TechWhirl (TECHWR-L) is a resource for technical writing and technical communications professionals of all experience levels and in all industries to share their experiences and acquire information.
For two decades, technical communicators have turned to TechWhirl to ask and answer questions about the always-changing world of technical communications, such as tools, skills, career paths, methodologies, and emerging industries. The TechWhirl Archives and magazine, created for, by and about technical writers, offer a wealth of knowledge to everyone with an interest in any aspect of technical communications.
On 1/11/13 12:02 PM, Combs, Richard wrote:
> Well, yes. But the critical component is "convincing the user to visit." I can't remember the last time I clicked on an ad.
>
> Risk isn't binary. And you can't avoid all risk. If you have a computer and it's connected to the Internet, you're at risk to some degree.
Here's a contrived example:
You visit CNN.com. CNN has display ads on its page. The ad server has
been compromised, and along with the ad it serves, it also serves some
malicious payload. Both the ad and the payload happen when the CNN.com
page is loaded, not when you click on the ad.
Now, you're compromised. Lather, rinse, repeat.
The threat of this latest exploit is that it doesn't require a user to
act beyond normal web surfing activity to put yourself at risk.
--
Dossy Shiobara | "He realized the fastest way to change
dossy -at- panoptic -dot- com | is to laugh at your own folly -- then you http://panoptic.com/ | can let go and quickly move on." (p. 70)
* WordPress * jQuery * MySQL * Security * Business Continuity *
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Writer Tip: Create 10 different outputs with Doc-To-Help -- including Mobile and EPUB.
