Well that's unfortunate. I hope bad actors don't ruin it for the rest of us. Just as spammers have ruined web forms without captchas, and email servers without strict protocol adherence. So at...
Well that's unfortunate. I hope bad actors don't ruin it for the rest of us. Just as spammers have ruined web forms without captchas, and email servers without strict protocol adherence.
The study reports that the 1,950 Wasm modules represent 150 unique samples, indicating that some Wasm modules are found on several sites, with the extreme case of one module being present on 346 different sites.
So at least right now it seemed to be just a few bad scripts being employed by a large variety of sites. That makes it easier to block at least.
A website I worked on had a clever little trick to prevent abuse. It had an email subscription form that had three <input>s: one for legitimate email address, one a "submit" button, and between...
Just as spammers have ruined web forms without captchas
A website I worked on had a clever little trick to prevent abuse. It had an email subscription form that had three <input>s: one for legitimate email address, one a "submit" button, and between them – a hidden-from-humans text field. The assumption was: if the middle field is filled, it's a bot, 'cause there's no way a human would even be able to touch it without messing with the website.
Yeah, I've used the honeypot approach in the past. I abandoned it a few years ago though due to concerns of screenreaders (tabbing between fields), and form auto-fill tools. Plus it only stemmed...
Yeah, I've used the honeypot approach in the past. I abandoned it a few years ago though due to concerns of screenreaders (tabbing between fields), and form auto-fill tools. Plus it only stemmed the flow of spam for me; it never stopped it completely.
reCaptcha, as much as Hacker News hates it, has 100% stopped form spammers for me. Akismet is also great, albeit paid. I do like that it's entirely server-side though.
A study published in June 2019 reveals that in the Alexa Top 1 million websites, one out of 600 sites executes WebAssembly (Wasm) code. The study moreover finds that over 50% of those sites using WebAssembly apply it for malicious deeds, such as cryptocurrency mining and malware code obfuscation.
Well that's unfortunate. I hope bad actors don't ruin it for the rest of us. Just as spammers have ruined web forms without captchas, and email servers without strict protocol adherence.
So at least right now it seemed to be just a few bad scripts being employed by a large variety of sites. That makes it easier to block at least.
A website I worked on had a clever little trick to prevent abuse. It had an email subscription form that had three
<input>s: one for legitimate email address, one a "submit" button, and between them – a hidden-from-humans text field. The assumption was: if the middle field is filled, it's a bot, 'cause there's no way a human would even be able to touch it without messing with the website.Yeah, I've used the honeypot approach in the past. I abandoned it a few years ago though due to concerns of screenreaders (tabbing between fields), and form auto-fill tools. Plus it only stemmed the flow of spam for me; it never stopped it completely.
reCaptcha, as much as Hacker News hates it, has 100% stopped form spammers for me. Akismet is also great, albeit paid. I do like that it's entirely server-side though.
That's disappointing. Do we need Antimalware directly in our browsers now?
Well, we sort of do already, via sandboxing, ad blocking, and so on.
From the article: