Is it really a mistake to name the entire internet malicious? If you can get trojaned by flash advertising on popular sites like myspace or facebook which in themselves are not malicious. With increasing deployments of drive by exploits being hosted through defacements, sql injections, hosted javascript/flash, etc. Can you realistically assume that any website is and will remain non malicious during the time you visit it?

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/newsbriefs/898/2807#2807