火绒安全：撕开鲁大师为首系列企业流量劫持黑幕 - cnBeta.COM 移动版

[风行听雪]

这点 Really 不好啊！这些厂商根本不 care User 的体验，只要能赚钱就好 。他们用的技术很高级， users 可以感受到的损害就这么轻松忽视了 。这种情况下， users 应该更 alert ，要多 vigilance ，不然就成为厂商的牺牲品 。

 

[夜语流年]

recently saw that in this Double 11 big sale period, users will find many pop-ups showing up more frequently. so what's the reason behind it? firehole recently released a report about series companies' security report, say some software factories are building big-scale promotion industries chain by cloud control configuration

they use remote start promotion module to make money from traffic meanwhile, they can control different promotion way for each company and product. for example, there's an app called ru le master, it has many ways to promote like browsing pop-up game, silent install third-party software, and modify京东 website link

they're doing all this without tell users clearly or confuse them . and they're using some tech like data encryption, code mixing, dynamic loading etc to avoid security analysis and public check . but it will hurt user experience we should pay attention to it and work together to stop this