[bdefore]

In the second link above, a Bing ad is presented to download Chrome while describing a domain of "www.google.com" but when clicked takes the user to googleonline2018.com ... maybe my expectations are out of date, but how is that possible? The otherwise excellent article doesn't explain.

edit: was the second, not first link. this one: https://blog.infostruction.com/2018/10/26/adware-empire-iron...

[franga2000]

What do you mean by "describing"? If you mean the thingy in the bottom of your screen when you hover over a link, this is trivial to fake and Google itself is the largest user of this "feature". In a Google search, right click a link and copy it, then paste it somewhere. It will be a long ugly google.com tracking URL, even though what your browser showed you in the hover display was the link to the actual website.

[AinderS]

> the thingy in the bottom of your screen when you hover over a link, this is trivial to fake

Sounds like a security flaw. Why don't browsers patch it?

[Liru]

Because the company that most benefits from it existing also makes the world's most used browser.

[AinderS]

What about other browsers?

[antiframe]

I tested it in Firefox and Chrome. While they both display a spoofed URL in the status bar when hovered, they differ if you right-click the link. In Chrome, nothing changes. In Firefox the status bar string changes to the actual, not spoofed URL.

At least in Firefox, one can check easily what the actual URL is before clicking without having to copy-paste elsewhere.

[franga2000]

Short of preventing JS from triggering redirects, I don't see a way they could, and that's a pretty important feature in modern web apps.

[Dylan16807]

You could lock out JS redirects once the user has clicked on a URL.

[bdefore]

Sorry i misstated, it was the article at the second link from post i responded to. first image of that post, under where it says 'Get Chrome - Download Chrome Today' there is a green text that shows www.google.com. I thought that was enforced by the search engine and not able to be manipulated.

At the risk of insinuating too much, there is a concerning incentive for Bing to provide corrupt links to Chrome.

[kyle-rb]

That definitely seems like a major flaw with Bing's search ads. They should be either deriving that green domain name, or verifying it matches the link, or at least verifying that you own that domain.

I can't find a current Bing search ad whose green domain name doesn't match the domain of the destination of the link. Hopefully they've fixed this by now.

[antiframe]

Interesting. I had not known that. I tested it in Firefox and Chrome. While they both display a spoofed URL in the status bar when hovered, they differ if you right-click the link. In Chrome, nothing changes. In Firefox the status bar string changes to the actual, not spoofed URL.

At least in Firefox, one can check easily what the actual URL is before clicking without having to copy-paste elsewhere.

[kyle-rb]

I'm seeing that Firefox behavior in Chrome.

It seems to rewrite the link when it gets a mousedown event. Once I right-click, or if I left-click and then drag (to avoid an actual page navigation), the new hovered URL is the google.com/<tracking> version.

Also this only seems to apply to search ads/promoted results. Organic search results don't get rewritten, and copying and pasting a link address gives me the expected destination URL.

[darkteflon]

My Nextdns filters blocked the link to TFA (edgesuite.net).

[darkteflon]

Responding to myself to say: I didn’t realise but edgesuite.net is just an Akamai CDN domain. No idea why it was blocked by my filters.