You might occasionally be surprised what well-known
and well-traversed sites will do. A few years ago
(circa late 2000 or early 2001) I ran into a situation
where the website for the Cartoon Network was using
Javascript to change browser preferences (in particular,
the home page) and to prevent the user from leaving
the site, the net effect being that even after a
reboot, the only way to visit any other website was
to disable Javascript. The computer where I ran
into this was still using IE5 at the time, and
users kept going to that site, and then I'd get
called down to fix it again, so what I ended up doing
was using a hosts file entry to redirect that site
to 10.0.13.13 or somesuch. Of course, a modern
web browser won't allow such schenanighans, and
the site in question stopped doing it a few weeks
later anyway, but my point is that it's not safe
to assume all well-known and well-traversed sites
are also well-written and innocuous.
Then there's the small matter of what the
advertisers who buy ad space on well-known
and well-traversed sites will do. If you trust
doubleclick.net to run arbitrary scripts on your
system, you're insane, IMO.
| [reply] |
| [reply] |