Re: How do I stop this malware

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, 30 Sep 2023 09:18:59 -0500 (CDT)
Michael Hennebry <hennebry@xxxxxxxxxxxxxxxxxxxxx> wrote:
> Noscript was already installed nand active.
> It did not complain.
> 
> I'm not clear on what this means.
> The url window showed .cloudfront.net .
> 
> I already had noscript installed and it did not complain.
> 

Then you have cloudfront.net whitelisted in noscript.  The only way to
block javascript is by having it turned off for a site when you first
visit it.  If you have it whitelisted, the javascript runs before you
have a chance to intercept.

I do not have any of the cloud servers whitelisted.  When a site comes
up, if it isn't a site I've visited before, I check the list of third
party sites that are blocked.  If there is a cloud server site there, I
usually click to temporarily allow it, if the site seems legitimate.  Is
this disruptive to smooth web browsing, does it take work / effort?
Yes. But that is the nature of security.  If you don't want to do this,
then you need to install something like ublock-origin, that you can
tune to specific websites. It also blocks javascript, but requires more
effort because it is more fine grained (to specific site and even
subdomains).  So, more work up front, but then should do the right
thing from then on.  I don't visit so many unknown sites that I bother
doing this.

> Once the site was active,

The javascript has already run in order for the site to be active.

> all I could click on was an always-on application that was already
> running. The site seemed to have made firefox
> fullscreen and turned off all its buttons.
> 
> Javascript is client-side, correct?

It is fetched from the web site and run client side if it has
permission.

> The problem went away after disabling networking.

I wonder if it was downloading the content of your computer that
firefox had access to, maybe your history or your bookmarks, etc.
Or maybe, it had set up the javascript to run continuously, downloading
in a loop from its website.  Any application monitoring the web
connection could show this if it was allowed to run.

> Is there a way to tell firefox never to let a website take it
> fullscreen? Failing that, is there a way to tell firefox to never go
> fullscreen at all?

I'm not aware of a way, but if you ask on the mozilla forums, there
are some really knowledgeable people there who might know a way.
There are a *lot* of settings in about:config, and without application
knowledge it is really hard to tell what they actually do.  As George
said, this is not solving the problem though.  The javascript might
just ignore, or issue a warning, if it can't specify fullscreen.

I can't remember, were you able to bring up a console
(Ctrl-Alt-[F2-F6])?  If you could get to a console, you could use ps
or top to see what is running and top or kill to kill applications
(like firefox), iotop to see what web traffic is doing.  Look in the
journal, etc.  My understanding is that javascript designed for guis
can't run there, so you would not be blocked from any access.
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue



[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux