Friday, November 11, 2005

I need someone to show me the things in life that I can’t find...

Apparently, there are a lot of scary things out there on the web. My friend Eric, who is very savvy about computers and websites, had this to say about my Blue Ball post:

You said you wished you had the time to build the blue ball machine. It kind of makes you wonder why someone would devote hours of their time to build something that intricate doesn't it? It could be that they are just an artist that takes great pride in their work. It could be that they were just really bored. Or perhaps they wanted to create something that was so compelling it would lure folks to the web site to do malicious thing to them. All are equally possible.

There are indications some pride is involved because of the author's comments in the green highlighted section. Is he a hacker trying to earn some respect? Clearly he is bragging because you, as well as countless others, have been lured into directing traffic to his site.

Given my line of work, I am naturally cautious about the motives of an unknown entity on the web. They may be benign, or then again, maybe they aren't.. So, I checked out the source code for this web page. It is cut and pasted below. I want to draw your attention to the yellow highlighted section below.

That section creates an inline frame or IFRAME
(http://www.htmlhelp.com/reference/html40/special/iframe.html) and the frame contains a hidden image size 1pixel by 1 pixel-most probably white. Why would the author do that?

Hidden images can be used for a variety of purposes, but the author gives us a hint what his is used for-voting. See the blue highlighted section. Now the question is: voting on what?

That is a question I have no answer to. Why? The pink highlighted section downloads and runs some unknown JavaScript. Although I am exceedingly curious at this point, without going through additional work I don't have the time to undertake, I cannot get to that source code and analyze it.

The most interesting part of this is: some of the JavaScript this page runs is written in plain text right here in the source code for the page-see the teal highlighted section. Why would the author feel the need to hide some of his code when the rest of it is out there for all the world to see? Is he hiding the code because it is up to no good? Did it scan my machine for vulnerabilities, did it drop some unknown form of malware on my machine, or was the author simply using the code to keep a count of how many folks hit his or her site so more bragging right can be amassed?

I simply won't know without additional analysis I cannot invest at this time; I've already wasted too much time.

But, as I said at the outset, I am paranoid, and we paranoid people love to spread our paranoia. My recommendation: always consider the motivation behind the creation of every web page. Your machine will thank you, and your privacy and security will be better protected.

Paranoia central signing off for now. :-)


All that to say, be careful out there. You never know what surprise might be waiting for you...

btw: Extra credit if you know the reference from the title of this entry.

3 comments:

eric oliver said...

Every "paranoid" person knows where that title comes from. ;-)Gimme my bonus points.

eric oliver said...

Oh, and btw, I'm paranoid, but that doesn't mean folks aren't really out to get me... :-)

FishrCutB8 said...

Even paranoid people have enemies...