Saturday 19 July 2014

Are you rubbing your computer on complete strangers?


I am occasionally reminded that I have spent most of my professional life as some breed of 'IT guy'.

I guess, in my own head I have always imagined myself as one of the 'wise-cracking iconoclasts built for grander things' subspecies. I also sometimes like to pretend that I am a bear, but that doesn't make it so.

As one of those 'IT guy' things who isn't a bear I am acutely aware of the effects of poor computer hygiene. People just sort of switch off, and cruise around rubbing their computer on every strange thing they can find. Digitally speaking.

It's bizarre.

To me, it's pretty weird that people don't seem to pay attention to the URLs when they get search results. This really is Not Rubbing Your Computer on Strangers: 1001. When I find out about this I tend to worry about them visiting places like Tijuana, or Bangkok.

Here are the first three results I got when I Googled 'mozilla firefox'.


Clearly the first one is an ad for a Mozilla Firefox download, and then the next two are not ads, with one going to the firefox download page, and the the third going to the Mozilla homepage.

It is not uncommon for companies to advertise with the same search criteria that their sites would be SEOed towards, so the fact that it is paid isn't necessarily a give away, but the URL for the first result  is mozilla-firefox.ez-download.com/

The postcode for this address is in Scam City. You will be getting malware.

Following this link will lead you to a page that looks like this, which to most people looks pretty legitimate.


It even has a disclaimer that you won't read, just like all the safe sites.


A disclaimer that contains this little chestnut.


This sort of statement is surprisingly common. You might not expect it, but it is. Hence the surprise.

I think it comes down to them not getting in trouble with Google for duping rubes, so that they can keep their sweet advertising spot.

The fact that they've said it doesn't really matter though, because most people don't read disclaimers, and most people don't pay attention when they are installing things. It's actually a fairly standard method for getting malware and poorly designed and coded toolbars onto people's computers.

It's really common. So common in fact that the first page of results for my Google search had five opportunities to experience the thrill of installing malware:

Firefox download with bundled malware (Ad)
Firefox download
Mozilla homepage
News about Mozilla Firefox
Firefox download with bundled malware
Firefox download with bundled malware
Firefox Wikipedia entry
Firefox download for Android through Google Play
Firefox download with bundled malware
Firefox download with bundled malware
Firefox download with bundled software (I haven't looked into whether or not it is malware)
'In-depth Articles' results

This isn't unique to Google searches, or Firefox distributions. I have come across examples on most search engines that I have used. Honestly, it is probably all search engines, but I filter it out these days, and tend not to take note of them.

I know a lot of you are probably thinking that you would never be caught out by something like this, but I see the evidence of it on a lot of computers. I've seen it on the computers of IT professionals, and ICT students, and programmers, and high school computing teachers, and a lot of the more tech savvy people that I know.

It is ridiculously common.

Even if you think you are absolutely super awesome with computers, and you never use them to Google Pandas or kittens or some such, and you've got a dozen top tier raid toons, and you've finished the internet, and totally pwned the boss fight with Mark Zuckerberg's left testicle, and you don't use aim assist when CoDing n00bz on your XBone, you should heed these words.

Especially if you are any of those things.

1 comment :

Rik said...

Now you've got me wondering....

..... mommie ....