Archaeology at Khirbet Qeiyafa

[Minimalist]

Israel Finkelstein takes Yosef Garfinkle to task for his sensationalistic approach to the Khirbet Qeiyafa excavations.

http://www.4shared.com/get/KQ3ZI9AO/Qeiy..._2012.html

We cannot close this article without a comment on the sensational way in which the finds of Khirbet Qeiyafa have been communicated to both the scholarly community and the public. The idea that a single, spectacular finding can reverse the course of modern
research and save the literal reading of the biblical text regarding the history of ancient Israel from critical scholarship is an old one. Its roots can be found in W.F. Albright’s assault on the Wellhausen School in the early 20th century, an assault that biased archaeological, biblical and historical research for decades. This trend—in different guises—has resurfaced sporadically in recent years, with archaeology serving as a weapon to quell progress in critical scholarship. Khirbet Qeiyafa is the latest case in this genre of craving a cataclysmic defeat of critical modern scholarship by a miraculous archaeological discovery.

[KichigaiNeko]

Oh dear..... sounds like a bit of desperation on the god botherers part

[Aractus]

Your link contains a HIGH security threat.

[Tiberius]

Looks like a false positive to me. 4shared.com is a pretty well known site...I doubt they have any malicious JavaScript.

[Aractus]

The Javascript is on a different domain. My browser blocks all cross-domain javascripts anyway (part of aggressive ad-blocking), but a high security threat is a high security threat, doesn't look like a false-positive to me. Those types of javascripts "rotate" so that not everyone gets the threat, I wouldn't treat it as a false-positive. And there's nothing about 4shared that would make me trust them, I wouldn't trust rapishare.com if a threat like that popped up. Let alone a fly-by-night sharing site like 4shared....

[Minimalist]

I personally uploaded the file to 4share so I could have it hosted in case anyone was having trouble sleeping and wanted to read a real archaeological report to help them nod off.

[Justtristo]

Your link contains a HIGH security threat.

May I ask is that all you have to reply to the article the Minimalist uploaded for the reading of anybody interested in this?

[Aractus]

I personally uploaded the file to 4share so I could have it hosted in case anyone was having trouble sleeping and wanted to read a real archaeological report to help them nod off.

There's nothing wrong with the file, the website is a high security threat. If it's amazon.com and a threat pops up I'll take it seriously because no website, not even amazon or google, is immune to being hacked. The domain hosting the offensive file is 5hangoweroo.info, we don't know anything about that website if they're trustworthy or not, if they're easily hacked, if they intentionally put exploits in their javascripts, etc...

[Tiberius]

The Javascript is on a different domain. My browser blocks all cross-domain javascripts anyway (part of aggressive ad-blocking), but a high security threat is a high security threat, doesn't look like a false-positive to me. Those types of javascripts "rotate" so that not everyone gets the threat, I wouldn't treat it as a false-positive. And there's nothing about 4shared that would make me trust them, I wouldn't trust rapishare.com if a threat like that popped up. Let alone a fly-by-night sharing site like 4shared....

A false positive is when a program flags up an issue which isn't actually an issue. It doesn't matter that the issue here was marked as a high security threat. If it isn't actually a threat, it's a false positive.

The "threat" itself is apparently obfuscated JavaScript, which in all honestly, could be anything. AVG labelled it a "high" security threat automatically; they didn't look at any of the code or analyze it properly. It's just an automated procedure when they find obfuscated code. All that means is the code was made hard to copy / change. I've used JavaScript obfuscation before for perfectly legitimate reasons.

JavaScript is already extremely limited in what it can do. It only executes on the site you are visiting; it cannot access your other tabs or any data private to other sites. As such, even if it is a malicious file, the damage it can do is limited.

There's nothing wrong with the file, the website is a high security threat. If it's amazon.com and a threat pops up I'll take it seriously because no website, not even amazon or google, is immune to being hacked. The domain hosting the offensive file is 5hangoweroo.info, we don't know anything about that website if they're trustworthy or not, if they're easily hacked, if they intentionally put exploits in their javascripts, etc...

The domain "5hangoweroo.info" and even the subdomain "okpw.5hangoweroo.info" is not even resolvable, which makes this being a false positive even more likely. You said you have blocking tools enabled for cross-site Javascript inclusion. It's more likely that one of those tools got in the way and triggered the AVG alert than this being a real threat.

Likewise, doing a search for "5hangoweroo.info" returns absolutely no results. Even if this was a real threat, it clearly isn't anymore.

Oh yeah, and just in case, I ran a full check against the URL: http://www.webpagetest.org/result/130102...1/details/

A stupid amount of connections, but none for the domain mentioned.