Home
Buy
Archive
Help
Praise
Links
Great American
Sidebar

On the preceding page, the Adobe Flash file
was in this space. Adobe's Flash
files are used EVERYWHERE,
from YouTube to Facebook
to ads and hacker sites.

Prep Work for a New LinerPool Liner Repair

To avoid Winter wear and tear, new liners are traditionally installed in the Spring. Also stirring at this time of year,

We interrupt this nice web page snarfed from Scott Cruikshank's www.poolrepair.com site in order to make a point. (By the way, you might want to visit the REAL PoolRepair.com site, using the links at left. Like PoolSolutions, it's somewhat out of date, but Scott's construction and repair tips are valuable. His pool chemistry is pretty weak, however.)

Anyhow, back to the point. I wanted to show you how a link hacker can take a perfectly legitimate web page, change it invisibly, and relocate it to their own server in Russia, Canada, or even Boca Raton, Florida and then post an entirely legit link on an entirely legit forum site . . . to the hacker's entirely bogus web page.

What? You didn't notice the problem?

Ok. Let's start with the address. Look at the address in your browsers address bar: it's NOT poolrepair.com; it's poolforum.com. But, it could just as easily have been WeHackYou.ru! Next, follow the back link, and look in the upper right corner of the page. You'll see -- faintly -- a Flash animation. (You can see where it is, in the notes above!) Go back with this link!

If this was an actual hacker-link, instead of just an example, it would be too late. By the time such a page is loaded, you're done. And if you haven't updated your Adobe Flash browser plugin in the last 30 days, you're entirely vulnerable! Don't know how to do that? Neither do 99% of Internet users. In fact, most of them never know they've been hacked, until their bank accounts get emptied out. Once they discover the problem, it's too late to do anything about it. And, they have no idea how it happened.

How does it happen? It's simple.

When users -- someone like you -- goes to a forum, and clicks a link, usually they are trusting that the forum won't hack them. Guess what? Unless it's a porn or gamer forum, that's a reasonable trust. But, that's not the problem. Most forums allow users to post links, and hardly any forums have the resources to check every single link before it's posted.

The problem is not the forum, it's the other users. It just takes one user who is a link-hacker among thousands of legitimate users to cause serious problems for many users.

All the hackers need is a user account on a forum you use and trust. They post a link, like the one I used ("Prep Work for a New Liner") and you follow it. Presto! Change-o! Your computer is now theirs. And, contrary to what most users think, your antivirus program is unlikely to protect you from a bad Adobe Flash or Adobe Reader file.

In fact, there is a 30 - 50% chance that you -- yes, YOU the reader -- have ALREADY been hacked in just this way, on some other forum.

Now please pay attention carefully to this part:

>>>>>>>>>>>>>>>>>>> All the forum did was fail to prevent a user from post a 'live' link!  <<<<<<<<<<<<<<<<<<<<<

The only way to protect you from such hackers is to keep such users out. Most forums don't bother.

Most forum admins figure (correctly) that you'll never know where you got hacked. They (correctly) reason that THEY did not hack you; the bogus user did. And, they (eventually) take down such users when they find them.

They could warn you. But doing so scares off potential users off. And it really irritates potential users when admins make them jump through hoops to register. The admins know that what you don't know WILL hurt you. But, they also know that you -- the users -- will tend to blame the forum and the admin -- not the hackers -- if they try to help.

I'm just stubborn enough to try to do it right, even if some don't appreciate it!

Ben Powell
 "PoolDoc"

 
 
Buy Pool School | Archives | Help | Praise | Links | Great American Pools, Inc

Excerpts from Pool School, pictures, text, graphics and web page design © 1997-2009, Scott Cruikshank, all rights reserved. Reproduction in whole or in part in any form or medium without express written permission of the author is prohibited.