Yeah, changing the account to Basic isn't going to help, because they were reporting the problems because they were viewing someone else's (a Plus user's) profile. The user is a Basic user right now, but I don't know if they were at the time they made the request, so, who knows there.
It's possible somewhere here might be able to test whether this claim still holds in a way I can't--I have a Mac, so, no anti-virus. (Not yet, anyway.)
I wonder why IE7 won't trigger those errors, but FF and IE6 do. So strange. Does IE7 just know not to try and download the sucker to begin with, and so never triggers the malware, or something else...
"In addition, you may wish to set any spyware or ad-ware detecting problems so that LiveJournal is listed as a trusted site."
So you wouldn't be getting the popups telling you something's trying to download, but would that mean that the stuff downloads anyhow without warning you, because it is a trusted site? And if they've managed to use a malware ad again and haven't figured it out yet, wouldn't that be about the worst thing they could tell the user to do?
I'm not sure if that would be the case--even if livejournal.com was a trusted site, I don't think it would make ads trying to download things from third party sites get through. And I'm just really unfamiliar with Windows security settings. Someone who knows more than me would have to answer that one.
But I'd really like to know exactly what would be causing those kinds of warnings, because I've been a bit leery ever since the last malware incident.
I would think so, I gathered they think it's ok for the user to have malware downloaded and installed onto their machine as long as they are not pestered by the "error" I mean "WARNING message!"
There's a big jump from 6 to 7 and I don't use IE for anyone for any reason. And list LJ as a trusted site so the malware can just download... they must be mad.
But if LJ is listed as a trusted site, does that mean the malware that's attempted to be installed from a third party site can get through? As far as I can tell, all the current ads are served in iframes that come from ads.sixapart.com, not livejournal.com itself.
And we haven't even been able to verify the malware on our side, either, so I'm reluctant to say that's exactly what's happening here, although it has certainly happened in the past.
My issue is that if it throws a warning, there's a reason. I think that once you give LJ permission, you give any of it's subordinates permission as well. Maybe not but I'm not trusting them on this one. (I wouldn't trust anyone actually, it's not just an LJ thing) Is permission given by domain only?
Nothing should be attempting to install from an ad. Ever. Even if its not malicious.
I think that once you give LJ permission, you give any of it's subordinates permission as well.
I think permission would apply to the domain livejournal.com and its subdomains like blktauna.livejournal.com, but ads.sixapart.com isn't a subordinate of livejournal.com and wouldn't be included.
Nothing should be attempting to install from an ad. Ever. Even if its not malicious.
We were warned about ads on some logged out pages ever since the whole thing started. It's the ads on the front page that's the main stick-in-the-craw. I'd rather have them on those pages but not the front page.
But yes, I'll make a post about it. Loves, and thanks for pointing it out!
Comments 32
... but. but. You do see ads with a basic account.
And if it's malware? Yeah, then I want to get those error messages. Calling it an "error" if it's really malware seems misleading at best.
Reply
It's possible somewhere here might be able to test whether this claim still holds in a way I can't--I have a Mac, so, no anti-virus. (Not yet, anyway.)
Reply
Reply
Reply
So you wouldn't be getting the popups telling you something's trying to download, but would that mean that the stuff downloads anyhow without warning you, because it is a trusted site? And if they've managed to use a malware ad again and haven't figured it out yet, wouldn't that be about the worst thing they could tell the user to do?
That's a BS "answer" from Support. Period.
Reply
But I'd really like to know exactly what would be causing those kinds of warnings, because I've been a bit leery ever since the last malware incident.
Reply
Reply
upgrading from ie6 to ie7 is a whole different ballgame.
if LJ Support would like to radically change the user's overall browsing experience, they can go right ahead. but not for me.
Reply
There's a big jump from 6 to 7 and I don't use IE for anyone for any reason. And list LJ as a trusted site so the malware can just download... they must be mad.
Reply
And we haven't even been able to verify the malware on our side, either, so I'm reluctant to say that's exactly what's happening here, although it has certainly happened in the past.
Reply
Nothing should be attempting to install from an ad. Ever. Even if its not malicious.
Reply
I think permission would apply to the domain livejournal.com and its subdomains like blktauna.livejournal.com, but ads.sixapart.com isn't a subordinate of livejournal.com and wouldn't be included.
Nothing should be attempting to install from an ad. Ever. Even if its not malicious.
Agreed.
Reply
http://community.livejournal.com/changelog/4522926.html
I trust you to make a sensible post about this. I know I couldn't. :/
Reply
But yes, I'll make a post about it. Loves, and thanks for pointing it out!
Reply
allpics.bml -- does that mean logged out users will see ads on the icon pages of non-Plus users? Now that is just...eeeeew.
If I'm not mistaken, some of these pages don't even have much of a use for logged out people.
Reply
I was just gonna ask that...
Reply
Leave a comment