You probably won’t be targeted by spyware, but if you are, odds are you won’t know about it. The latest spyware slips in unseen through online ads as you go about your digital life.

I use uBlock Origin; Jshelter; and Privacy Badger. I don’t even see ads.

the price tag $6m+ price tag to infect one device on this product alone means it’s only likely to be used in extreme circumstances. But if you’re a public figure, or have some form of notoriety, then It’s always a good practice to block any connections you didn’t personally open.

Yer Ma
link
fedilink
English
141Y

VPN, Firefox, uBlock… goodbye

@lud@lemm.ee
link
fedilink
English
11Y

How is a VPN gonna help?

Yer Ma
link
fedilink
English
21Y

Filtered DNS, avoid the weighted routing of ISPs like Comcast, ability to locate in countries that have laws preventing data collection and bias routing

@lud@lemm.ee
link
fedilink
English
51Y

You don’t need a VPN for filtered DNS, since it’s you know, DNS.

The others don’t have anything to do with spyware or viruses

BigTechBlows
link
fedilink
English
21Y

deleted by creator

Its almost like forcing users to download whatever you deem “good” can be a problem. Fuckin imagine that.

@Showroom7561@lemmy.ca
link
fedilink
English
161Y

Just another reason to use an adblocker. 🤗

I use a private DNS precisely for that reason.

@LostDeer@infosec.pub
link
fedilink
English
291Y

Blocking ads is just another layer of defense in your security stack. I want to say it’s like locking your front door, but not using an ad blocker is worse than just having your front door unlocked.

Imagine you have numerous solicitors coming up to your front door everyday and you left your front door not only wide open, but off the hinges. Who’s walking into your home with the best of intentions in that situation?

deleted by creator

Em Adespoton
link
fedilink
English
361Y

I had an odd moment just now of “wait… you mean that isn’t already obvious to everyone?”

Then I realized it probably wasn’t.

NaibofTabr
link
fedilink
English
19
edit-2
1Y

What sets Insanet’s Sherlock apart from Pegasus is its exploitation of ad networks rather than vulnerabilities in phones. A Sherlock user creates an ad campaign that narrowly focuses on the target’s demographic and location, and places a spyware-laden ad with an ad exchange. Once the ad is served to a web page that the target views, the spyware is secretly installed on the target’s phone or computer.

This is the part that makes this newsworthy. Insanet uses the advertising infrastructure to target a specific group or even person, and when the ad is displayed it does not require user interaction to install itself. They’ve developed a zero-click exploit, which is very concerning

I’m not clear on whether an adblocker will actually protect you from this - some adblockers only prevent the display of the ad in your browser, but the content of the ad is still downloaded with the rest of the webpage information. You might actually need something like Pihole to block ad server addresses so that the content never gets downloaded at all, but that would make any browsing outside your home network dangerous.

Any DNS based blocker will filter out anything from URLs at the source, so no data is received. I use AdAway with Magisk. Blocklists are updated regularly.

flatbield
link
fedilink
English
11
edit-2
1Y

This is the crazy thing about ads. The ad network and site operators should be responsible for making sure both the ads and the people putting up the ads are trustworthy. The reason I now block all ads is this reason. Neither party cares and they are willing to act as a conduit for this stuff. In most other industries orgs are responsible for their supply chains.

NaibofTabr
link
fedilink
English
1
edit-2
1Y

Ah, but see that would require actual human attention and judgment for the vetting process, which would cost money. Automating the ad selling process is so much better… for the shareholders.

Hmm, sarcasm aside, now I’m thinking about it and wondering if you could at least automatically scan the ad content and distinguish between say, a jpg or webp image and a potentially malicious executable. If you could prevent ads from running any code, and only allow them to display static images, that might be good enough.

flatbield
link
fedilink
English
2
edit-2
1Y

There are plenty of ways. They probably just do not want to do it. Easiest might be only certain allowed formats and all the content must be on the ad networks servers. They could allow more options for vetted business partners.

NaibofTabr
link
fedilink
English
11Y

Easiest might be only certain allowed formats

The problem with this is that I can label a file any format I want, because ultimately the file is just a string of binary. A lot of file formats use embedded headers to make them identifiable regardless of label or metadata, but it’s completely possible to fake those. I could even give you an image file that is malware, which would be difficult to identify until it actually did something malicious.

I think to be sure, you’d have to basically detonate every ad file in a sandbox environment to see if it tried do anything unexpected, which would be… less than simple. You’d have to check it across every major browser and OS, because it might only operate on specific systems.

newIdentity
link
fedilink
English
2
edit-2
1Y

The ad is downloaded, but it’s removed before execution

Adblock is and always has been a security feature.

Create a post

In the digital age, protecting your personal information might seem like an impossible task. We’re here to help.

This is a community for sharing news about privacy, posting information about cool privacy tools and services, and getting advice about your privacy journey.


You can subscribe to this community from any Kbin or Lemmy instance:

Learn more…


Check out our website at privacyguides.org before asking your questions here. We’ve tried answering the common questions and recommendations there!

Want to get involved? The website is open-source on GitHub, and your help would be appreciated!


This community is the “official” Privacy Guides community on Lemmy, which can be verified here. Other “Privacy Guides” communities on other Lemmy servers are not moderated by this team or associated with the website.


Moderation Rules:

  1. We prefer posting about open-source software whenever possible.
  2. This is not the place for self-promotion if you are not listed on privacyguides.org. If you want to be listed, make a suggestion on our forum first.
  3. No soliciting engagement: Don’t ask for upvotes, follows, etc.
  4. Surveys, Fundraising, and Petitions must be pre-approved by the mod team.
  5. Be civil, no violence, hate speech. Assume people here are posting in good faith.
  6. Don’t repost topics which have already been covered here.
  7. News posts must be related to privacy and security, and your post title must match the article headline exactly. Do not editorialize titles, you can post your opinions in the post body or a comment.
  8. Memes/images/video posts that could be summarized as text explanations should not be posted. Infographics and conference talks from reputable sources are acceptable.
  9. No help vampires: This is not a tech support subreddit, don’t abuse our community’s willingness to help. Questions related to privacy, security or privacy/security related software and their configurations are acceptable.
  10. No misinformation: Extraordinary claims must be matched with evidence.
  11. Do not post about VPNs or cryptocurrencies which are not listed on privacyguides.org. See Rule 2 for info on adding new recommendations to the website.
  12. General guides or software lists are not permitted. Original sources and research about specific topics are allowed as long as they are high quality and factual. We are not providing a platform for poorly-vetted, out-of-date or conflicting recommendations.

Additional Resources:

  • 1 user online
  • 2 users / day
  • 26 users / week
  • 68 users / month
  • 410 users / 6 months
  • 1 subscriber
  • 677 Posts
  • 11.2K Comments
  • Modlog