undefined | Better HN

0 pointsTaylorAlexander12y ago0 comments

...why? Because it's arabic? Ooohhh, scary arabic. Or they're talking about spies and bombs? Don't we talk about those things on hacker news too?

I can't read it, I'm working my way through the google translation and just starting, so maybe it's all "bad" stuff, but to be honest, I hope iranians can shed some light on what our government is doing - the US government itself certainly isn't going to help with that.

0 comments

12 comments · 4 top-level

ChuckMcM12y ago· 3 in thread

Actually the challenge is drive-by injection not the site per-se. Chrome didn't flag it as such but if you spend time crawling the web you will notice that it is a not-unusual weapon in the arsenal to put up a <attractive to people we're looking for> web site, and have it inject visitors with a tracking cookie/script/trojan. Sort of a variation on honeypots.

Thus it helps to be alert when popping into such sites.

socillion12y ago

If you know enough to be scared of drive-by injections, it's better to use NoScript than rely on other people always giving warnings. What if the poster (with an account 4 days old) was actively trying to be malicious, and nobody had noticed it yet?

dfc12y ago

Do not run JS or Flash on untrusted websites.

ChuckMcM12y ago

Or display any compressed image, or even download compressed javascript that you aren't going to run. A number of exploits that malwaredomains.com finds are objects that are either normally or optionally compressed, and constructed in such a way to exploit an issue with the decompression software used.

If I'm both curious and suspicious (so in my most tin-hatish of moods) I fire up a virtualbox instance with a clean image, look at the site, and then delete that virtual machine image. That seems to also have an unintended prophylactic effect since virus investigators like to run viruses in VMs so malicious payloads don't fire if they detect they are running in a VM (at least according to the F-secure blog).

But either way, my point was that just visiting a site that wants to get you is a risk, whether or not you think you are protected.

1 more reply

JeremyMorgan12y ago· 3 in thread

You know, I feel the same way. They may be our enemies and want to destroy us, but being able to see their side of things is refreshing. We can't continue to act like we're the perfect country and everyone else is 100% evil. It's not that simple.

soheil12y ago

The Iranian government has no point of view worth its salt. It's a repressive regime and the more we buy into their crap the more we're actually harming the people of that country.

marshray12y ago

You may be right that they have no worthwhile point of view and I don't think I know anyone who actually "buys into their crap".

But the idea of somehow avoiding ever encountering a certain point of view on the global internet is even more stupid.

jeena12y ago

I wonder if right now we could replace the word "Iranian" with "US" and it would still be true?

332712y ago· 2 in thread

Hey easy on the hot keywords we are all gonna get flagged by the thought police.

marshray12y ago

The thought police flag anyone who thinks about the thought police.

cinquemb12y ago

Maybe we should do what they do in china when speaking on such topics… idea sentries has a nice ring.

intopieces12y ago

It's Persian :) Very similar script, completely different language family. Persian is closer to English than Arabic.

1 more reply

j / k navigate · click thread line to collapse

0 comments

12 comments · 4 top-level

ChuckMcM12y ago· 3 in thread

Thus it helps to be alert when popping into such sites.

socillion12y ago

dfc12y ago

Do not run JS or Flash on untrusted websites.

ChuckMcM12y ago

But either way, my point was that just visiting a site that wants to get you is a risk, whether or not you think you are protected.

1 more reply

JeremyMorgan12y ago· 3 in thread

soheil12y ago

The Iranian government has no point of view worth its salt. It's a repressive regime and the more we buy into their crap the more we're actually harming the people of that country.

marshray12y ago

You may be right that they have no worthwhile point of view and I don't think I know anyone who actually "buys into their crap".

But the idea of somehow avoiding ever encountering a certain point of view on the global internet is even more stupid.

jeena12y ago

I wonder if right now we could replace the word "Iranian" with "US" and it would still be true?

332712y ago· 2 in thread

Hey easy on the hot keywords we are all gonna get flagged by the thought police.

marshray12y ago

The thought police flag anyone who thinks about the thought police.

cinquemb12y ago

Maybe we should do what they do in china when speaking on such topics… idea sentries has a nice ring.

intopieces12y ago

It's Persian :) Very similar script, completely different language family. Persian is closer to English than Arabic.

1 more reply

j / k navigate · click thread line to collapse