What a difference a line (of code) can make

Hi folks,

Taking some time out from the action here at the Anti-Spyware Coalition meeting for a quick Web security quiz:

Q: What’s the difference between a web site with 145 lines of html and that same web site with 146 lines of html?

A: Well, in the case of www(dot)midatlmortgage(dot)com it’s the difference between a being trusted web site and being a hacked web site that distributes exploits to its visitors. Please don’t go there unless you're fully patched or are running SocketShield.

When the Google bots made their cached copy on January 29th, 2006, there were 145 lines of html, but sometime between then and now, someone added one more, right in the middle, that starts with

i frame src="& # 104 ; & # 116 ; & # 116 ; & # 112 ; & # 58

That's not easy for human eyes to understand, but it's easy for a browser, and is the start of the address ("http:") of an exploit server.

What this means is that the Web site got hacked. And soon to be homeowners looking for mortgage information could get a whole lot more than they bargained for (CWS warez).

It also means that the Web is becoming less trustworthy.

-Rog