Tuesday, April 12, 2016

Malvertising, and how to stop it

I'm going to take a slight departure and write about a law I'd like to see passed. It hasn't, to my knowledge, been written yet.  I generally think new laws should be avoided, as they weaken respect for rule of law.

In recent years, a new type of advertising has risen online, commonly known as malvertising.  The biggest issue is that most companies don't vet the ads themselves, they source it out, and trust these companies they don't know. Some have better reputations than others, and some disappear shortly after their first batch of ads.

I'd like to see companies responsible for the ads they host. By that, I mean if a malvertisement downloads to your computer, the site hosting that "ad", should be liable for the damages, (scrubbing the hard drive or replacing if it's too far gone).  This would have two benefits: 1. companies would start checking every advertisement that goes on their site; 2. companies would not object to ad replacement software that vets their own ads. I'm not begrudging them income for their content, just the lack of responsibility they face.

Here's a letter I composed for your perusal. If you desire, feel free to use it or modify it yourself.




Senator/Congressman:
As internet security becomes a larger and larger concern, websites should be responsible for their place. It's not polite, but the old saying is, “You don't shit where you eat.”. A great many are making their money off of advertisements, and I do not begrudge them their right to income. However, there is a growing sector of internet advertising, known as malvertising. These ads self download into the viewers system, quite often bypassing any permissions, and quickly begin slowing down their system anytime they're online. Ultimately, this reduces computer performance to the point of being unusable, and the software is difficult to scrub from the system.
I call on you to sponsor legislation forcing companies to be liable for damages that advertising they host directly causes. Credit card information gets stolen. Technical service time is expensive, and replacing machines poses an even greater expense. And for the technically adept, it still costs time and frustration. This legislation should be written to encourage companies to at the least vet their advertisements so that it is known they aren't harmful.
Lest you or your aides not believe me, I encourage you to to read the articles at the following sites:
https://nakedsecurity.sophos.com/2016/04/12/massive-malvertising-attack-poisons-288-sites/http://www.wired.com/insights/2014/11/malvertising-is-cybercriminals-latest-sweet-spot/http://www.bbc.com/news/technology-34541915
This affects citizens worldwide, and you can help lead the way in making the internet safer by creating an incentive for ads to be safe and honest.
Sincerely,





When you play Social Justice, the world loses.

No comments:

Post a Comment