The FPP on Kancept
links to a blog which allows scripts in the comments, some of which launch nastiness. When I clicked it in Windows running Firefox 2.0 (having forgotten to update the "noscript" extension) the page tried to launch telnet, make a skype call, launch Outlook Express, and god knows what else before I killed the browser. The comments also display some very, very NSFW animated gifs. I'll be sad to see it go, because the site looks cool, but this is unsafe. I warned people in the thread as well
and another MeFite (the astute developer Civil_Disobedient) concurs with my findings. Maybe someone should warn the site admin as well that his blog is being used to launch exploits.
posted by edverb to MetaFilter-Related at 12:34 PM (53 comments total)