I don’t run ads, I don’t serve malware

Over on my corporate blog I did a post with more details. But, recently I updated this site’s Content-Security-Policy rules. I enabled reporting of errors (expecting none).

To my surprise and chagrin, there were some reports. How? The site that was being blocked rasenalong<dot>com. Huh? Not mine, not my content, I don’t use CDN, I don’t serve ads.

Turns out that some of you have a malware extension in your browser called LNKR. And, it modifes the page of my site to add a bit of its own JavaScript, which then fetches scuzzy ads and places them on my site.

This was the subject of last night’s Chautauqua. I have posted the video (and the slides) if you want to see.

I am appalled. I Can’t Even.

I’ve also posted a shorter lightboard video which talks about this a bit. Go forth and fix your own sites now, please.






2 Responses to “I don’t run ads, I don’t serve malware”

Leave a Reply

Your email address will not be published. Required fields are marked *