Getting Raw

The other day, I was telling a friend about me being a "habitual" letter writer and often go to the top of a company when sending a letter off.  (Not because I expect an answer for the business's president, since I don't.​  But the head of a company will usually send the letter to someone else in the company, usually who I've cc'd: and add a note, "Deal with this."  And the last thing that person wants is for me to write back to the president two months later that I hadn't heard anything back -- at which point, the president will write to same person, "Why didn't you handle this when I told you to??!"  And so, someone generally does write back right away.)  The other thing I do with letter writing is always be very polite and even fill it with praise, since no one likes to be yelled at.

All this only has a tangential relationship to the story here, though it does comes into play.  Mainly, I think it's an good tale about tech, and at the top of the list, it's valuable for people who, like me, peruse the RawStory website.  Actually, I'll go further -- most especially if you do read RawStory, this isn't just valuable, but I strongly suggest you read about how to deal with and avoid the problem should it hit you.

RawStory is a news aggregator.  While they have their own reporters, mostly they collect articles from other sources, write detailed summaries and provide links to the original pieces.  It's a fairly good site that clearly leans liberal.  It also has its flaws -- having too many click-bait articles and too many typos (which I often write in to correct, when the mistake creates a misleading impression.  They're pretty good about fixing things.)

I’ll try to keep the background brief, because the full story here is long and convoluted, and dealing with it was very time-consuming.

The very short version is that the last few days, RawStory had a major breach where malicious code freezes your browser in order to get you to click on it and hijack your information.  I dealt with it at great length, and then checked with my very high-end tech guru friend Ed Bott (who I write about here periodically).  He was exceedingly helpful, and from that I wrote a long, detailed letter to RawStory’s Customer Service department.  But that's a pretty anonymous undertaking for such a major problem.  So, with Ed’s help found the name and address of RawStory’s publisher, editor-in-chief and tech designer, I sent the letter to them, as well.

At this point, I think it's best that I post that letter, since -- especially for people who read RawStory (or those who might come across a similar situation online at some point, which honestly is everybody...  In fact, I've dealt with the issue several times in the past), it describes the problem in detail and (I think...) clearly and also provides very valuable information how to resolve the issue.

I've edited out some of the most techie material, making it as readable as possible.  What I wrote was -- 

---

Dear Mr. Nguyen and others,
​
I suspect you’re aware of this, but I pass it along in case not.  I’ve written to Customer Service, but realized this is likely serious enough that I shouldn’t leave it at something that faceless.
 
It turns out that one of your less “responsible” advertisers is sending malicious code that periodically takes over one’s browser and freezes it up.  This is a screen shot of what I mean –

Since this occurred the other day, it only happens for me on RawStory, and only when clicking on random articles, not all the time.

Though I wrote a tech review column for years on the Writers Guild of America website, I wasn’t sure what was causing this.  I passed it along to a friend who’s a high-tech columnist on ZDNet and author of Microsoft Press’s book on how to use Windows 11 and Windows 10, Ed Bott (https://www.zdnet.com/meet-the-team/ed-bott ), and he was able to duplicate the problem.  He explained that it is not a virus infecting one’s computer.  What he wrote back to me was – “Those fake warnings aren’t malware, so there’s nothing to clean or scan or remove…Most often this crap comes from an ad served up by a dodgy low-rent network."  He added -- “What is almost certainly happening is that there is a ‘poisoned’ ad that is being served up by some ad network that Raw Story uses.
 
Happily, Ed also said there is an easy fix.  That when the browser does get hijacked and freeze, then pressing Ctrl+W or Ctrl+F4 closes the browser tab or active window.
 
Since you probably can’t read it in the screenshot above, just know that in the Location Bar, it shows the offending web page as coming from the “core-windows.net domain”, which (Ed Bott explains) “means that the people behind these fake websites are using them to steal credit card information.”
 
It's happened in the past on RawStory, but was very random and went away.  But this has been persistent for days now – so much that I stopped using RawStory.  However, Ed suggested opening RawStory in a private browser window (like Incognito Mode for Chrome), since that session is isolated from your regular browser usage, so one can kill it alone and move on.  And that’s what I’m doing.  It’s an annoyance, but it works.  But because it’s less convenient, I find that I’m checking RawStory less often.

I am 100% sure I’m not the only person affected by this (especially since I know of at least one other who duplicated the problem).  And as I said, I’m sure you’re aware of it.  But regardless, I pass this along since I’m equally sure that most people who get hit with this don’t have a major “tech guru” as a friend to check in about it, and so many may just stop using the RawStory website, as I came close to doing.

Thanks.
​

---

A quick side note about opening a private browser window and what that means.  It's very simple to do.  If you use the Chrome browser, click on the three vertical dots in the upper-right corner and select "New Incognito Window" at the top.  In the Edge browser, click on the three horizontal dots in the upper right, and select "New InPrivate Window."  Or you can just use your keyboard and simply type "CTRL-SHFT-N."  And the private browser window will open.  It will look like exactly like your regular browser (though darker), but it's a separate browser.  And what I do is then go to www.rawstory.com in that private browser window.  If it freezes up there, it doesn't affect my regular browser.  I just type CTRL-W or CTRL-F4 which shuts down the private browser window.  And I start again.

Anyway, back to the tale.  We're almost over, except for the results...

​Thus far, I’ve heard back from the editor-in-chief.  He wrote a simple note:  “Hi - thanks for this. We are trying to identify where it’s coming from. Hopefully we’ll put a stop to it soon.”

I sent that to Ed, just to keep him updated.  And Ed, who operates at an overwhelmingly higher tech level than I do, and interprets tech executives' words for a living, wrote back to me –
 
“I’m not sure you realize it, but you did a profound service here. That editor in chief was probably surprised and nearly gutted by the news that his site is hosting malicious content. The fact you got a reply says they weren’t yet aware of this.”
 
I wrote to Ed that, no, I had no idea of that.  That it was just me being noodgy me.  (And told the story about how just yesterday I wrote to the NY Times to correct a typo in a quote about the Chicago Cubs that erroneously made the former manager look foolish.  Which they immediately corrected.  O huzzah!)

And so, now you see in action, what I meant above how I am a habitual letter writer and always try to go to the top.  But most of all -- if you do read RawStory, I suggest that (at least for the time being, until they do finally fix the problem -- and who knows, for all I know they will have by the time you read this.  Or not.), you open a private browsing window and access it there.  You don't have to -- CTRL-W or CTRL-F4 will close down the problematic tab or window just the same -- but I just feel more comfortable reading a hijacked website in its own isolated window.

We now return you to our regularly-scheduled website...