He did a thorough investigation to track where the advertisement was actually coming from, and to make a very long story short, it was being “injected” directly from the Internet Service Provider (ISP) “CMA Communications”. CMA is essentially pocketing cash by throwing unwanted advertisements onto numerous sites ranging from the mainstream to mom and pop sites. If you’re wondering if this is legal, it’s probably not. This discovery from Zach has been widely discussed since it surfaced a couple of weeks ago, and many officials ranging from CMA, the affected websites, and several others have declined to comment. However, CMA did update their “Acceptable Use Policy” (Section 10) on April 4th, and it’s a little frightening to say the least. In the grand scheme of things, a little banner on the bottom of a page shouldn’t mean too much. But when it means somebody else is making a profit by tarnishing your website, isn’t that compromising and effectively harming your business?
Catching up with the “Times” A lot has happened since the last Weekly, so it’s time to do a quick round-up. First up, an Op-Ed piece stresses the importance of software developers putting more emphasis on security rather than just keeping up with their competitors. The ruthless competition between software developers that don’t stress security leads to gaping holes that hackers are so easily able to exploit. When software developers put security of their software at the forefront, all of our jobs will become much easier. Next, an emerging trend finds that corporate cyberattackers are not only looking to delay or steal data, but destroy it entirely. If the trend continues, you could see things like developing IP being completely wiped out and years of data cleaned out. The guys from Office Space might not need to resort to a baseball bat and swift kicks to destroy the next thing that frustrates them. Now more than ever, backing up your data will become necessary. And finally an attack on Spamhaus was one of the largest DDoS attacks the internet has seen, with nearly 300 Gbit/s of traffic at one point completely crippling the service. To compare, some of the DDoS attacks that took down the biggest U.S. banks a few months ago were around 50-100 Gbit/s. The headlines on this were very dramatic with some calling it the biggest internet attack of all time, but the key takeaway is that DDoS attacks are becoming stronger as each day goes by.
Some people just want to see data destroyed