Hi malare fighters.
But did you perform the test. Just try and give in the short bit of that particular code in as a search query that is scanned through finjan, WOT, or on scandoo.com and you will establish how poorly these "real time scanners" or partly reputation scanners handle code on legit sites that were hacked and re-direct to "malware all sorts" on behalf of CyberCrime & Co et al.
That is the new situation, my good forum friends, a new massive threat that goes largely unnoticed by these scanners (80%). At
http://www.unmaskparasites.com/security-report/ based on Google's security website report I get a much better score here and an indication of what is wrong and attached to the source code, and real scanners like Anubis also givethese in depth report.
Even with Firekeeper with appropriate rules for detecting malcode the results would be better. What do link scanners do other than link, not much. They do not tell that on site so-and-so I will be confronted with obfuscated script, that I would like to deny access, that there is third party embedded script there, that I like to refuse anyway, or hidden iFrames that might take me to a silent download site with a dozen malcode scripts trying out exploits on my unpatched browser and other software vulnerabilities that I failed to update (I check that now with Secunia's PSI). So NoScript is on one side of the spectrum protecting me. What is there on the otherside of the spectrum, the detecting side? I do not want to be a victim of some self-proclaimed website admin that does not know how to secure his code or protect his website software. Well, old pol knows how to protect himself through SafeHex, limiting access to what should not have access on the OS, limiting rights to what should not have, and denying access to code to block malicious code insertions, but that cannot harm me much because normally malware can do as much harm as limited under normal user's rights (so even curtail system rights in certain circumstances). But what about the average user of a browser? Can they rely on the link scanner greens or halt for reds? I would not like to have these on a railway track, if I run a train like that a derailment would be round the corner I think. A lot of security here is make-believe, folks, you rely on a validation made at a certain point in time and then the assessment can be totally wrong in a large percentage of cases,
polonus