Jul14

Secure Your Computer When Using Traffic Exchanges!

by Phil on July 14th, 2009 at 09:03
Posted In: AJAX, Bad Javascript, Can Not Test TE's, Do Not Use List, Traffic Exchanges, Help Hits, Traffic Exchanges, Hit Lion, Login Problems, Traffic Exchanges, Major League Hits, Rip-Offs, Server Errors, SurfBars

There has been a bunch of outlandish criticism directed my way lately. People are taking something I said on This Blog, HERE and twisting it into something I never intended it to go. This article is my response to this mess.

Let me approach this issue in a little different way. On July 9th, 2009 I got this E-mail from Connie, the admin at Hit Lion, Help Hits, and Major League Hits:

Hello My Lion Friends,

It is been an extremely tough week for me.. I lost my biggest supporter and my hero this week.. My grandma passed away.. I decided to take a few days to help my family with all of the details and some time to heal.. It was a loss I expected and was ready for, but then I was dealt with an unexpected terrible loss.

A horrible person maliciously attacked the server at majorleaguehits and helphits yesterday afternoon.. They wiped the sites out completely..

The good news is that Helps Hits and majorleaguehits are back up. They were down for many hours yesterday.

If you aren t able to see it yet it is because the Domain Name Servers have not yet caught up because the site was down so long.

The bad news, They broke into Michael s computer through a keylogger virus and wiped his computer and all of data including all the backups he had. Then they logged into our cpanels and wiped the sites out clean too. Destroying everything we have worked hard to do..

A few things – 1st – Members that joined prior to March 23rd are still in the system …

I did back ups all the time.. But According to the hosting company.. They are all corrupt and not retrievable.. The last useable data is prior to March 23rd. The day we switched servers.

What that means is that all the mysql data that stored the information like surfing records, earned credits, sites added, money earned etc.. Are GONE..

Anyone that joined majorleaguehits or helphits after March 23rd. are No longer members of either site and all the surfing etc.. you did is gone..

I am VERY sorry for this. There is nothing I can do to get it back.

If you wish to help me out by rejoining either site I would be ever so greatful.

First, allow me to extend my sincerest, heartfelt condolences to Connie for the loss of her Grandmother. I hope she lived a full, active life and is in a better place now.

As you can see in the e-mail above there have been quite a few problems over at Help Hits, Major League Hits, and Michael Courseys’ computer. These things can all be tied together and proves that it is better to set up your browser beforehand and not totally rely on Viral Detectors after words.

Here is how I see it. Michael Coursey gets a key logger program injected onto his computer from his activity on the Internet. I won’t be foolish enough to say it could only have come from his use of Traffic Exchanges. But, I do know that it could have. Michael is the co-admin for Help Hits and Major League Hits.

So, this key logger starts recording the data Michael is typing on his computer. It records his usernames and passwords for Help Hits and Major League Hits. The Key Logger program just hit the double bonanza! The Key Logger program sends the data back to the originator of the program and then everything is wiped out on the domains, database and all! Real nice, eh?

If Mr. Coursey would have setup his browser properly and prevented the key logger from ever getting on his computer in the first place, the problems with the domains would have never happened.

Lets bring this full circle now. My point in my article HERE is not to condemn any of the AJAX programming on the Tezak Traffic Power web site. I actually like AJAX and everything it brings to Web 2.0. This is where people are getting it wrong.

They say there are a lot of other web sites that are using AJAX. And they would be correct with this statement. But, there is one thing that the other web sites don’t do and a Traffic Exchange does do. That is to show a third-party web page in a framed environment.

First, to run AJAX one has to set their browser at a lower set of permissions than what should be used when surfing a traffic exchange. What ever is shown in the third party frame inherits all the permissions of the web site hosting the frame. You are granting permissions to unknown web pages (on the framed page) that shouldn’t have this kind of access to your computer. There is no reason why any TE should require its members to open themselves up like this.

I have always, and will always, say TE’s should be used with a limited amount of permissions granted to the scripting. If more people would set up their browser properly while using TE’s they wouldn’t have to worry about getting all the latest, greatest viral detection. They would become proactive instead of hoping their Viral Detector(s) catches everything. Look at what happened to Mr. Coursey when he wasn’t proactive.

Don’t make the same mistake.

Take Care,
Phil

Be Sociable, Share!