All Posts by Date or last 15, 30, 90 or 180 days.
also by Lloyd: diglloyd.com photography and WindInMyFace.com

Thank you for buying via links and ads on this site,
which earn me advertising fees or commissions.
As an Amazon Associate I earn from qualifying purchases.

Other World Computing...
B&H Photo...
Amazon
As an Amazon Associate I earn from qualifying purchases.
Upgrade the memory of your 2018 Mac mini up to 64GB
877-865-7002
Today’s Deal Zone Items... Handpicked deals...
$20 $6
SAVE $14

$3498 $3498
SAVE $click

$3699 $1299
SAVE $2400

$1000 $700
SAVE $300

$3899 $1499
SAVE $2400

$748 $648
SAVE $100

$2999 $1999
SAVE $1000

$1699 $999
SAVE $700

$1698 $1398
SAVE $300

$4499 $3499
SAVE $1000

$1399 $1049
SAVE $350

$1149 $799
SAVE $350

$1399 $1049
SAVE $350

$1498 $1198
SAVE $300

$2797 $2597
SAVE $200

$280 $250
SAVE $30

$1699 $1299
SAVE $400

$8399 $7599
SAVE $800

$899 $799
SAVE $100

$1699 $1299
SAVE $400

OWC Thunderblade Thunderbolt 3 SSD

Blazing fast, up to 16TB.

YEE HAH!



√ No more slow and noisy hard drives!

Malware on iPhone? Unwanted “Congratulations Apple iPhone user” Popup Malware Erases Existing Site from Browser History + Improper Security Certificate

See below—I have gotten this unwanted apparent malware 5 or 6 times now at Dilbert cartoonist Scott Adams at https://www.scottadamssays.com.

I don’t know if that site is compromised/infected or just has taken very poor stock of its advertiser network. This is nasty unwanted stuff.

Does anyone out there understand what is going on?

  • I am running iOS 13 on my iPhone.
  • I have not seen it happen on the computer, though I rarely visit the site that way.
  • It seems to occur when I refresh the site half a day or a day later.
  • Always the same bogus improbable “you are a winner” thing, using persuasion of quotes buy other “winners”.
  • It always wipes out browser history of the page I was on (iOS, Safari) so that I cannot go back; this malware is now the page and there is no prior page.
  • NOT an April Fool’s thing; it has been going on for maybe a week or so.

If not outright malware (can my phone with iOS be infected?), maybe it is a compromised advertising network. Either way, Scott Adams had better go take a close look at the ad networks he is using as well as overall site security.

           
Malware apparently coming from https://www.scottadamssays.com

Reader comments

Arne C writes:

Moin! (as we say here in northern Germany)

If you look here, you know that, whoever created the site for him, implemented a load of trackers and advertisers.

https://webbkoll.dataskydd.net/en/results?url=http%3A%2F%2Fwww.scottadamssays.com

https://privacyscore.org/site/162782/

My solution for iOS: I use „Purify“ to filter bad stuff for Safari with Ads and Tracking + social buttons + custom fonts FILTERED. And I use iCab mobile as my main browser set to „private“ mode Mobile devices are much harder to harden against all sorts of malware and spyware than PC/Macs.

MPG: what a privacy invading mess: problems with security policy, strict transport security not implemented, content security policy has SERIOUS problems, referrers leaked, 44 cookies including 39 3rd-party co0kies, 128 requests to 46 unique hosts.

Simon N writes:

I have seen this issue before (at least on iOS 12, maybe even earlier), mostly when doing a search and then following a link to a search result.

MPG: no searching involved in my case. I’m guessing an unethical or compromised (hacked) ad network problem, since Adams' site is chock fill of ad tracking garbage.

Aln K writes:

Especially for mobile use, I recommend to use DNS based blockers like Disconnect.me (curates its own list) or NextDNS.io (offers a huge selection of open source tracker lists - this is what I use at the moment for all my devices, both are free and available in App Stores.) I encourage you to use such security measures and frequently look and examine their traffic. Furthermore, I recommend to switch to private mode in your browser, install an ad-blocker (I prefer 1Blocker,) use website dependent settings and setup your websites accordingly and turn of JavaScript and use JS or non-private mode only if forced to, like logins - but first try if you succeed without.

The procedure either after installing or using an app should always be:

1. to consult the traffic log either in-app (e.g. Disconnect.me) or at DNS provider's site (e.g. NextDNS.io, offers additional infos to logged domains) and examine the domains and their owners!

2. To realize that an app (or website) whose output is mostly blocked is an ill-minded app (or website) - and look for alternatives

Of course this has its own disadvantages: You always have to fix site dependent problems as they will do !everything! to f'k you for their percentage - that's the game.

But when you start to engage these measures whenever you have time and energy, there will come a day it will your second skin (and you will even start avoiding others as they will pose a threat for you now - your contacts using their technologies will become their moles.)

Take time and start by reading these (Caution: their huge, but worth reading. Take your time, one after one.)
https://restoreprivacy.com/
(you will read interesting things about some so-called privacy and security minded projects)
https://www.privacytools.io/

Incompetent security too

Adams’s site also fails to use a proper site certificate—it will not work without the "www" prefix. This is basic incompetence in web site implementation (and unfortunately fairly common these days.)

It scares people with a security warning (I do not expect Scott to be an expert on web sites, but I *do* expect him to make sure the people he hires are not incompetent).

Improper security certificate fails to account for absence of "www."

 

OWC Envoy Pro EX SSD
Blazingly fast Thunderbolt 3 SSD!

Up to 4TB capacity, USB-C compatible.

USB-C model also available


Great for travel or for desktop!
OWC Accelsior 4M2 PCIe SSD
6000 MB/sec!
Mac or PC.


Ideal for Lightroom, Photoshop, video.
Capacity up to 16TB!
OWC Envoy Express

World’s first Thunderbolt 3 M.2 NVME SSD enclosure.

Super fast, bus-powered, 3.3 oz, DIY easy, rugged and compact!


See also OWC Express 4M2
√ No more slow and noisy hard drives!
View all handpicked deals...

Sony Alpha a7R IV Mirrorless Digital Camera (Body Only)
$3498 $3498
SAVE $click

diglloyd.com | Terms of Use | PRIVACY POLICY
Contact | About Lloyd Chambers | Consulting | Photo Tours
Mailing Lists | RSS Feeds | Twitter
Copyright © 2020 diglloyd Inc, all rights reserved.
Display info: __RETINA_INFO_STATUS__