Watch Out for Web Pages Gone BaD!

What would you do if you visited a Web page that we recommend in the book, and got a message like this?

Norton Internet Security detects a drive by download on this page

Norton Internet Security detects a drive by download on this page

This links to the website for Western Civilization Pty Ltd, an Australian company that publishes a range of CSS tools and tutorials, including a very nice mobile device friendly CSS tutorial to which we linked here: Alas, as far as Norton can tell, that page is now infected with a bogus AV or disk degragmentation offer — see Fake App Attack: Fake AV Website 5 for more info.

Just for grins, I fired up a virtual machine and overrode my security to visit the page and to grab the downloads we recommend in the book. No problems occurred with them, but it’s still probably not a good idea to visit a Web page that elicits a danger warning from your security software. That said, the download link for the content we recommend gets a clean bill of health from Norton Internet Security, so you can use this instead:

The reader who reported this to me came across as mildly irate that we would include something infected with malware in the book. Sure enough, I would be irate too if this happened to me, except that I understand from over 15 years of embedding links in printed materials (where they can never be updated or fixed once laid down) that good links go bad over time, and some even go rotten as was apparently the case with this one. I also hasten to assure our readers, and the general public that:

  1. We would never knowingly include a malware infected link in our books (and the tech editor would presumably also call us on this during the editorial phase of production)
  2. The link was fine the last time we visited it, we swear!

To that reader in particular, and all readers of books with embedded links, I remind them that nothing lasts forever, and that all links will go bad in some form or fashion over time. It’s always smart to use your common sense and steer clear of anything that provokes a security warning, even if we do recommend it in our materials (or anybody recommends it in theirs as well). The reporting reader was savvy enough to steer clear himself, and better still, to let us know about what he’d discovered.

I have e-mailed the site’s owners and operators to let them know about this problem and will report back here as and when they let me know what they find when they investigate and possibly repair the offending link or material on their Web page. Let’s see if this story turns out better than it looks right now: among people of good will and intent, things usually do!


[Note added same day of original posting: After careful perusal of the source for this page in Notepad, I don’t see anything that looks like a drive-by download or some kind of cross-site reference or injected code. It’s quite possible that this might be a false positive from Norton, because the page includes a lot of absolute and relative URLs to the site, some of which might look questionable to Norton, or perhaps match some kind of bad URL list sufficiently to get blocked following the “better safe than sorry” theory of URL screening.]

Leave a Reply

Your email address will not be published. Required fields are marked *