When I visit certain websites (specifically finance.yahoo and zerohedge), dozens of data transfers to and from websites I do not recognize show up in the lower left corner of the screen. They flash by too fast to read. Then my hard drive begins to run continuously and the computer locks. The only way I have found to stop Firefox is using CTRL-esc to shut the Firefox process down or turn off the computer.
This behaviour seems like some kind of browser security breech to me. It is the first time anything like this has happened since I abandoned Microsoft years ago. Maybe I just need to make some changes in the Mozilla Firefox (42.0) security settings or something simple like that. Or maybe the websites are infected (deliberately or otherwise) with data gathering and ad pushing malware. I do not know where to start to solve the problem because I don’t know exactly what the problem is.
Has anyone else had similar problems?
Can anyone point me in the right direction to solve them?
I will be happy to provide any additional information the experts here might need.
The only time I have had anything Firefix-related slow down my computer
has been when Flash (patooey) has gone crazy, and killing it (which may
happen when you forcefully kill Firefox which owns it) solves the issue,
though in those cases I usually see (via ‘top’) that the plugin itself is
using the CPU like crazy.
If you want to see all of the transactions/files of the browser, use
LiveHTTP Headers, or Firebug, or something like that which will show you
all things retrieved, and may help you zoom in on the root cause.
–
Good luck.
If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below…
I’d clear your entire history, cookies and cache completely first. You can install something like Privacy Badger to see what’s doing what, give you an idea of what sites do when you interact with them. It’ll keep you informed even if you don’t actually choose to use it pro-actively: https://www.eff.org/privacybadger
You could be specific about the websites. There are a number of things called ‘zerohedge’ and out of them you probably mean www.zerohedge.com. finance.yahoo.com seems clearer but there are probably country-specific variations of that which I could find if I tried.
I had a quick look, using a moderately-well instrumented old Opera, and while it did look quite suspicious, I didn’t see anything clearly ‘bad’ and even if I had, what I saw couldn’t possibly have been a Firefox problem.
In any case these seem to be financial sites and, as I suspected, at least one has the feature of keeping pushing data at you. In yahoo’s case, they seem to be pushing the data at that tracker thingy, and while you might think that all well and good it never stops and it does use several website names to do that. It looks quite bad but I am sure it is not a Firefox problem, nor a ‘hacking’ problem but one that you would have to take up with the site owners, because they have more-or-less done this deliberately (they may not have worked out how well or badly it works on a low bandwidth connection, for example, or with a computer that is running slowly, or DNS running slowly). Combine this with the usual CMS-wth-advertising feature of using half a dozen different websites to track and stream advertising at you and it all looks a bit of a mess.
For zerohedge it was a bit more straightforward. Just taking a quick look, I saw at least a dozen website names come flying by (and maybe as many as two dozen); most of these i recognised as websites usually used in either ad serving or analytics and while you might feel this is massively excessive it is also in the normal range - ok, at the extreme and undesirable end of the normal range, but not unprecedented. On the other hand it did stop eventually…
I suspect if you want to take this further you probably need to submit that we can all look at. I’d suggest a wireshark trace, although that could have a lot of information and take a bit of filtering-fu to make it easily readable.
Thank you for confirming what I suspected - these websites push too much data/ads too fast for the DNS and connection to keep up. That isn’t a Firefox problem.
BUT …
Overload doesn’t explain why I lose control of the local operating system. And it doesn’t explain why my hard drive runs continuously (like it is formatting or copying itself) when that happens.
This only happens after I have visited zerohedge.com as far as I can tell. At least, I have not observed it until after a visit to zerohedge.com. My suspicion is that they push something more than data/ads and that it smells a lot like a Linux virus.
I do not have the expertise to confirm or refute that suspicion. Maybe someone here does. I am willing to help any way I can.
How, specifically, do I do that? Will the output be helpful to you? Should I post it here?
The possibility that the data/ad scripts might overload my memory and move to the swap file hadn’t occurred to me. That is a distinct possibility.
Today, I did not visit zerohedge.com. I did leave at least one instance of finance.yahoo.com running all day. One script locked Firefox temporarily but finished running after I clicked the “continue” box. My computer did NOT freeze with the hard drive running. Would a listing of the script that temporarily shut down Firefox be useful to you when It happens again?
I live in a rural area about 100 miles from the nearest population centers. DNS capacity is a limiting factor here as they upgrade the cities and leave the rural areas for later or simply don’t alert us to the new DNS ip address. It is just part of the price of being away from the maddening crowds.
Isn’t the huge data acquisition and ad push something close to a denial of service attack? Can Firefox be set to limit the data/ad traffic without slowing content delivery or is that solely up to the website owner?
Top is running now. It shows about 222 tasks with 1 to 3 running at any given time. It shows about 4 gb memory used and 4 gb free. There is zero usage of the swap file but the cache usage is growing.
I don’t have the technical expertise to know what it all means. The thing that surprised me is that there are at least six users beside myself and root (polkitid, message+, mysql, nscd, rtkit, and ntp). Is that normal?
I have complained to all concerned (websites, ISP and of course here). My computer has not locked today, which is a first in a week or so. Other than normal upgrades with Yast and apper, I haven’t changed anything here. Maybe complaints work (temp??).
Of the extensions mentioned by Fraser_Bell, Self-Destructing Cookies appeals to me most. Ghostery looks like fun but probably time consuming. Any advice?
yes things run under the control of different pseudo users that is normal.
Top will not tell you that much until you run into the problem then it will show you what process is eating up all the CPU cycles.
Linux does not like idle memory so it will add caches to fill most of it this speeds things up and if a program requires memory some caches are freed to make room
Top was running today when zerohedge.com (definitely) ran a script in Firefox (definitely) that used all available memory and began using the swap file heavily. Then the computer froze when I hit debug script and I had to restart Firefox before I could get the details of the script in the debug window.
While I was typing this message, as second (different) script locked Firefox but not the computer. I was able to get the debug window running and copy the script to a text file.
Often I assume the problem is with my computer since that is where it shows up. Then I start fixing things that aren’t broke and wind up breaking things that didn’t need fixing at all. Frustration follows.
Rather than try to change other people’s behaviour (usually a frustrating failure) , I installed the Ghostery extension and started cutting off the offenders. So far, so good. Thanks to Fraser_Bell.
Yes, I find the Ghostery extension to be invaluable. Keep in mind, though, that on some sites (in my case, my cable internet provider) you may need to temporarily pause Ghostery: In the case I mention, I cannot see the invoices, nor my data usage, without pausing Ghostery.
But, it is only in (very) rare situations such as that where I need to pause the extension.
So, if you are somewhere important that just does not seem to work, keep that in mind.