> Most of the owners probably barely know the Googles from the Facebooks, so even if you email them saying 'you have this JavaScript thing that's bad' they won't understand and will blow you off.
So, because you expect the owners of the affected websites to be dumb, users should not be protected from malware?
But I'll give you an example of how such sites would get fixed: I used to own and work for a CSE, where thousands of stores are listed. If I had easy access to this list, I'd take a quick look at it for possible clients and ask my former company to contact them. They'd first delist the affected shops from the comparison shopping website, then spend enough time with the owners to make sure they understand and can fix the problem.
Github in their ignorance prevented this, but thankfully archive.org exists...
On the other hand, the safe browsing feature of modern browsers usually creates enough pressure on affected shops that they are fixed quickly - so if some shops don't seem to act quickly, they're probably fraudulent themselves.
So, because you expect the owners of the affected websites to be dumb, users should not be protected from malware?
But I'll give you an example of how such sites would get fixed: I used to own and work for a CSE, where thousands of stores are listed. If I had easy access to this list, I'd take a quick look at it for possible clients and ask my former company to contact them. They'd first delist the affected shops from the comparison shopping website, then spend enough time with the owners to make sure they understand and can fix the problem.
Github in their ignorance prevented this, but thankfully archive.org exists...
On the other hand, the safe browsing feature of modern browsers usually creates enough pressure on affected shops that they are fixed quickly - so if some shops don't seem to act quickly, they're probably fraudulent themselves.