Uncertainty with fairly old webpages
closed account (E8A4Nwbp)
A webpage on oocities.org immediately downloaded a MIDI sequence to my PC. I believe the webpage is approximately 10 years old, however, regardless, I deleted the file and ran a quick scan, yielding no sign of suspicion. Due to this, I have 3 questions.
1) If you are using a modern browser with the appropriate site permissions, is it perfectly safe to visit old webpages? (I use the new Microsoft Edge and do not enable adobe flash)
2) Can these old websites, without any notification appearing, download malicious files to your device? (including files which do not appear in the download folder in file explorer)
3) As the Wayback Machine is a trusted website, is it a perfectly safe way to "emulate" any website, even if the site contains malicious content?
1) If you are using a modern browser with the appropriate site permissions, is it perfectly safe to visit old webpages? (I use the new Microsoft Edge and do not enable adobe flash)
2) Can these old websites, without any notification appearing, download malicious files to your device? (including files which do not appear in the download folder in file explorer)
3) As the Wayback Machine is a trusted website, is it a perfectly safe way to "emulate" any website, even if the site contains malicious content?
Last edited on
If you enable JavaScript on unknown websites, you might still run into sites that try to temporarily use your session for cryptomining or similar activity. In general, JavaScript is like the Pandora's box of vulnerabilities.
(1) I don't think the age of the website has anything to do with it. It would only be more recent websites that even have javascript for my cryptomining example. But no, I don't think it's perfectly safe.
(2) They can download javascript without you knowing.
(3) No idea personally, but a quick search to wayback machine vulnerabilities gives results such as:
https://blog.dshr.org/2017/09/attacking-users-of-wayback-machine.html
A midi file itself isn't harmful, but when used in combination with a potentially vulnerable program like an old version of Windows Media Player, exploits can be crafted:
https://blog.trendmicro.com/trendlabs-security-intelligence/malware-leveraging-midi-remote-code-execution-vulnerability-found/
(1) I don't think the age of the website has anything to do with it. It would only be more recent websites that even have javascript for my cryptomining example. But no, I don't think it's perfectly safe.
(2) They can download javascript without you knowing.
(3) No idea personally, but a quick search to wayback machine vulnerabilities gives results such as:
https://blog.dshr.org/2017/09/attacking-users-of-wayback-machine.html
| Especially with Javascript in archived pages, it is hard to make sure that all resources in a replayed page come from the archive, not from the live Web. If live Web Javascript is executed, all sorts of bad things can happen. Malicious Javascript could exfiltrate information from the archive, track users, or modify the content displayed. |
A midi file itself isn't harmful, but when used in combination with a potentially vulnerable program like an old version of Windows Media Player, exploits can be crafted:
https://blog.trendmicro.com/trendlabs-security-intelligence/malware-leveraging-midi-remote-code-execution-vulnerability-found/
Last edited on
1) nothing is perfectly safe. And microsoft browsers specifically seem to lag behind in paranoia and tend to lack advanced user settings to make them reject anything touching the disk.
2) obviously they can. The site you went to downloaded a file to your machine without any warning. Almost any file can piggyback a virus; many of those require you to open the file, and often, you have to open it in a vulnerable software package. Older pages mean old viruses that should easily be caught by your AV software, though. Your biggest fears should be stuff the AV teams haven't found and cataloged yet because it came out last week etc.
if you are worried about it, run your browser from a VM that you can restore if it gets compromised. Most virus cannot cross from VM to real machine, but to be safe if the vm is hacked unplug from the web, reboot and scan, restore vm from backup, check that you are clean and restore internet last. Scanning is usually best done if you can unplug the hard drive and scan it from another machine as a slave drive. Its a pain, so try not to get infested.
2) obviously they can. The site you went to downloaded a file to your machine without any warning. Almost any file can piggyback a virus; many of those require you to open the file, and often, you have to open it in a vulnerable software package. Older pages mean old viruses that should easily be caught by your AV software, though. Your biggest fears should be stuff the AV teams haven't found and cataloged yet because it came out last week etc.
if you are worried about it, run your browser from a VM that you can restore if it gets compromised. Most virus cannot cross from VM to real machine, but to be safe if the vm is hacked unplug from the web, reboot and scan, restore vm from backup, check that you are clean and restore internet last. Scanning is usually best done if you can unplug the hard drive and scan it from another machine as a slave drive. Its a pain, so try not to get infested.
closed account (E8A4Nwbp)
I profusely thank you @jonnin and @Ganado
I intend to henceforth use a mobile device to view archived web pages. I wouldn't want to take chances with a PC
I intend to henceforth use a mobile device to view archived web pages. I wouldn't want to take chances with a PC
| 1) nothing is perfectly safe. |
If only more people realized Life is the Leading Cause of Death.
| I intend to henceforth use a mobile device to view archived web pages. I wouldn't want to take chances with a PC |
Only swim in bathtub because you might drown in a pool?
Topic archived. No new replies allowed.