| ▲ | bitpush 3 days ago | |||||||
Because ads are not how malware is distributed? You have higher chance of getting a malware from `pnpm add` than seeing an ad on the web. | ||||||||
| ▲ | minitech 3 days ago | parent | next [-] | |||||||
> Because ads are not how malware is distributed? Malware is absolutely distributed through ads. In the case of more reputable ad platforms that don’t allow arbitrary scripts, it’s by linking to malware, but they’re also used to serve drive-by exploits. > You have higher chance of getting a malware from `pnpm add` than seeing an ad on the web. If you’re a normal computer user who browses the web without an ad blocker and never runs `pnpm add`, the relevant chance is a little different. (Fun side fact: current pnpm wisely doesn’t run install scripts by default.) | ||||||||
| ||||||||
| ▲ | kstrauser 3 days ago | parent | prev | next [-] | |||||||
This is very incorrect. Ads are basically running a program they wrote on your computer. If there’s any exploitable feature in your browser’s JS sandbox, count on someone sending you an ad that will exploit it. | ||||||||
| ▲ | chithanh 3 days ago | parent | prev | next [-] | |||||||
To add to the other reply, there were even targeted malware campaigns through ad networks. Because nowadays, you can choose who sees your ads so precisely (by IP block or geolocation) that you can target individual organizations. | ||||||||
| ▲ | BLKNSLVR 3 days ago | parent | prev | next [-] | |||||||
| ▲ | nicce 3 days ago | parent | prev | next [-] | |||||||
GIMP is one of the best examples that comes to my mind: https://www.techradar.com/news/this-fake-gimp-google-ad-just... | ||||||||
| ▲ | akho 3 days ago | parent | prev | next [-] | |||||||
I took a careful look at the definition of malware on Wikipedia. Ads are malware. | ||||||||
| ▲ | muppetman 3 days ago | parent | prev [-] | |||||||
[flagged] | ||||||||