ( stolen ) credit card to order millions of impressions increases... where the malware begins .
We scan our ad tags daily , using two methods -- a dozens-of-times-an-hour service , and our own script on a minimally-protected PC .
We 've never seen malware from a advertising assets delivered by a top-tier ad network... when we see malware , it 's ALWAYS from a provider down the daisy-chain .</tokentext>
<sentencetext>Let's see here... an anti-malvertising/malware firm reporting lots and lots of malicious "bad things" being served up by those terrible pesky Internet ads... no agenda here.
The report failed to follow-through and dig into the real problem with malicious payloads associated with online ads, the ad network daisy-chain.
If network-A has no impression for you, you're handed off to network-B, which may have no impression and then gives you to network-C... and so on.
As your impression traverses the daisy chain, the likelihood of hitting a low-tier ad network that allows any wanker with a (stolen) credit card to order millions of impressions increases... where the malware begins.
We scan our ad tags daily, using two methods -- a dozens-of-times-an-hour service, and our own script on a minimally-protected PC.
We've never seen malware from a advertising assets delivered by a top-tier ad network... when we see malware, it's ALWAYS from a provider down the daisy-chain.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583832</id>
	<title>Ars Says</title>
	<author>JackSpratts</author>
	<datestamp>1269359880000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>It's a small price to pay for not using AdBlock. So remember: don't use it.</htmltext>
<tokenext>It 's a small price to pay for not using AdBlock .
So remember : do n't use it .</tokentext>
<sentencetext>It's a small price to pay for not using AdBlock.
So remember: don't use it.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583576</id>
	<title>Re:One lesson to learn</title>
	<author>L4t3r4lu5</author>
	<datestamp>1269358800000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>I guess I'll start whitelisting advertising when they can stop drive-by malware infecting my computer.<br> <br>AdBlock can stay enabled for the time being. Sorry, Ars.</htmltext>
<tokenext>I guess I 'll start whitelisting advertising when they can stop drive-by malware infecting my computer .
AdBlock can stay enabled for the time being .
Sorry , Ars .</tokentext>
<sentencetext>I guess I'll start whitelisting advertising when they can stop drive-by malware infecting my computer.
AdBlock can stay enabled for the time being.
Sorry, Ars.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583306</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31599820</id>
	<title>Re:Adblocker</title>
	<author>Anonymous</author>
	<datestamp>1269453780000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>I just blocked a flash ad on slashdot because it was moving around so much that I couldn't concentrate on the text to the left of it.</p><p>So it's not just malware that makes me want to block the f'ing ads.</p></htmltext>
<tokenext>I just blocked a flash ad on slashdot because it was moving around so much that I could n't concentrate on the text to the left of it.So it 's not just malware that makes me want to block the f'ing ads .</tokentext>
<sentencetext>I just blocked a flash ad on slashdot because it was moving around so much that I couldn't concentrate on the text to the left of it.So it's not just malware that makes me want to block the f'ing ads.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583460</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583250</id>
	<title>first</title>
	<author>Anonymous</author>
	<datestamp>1269357480000</datestamp>
	<modclass>Offtopic</modclass>
	<modscore>-1</modscore>
	<htmltext><p>post</p></htmltext>
<tokenext>post</tokentext>
<sentencetext>post</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31606342</id>
	<title>Re:Adblocker</title>
	<author>Anonymous</author>
	<datestamp>1269441060000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p><div class="quote"><p>I would like to support sites by viewing their ads but if it leaves you more open to viruses even on high-profile sites then it is not worth the risk.</p></div><p>Supporting the technical sites that assist you is really important.<br>Many sites even a few of mine would close due to costs if it wasn't for advertising revenue.<br>It's best to offer Text advertisement for now until this issue that for me dates back to May 2005 at DigitalSpy.co.uk.</p><p>Keep the ads coming because if you offer good content I'll click on them.<br>Heck I even found things I needed via advertisements.</p></div>
	</htmltext>
<tokenext>I would like to support sites by viewing their ads but if it leaves you more open to viruses even on high-profile sites then it is not worth the risk.Supporting the technical sites that assist you is really important.Many sites even a few of mine would close due to costs if it was n't for advertising revenue.It 's best to offer Text advertisement for now until this issue that for me dates back to May 2005 at DigitalSpy.co.uk.Keep the ads coming because if you offer good content I 'll click on them.Heck I even found things I needed via advertisements .</tokentext>
<sentencetext>I would like to support sites by viewing their ads but if it leaves you more open to viruses even on high-profile sites then it is not worth the risk.Supporting the technical sites that assist you is really important.Many sites even a few of mine would close due to costs if it wasn't for advertising revenue.It's best to offer Text advertisement for now until this issue that for me dates back to May 2005 at DigitalSpy.co.uk.Keep the ads coming because if you offer good content I'll click on them.Heck I even found things I needed via advertisements.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583460</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585656</id>
	<title>Re:I'm a professional Malware removal guy. Literal</title>
	<author>beavioso</author>
	<datestamp>1269366720000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>I had to clean up a vundo and Antivirus 2009 on a few of my relatives computers.  The best thing I've found is the Ultimate Boot CD for windows (UBCD for windows).  You need a legitimate copy of a Windows OS disc and then it creates a boot CD of a clean fresh new OS with a <a href="http://www.ubcd4win.com/contents.htm" title="ubcd4win.com" rel="nofollow">whole host of tools</a> [ubcd4win.com].<br> <br>It's a great way to attack the virus from a fresh OS install running off a RAM disk.</htmltext>
<tokenext>I had to clean up a vundo and Antivirus 2009 on a few of my relatives computers .
The best thing I 've found is the Ultimate Boot CD for windows ( UBCD for windows ) .
You need a legitimate copy of a Windows OS disc and then it creates a boot CD of a clean fresh new OS with a whole host of tools [ ubcd4win.com ] .
It 's a great way to attack the virus from a fresh OS install running off a RAM disk .</tokentext>
<sentencetext>I had to clean up a vundo and Antivirus 2009 on a few of my relatives computers.
The best thing I've found is the Ultimate Boot CD for windows (UBCD for windows).
You need a legitimate copy of a Windows OS disc and then it creates a boot CD of a clean fresh new OS with a whole host of tools [ubcd4win.com].
It's a great way to attack the virus from a fresh OS install running off a RAM disk.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584260</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31594412</id>
	<title>Thanks!  I was wondering what happened to me...</title>
	<author>WoTG</author>
	<datestamp>1269370380000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>For the first time in years (i.e. since I was a teenager pirating computer games from 3.5 inch floppy disks), I got malware on my PC last week.  PC Total Defender 2010, I think it called itself.</p><p>I couldn't figure out how I got caught.  I have the standard firewall and antivirus installed, plus SpyBot's TeaTimer tool.  And I tend to browse safe sites, anything questionable is done in a virtual machine.</p><p>Anyway, it turns out that my Adobe Reader was somewhat out of date, and I had half a dozen versions of JVM installed.  I suspected one of these was at fault.</p><p>Crazy.  How am I supposed to blame my users now?</p></htmltext>
<tokenext>For the first time in years ( i.e .
since I was a teenager pirating computer games from 3.5 inch floppy disks ) , I got malware on my PC last week .
PC Total Defender 2010 , I think it called itself.I could n't figure out how I got caught .
I have the standard firewall and antivirus installed , plus SpyBot 's TeaTimer tool .
And I tend to browse safe sites , anything questionable is done in a virtual machine.Anyway , it turns out that my Adobe Reader was somewhat out of date , and I had half a dozen versions of JVM installed .
I suspected one of these was at fault.Crazy .
How am I supposed to blame my users now ?</tokentext>
<sentencetext>For the first time in years (i.e.
since I was a teenager pirating computer games from 3.5 inch floppy disks), I got malware on my PC last week.
PC Total Defender 2010, I think it called itself.I couldn't figure out how I got caught.
I have the standard firewall and antivirus installed, plus SpyBot's TeaTimer tool.
And I tend to browse safe sites, anything questionable is done in a virtual machine.Anyway, it turns out that my Adobe Reader was somewhat out of date, and I had half a dozen versions of JVM installed.
I suspected one of these was at fault.Crazy.
How am I supposed to blame my users now?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584260</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584260</id>
	<title>I'm a professional Malware removal guy. Literally.</title>
	<author>\_KiTA\_</author>
	<datestamp>1269361560000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>4</modscore>
	<htmltext><p>I work at a pinch hitter Tier 2 Pay to Play tech support company that is outsourced to by several major ISPs.</p><p>I see these damned things all the time.  Usually they come with names like XP Antivirus 2010 or "Vista Security Center" or somesuch crap.  They almost exclusively look the same, and there are new names that appear every so often -- XP Antivirus 2010 was "Internet Security 2010" not too long ago, for example.  I suspect there is a kit that these companies are using to make their products.</p><p>They are almost exclusively coming in from banner ads.  Specifically they use a Flash ad that, after a few minutes, or upon webpage close, or mouseover, opens an infected PDF file on a random infected server.  Google Chrome occasionally catches these domain names, usually they are IP addresses or something similar.</p><p>Flashblock is NOT foolproof (although it does help), as occasionally they just have the ad banner on an infected server that auto-redirects you to a PDF file immediately.</p><p>They are occasionally Java files instead, but almost exclusively they are PDF files.</p><p>They're actually getting very creative in their infections.  XP AV 2010, for example, sets itself up as the handler for EXE files -- in order to remove it, you have to install Malwarebytes and rename the mbam.exe file as 1.com or something similar.  You can also dive into the registry to fix the EXE thing, except if the program is running it will just break it again immediately.  Either windows does not have support for hijacking the<nobr> <wbr></nobr>.COM support in Windows XP/Vista/7, or these viruses just aren't thinking to try yet.  Once they do, then our options drop to "OS Reinstall", as you can literally not run anything.</p><p>Some of these programs install themselves in such a way that if you attempt to load Safe Mode, your OS will intentionally BSOD.  Or, in at least one infection, the screen filled with ASCII smiley faces and didn't continue.</p><p>Combofix will also remove most of these, and usually with "Security Center" or "XP AV 2010" we give up and run Combofix immediately.</p><p>The solution to prevent future infections isn't to move to Firefox or Chrome -- these infect those just as easily, although Chrome seems to just crash it's Flash plugin instead.  In order to fix these, you <b>have</b> to update Adobe Flash, Adobe PDF, and Sun Java to the latest versions.  PDF is the most important, but not the only one.  Better browsers won't work.  Antimalware programs won't work.  The only way to fix it is to patch the holes.</p></htmltext>
<tokenext>I work at a pinch hitter Tier 2 Pay to Play tech support company that is outsourced to by several major ISPs.I see these damned things all the time .
Usually they come with names like XP Antivirus 2010 or " Vista Security Center " or somesuch crap .
They almost exclusively look the same , and there are new names that appear every so often -- XP Antivirus 2010 was " Internet Security 2010 " not too long ago , for example .
I suspect there is a kit that these companies are using to make their products.They are almost exclusively coming in from banner ads .
Specifically they use a Flash ad that , after a few minutes , or upon webpage close , or mouseover , opens an infected PDF file on a random infected server .
Google Chrome occasionally catches these domain names , usually they are IP addresses or something similar.Flashblock is NOT foolproof ( although it does help ) , as occasionally they just have the ad banner on an infected server that auto-redirects you to a PDF file immediately.They are occasionally Java files instead , but almost exclusively they are PDF files.They 're actually getting very creative in their infections .
XP AV 2010 , for example , sets itself up as the handler for EXE files -- in order to remove it , you have to install Malwarebytes and rename the mbam.exe file as 1.com or something similar .
You can also dive into the registry to fix the EXE thing , except if the program is running it will just break it again immediately .
Either windows does not have support for hijacking the .COM support in Windows XP/Vista/7 , or these viruses just are n't thinking to try yet .
Once they do , then our options drop to " OS Reinstall " , as you can literally not run anything.Some of these programs install themselves in such a way that if you attempt to load Safe Mode , your OS will intentionally BSOD .
Or , in at least one infection , the screen filled with ASCII smiley faces and did n't continue.Combofix will also remove most of these , and usually with " Security Center " or " XP AV 2010 " we give up and run Combofix immediately.The solution to prevent future infections is n't to move to Firefox or Chrome -- these infect those just as easily , although Chrome seems to just crash it 's Flash plugin instead .
In order to fix these , you have to update Adobe Flash , Adobe PDF , and Sun Java to the latest versions .
PDF is the most important , but not the only one .
Better browsers wo n't work .
Antimalware programs wo n't work .
The only way to fix it is to patch the holes .</tokentext>
<sentencetext>I work at a pinch hitter Tier 2 Pay to Play tech support company that is outsourced to by several major ISPs.I see these damned things all the time.
Usually they come with names like XP Antivirus 2010 or "Vista Security Center" or somesuch crap.
They almost exclusively look the same, and there are new names that appear every so often -- XP Antivirus 2010 was "Internet Security 2010" not too long ago, for example.
I suspect there is a kit that these companies are using to make their products.They are almost exclusively coming in from banner ads.
Specifically they use a Flash ad that, after a few minutes, or upon webpage close, or mouseover, opens an infected PDF file on a random infected server.
Google Chrome occasionally catches these domain names, usually they are IP addresses or something similar.Flashblock is NOT foolproof (although it does help), as occasionally they just have the ad banner on an infected server that auto-redirects you to a PDF file immediately.They are occasionally Java files instead, but almost exclusively they are PDF files.They're actually getting very creative in their infections.
XP AV 2010, for example, sets itself up as the handler for EXE files -- in order to remove it, you have to install Malwarebytes and rename the mbam.exe file as 1.com or something similar.
You can also dive into the registry to fix the EXE thing, except if the program is running it will just break it again immediately.
Either windows does not have support for hijacking the .COM support in Windows XP/Vista/7, or these viruses just aren't thinking to try yet.
Once they do, then our options drop to "OS Reinstall", as you can literally not run anything.Some of these programs install themselves in such a way that if you attempt to load Safe Mode, your OS will intentionally BSOD.
Or, in at least one infection, the screen filled with ASCII smiley faces and didn't continue.Combofix will also remove most of these, and usually with "Security Center" or "XP AV 2010" we give up and run Combofix immediately.The solution to prevent future infections isn't to move to Firefox or Chrome -- these infect those just as easily, although Chrome seems to just crash it's Flash plugin instead.
In order to fix these, you have to update Adobe Flash, Adobe PDF, and Sun Java to the latest versions.
PDF is the most important, but not the only one.
Better browsers won't work.
Antimalware programs won't work.
The only way to fix it is to patch the holes.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583258</id>
	<title>Say No To Flash</title>
	<author>Anonymous</author>
	<datestamp>1269357480000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>1</modscore>
	<htmltext><p>The number one reason to avoid Flash is the advertisements.  The numerous exploits means that it is just a matter of displaying the ad, and voila, you have most injected visitors.</p><p>JavaScript based ads are not much better, but they're at least not as easy to exploit as Flash based ads.</p></htmltext>
<tokenext>The number one reason to avoid Flash is the advertisements .
The numerous exploits means that it is just a matter of displaying the ad , and voila , you have most injected visitors.JavaScript based ads are not much better , but they 're at least not as easy to exploit as Flash based ads .</tokentext>
<sentencetext>The number one reason to avoid Flash is the advertisements.
The numerous exploits means that it is just a matter of displaying the ad, and voila, you have most injected visitors.JavaScript based ads are not much better, but they're at least not as easy to exploit as Flash based ads.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583492</id>
	<title>Re:Good thing</title>
	<author>Anonymous</author>
	<datestamp>1269358440000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Mod up, mod up...<br>How many times do we have to repeat this?<br>For those without Firefox and those extensions you point out, do your 'hosts' file:<br><a href="http://en.wikipedia.org/wiki/Hosts\_file" title="wikipedia.org">http://en.wikipedia.org/wiki/Hosts\_file</a> [wikipedia.org]<br>Good for Chrome lovers and, of course, non-Windows platforms.<br>Yes - Apple and *Nix users are vunerable too...especially if in a mixed network with Windows boxen.</p><p>Peerblock is worth a look too...<br><a href="http://www.peerblock.com/releases" title="peerblock.com">http://www.peerblock.com/releases</a> [peerblock.com]</p></htmltext>
<tokenext>Mod up , mod up...How many times do we have to repeat this ? For those without Firefox and those extensions you point out , do your 'hosts ' file : http : //en.wikipedia.org/wiki/Hosts \ _file [ wikipedia.org ] Good for Chrome lovers and , of course , non-Windows platforms.Yes - Apple and * Nix users are vunerable too...especially if in a mixed network with Windows boxen.Peerblock is worth a look too...http : //www.peerblock.com/releases [ peerblock.com ]</tokentext>
<sentencetext>Mod up, mod up...How many times do we have to repeat this?For those without Firefox and those extensions you point out, do your 'hosts' file:http://en.wikipedia.org/wiki/Hosts\_file [wikipedia.org]Good for Chrome lovers and, of course, non-Windows platforms.Yes - Apple and *Nix users are vunerable too...especially if in a mixed network with Windows boxen.Peerblock is worth a look too...http://www.peerblock.com/releases [peerblock.com]</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583316</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585118</id>
	<title>Re:The real defense line</title>
	<author>TheRaven64</author>
	<datestamp>1269364980000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext>The problem with this approach is that the browser itself contains useful data - things like access to your Internet banking site, for example.  Ideally the browser would create a new process when you navigate to a new site and chroot() that instance so that it can't get any access to the filesystem beyond that.  That way, a compromised browser would only ever gain access to caches and passwords for the site that performed the attack.  The wrapper would reparent each of these processes' windows into something that would give the appearance of a single application.</htmltext>
<tokenext>The problem with this approach is that the browser itself contains useful data - things like access to your Internet banking site , for example .
Ideally the browser would create a new process when you navigate to a new site and chroot ( ) that instance so that it ca n't get any access to the filesystem beyond that .
That way , a compromised browser would only ever gain access to caches and passwords for the site that performed the attack .
The wrapper would reparent each of these processes ' windows into something that would give the appearance of a single application .</tokentext>
<sentencetext>The problem with this approach is that the browser itself contains useful data - things like access to your Internet banking site, for example.
Ideally the browser would create a new process when you navigate to a new site and chroot() that instance so that it can't get any access to the filesystem beyond that.
That way, a compromised browser would only ever gain access to caches and passwords for the site that performed the attack.
The wrapper would reparent each of these processes' windows into something that would give the appearance of a single application.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583686</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583700</id>
	<title>Re:The real defense line</title>
	<author>Culture20</author>
	<datestamp>1269359400000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>The way I see it, no browser should be designed to require admin rights. All that it needs is a sandboxed environment for temporary files. When this mantra gets in the developers' heads, such exploits will no longer be possible. Of course, by that time, other type of exploits will be invented, but we'll cross that bridge when we reach it.</p></div><p>The way I see it, no browser updates should be designed to require admin rights.  Back in the day, FF installers for windows didn't require admin rights; anywhere a user could install was fair game.  I don't know if that's still true.  But, what if the core executables were owned by root, but updates could be owned by various users?  i.e. on opening, browser checks web for updates, if it finds some, it downloads the updated exe or dll to local user dir, and then restarts itself using the new version.  If no updates are found on the web, it checks local user dir to see if there were updates previously downloaded, and restarts using the latest downloaded update.  Then every user can update their browser.<br> <br>
Even better:  Make the command line browser updater work \_only\_ on the command line so that sysadmins can update hundreds of machines at a time.  Why do command line browser updaters need to open a GUI for a progress bar?</p></div>
	</htmltext>
<tokenext>The way I see it , no browser should be designed to require admin rights .
All that it needs is a sandboxed environment for temporary files .
When this mantra gets in the developers ' heads , such exploits will no longer be possible .
Of course , by that time , other type of exploits will be invented , but we 'll cross that bridge when we reach it.The way I see it , no browser updates should be designed to require admin rights .
Back in the day , FF installers for windows did n't require admin rights ; anywhere a user could install was fair game .
I do n't know if that 's still true .
But , what if the core executables were owned by root , but updates could be owned by various users ?
i.e. on opening , browser checks web for updates , if it finds some , it downloads the updated exe or dll to local user dir , and then restarts itself using the new version .
If no updates are found on the web , it checks local user dir to see if there were updates previously downloaded , and restarts using the latest downloaded update .
Then every user can update their browser .
Even better : Make the command line browser updater work \ _only \ _ on the command line so that sysadmins can update hundreds of machines at a time .
Why do command line browser updaters need to open a GUI for a progress bar ?</tokentext>
<sentencetext>The way I see it, no browser should be designed to require admin rights.
All that it needs is a sandboxed environment for temporary files.
When this mantra gets in the developers' heads, such exploits will no longer be possible.
Of course, by that time, other type of exploits will be invented, but we'll cross that bridge when we reach it.The way I see it, no browser updates should be designed to require admin rights.
Back in the day, FF installers for windows didn't require admin rights; anywhere a user could install was fair game.
I don't know if that's still true.
But, what if the core executables were owned by root, but updates could be owned by various users?
i.e. on opening, browser checks web for updates, if it finds some, it downloads the updated exe or dll to local user dir, and then restarts itself using the new version.
If no updates are found on the web, it checks local user dir to see if there were updates previously downloaded, and restarts using the latest downloaded update.
Then every user can update their browser.
Even better:  Make the command line browser updater work \_only\_ on the command line so that sysadmins can update hundreds of machines at a time.
Why do command line browser updaters need to open a GUI for a progress bar?
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583498</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583746</id>
	<title>Say NO to active content.</title>
	<author>Anonymous</author>
	<datestamp>1269359580000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>4</modscore>
	<htmltext><p>That's why I am so pissed at site designers who go "lalala I can't hear you" whenever I request they make their site accessible without "active content" (i.e. Javascript, Flash, Java or even worse things).</p><p>It's nifty and all, but nowadays it's the main malware distribution mechanism. And you can't tell users "just switch off Javascript", because suddenly, half of the Web won't work (I do switch of Javascript: no, not NoScript. Just The Real Thing -- and for most, I'm even glad *this* half of the Web doesn't work -- but I can't tell a regular user to do the same). Heck, those $@#\%! web designers even do regular links with javascript snippets for reasons inscrutable to me. Disgusting.</p><p>Advertisers? Do you hear me? I'll look at pngs, jpegs and gifs, even animated. I'll read text. <b>but I won't even <em>see</em> your Javascript/Flash/whatever stuff</b>.</p><p>There. Had to be said.</p></htmltext>
<tokenext>That 's why I am so pissed at site designers who go " lalala I ca n't hear you " whenever I request they make their site accessible without " active content " ( i.e .
Javascript , Flash , Java or even worse things ) .It 's nifty and all , but nowadays it 's the main malware distribution mechanism .
And you ca n't tell users " just switch off Javascript " , because suddenly , half of the Web wo n't work ( I do switch of Javascript : no , not NoScript .
Just The Real Thing -- and for most , I 'm even glad * this * half of the Web does n't work -- but I ca n't tell a regular user to do the same ) .
Heck , those $ @ # \ % !
web designers even do regular links with javascript snippets for reasons inscrutable to me .
Disgusting.Advertisers ? Do you hear me ?
I 'll look at pngs , jpegs and gifs , even animated .
I 'll read text .
but I wo n't even see your Javascript/Flash/whatever stuff.There .
Had to be said .</tokentext>
<sentencetext>That's why I am so pissed at site designers who go "lalala I can't hear you" whenever I request they make their site accessible without "active content" (i.e.
Javascript, Flash, Java or even worse things).It's nifty and all, but nowadays it's the main malware distribution mechanism.
And you can't tell users "just switch off Javascript", because suddenly, half of the Web won't work (I do switch of Javascript: no, not NoScript.
Just The Real Thing -- and for most, I'm even glad *this* half of the Web doesn't work -- but I can't tell a regular user to do the same).
Heck, those $@#\%!
web designers even do regular links with javascript snippets for reasons inscrutable to me.
Disgusting.Advertisers? Do you hear me?
I'll look at pngs, jpegs and gifs, even animated.
I'll read text.
but I won't even see your Javascript/Flash/whatever stuff.There.
Had to be said.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585890</id>
	<title>Remind me</title>
	<author>sjames</author>
	<datestamp>1269367620000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>3</modscore>
	<htmltext><p>Why is it somehow un-ethical to block ads again?</p><p>Perhaps it's a good idea for big sites with a reputation to maintain to borrow just a bit from the old model where they sell ad space with an approval process directly to advertisers and serve the images from their own servers.</p></htmltext>
<tokenext>Why is it somehow un-ethical to block ads again ? Perhaps it 's a good idea for big sites with a reputation to maintain to borrow just a bit from the old model where they sell ad space with an approval process directly to advertisers and serve the images from their own servers .</tokentext>
<sentencetext>Why is it somehow un-ethical to block ads again?Perhaps it's a good idea for big sites with a reputation to maintain to borrow just a bit from the old model where they sell ad space with an approval process directly to advertisers and serve the images from their own servers.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584036</id>
	<title>Re:The real defense line</title>
	<author>The MAZZTer</author>
	<datestamp>1269360720000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>Huh?  AFAIK none of the major players require admin rights.  In addition Chrome (on XP/Vista/7) and IE8 (on Vista/7, not XP) both sandbox themselves and have been doing so for over a year now...</htmltext>
<tokenext>Huh ?
AFAIK none of the major players require admin rights .
In addition Chrome ( on XP/Vista/7 ) and IE8 ( on Vista/7 , not XP ) both sandbox themselves and have been doing so for over a year now.. .</tokentext>
<sentencetext>Huh?
AFAIK none of the major players require admin rights.
In addition Chrome (on XP/Vista/7) and IE8 (on Vista/7, not XP) both sandbox themselves and have been doing so for over a year now...</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583498</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583686</id>
	<title>Re:The real defense line</title>
	<author>Neil Watson</author>
	<datestamp>1269359340000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext><p>In UNIX one might try running the browser as another user via 'su'.   That user could be isolated with no useful data or access.  Probably some X permissions will have change to allow the browser to display on an X server owned by another user.</p><p>Could this be accomplished with Windows?</p></htmltext>
<tokenext>In UNIX one might try running the browser as another user via 'su' .
That user could be isolated with no useful data or access .
Probably some X permissions will have change to allow the browser to display on an X server owned by another user.Could this be accomplished with Windows ?</tokentext>
<sentencetext>In UNIX one might try running the browser as another user via 'su'.
That user could be isolated with no useful data or access.
Probably some X permissions will have change to allow the browser to display on an X server owned by another user.Could this be accomplished with Windows?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583498</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584070</id>
	<title>I sure am glad...</title>
	<author>NewbieProgrammerMan</author>
	<datestamp>1269360900000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>...that I never removed DoubleClick from the list of sites that aren't allowed to deliver content to my browser.</p></htmltext>
<tokenext>...that I never removed DoubleClick from the list of sites that are n't allowed to deliver content to my browser .</tokentext>
<sentencetext>...that I never removed DoubleClick from the list of sites that aren't allowed to deliver content to my browser.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584894</id>
	<title>Re:The real defense line</title>
	<author>Rysc</author>
	<datestamp>1269364140000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Better be careful with permissions and umask settings or your downloaded files won't be readable/writable by your regular user. Some kind of auto(or easy)-chown would really be ideal here.</p></htmltext>
<tokenext>Better be careful with permissions and umask settings or your downloaded files wo n't be readable/writable by your regular user .
Some kind of auto ( or easy ) -chown would really be ideal here .</tokentext>
<sentencetext>Better be careful with permissions and umask settings or your downloaded files won't be readable/writable by your regular user.
Some kind of auto(or easy)-chown would really be ideal here.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583686</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31588854</id>
	<title>Re:Are you kidding me?</title>
	<author>kalirion</author>
	<datestamp>1269336660000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>A browser is an application, like any other.  Should an OS have a list of all web browsers and treat them differently from every other program?</p></htmltext>
<tokenext>A browser is an application , like any other .
Should an OS have a list of all web browsers and treat them differently from every other program ?</tokentext>
<sentencetext>A browser is an application, like any other.
Should an OS have a list of all web browsers and treat them differently from every other program?</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583854</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584084</id>
	<title>Re:Good thing</title>
	<author>Anonymous</author>
	<datestamp>1269360900000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>So will running any OS but Windows.  This malware only runs on Windows.</p></htmltext>
<tokenext>So will running any OS but Windows .
This malware only runs on Windows .</tokentext>
<sentencetext>So will running any OS but Windows.
This malware only runs on Windows.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583316</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31586836</id>
	<title>Re:Why I don't run ads</title>
	<author>psithurism</author>
	<datestamp>1269371040000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p> week or so ago, one of the guys at Ars Technica ranted in an article about how people who use ad blocking are stealing content... I said then, and I still maintain, that using ad blocking and Flash blocking is not just a matter of convenience, but a matter of maintaining the security of my system.</p></div><p>Well if his business model is trading content for malware, then it's just plain unfair that you get content but he doesn't get to give you malware. In fact now he has to use twice as much malware on the honest costumers who don't adblock him.</p></div>
	</htmltext>
<tokenext>week or so ago , one of the guys at Ars Technica ranted in an article about how people who use ad blocking are stealing content... I said then , and I still maintain , that using ad blocking and Flash blocking is not just a matter of convenience , but a matter of maintaining the security of my system.Well if his business model is trading content for malware , then it 's just plain unfair that you get content but he does n't get to give you malware .
In fact now he has to use twice as much malware on the honest costumers who do n't adblock him .</tokentext>
<sentencetext> week or so ago, one of the guys at Ars Technica ranted in an article about how people who use ad blocking are stealing content... I said then, and I still maintain, that using ad blocking and Flash blocking is not just a matter of convenience, but a matter of maintaining the security of my system.Well if his business model is trading content for malware, then it's just plain unfair that you get content but he doesn't get to give you malware.
In fact now he has to use twice as much malware on the honest costumers who don't adblock him.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584236</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584970</id>
	<title>Doubleclick too...</title>
	<author>Tteddo</author>
	<datestamp>1269364440000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>3</modscore>
	<htmltext>I fix PC's for a living and I have been seeing this too. Some people all the do is Facebook and they are getting "XP Antivirus" or it's variants, and I know there is no way they are doing anything. They all use Firefox, etc. The last 2 weeks I have been putting on Ad Block Plus and explaining to them what it does because I was having people get infected again in a manner of weeks after I clean it up the first time. I know that kinda sucks for website revenue, but what else is there to do. One guy got infected from Photobucket, and it was repeatable.</htmltext>
<tokenext>I fix PC 's for a living and I have been seeing this too .
Some people all the do is Facebook and they are getting " XP Antivirus " or it 's variants , and I know there is no way they are doing anything .
They all use Firefox , etc .
The last 2 weeks I have been putting on Ad Block Plus and explaining to them what it does because I was having people get infected again in a manner of weeks after I clean it up the first time .
I know that kinda sucks for website revenue , but what else is there to do .
One guy got infected from Photobucket , and it was repeatable .</tokentext>
<sentencetext>I fix PC's for a living and I have been seeing this too.
Some people all the do is Facebook and they are getting "XP Antivirus" or it's variants, and I know there is no way they are doing anything.
They all use Firefox, etc.
The last 2 weeks I have been putting on Ad Block Plus and explaining to them what it does because I was having people get infected again in a manner of weeks after I clean it up the first time.
I know that kinda sucks for website revenue, but what else is there to do.
One guy got infected from Photobucket, and it was repeatable.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583788</id>
	<title>Ban Javascript!</title>
	<author>tedhiltonhead</author>
	<datestamp>1269359760000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Ad networks should not enable their clients to include Javascript, Flash, Java, or other active content in the first place.  If they have a compelling business case for doing so, all code should be "whitelist" filtered before being distributed.  The ad network's reputation is on the line every time they serve an impression.</p></htmltext>
<tokenext>Ad networks should not enable their clients to include Javascript , Flash , Java , or other active content in the first place .
If they have a compelling business case for doing so , all code should be " whitelist " filtered before being distributed .
The ad network 's reputation is on the line every time they serve an impression .</tokentext>
<sentencetext>Ad networks should not enable their clients to include Javascript, Flash, Java, or other active content in the first place.
If they have a compelling business case for doing so, all code should be "whitelist" filtered before being distributed.
The ad network's reputation is on the line every time they serve an impression.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584838</id>
	<title>Re:Ad CDNs have been a nightmare</title>
	<author>PhxBlue</author>
	<datestamp>1269363900000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p><div class="quote"><p>This only served to reinforce that I was right and not a webmaster/free content hating jerk when I block ads online.</p></div><p>I hate that webmasters seem to think we're responsible for their prosperity. Webmasters: If your advertising model works, great. If not, find another model or get off the Internet.</p></div>
	</htmltext>
<tokenext>This only served to reinforce that I was right and not a webmaster/free content hating jerk when I block ads online.I hate that webmasters seem to think we 're responsible for their prosperity .
Webmasters : If your advertising model works , great .
If not , find another model or get off the Internet .</tokentext>
<sentencetext>This only served to reinforce that I was right and not a webmaster/free content hating jerk when I block ads online.I hate that webmasters seem to think we're responsible for their prosperity.
Webmasters: If your advertising model works, great.
If not, find another model or get off the Internet.
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584444</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585164</id>
	<title>Re:I'm a professional Malware removal guy. Literal</title>
	<author>herksc</author>
	<datestamp>1269365040000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>FYI:  If you can kill the malware process and then delete it, you can manually re-associate EXEs to run as applications in the File Types menu.  Just did this for a machine on my network last week.  Of course I also ran Malware Bytes...<br> <br>
I just dealt with a truly nasty version yesterday though that not only sets itself up as the handler for EXE files, but also closes the task manager immediately when you try to open it.  In order to remove it I had to boot the machine using a Linux live CD, and then remove the offending files.</htmltext>
<tokenext>FYI : If you can kill the malware process and then delete it , you can manually re-associate EXEs to run as applications in the File Types menu .
Just did this for a machine on my network last week .
Of course I also ran Malware Bytes.. . I just dealt with a truly nasty version yesterday though that not only sets itself up as the handler for EXE files , but also closes the task manager immediately when you try to open it .
In order to remove it I had to boot the machine using a Linux live CD , and then remove the offending files .</tokentext>
<sentencetext>FYI:  If you can kill the malware process and then delete it, you can manually re-associate EXEs to run as applications in the File Types menu.
Just did this for a machine on my network last week.
Of course I also ran Malware Bytes... 
I just dealt with a truly nasty version yesterday though that not only sets itself up as the handler for EXE files, but also closes the task manager immediately when you try to open it.
In order to remove it I had to boot the machine using a Linux live CD, and then remove the offending files.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584260</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583554</id>
	<title>Re:Good thing</title>
	<author>0ld\_d0g</author>
	<datestamp>1269358680000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Unfortunately, that makes the web unusable for many people. Most people commenting here aren't the kind who get infected by malware.</p></htmltext>
<tokenext>Unfortunately , that makes the web unusable for many people .
Most people commenting here are n't the kind who get infected by malware .</tokentext>
<sentencetext>Unfortunately, that makes the web unusable for many people.
Most people commenting here aren't the kind who get infected by malware.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583316</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584918</id>
	<title>This is NEWs?</title>
	<author>SpacePunk</author>
	<datestamp>1269364260000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>Anybody that's been dealing with this stuff already knew that it was being served up by ad servers.  The people running the ad servers evidently do not check scripts for malware before they are put into rotation, and they'll sell ad rotation to anybody that has the money with no questions asked.</p><p>This is not new news, I am not shocked by this, nobody should be.</p></htmltext>
<tokenext>Anybody that 's been dealing with this stuff already knew that it was being served up by ad servers .
The people running the ad servers evidently do not check scripts for malware before they are put into rotation , and they 'll sell ad rotation to anybody that has the money with no questions asked.This is not new news , I am not shocked by this , nobody should be .</tokentext>
<sentencetext>Anybody that's been dealing with this stuff already knew that it was being served up by ad servers.
The people running the ad servers evidently do not check scripts for malware before they are put into rotation, and they'll sell ad rotation to anybody that has the money with no questions asked.This is not new news, I am not shocked by this, nobody should be.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31588928</id>
	<title>Re:Adblocker</title>
	<author>Tlosk</author>
	<datestamp>1269337020000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext><p>I think your point is spot on, this is why big reputable sites need to take charge of their own advertising instead of farming everything out to 3rd parties that are getting it wrong a lot lately.</p><p>You may save some money in the short term by not having to deal with the overhead yourself, but unless all the content that is getting shoveled your way is reputable you just force your readers to block everything to keep their systems safe.</p><p>But realistically what this means is using ads that don't rely on delivery mechanisms with a huge attack surface like flash and active scripting.</p></htmltext>
<tokenext>I think your point is spot on , this is why big reputable sites need to take charge of their own advertising instead of farming everything out to 3rd parties that are getting it wrong a lot lately.You may save some money in the short term by not having to deal with the overhead yourself , but unless all the content that is getting shoveled your way is reputable you just force your readers to block everything to keep their systems safe.But realistically what this means is using ads that do n't rely on delivery mechanisms with a huge attack surface like flash and active scripting .</tokentext>
<sentencetext>I think your point is spot on, this is why big reputable sites need to take charge of their own advertising instead of farming everything out to 3rd parties that are getting it wrong a lot lately.You may save some money in the short term by not having to deal with the overhead yourself, but unless all the content that is getting shoveled your way is reputable you just force your readers to block everything to keep their systems safe.But realistically what this means is using ads that don't rely on delivery mechanisms with a huge attack surface like flash and active scripting.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583460</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583256</id>
	<title>Surprise!  Oh, wait...</title>
	<author>bhamlin</author>
	<datestamp>1269357480000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>2</modscore>
	<htmltext><p>Really, who is surprised by this?  What's the cost of an ad and fake credentials compared to getting a chance to infect millions of computers?</p></htmltext>
<tokenext>Really , who is surprised by this ?
What 's the cost of an ad and fake credentials compared to getting a chance to infect millions of computers ?</tokentext>
<sentencetext>Really, who is surprised by this?
What's the cost of an ad and fake credentials compared to getting a chance to infect millions of computers?</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583722</id>
	<title>Makes it hard to meet them halfway</title>
	<author>MikeRT</author>
	<datestamp>1269359520000</datestamp>
	<modclass>Insightful</modclass>
	<modscore>3</modscore>
	<htmltext><p>They complain about advertising revenues while they are serving up ads that contain malware. To someone who hates ads to begin with, that's like saying "we know you don't enjoy crawling over broken glass, so how about crawling over glass mixed with AIDS-infected blood and barbed wire?"</p></htmltext>
<tokenext>They complain about advertising revenues while they are serving up ads that contain malware .
To someone who hates ads to begin with , that 's like saying " we know you do n't enjoy crawling over broken glass , so how about crawling over glass mixed with AIDS-infected blood and barbed wire ?
"</tokentext>
<sentencetext>They complain about advertising revenues while they are serving up ads that contain malware.
To someone who hates ads to begin with, that's like saying "we know you don't enjoy crawling over broken glass, so how about crawling over glass mixed with AIDS-infected blood and barbed wire?
"</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583690</id>
	<title>Re:'careless web activity'</title>
	<author>FlyingBishop</author>
	<datestamp>1269359340000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>2</modscore>
	<htmltext><p>Don't block ads. Use NoScript. Blacklists are easily compromised. Whitelists are much more difficult.</p></htmltext>
<tokenext>Do n't block ads .
Use NoScript .
Blacklists are easily compromised .
Whitelists are much more difficult .</tokentext>
<sentencetext>Don't block ads.
Use NoScript.
Blacklists are easily compromised.
Whitelists are much more difficult.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583506</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585276</id>
	<title>ad servers really shot themselves in the foot here</title>
	<author>Vorpix</author>
	<datestamp>1269365460000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>2</modscore>
	<htmltext><p>the biggest change this has for me is that it has moved installing adblocking software from just 'something i do for my personal computers' to 'something i do on any computer i touch, even professionally'.</p><p>it was the ad server's responsibility to regulate what they distribute.  instead, they have just become an avenue for zero-day attacks that can spread across the web in no time at all.  since they did NOT act responsibly in preventing this type of attack (really, is there NO review process at all on what they serve out to millions of people?), it falls on us, the users, to protect ourselves.  when companies complain about lost revenue due to adblocking software, this is your justification.</p></htmltext>
<tokenext>the biggest change this has for me is that it has moved installing adblocking software from just 'something i do for my personal computers ' to 'something i do on any computer i touch , even professionally'.it was the ad server 's responsibility to regulate what they distribute .
instead , they have just become an avenue for zero-day attacks that can spread across the web in no time at all .
since they did NOT act responsibly in preventing this type of attack ( really , is there NO review process at all on what they serve out to millions of people ?
) , it falls on us , the users , to protect ourselves .
when companies complain about lost revenue due to adblocking software , this is your justification .</tokentext>
<sentencetext>the biggest change this has for me is that it has moved installing adblocking software from just 'something i do for my personal computers' to 'something i do on any computer i touch, even professionally'.it was the ad server's responsibility to regulate what they distribute.
instead, they have just become an avenue for zero-day attacks that can spread across the web in no time at all.
since they did NOT act responsibly in preventing this type of attack (really, is there NO review process at all on what they serve out to millions of people?
), it falls on us, the users, to protect ourselves.
when companies complain about lost revenue due to adblocking software, this is your justification.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583826</id>
	<title>CUSTOM HOSTS FILES ARE THE SUPERIOR ANSWER</title>
	<author>Anonymous</author>
	<datestamp>1269359880000</datestamp>
	<modclass>Troll</modclass>
	<modscore>-1</modscore>
	<htmltext><div class="quote"><p><b>"Clicking not necessary."</b> - by julesh (229690) on Tuesday March 23, @10:24AM (#31583344)</p></div><p>That's right... &amp; here is an answer for you - CUSTOM HOSTS FILES and why/how they are SUPERIOR TO BROWSER ADDONS:</p><p>----</p><p><b>1.) HOSTS files eat no CPU cycles</b> like browser addons do no less!</p><p><b>2.) HOSTS files are also NOT severely LIMITED TO 1 BROWSER FAMILY ONLY... browser addons, are.</b> HOSTS files cover &amp; protect (for security) and speed up (all apps that are webbound) any app you have that goes to the internet (specifically the web).</p><p><b>3.) HOSTS files allow you to bypass DNS Server requests logs</b> (via hardcoding your favorite sites into them to avoid not only the TIME taken roundtrip to an external DNS server, but also for avoiding those logs OR a DNS server that has been compromised (see Dan Kaminsky online, on that note)).</p><p><b>4.) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than DNS servers can</b> by FAR.</p><p><b>5.) HOSTS files also allow you to not worry about a DNS server being compromised, or downed</b> (if either occurs, you STILL get to sites you hardcode in a HOSTS file anyhow in EITHER case).</p><p><b>6.) HOSTS files are EASILY user controlled, obtained</b> (for reliable ones -&gt; <a href="http://en.wikipedia.org/wiki/Hosts\_file" title="wikipedia.org" rel="nofollow">http://en.wikipedia.org/wiki/Hosts\_file</a> [wikipedia.org] ) <b>&amp; edited</b> too.</p><p><b>7.) HOSTS files aren't as vulnerable to "bugs" either</b> like programs/libs/extensions of that nature are, OR even DNS servers.</p><p><b>8.) HOSTS files are a solution which also globally extends to EVERY WEBBOUND APP YOU HAVE</b></p><p><b>9.) HOSTS files are also EASILY secured well</b>, via write-protection "read-only" attributes set on them, or more radically, via ACL's even.</p><p><b>10.) ADBLOCK DOES NOT ALLOW A USER DIRECT EASILY EDITABLE CONTROL OVER WHAT IT BLOCKS</b> &amp; HOSTS do, via texteditors like notepad.exe (afaik, @ least - feel free to correct me IF I am in error here (thanks)).</p><p><b>11.) AND, LASTLY? SINCE MALWARE GENERALLY HAS TO OPERATE ON WHAT YOU YOURSELF CAN DO</b> (running as limited class/least privlege user, hopefully, OR even as ADMIN/ROOT/SUPERUSER)<b>? HOSTS "LOCK IN" malware too, vs. communicating "back to mama" for orders</b> (provided they have name servers + C&amp;C botnet servers listed in them, blocked off in your HOSTS that is) - you might think they use a hardcoded IP, which IS possible, but generally they do not &amp; RECYCLE domain/host names they own, &amp; this? This stops that cold, too! Bonus...</p><p>----</p><p>Want a GREAT HOSTS FILE, that's kept up to date, daily? See here:</p><p><a href="http://hosts-file.net/?s=Download" title="hosts-file.net" rel="nofollow">http://hosts-file.net/?s=Download</a> [hosts-file.net]</p><p>(Mine's actually BETTER than that too! (As I combine it with ALL THE KNOWN SOURCES for reliable HOSTS files -&gt;  <a href="http://en.wikipedia.org/wiki/Hosts\_file" title="wikipedia.org" rel="nofollow">http://en.wikipedia.org/wiki/Hosts\_file</a> [wikipedia.org] (and far more too, like Spybot S&amp;D &amp; other reliable/reputable sources NOT listed on the wikipedia page for HOSTS files))</p><p>I "integrate them" into my HOSTS file using a tool I wrote to do so... It currently parses &amp; processes (removes repeated entries for a form of 1NF type "normalization" (sort of, this is NOT a database is why I note that much) &amp; for 2NF normal form, I remove trailing blanks from entries PLUS I alphabetize them (for faster B-Tree inserts processing in the local diskcache, because odds are, it uses that (binary trees &amp; binary searches ROCK for speed... Tri-E is even a bit better imo)).</p><p>It does almost 1 million KNOWN BAD SITES &amp;/or SERVERS (Name servers &amp; botnet C&amp;C servers too) in about 1.1 hours time...</p><p>Which is NOT bad, considering its my "2nd round prototype" written in Borland Delphi 7.1x + Inlined Assembly code, for the FASTEST POSSIBLE STRING PROCESSING TIMES THERE ARE, bar-none (faster than MSVC++ @ least even)) &amp; considering I don't have a thing like Access' "JET ENGINE" doing indexing on it either... it works, &amp; so do HOSTS (for speed online (by "hardcoding in" your fav. sites but you may have to periodically alter this, as sites seek diff. hosting providers (rare though usually)) AND ESPECIALLY FOR SECURITY!</p><p>Enjoy, hope you find the info., useful.</p><p>APK</p><p>P.S.=&gt; Per my subject-line above? Chrome doesn't NEED addons to do the job, as a HOSTS file already can blockout anything you like, AND SPEED YOU UP to your fav. sites too... "too, Too, TOO EASY" &amp; all from 1 single more efficient + less "bug prone" file! However, laying in BOTH addons for browsers AND a HOSTS file is a good idea for the concept of "layered security"... apk</p></div>
	</htmltext>
<tokenext>" Clicking not necessary .
" - by julesh ( 229690 ) on Tuesday March 23 , @ 10 : 24AM ( # 31583344 ) That 's right... &amp; here is an answer for you - CUSTOM HOSTS FILES and why/how they are SUPERIOR TO BROWSER ADDONS : ----1 .
) HOSTS files eat no CPU cycles like browser addons do no less ! 2 .
) HOSTS files are also NOT severely LIMITED TO 1 BROWSER FAMILY ONLY... browser addons , are .
HOSTS files cover &amp; protect ( for security ) and speed up ( all apps that are webbound ) any app you have that goes to the internet ( specifically the web ) .3 .
) HOSTS files allow you to bypass DNS Server requests logs ( via hardcoding your favorite sites into them to avoid not only the TIME taken roundtrip to an external DNS server , but also for avoiding those logs OR a DNS server that has been compromised ( see Dan Kaminsky online , on that note ) ) .4 .
) HOSTS files will allow you to get to sites you like , via hardcoding your favs into a HOSTS file , FAR faster than DNS servers can by FAR.5 .
) HOSTS files also allow you to not worry about a DNS server being compromised , or downed ( if either occurs , you STILL get to sites you hardcode in a HOSTS file anyhow in EITHER case ) .6 .
) HOSTS files are EASILY user controlled , obtained ( for reliable ones - &gt; http : //en.wikipedia.org/wiki/Hosts \ _file [ wikipedia.org ] ) &amp; edited too.7 .
) HOSTS files are n't as vulnerable to " bugs " either like programs/libs/extensions of that nature are , OR even DNS servers.8 .
) HOSTS files are a solution which also globally extends to EVERY WEBBOUND APP YOU HAVE9 .
) HOSTS files are also EASILY secured well , via write-protection " read-only " attributes set on them , or more radically , via ACL 's even.10 .
) ADBLOCK DOES NOT ALLOW A USER DIRECT EASILY EDITABLE CONTROL OVER WHAT IT BLOCKS &amp; HOSTS do , via texteditors like notepad.exe ( afaik , @ least - feel free to correct me IF I am in error here ( thanks ) ) .11 .
) AND , LASTLY ?
SINCE MALWARE GENERALLY HAS TO OPERATE ON WHAT YOU YOURSELF CAN DO ( running as limited class/least privlege user , hopefully , OR even as ADMIN/ROOT/SUPERUSER ) ?
HOSTS " LOCK IN " malware too , vs. communicating " back to mama " for orders ( provided they have name servers + C&amp;C botnet servers listed in them , blocked off in your HOSTS that is ) - you might think they use a hardcoded IP , which IS possible , but generally they do not &amp; RECYCLE domain/host names they own , &amp; this ?
This stops that cold , too !
Bonus...----Want a GREAT HOSTS FILE , that 's kept up to date , daily ?
See here : http : //hosts-file.net/ ? s = Download [ hosts-file.net ] ( Mine 's actually BETTER than that too !
( As I combine it with ALL THE KNOWN SOURCES for reliable HOSTS files - &gt; http : //en.wikipedia.org/wiki/Hosts \ _file [ wikipedia.org ] ( and far more too , like Spybot S&amp;D &amp; other reliable/reputable sources NOT listed on the wikipedia page for HOSTS files ) ) I " integrate them " into my HOSTS file using a tool I wrote to do so... It currently parses &amp; processes ( removes repeated entries for a form of 1NF type " normalization " ( sort of , this is NOT a database is why I note that much ) &amp; for 2NF normal form , I remove trailing blanks from entries PLUS I alphabetize them ( for faster B-Tree inserts processing in the local diskcache , because odds are , it uses that ( binary trees &amp; binary searches ROCK for speed... Tri-E is even a bit better imo ) ) .It does almost 1 million KNOWN BAD SITES &amp;/or SERVERS ( Name servers &amp; botnet C&amp;C servers too ) in about 1.1 hours time...Which is NOT bad , considering its my " 2nd round prototype " written in Borland Delphi 7.1x + Inlined Assembly code , for the FASTEST POSSIBLE STRING PROCESSING TIMES THERE ARE , bar-none ( faster than MSVC + + @ least even ) ) &amp; considering I do n't have a thing like Access ' " JET ENGINE " doing indexing on it either... it works , &amp; so do HOSTS ( for speed online ( by " hardcoding in " your fav .
sites but you may have to periodically alter this , as sites seek diff .
hosting providers ( rare though usually ) ) AND ESPECIALLY FOR SECURITY ! Enjoy , hope you find the info. , useful.APKP.S. = &gt; Per my subject-line above ?
Chrome does n't NEED addons to do the job , as a HOSTS file already can blockout anything you like , AND SPEED YOU UP to your fav .
sites too... " too , Too , TOO EASY " &amp; all from 1 single more efficient + less " bug prone " file !
However , laying in BOTH addons for browsers AND a HOSTS file is a good idea for the concept of " layered security " ... apk</tokentext>
<sentencetext>"Clicking not necessary.
" - by julesh (229690) on Tuesday March 23, @10:24AM (#31583344)That's right... &amp; here is an answer for you - CUSTOM HOSTS FILES and why/how they are SUPERIOR TO BROWSER ADDONS:----1.
) HOSTS files eat no CPU cycles like browser addons do no less!2.
) HOSTS files are also NOT severely LIMITED TO 1 BROWSER FAMILY ONLY... browser addons, are.
HOSTS files cover &amp; protect (for security) and speed up (all apps that are webbound) any app you have that goes to the internet (specifically the web).3.
) HOSTS files allow you to bypass DNS Server requests logs (via hardcoding your favorite sites into them to avoid not only the TIME taken roundtrip to an external DNS server, but also for avoiding those logs OR a DNS server that has been compromised (see Dan Kaminsky online, on that note)).4.
) HOSTS files will allow you to get to sites you like, via hardcoding your favs into a HOSTS file, FAR faster than DNS servers can by FAR.5.
) HOSTS files also allow you to not worry about a DNS server being compromised, or downed (if either occurs, you STILL get to sites you hardcode in a HOSTS file anyhow in EITHER case).6.
) HOSTS files are EASILY user controlled, obtained (for reliable ones -&gt; http://en.wikipedia.org/wiki/Hosts\_file [wikipedia.org] ) &amp; edited too.7.
) HOSTS files aren't as vulnerable to "bugs" either like programs/libs/extensions of that nature are, OR even DNS servers.8.
) HOSTS files are a solution which also globally extends to EVERY WEBBOUND APP YOU HAVE9.
) HOSTS files are also EASILY secured well, via write-protection "read-only" attributes set on them, or more radically, via ACL's even.10.
) ADBLOCK DOES NOT ALLOW A USER DIRECT EASILY EDITABLE CONTROL OVER WHAT IT BLOCKS &amp; HOSTS do, via texteditors like notepad.exe (afaik, @ least - feel free to correct me IF I am in error here (thanks)).11.
) AND, LASTLY?
SINCE MALWARE GENERALLY HAS TO OPERATE ON WHAT YOU YOURSELF CAN DO (running as limited class/least privlege user, hopefully, OR even as ADMIN/ROOT/SUPERUSER)?
HOSTS "LOCK IN" malware too, vs. communicating "back to mama" for orders (provided they have name servers + C&amp;C botnet servers listed in them, blocked off in your HOSTS that is) - you might think they use a hardcoded IP, which IS possible, but generally they do not &amp; RECYCLE domain/host names they own, &amp; this?
This stops that cold, too!
Bonus...----Want a GREAT HOSTS FILE, that's kept up to date, daily?
See here:http://hosts-file.net/?s=Download [hosts-file.net](Mine's actually BETTER than that too!
(As I combine it with ALL THE KNOWN SOURCES for reliable HOSTS files -&gt;  http://en.wikipedia.org/wiki/Hosts\_file [wikipedia.org] (and far more too, like Spybot S&amp;D &amp; other reliable/reputable sources NOT listed on the wikipedia page for HOSTS files))I "integrate them" into my HOSTS file using a tool I wrote to do so... It currently parses &amp; processes (removes repeated entries for a form of 1NF type "normalization" (sort of, this is NOT a database is why I note that much) &amp; for 2NF normal form, I remove trailing blanks from entries PLUS I alphabetize them (for faster B-Tree inserts processing in the local diskcache, because odds are, it uses that (binary trees &amp; binary searches ROCK for speed... Tri-E is even a bit better imo)).It does almost 1 million KNOWN BAD SITES &amp;/or SERVERS (Name servers &amp; botnet C&amp;C servers too) in about 1.1 hours time...Which is NOT bad, considering its my "2nd round prototype" written in Borland Delphi 7.1x + Inlined Assembly code, for the FASTEST POSSIBLE STRING PROCESSING TIMES THERE ARE, bar-none (faster than MSVC++ @ least even)) &amp; considering I don't have a thing like Access' "JET ENGINE" doing indexing on it either... it works, &amp; so do HOSTS (for speed online (by "hardcoding in" your fav.
sites but you may have to periodically alter this, as sites seek diff.
hosting providers (rare though usually)) AND ESPECIALLY FOR SECURITY!Enjoy, hope you find the info., useful.APKP.S.=&gt; Per my subject-line above?
Chrome doesn't NEED addons to do the job, as a HOSTS file already can blockout anything you like, AND SPEED YOU UP to your fav.
sites too... "too, Too, TOO EASY" &amp; all from 1 single more efficient + less "bug prone" file!
However, laying in BOTH addons for browsers AND a HOSTS file is a good idea for the concept of "layered security"... apk
	</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583344</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583544</id>
	<title>Not just that...</title>
	<author>naplam33</author>
	<datestamp>1269358680000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext>And not just malware, scam shops and all kinds of shady stuff. You want to know what's the best part? Google, Yahoo, and so on don't give a f*ck about it, I've reported such ads several times and I've never seen any action taken. As long as the criminals pay for the ads, nobody cares.</htmltext>
<tokenext>And not just malware , scam shops and all kinds of shady stuff .
You want to know what 's the best part ?
Google , Yahoo , and so on do n't give a f * ck about it , I 've reported such ads several times and I 've never seen any action taken .
As long as the criminals pay for the ads , nobody cares .</tokentext>
<sentencetext>And not just malware, scam shops and all kinds of shady stuff.
You want to know what's the best part?
Google, Yahoo, and so on don't give a f*ck about it, I've reported such ads several times and I've never seen any action taken.
As long as the criminals pay for the ads, nobody cares.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583904</id>
	<title>What? Me Worry?</title>
	<author>Anonymous</author>
	<datestamp>1269360240000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>For the past 10+ years I've had no worries about clicking on any ad or link I see. Never picked up anything from doing so, despite being warned for the past decade that my days of worry-free browsing will soon come to an end. It's been over 10 years now and I'm still waiting. I run no A/V, never have, and my firewall is gathering dust. (I assume it works but I've never turned it on.) Mod this post into oblivion all you want, but I'm just here to tell ya, there really is a better way.</p><p>I don't need to tell you what OS I'm using. That should be obvious.</p></htmltext>
<tokenext>For the past 10 + years I 've had no worries about clicking on any ad or link I see .
Never picked up anything from doing so , despite being warned for the past decade that my days of worry-free browsing will soon come to an end .
It 's been over 10 years now and I 'm still waiting .
I run no A/V , never have , and my firewall is gathering dust .
( I assume it works but I 've never turned it on .
) Mod this post into oblivion all you want , but I 'm just here to tell ya , there really is a better way.I do n't need to tell you what OS I 'm using .
That should be obvious .</tokentext>
<sentencetext>For the past 10+ years I've had no worries about clicking on any ad or link I see.
Never picked up anything from doing so, despite being warned for the past decade that my days of worry-free browsing will soon come to an end.
It's been over 10 years now and I'm still waiting.
I run no A/V, never have, and my firewall is gathering dust.
(I assume it works but I've never turned it on.
) Mod this post into oblivion all you want, but I'm just here to tell ya, there really is a better way.I don't need to tell you what OS I'm using.
That should be obvious.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31601044</id>
	<title>Re:I'm a professional Malware removal guy. Literal</title>
	<author>Anonymous</author>
	<datestamp>1269458340000</datestamp>
	<modclass>None</modclass>
	<modscore>0</modscore>
	<htmltext><p>....or simply set Firefox to "Save AS" any PDF file, and view off-line, if you really want to see what's in it.</p></htmltext>
<tokenext>....or simply set Firefox to " Save AS " any PDF file , and view off-line , if you really want to see what 's in it .</tokentext>
<sentencetext>....or simply set Firefox to "Save AS" any PDF file, and view off-line, if you really want to see what's in it.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584260</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583344</id>
	<title>Re:One lesson to learn</title>
	<author>Anonymous</author>
	<datestamp>1269357840000</datestamp>
	<modclass>Informativ</modclass>
	<modscore>5</modscore>
	<htmltext><p><i>Never ever click an ad!</i></p><p>Clicking not necessary.  I was infected with malware earlier this month without any interaction after visiting the Pirate Bay.  An advert used javascript to redirect me to an obscure URL ( <a href="http://uqwaaa.in/cgi-bin/gjj" title="uqwaaa.in">http://uqwaaa.in/cgi-bin/gjj</a> [uqwaaa.in] ), which proceded to use a Firefox flaw of some kind to infect me.  3.6 doesn't seem to be susceptible, but 3.5.7 which I was running at the time *was*.  The exploit installed a Firefox extension that randomly redirects links from google, yahoo and bing to advertising pages.</p></htmltext>
<tokenext>Never ever click an ad ! Clicking not necessary .
I was infected with malware earlier this month without any interaction after visiting the Pirate Bay .
An advert used javascript to redirect me to an obscure URL ( http : //uqwaaa.in/cgi-bin/gjj [ uqwaaa.in ] ) , which proceded to use a Firefox flaw of some kind to infect me .
3.6 does n't seem to be susceptible , but 3.5.7 which I was running at the time * was * .
The exploit installed a Firefox extension that randomly redirects links from google , yahoo and bing to advertising pages .</tokentext>
<sentencetext>Never ever click an ad!Clicking not necessary.
I was infected with malware earlier this month without any interaction after visiting the Pirate Bay.
An advert used javascript to redirect me to an obscure URL ( http://uqwaaa.in/cgi-bin/gjj [uqwaaa.in] ), which proceded to use a Firefox flaw of some kind to infect me.
3.6 doesn't seem to be susceptible, but 3.5.7 which I was running at the time *was*.
The exploit installed a Firefox extension that randomly redirects links from google, yahoo and bing to advertising pages.</sentencetext>
	<parent>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583254</parent>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583970</id>
	<title>Twice from Slashdot</title>
	<author>Alistair Hutton</author>
	<datestamp>1269360420000</datestamp>
	<modclass>None</modclass>
	<modscore>1</modscore>
	<htmltext>I've been hit twice in two weeks with attempted installs of trojans/fake anti-spyware just from visiting pages linked to from Slahsdot stories.  Not amusing.</htmltext>
<tokenext>I 've been hit twice in two weeks with attempted installs of trojans/fake anti-spyware just from visiting pages linked to from Slahsdot stories .
Not amusing .</tokentext>
<sentencetext>I've been hit twice in two weeks with attempted installs of trojans/fake anti-spyware just from visiting pages linked to from Slahsdot stories.
Not amusing.</sentencetext>
</comment>
<comment>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583498</id>
	<title>The real defense line</title>
	<author>geegel</author>
	<datestamp>1269358500000</datestamp>
	<modclass>Interestin</modclass>
	<modscore>4</modscore>
	<htmltext><p>The way I see it, no browser should be designed to require admin rights. All that it needs is a sandboxed environment for temporary files. When this mantra gets in the developers' heads, such exploits will no longer be possible. Of course, by that time, other type of exploits will be invented, but we'll cross that bridge when we reach it.</p></htmltext>
<tokenext>The way I see it , no browser should be designed to require admin rights .
All that it needs is a sandboxed environment for temporary files .
When this mantra gets in the developers ' heads , such exploits will no longer be possible .
Of course , by that time , other type of exploits will be invented , but we 'll cross that bridge when we reach it .</tokentext>
<sentencetext>The way I see it, no browser should be designed to require admin rights.
All that it needs is a sandboxed environment for temporary files.
When this mantra gets in the developers' heads, such exploits will no longer be possible.
Of course, by that time, other type of exploits will be invented, but we'll cross that bridge when we reach it.</sentencetext>
</comment>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_19</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583254
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583344
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583830
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_22</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583228
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583732
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_8</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583254
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583306
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583810
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584626
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_56</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584260
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585660
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_49</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584260
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31586280
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_53</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584444
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31591836
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_27</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583498
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583700
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_18</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584260
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31587632
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_30</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583258
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583348
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_21</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583854
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31588854
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_7</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583460
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31588928
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_44</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584260
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31592276
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_17</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584260
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31606986
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_20</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584260
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585110
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31602850
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_6</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583498
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583686
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585118
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_11</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583460
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583714
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585928
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_0</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584444
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584838
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_50</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583498
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583686
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584894
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_36</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583228
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583650
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_38</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583500
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31588422
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_12</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583528
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584790
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_43</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583460
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31606342
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_14</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583254
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583306
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31586440
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_16</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583228
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584014
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_39</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583316
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583554
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31587872
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_5</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583254
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583350
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_42</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584260
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31589190
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_33</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583254
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583306
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583576
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_34</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583498
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585844
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_25</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583228
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584236
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31587932
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_48</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583254
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583376
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_41</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583316
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583492
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583782
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31587132
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_24</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584260
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585488
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_26</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583498
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584036
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_28</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583506
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584250
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_31</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583254
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583306
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583632
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_54</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583254
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583344
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583826
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31602470
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_47</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584260
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31601044
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_23</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583484
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584592
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_9</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584260
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585656
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_51</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583460
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583714
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31586610
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_46</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583460
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583964
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_37</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583316
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31588642
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_3</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583228
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583718
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_13</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583228
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584236
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31586836
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_2</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583228
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583374
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_15</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583460
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583714
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585328
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_4</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583506
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583690
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_52</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584260
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31589916
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_45</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583254
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583748
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_10</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583528
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584212
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_35</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584260
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31594412
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_1</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583316
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584084
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_40</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583498
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583780
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_55</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583460
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31599820
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_29</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583316
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583492
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583782
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584986
</commentlist>
</thread>
<thread>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#thread_10_03_23_1256211_32</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584260
http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585164
</commentlist>
</thread>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_23_1256211.16</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583960
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_23_1256211.17</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583258
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583348
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_23_1256211.2</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583256
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_23_1256211.5</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583528
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584790
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584212
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_23_1256211.8</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584260
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585656
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31589190
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585660
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585110
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31602850
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31589916
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31592276
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585164
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31594412
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585488
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31586280
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31606986
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31587632
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31601044
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_23_1256211.6</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583254
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583344
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583826
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31602470
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583830
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583306
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31586440
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583632
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583576
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583810
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584626
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583350
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583748
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583376
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_23_1256211.14</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583500
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31588422
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_23_1256211.12</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583854
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31588854
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_23_1256211.15</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584860
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_23_1256211.0</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584444
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31591836
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584838
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_23_1256211.10</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584118
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_23_1256211.13</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583460
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583714
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585928
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31586610
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585328
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31599820
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31606342
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583964
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31588928
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_23_1256211.11</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583250
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_23_1256211.9</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583484
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584592
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_23_1256211.18</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583228
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583732
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584014
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584236
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31586836
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31587932
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583718
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583650
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583374
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_23_1256211.3</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583506
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584250
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583690
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_23_1256211.1</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583316
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584084
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583554
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31587872
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31588642
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583492
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583782
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31587132
---http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584986
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_23_1256211.4</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583498
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583780
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584036
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583686
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31584894
--http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585118
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585844
-http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31583700
</commentlist>
</conversation>
<conversation>
	<id>http://www.semanticweb.org/ontologies/ConversationInstances.owl#conversation10_03_23_1256211.7</id>
	<commentlist>http://www.semanticweb.org/ontologies/ConversationInstances.owl#comment10_03_23_1256211.31585212
</commentlist>
</conversation>
