Forgive the lousy screenshot and transparency in the title bar, but I just got this fake virus popup while searching for an image. I admit for a single moment my heart jumped.

原谅标题栏中糟糕的屏幕截图和透明度，但是我只是在搜索图像时看到了这个假病毒弹出窗口。 我承认我的心跳了片刻。

Then I thought after a few seconds as a techie (and note that all these observations just happened all at once in my head in no order):

然后，我想了几秒钟后成为技术人员(请注意，所有这些观察只是一次在脑海中无序发生)：

• The dialog is perfectly centered in the browser. I’m not sure why this was my #1 tipoff, but for me, it was the first thing I noticed.

  该对话框完全位于浏览器的中心。 我不确定为什么这是我的＃1小费，但是对我来说，这是我注意到的第一件事。

• This “popup” was as a result of a browser navigation. If it were legit I’d expect it to happen a little more asynchronously.

  该“弹出”是浏览器导航的结果。 如果它是合法的，我希望它会异步地发生。

• The word “migth” misspelling in the popup.

  弹出窗口中的单词“ migth”拼写错误。

• The fonts in the column headers are anti-aliased with one technique and the rest of the text doesn’t  use ClearType while my machine does.

  列标题中的字体使用一种技术进行了抗锯齿处理，而在我的计算机上，其余文本不使用ClearType。

• Poorly phrased English: “You need to clean your computer immediately to prevent the system crash.”

  英文措辞不佳：“您需要立即清洁计算机以防止系统崩溃。”

• There’s no option other than “Clean computer.” No ignore, repair, quarantine.

  除了“清洁计算机”外没有其他选择。 不要忽略，修理，隔离。

• The word “computer” at the end of the first line goes too far to the right of the grid’s right margin. It should have wrapped to the next line. Yes, I’m a UI nerd.

  第一行末尾的“计算机”一词在 格右边距的右边太远了。 它应该包装到下一行。 是的，我是UI书呆子。

• Their Aero theme color is GRAY and mine is BLUE.

  他们的Aero主题色为灰色，我的主题色为蓝色。

• Ctrl-Scroll ZOOMs the image. ;)

  Ctrl-Scroll缩放图像。 ;)

• The URL is obvious nonsense.

  该 址显然是胡说八道。

• Adware.Win32.Frauderiouslyp>

  Adware.Win32.Fraud真吗

It’s scary just to look at floating in your webpage there isn’t itp>

只是看着浮动在您的 页中是不是很可怕p>

How is my Mom supposed to defend against thisindows OR Mac (or tablets) the bad guys are out there, and one day they will finally learn English and put a little work and attention to detail into these things.

我妈妈该如何抗辩indows或Mac(或平板电脑)上的坏人在那里，有一天，他们最终将学习英语，并在这些事情上花了点力气和对细节的关注。

One day these things won’t be “selectable” to prove to us that they are HTML:

有一天，这些东西将无法“选择”来向我们证明它们是HTML：

As we enable HTML5 with local storage, geolocation, possibly native code and  and other features the bad guys will start doing the same with their malware. If you can write Doom in HTML5 there’s nothing (except the skill and the will) to keep you from writing adware/scareware/malware in JavaScript. Not just the standard CSRF/XSS type JS – which is bad, I know, I used to be in banking – but sophisticated duplicates of trusted software accurately recreated entirely in HTML5/CSS3 and today’s modern JS.

当我们启用具有本地存储，地理位置，可能的本机代码和其他功能HTML5时，恶意分子将开始对其恶意软件进行同样的处理。 如果您可以用HTML5编写《毁灭战士》，那么除了技巧和意志之外，没有什么可以阻止您使用JavaScript编写广告软件/恐吓软件/恶意软件了。 不仅是标准CSRF / XSS类型的JS(我以前在银行业时还很糟糕)，而且还完全用HTML5 / CSS3和当今的现代JS精确地重新创建了受信软件的复杂副本。

Google Offline Mail and extensions run in the background in my browser now, what’s to say some future malware won’thould we digitally sign HTML5 appso more Extended Validation SSL Certificatesow do you defend against thisp>

Google离线邮件和扩展程序现在在我的浏览器中在后台运行，这意味着将来不会出现某些恶意软件们应该对HTML5应用进行数字签名吗否需要更多扩展验证SSL证书如何防御呢p>

What do you think, Dear Readerp>

亲爱的读者，您如何看待p>

翻译自: https://www.hanselman.com/blog/if-malware-authors-ever-learn-how-to-spell-were-all-screwed-the-coming-html5-malware-apocalypse

文章知识点与官方知识档案匹配，可进一步学习相关知识Java技能树首页概览93761 人正在系统学习中 相关资源：电脑桌面蟑螂(趣味整人小软件)_蟑螂- 络游戏其他资源-CSDN文库