Slashdot Mirror

I included in mine a link (off the VitalSecurity page, but still ...) to a discussion thread that indicates Opera was not vulnerable. I wasn't able to get the warning (nor the attempt to install) using either the release nor beta versions of Opera for Windows.

As well, I was able to prevent infection attempts in FireFox by blocking connections to *.ysbweb.com. [your search bar]. (The Proxomitron is your friend.)

The company that signed the applet is "Integrated Search Technologies", which is apparently targetted by several anti-spyware programs.

Advertisers might be able to come up with new ways to make me see or hear their ads, but it will only happen once. It takes me only 2 minutes to ensure I never see their ad again. Honestly, when will Internet advertisers understand that when I've gone out of my way to block your ads, I really don't want to see them? I'm not going to say, "ooh! This guy figured out a way to get around my ad filters, he must make good products!" Get real. I'll never buy anything from X10 just because they were one of the biggest purveyors of popups back in the day.

Annoying people is not a good way to convince them to buy your product.

With any browser they're not a problem.

http://www.proxomitron.info

Keep trying guys- my block lists will just get longer...

Run a rewriting proxy with a blacklist of domain typos, that way attempts to access them get silently redirected to the correct page. I use squid and squirm, but something like Proxomitron on a parent's/grandparent's windows box will do it.

those of us using the Proxomitron continue to ignore *all* advertising.

Okay, maybe it's a bit much for the regular user, but slashdaughters should be able to get this to work.

Sounds like a job for the proxomitron.

No go. Whatever I try, my Firefox refuses to let the spoof work. Might, however, be a side-effect of the filter sitting between my browser and the Internet. BTW, this thing happens to run pretty well under Wine.

Hmm. That works with my Konqueor, but not with the Firefox (1.0). Might be related to the Fx accessing the 'net via a filter. That thing tends to break some exploits.

If indeed my Fx is what's breaking the exploit I'll immediately file a bug in Bugzilla. Firefox should be able to support common exploits like this one.

Disabled it, my firefox display the fake popup...

I've used the Proxomitron for years, initially to block annoyances like midi files autoplaying on websites. (It's nice to see that those can be blocked by the browser, now. But my old habits die hard and I still use proxo.) As a welcome byproduct, I blocked the in-your-face blinking, blaring and popping advertising. If I'm reading the web for entertainment, why should I have to put up with that? In short, I don't.

Yes, this costs the sites' owners a revenue stream, though I doubt that my personal browsing is (a) typical nor (b) profitable - I wouldn't buy from those advertisers. They're throwing their money and bandwidth away trying to show ads to me. If the sites can't adapt to new paradigms for revenue generation (Subscription? In-line textual advertising?) perhaps they aren't strong enough to survive in a market economy. Or perhaps the web isn't a market economy, as the previous author says.

In any case, I'm not presuming that the internet nor the web will die any time soon.

Next week, why I don't like seeing commercials at the movie theatre.

Concerning AdBlock... AFAICT, AdBlock removes ads from the websites you visit by matching parts of them with regular expressions and then replacing them.
Is there an extension that allows arbitrary regexp matching/replacing of text? On my Linux box I have Wine running The Proxomitron, but I'd much prefer "native" Firefox support for regexp-based page/header modification.

Even while I used to surf with IE, I had no ads. Introducing Proxomitron, the überaddkiller. Combined with Switchproxy, a FF extension that allows me to quickly disable Proxomitron when I need to let go some popup, they're a must. No need to painfully set a block list, like adblock needs. Proxomitron has smart regexps that to the job from the box.

If you're only concerned about getting your passwords, you can use a proxy (hint: the Proxomitron works well) to capture and display your passwords.

(Plug: Proxomitron works with all browsers I've used to date, including hangs head in shame MSIE.)

Free (as in beer) software to do the same thing.

This sounds like a job for the Proxomitron. All we need is someone who knows about these things to write a suitable site-specific filter, and it'll all be automatically 'fixed' for us. I'm sure there's plenty of people here who, with a few minutes thought, could post working code for us to paste into our filter files.

Have a look at the Proxomitron HTML filter (Windows / WINE) - killing embedded background clips/MIDIs at the HTML level is one of my favorite features, but you can also remap fonts/sizes, filter banners, Flash, popups, unnecessary Java applets (or convert these to clickable links, if you actually wanted to view them). Or much more advanced stuff if you want to go beyond the filter rules it comes with write your own.

What ads?

I use Proxomitron with the "allow right mouse clicks" filter turned on. http://www.proxomitron.info/

Ability to arbitrarily morph the the incoming text stream using regexp or javascript. This would allow me to roll my own weird crap.

The single most useful program I've ever seen for Windows (the Proxomitron) does exactly that: Regexp filtering for HTTP headers and content. It kinda works under Wine, but having a Firefox plugin with this functionality would REALLY improve my browsing experience (as well as making the browser more popular with semi-computer literate users). If there is one plugin the world needs it's HTTP regexp filtering.

Base: An up to date host file. This can probably block 95% of web nasties, regardless of source, yet is overlooked by most people.
Second: Proxomitron. The second browser-independent tool, it's a relatively little-known local proxy that filters the crap (including more ads than virtually every other solution) from a webpage before feeding it to your browser. Also handily removes most of the ActiveX and Javascript that causes these exploits. I simply cannot recommend it enough. In addition, it's fully configurable, and there are plenty of people out there who will write custom filters to get rid of any sort of ad that slips through.
Third: Firefox. I hesitate to suggest Opera because I don't feel it's as high a quality a product, and is closed-source, meaning it could be almost as susceptible to this stuff as Internet Explorer, should the bad guys aim their sights on it.
Fourth: In-browser plugins such as Adblock, which probably won't do much to stop this particular problem, but are nice to have around regardless.

Filter or replace anything based on regexps.

Mmmmm. And it acts as a proxy so you can use it with any browser.

My Yahoo email is free of ads, thanks to Proxomitron

Leaving them to browse as an Administrator is equivalent to leaving them to browse as root. Just explain to use the Admin account *ONLY* when istalling boxed software from the store. Install a copy of The Proxomitron and it's damn near impossible to screw things up too much.

The problem I've had with a few popup blockers is that they are not particularly intelligent. Some of them can't even tell the difference between a popup and when you create a new instance of your browser. Beating advertisers requires intelligent filtering at the HTTP stream level, and I've found that the Proxomitron is an excellent proxy that does this. Unfortunately, the writer burned out and it's no longer supported. As such, I've heard really good things about Provoxy, but I can't make a recommendation since I've never used it.

As far as Proxomitron goes, it makes my surfing much more pleasurable. Annoying Flash ads that pop up and make noise and block what you're reading? Gone. Pop-up mouse traps? I laugh in their face. Sidebar/banner ads? What are those? Sometimes, however, the Proxomitron DOES munge some sites due to its filtering, but all you have to do is double click its taskbar icon, punch the "Bypass" button, and reload your browser. A small price to pay compared to punching your monitor in because an ad just took over your browser.

For fighting spam, popups and malware in general, I find Cexx to be a good site. They have a decent list of anti spyware/adware apps, and lenghthy and informative analyses of the various spyware running around.

If the code is on the page, The Proxomitron can kill it. I haven't seen a pop-up that has been able to get past it yet, and even if one did, I could just make a new filter to kill all pop-ups of that sort.

It also blocks other ads, background midis, flash animations, and all sorts of other annoyances in addition to adding functionality to other sites if you're clever enough to write some nice regular expressions and HTML code.

Wonderful little program.

Never noticed that effect before. I knew Tom's split articles up into too many pages, but I've never seen the ads.

Try looking at it my way: with Privoxy (Cross-platform, Open Source) or Proxomitron (Windows only, freeware).

As such, most crapware is not opt-in - only experienced and security-aware users know how to configure their systems to avoid it. Binning Internet Explorer is a good start, but using web-filtering software to block ActiveX, Java and Javascript (like Proxomitron, WebWasher or a firewall like Outpost), an application firewall (like System Safety Monitor) and a crapware scanner like AdAware or Spybot Search and Destroy are also necessary steps.

Linux users should not be complacent here either - almost all crapware currently targets Windows but can be written to run on Linux once it gains signifcant usage amongst mainstream users. Check Adware and Under-Ware - The Definitive Guide for a history of crapware.

Clearly, you've never seen Proxomitron or Privoxy.

blocking ads by domains through Hosts file is the dumbest thing one can do, especially when you're on Windows. It's a resource hog and doesn't accomplish half of what can be done with Privoxy or Proxomitron.

Don't touch the Hosts file.

• Total Commander -- previously known as Windows Commander. A file manager. (and here's how I set it up)
• Proxomitron - HTTP proxy with regex support
• Bandwidth Monitor Pro - lets me set up a transparent bandwidth graph in a screen corner that really doesn't interfere with anything else (replaced DUMeter on all my systems)
• ParaWin - provides additional keyboard layouts
• SQLyog - although it has plenty of issues, this is still the best MySQL front-end that I've found to date
• Opera Browser - still the fastest and most convenient for me

Thunderbird, Mozilla, PuTTY, EditPlus, Winamp

1. Proxomitron - awesome web filter.
2. mSys+mSysDTK+MinGW (extremely useful *nix tools that don't require a Cygwin shell)
3. Winroll -Next best thing to a useful Windows desktop manager
4. Sysinternals utilities
5. Vim!!

Of course others, but they've been mentioned above.

Proxomitron.
I do not think it is open source, nor is it a toolbar, but it is the best popup/ad blocker I have ever used. It takes all the banner ads out of most sites (even slashdot) and makes it look like they weren't there in the first place. You can also configure many other filters. Great software.

Not tried these payware tools but an excellent free one for Windows is the evergreen "Proxomitron". Beautifully formatted and color-coded HTTP output.

Or you can do it all with the Proxomitron

The NYT has a habit of catching these things. It won't even let you register cypherpunks/cypherpunks. However, there is a work around -- get some sort of proxy, such as Proxomitron, and configure it so the referer is news.google.com. The same trick works with the WaPo's new registration service.

Graphical ads? What are those? Are you surfing the web without a proper filtration program or something?

Well, in a word yes.

Referrers are in no way a secure way to prevent linking. The real issue isn't so much that this sort of thing can't be overcome, but that one news site would even try to stop linking from another. Citing news stories has a long history behind it; and the "Press", more than anyone else, should support the fair use of information.

1. Must be value for money
2. must not include advertising
3. must not ever infringe on my privacy
4. Must be value for money (seriously, it's worth saying several times)

• sites with advertising filtered by my ad/popup blocker get return visits (assuming they have good content)
• sites which successfully bypass my filters never see me again
• sites which require me to register never see me again (unless I can screw their database, like NYTimes)
• Sites with stuff I *really* want that I can't get elsewhere for free (or that provide significant value *over* free), I subscribe to (eg FilePlanet, paid email service, etc)

• MicroPayments
• Security
• Privacy
• Zero advertising
• Value For Money
• Value For Money
• Value For Money (seriously, it's worth asking for several times, they're NOT GETTING THE MESSAGE)

Me too... I think it's because I run Proxomitron to filter out popups and crap. Just use "select all" highlighting off your browser's menu to bring it all into sharp relief.

And why do I laugh? Simple. Because I use Proxomitron and JD500 Filters for Proxomitron.

Not only does it kill all the popups/popunders and FLASH ADS AS WELL but you can also filter cookies, filter javascript nasties, and do so much more with the JD5000 Filters.

I've been using Proxo+JD5000 for the last 2 years now and I've never used anything else. Best of all it's FREE!

try proxomitron. "a free, highly flexible, user-configurable, small but very powerful, local HTTP web-filtering proxy"

www.proxomitron.info

1. Rolled out IE-SPY AD through the user's netlogon scripts.
2. Slowly adding the worst of the offending sites to the blacklist on our isa servers

That wouldn't surprise me. I also noticed that the Proxomitron projects is listed as dead.

Listing it as "dead" is somewhat misleading. The program itself is no longer being developed, but anyone can write filters for it, and filter development is still quite active. (See proxomitron.info)

http://www.proxomitron.info/ I forgot to make that url a link. Sorry.

As for ad's on Gamespy and IGN which can be bloody annoying as heck, that is what proxy filtering is for. Setup something like Proxomitron and JD5000 Filters for Proxomitron and you can kiss all those flash and regular ad's goodbye and actually READ content on the Gamespy/IGN sites without being bombarded by ad's.

Do you feel like a bit of RegExp work? You can probably use Proxomitron to catch pages that you get from hotmail (it acts as a proxy), and rewrite the JavaScript functions, changing them to output HTML links perhaps.

It also has the added benefits of ad-blocking. :)

Can't go wrong with it.

On a related note: I've been using Proxomitron for some time now. It's a proxy server that strips or adds (or does whatever you please, really) HTML to pages you're viewing. Unfortunately, the developer has abandoned it, but the latest version still works, and it's free!

Anyone interested can find it here.