FTC Shuts Down 'Pop-Up Trapping' Sites

Masem writes: "The FTC today ordered the shutdown of 5,500 sites owned by John Zuccarini, all of them the so-called 'typo' sites that common mis-entered URLs for popular sites (such as Annakurnikova.com); when the user visits these sites, their back button behavior in most popular browsers is modified as to open multiple pop-ups featuring ads for adult entertainment and gambling sites when pressed, and uses other technology to basically 'trap' the browser until the entire application has to be closed. While some sites are still operating, the FTC is going to take this matter to court, which may decide exactly how much control a web site can take over the end browser using JavaScript and ActiveX. CNet has the full story." Le Marteau contributes a link to the same story at the Washington Post.

whoa....not at the top of my list

[ruebarb]

Finally, a practical use for the FCC...Thank God. This is one of the few times where a little government intervention wouldn't hurt.

Try explaining to your boss why the firewall detected all these adult site alerts when all you were trying to do was look for Dana Bourgouis guitars...

Or your wife/girlfriend for that matter.

RB

Wow!

[Red+Aardvark+House]

And I thought X-10 was bad!

This type of advertising only frustrates users and creates animosity between advertiser and potential customer. This is an obvious and sometimes extreme nuisance, having to shut down your broweser at times!

Alienating your audience is not a good business practice.

Re:Wow!

[K8Fan]

I complained to the people manning the X-10 booth at CEDIA (Custom Electronics Design & Installation Asssociation - home theater and whole house electronics) convention. I tried telling the booth weasle how hated their ads are, and the smug jerkwad just kept repeating how many million "page views" they kept getting. I told them they could just as effectively get their logo tattooed on frat boys ass cheeks and pay them to drive around mooning people. Or use a soldering iron to burn the logo into a 2" by 4" and run around wacking people in the face with it.

Unclear on the concept does not seem to even come close to describing these morons. We have to do something more.

Does all this really work though?

[GreyyGuy]

One thing that surprised me is that this slime ball has been sued for this before and lost 57 cases tied to 200 domain names and been fined $800,000 to $1,000,000. And he's still doing it. The only reason he would still be doing this is if it is profitable, above and beyond court costs and fines.

Who is falling for all this and patronizing the sites that trap you like this?

As long as they allow scripting...

So people use scripting for imaginative ways that nobody had expected. Then people start complaining. Hello!!!! New and unexpected uses are what scripting are all about. To be programmable means that things will be asked that you hadn't anticipated. (Otherwise, there is no need to program them.) Therefore you have to expect abuses when you introduce such a technology. Scripting engines do not belong in browsers, mail clients, news clients, and so on. It was plain irresponsibility for Microsoft, Netscape, and the others to do this to their products. Years ago I saw the coming security nightmare that we live in today. It arose from the "browser wars" between IE and Netscape. This functionality wasn't about making websites better, it was about trying to have a gimmick feature that the other didn't have. This gold-plating not only lead to shoddy implementations, but bloated browsers, bloated websites, and immeasureable amounts of wasted bandwidth.

Now that Netscape is dead, the problems unfortunately remain. Browsers shouldn't have scripting embedded in them, period. If you like scripting, then you have to expect and put up with this crap. There's no way to legislate people to stop doing things like this.

The only way to stop them is to disable scripting on your browser. The more flexibility a program has, the less secure it is. Scripting adds almost no value to websites, and is now just a tool of marketers, used more against you than for you. They track you with it. They take over your web experience with it. They keep tabs on what you're doing... and sometimes even take over your machine when flaws are discovered and exploited. I have serious problems with other people running their code on my machine, and therefore disable all scripting.

Consequantly, I don't every seem to have any problems with pop-up windows, pop-under windows, "trapped" browsers, infinite-loop "back" buttons, etc.

Turn off scripting. Encourage websites to stop using it. The web is full of more than enough bloated crap already. While you're at it, get rid of flash, and all the rest of the plugins.

This might slow the push for filtering?

[ClarkEvans]

My aunt is furious about when her 6 year old child accidently does a typo and porn sites pop up everywhere. Perhaps if this stops, it will lessen the demand for filtering software. Filtering software, IMHO, is very bad; definately the worse of two evils. At least shutting down a web site could possibly have a court process attached to it...

And this makes money?

[bigdavex]

I find it pretty amazing that some people, after having their browser assaulted with annoying pop-ups, go on to actually buy things from these merchants. I guess spammers and phone salesman make money too, but I find this equally strange. I would hope this sort of thing would fix itself through consumer pressure.

Re:I'm happy, but...

Nah, this is like false advertiseing, or violation of trademark, on a massive scale. The FBI isn't going after just popup sites, or just typo sites, but sites that can effectively damage the reputation of the sites they 'copy'. And try to make money off it at the same time. We are not sacrificing any freedom here, this is just about getting an a$$hole off the net.

It changed my Homepage

[Captain+Pooh]

I wonder if I can sue a website operator for changing my homepage without my knowledge while visiting the operators site?

Re:another step towards the ruin of the web.

[lizrd]

By lazily handing this problem over to the government and allowing them to "solve" it, we are setting more precedents which erode our First Amendment rights. Honestly, do we really want the government telling us how we can and can't write JavaScript programs?

Fortunately, what's happened isn't that the government has decided to regulate javascript, the FTC is just making a reasonable application of existing laws against deceptive business practices. What we're seeing here is legal action against deceptive practices. We are not seeing action to outlaw the use of a particular technology, or any restriction on your right to write and distribute any sort of javascript tool that you like. What we are seeing is a crackdown on a business practice that was already unethical and illegal.

Be very wary of falling into the trap of thinking that adding 'and do it with a computer' to the end of some already common thing makes it new and different. That's what Amazon did (We're going to keep our customers address and credit card number in a rolodex 'and we do it with a computer') and we all hate them for it.

Also be wary of falling into the trap of thinking that because the Internet is international no one can exert any authority over it. While it is certianly true that the US FTC has little to no authority over what foriegn companies do with offshore servers, there is still a responsiblity to put a stop to illegal actions when you are able to do so.

two words

[Archfeld]

POPUP KILLER, sadly afaik win32 only but it works wonders on those annoying pop ups and pop unders

Very good...

[Picass0]

Now I wish the feds would do something to stop the pop up adds that interupt my TV shows every 10 minutes. I hate those.

Overcomplexity is to blame.

[fmaxwell]

Because a bunch of morons thought that the web had to look like television, they put ActiveX, VBScript, Javascript, Flash and other crap into browsers and plug-ins. This, not surprisingly, lead to many vulnerabilities like the one exploited here. (Who is the genius that decided that the "Back" button should be able to be redefined by any website that the user viewed?) If the web simply displayed pictures and text, we would not have this idiotic problem. Lest you laugh, that's what books and newspapers have done for centuries and they still seem mighty useful and popular.

We have seen this overcomplexity lead to many problems. Look at Microsoft Outlook: some group of idiots decided that displaying text, or even pictures, was not enough. So they added Visual BASIC scripting to it. And HTML that you can't turn off. Suddenly any nitwit could create an e-mail Trojan horse that emailed itself to every person in the address book. Or Outlook could display some web site in the preview window, play annoying music, or provide confirmation to a spammer that you received and saw his message.

It's time that we started demanding robust, secure applications even if it means that web sites won't be able to display animated, dancing piglets.

Back button

[Phroggy]

An important technical point: it sounds like the Back button was not actually reprogrammed to perform a different action. Rather, an onUnLoad event handler was specified in the BODY tag to execute a bit of JavaScript code when the window was closed. There are legitimate uses for this that are not annoying, although offhand I can't think of any (probably cleaning up things that were previously set, perhaps on a site that is designed to use multiple small windows for some special purpose).