• zagaberoo@beehaw.org
    link
    fedilink
    arrow-up
    1
    arrow-down
    2
    ·
    8 months ago

    Drive-by malware tends not to be zero-days though. I’ve stayed safe for decades just by keeping my software up to date.

      • zagaberoo@beehaw.org
        link
        fedilink
        arrow-up
        1
        ·
        8 months ago

        There’s no mention of anything like zero-days in that article. They only mention that it can target all major OSes, with no mention of cutting edge versions also being vulnerable.

        Hilariously, the article directly supports my position as well:

        The good news for some, at least: it likely poses a minimal threat to most people, considering the multi-million-dollar price tag and other requirements for developing a surveillance campaign using Sherlock

        That’s a big part of my whole point. People who don’t do even a modicum of actual thought about a practical threat model for themselves love pretending that ad blocking isn’t primarily just about not wanting to see ads.

        If Israel or some other highly capable attacker is coming after you, then fine, you really do need ad blocking. In that case malware in ads is going to be the least of your concerns.

        Attacks that cast such a wide net as to be the concern of all web users are necessarily less dangerous because exploits need to be kept secret to avoid being patched.

        There’s nothing wrong with taking extra precautions; I’m certainly not saying blocking ads is a bad idea. It’s the apparent confusion that an informed, tech-savvy person might choose not to block ads that makes me laugh.