The article has no citations to back it the claims. It states "researchers also believe that this malware is being used by an organized crime ring either to prepare for an enormous future attack on targeted users, or to sell collected information on the dark web" with no attribution. Nor is it obvious how battery condition or orientation would be any use to attackers or purchasers.
There’s the actual NOAA page for your area which is lightweight and <i>increadibly</i> information dense, IMO it’s what other weather websites can measure themselves against it’s pretty awesome!<p>Also: curl wttr.in (I guess hackernews night nock that over heh, it seems like it’s been struggling lately.)
A meteorologist colleague informed me of <a href="https://www.yr.no/" rel="nofollow">https://www.yr.no/</a> and it has a version in English. It is what I usually use along with weather.gov. Their short and long-term World-Wide ECMWF forecasts are really nice as are the meteorograms. Yeah dump weather.com.<p>Edit: Ohh and one more: Jeff Masters and his crew at Weather Underground (wunderground.com). For example another nice meteorogram: <a href="https://www.wunderground.com/forecast/us/co/boulder/KCOBOULD425" rel="nofollow">https://www.wunderground.com/forecast/us/co/boulder/KCOBOULD...</a>
This page quotes this from "Binary Defense":<p><i>"if a user stumbles upon a webpage that has a compromised third-party library, the malware runs checks.
These checks consist of who the user agent is, the type of device they are operating on, the level of battery it has, and the device’s motion and orientation. After these checks are verified, the malware will connect the infected device to a remoter peer prior to transferring the device’s IP address"</i><p>This statement is written to make it seem like like something bad is happening. But read the statement -- it's total BS.
> scanning the session for malware using Wireshark’s advanced malware analysis<p>Is this some feature of Wireshark I've never come across, or does the author not know what they're talking about?
AFAIK most sites and news agencies in the U.S. get their data from weather.gov [1] I have never seen any shenanigans on that site.<p>[1] - <a href="https://www.weather.gov/" rel="nofollow">https://www.weather.gov/</a>
Nothing in this article explained how this advertising could actually be dangerous. It "collects the IP address and user agent string." Is there something serious or not?
weather.com was already collecting and marketing an obscene amount of user data as anyway. That's what drove me to stop using it a while back. Wunderground is in the same group.<p>This is US-specific, but what I use now is the National Weather Service's website. It's actually really excellent. <a href="https://www.weather.gov/" rel="nofollow">https://www.weather.gov/</a>
> Last year, a single malvertising campaign reached 100 million users, and there’s no reason attackers would pay for all that exposure unless some fish were biting.<p>But there is.<p>For example, an entity could have sold the malware to a rube. They would do this by using the same "bullet proof" logic: why would they be selling a tool that can hit 100 million users unless some fish will bite?