FTC Shuts Down 'Pop-Up Trapping' Sites

Masem writes: "The FTC today ordered the shutdown of 5,500 sites owned by John Zuccarini, all of them the so-called 'typo' sites that common mis-entered URLs for popular sites (such as Annakurnikova.com); when the user visits these sites, their back button behavior in most popular browsers is modified as to open multiple pop-ups featuring ads for adult entertainment and gambling sites when pressed, and uses other technology to basically 'trap' the browser until the entire application has to be closed. While some sites are still operating, the FTC is going to take this matter to court, which may decide exactly how much control a web site can take over the end browser using JavaScript and ActiveX. CNet has the full story." Le Marteau contributes a link to the same story at the Washington Post.

Thank God!

[SpanishInquisition]

I can know go back to browsing porn at work without the fear of getting caught.

Re:Thank God!

[tbmaddux]

You don't even have to worry if you are "caught" visiting porno sites. Just claim that you were "trapped!" From the original article: "The scheme is especially harmful to children or employees who may put their jobs at risk when they inadvertently call up pornographic or gambling-related material, the FTC said." (bold emphasis added)

But seriously, I for one am glad the federal government is on top of this case. Just think of all the shoppers out there who were innocently looking to buy cupcakes online and got drawn into this insidious web of browser betrayal.

Now, could they do something about my problem? Every time I buy a new car, the trunk turns out to be mysteriously stuffed with black 30-gallon trash bags full of child pornography, gambling tokens, and a substantial fraction of body parts that somebody must be missing...

Re:Thank God!

[jjoyce]

I remember being at work once when I wanted to check up on the progress of LyX for KDE. Too lazy to go to google, I entered (what I thought might be the URL) http://www.klyx.org.
I don't know if it's still what it used to be, but, needless to say, I am not checking it while I am here at work!

The FTC, not the FCC ...

[taniwha]

'nuf said

Re:The FTC, not the FCC ...

[Masem]

My bad on the FCC/FTC mixup; I know I read the article thinking that it would make more sense that the FCC did it, and screwed up on the write-up. Sorry for that, folks.

Nevertheless, some TLA organization of the gov't is putting the smackdown on some guy. :-)

Re:The FTC, not the FCC ...

[benedict]

No, fraud and unfair business practices generally fall under the purview of the FTC, not the FCC. The FCC is "charged with regulating interstate and international communications by radio, television, wire, satellite and cable", according to their web site. They regulate the mechanisms themselves, not so much what people do using those mechanisms.

Re:The FTC, not the FCC ...

[jmorzins]

Bleagh. timothy has silently edited/corrected both the story title and masem's submitted text, without even providing a sentence notifying readers that he's done so?

Welcome to the ephemeral web, I guess. I wish the editor would at least *tell* us that he is changing history, otherwise taniwha's post makes little sense.

Re:The FTC, not the FCC ...

[cetan]

I wish I could mod this up and mod up all the people being modded down _now_ that the change has been made and they (they being those with mod points that are the usual clueless readers) don't realize it was screwed up to begin with.

hmmm....

[jonfromspace]

What about all the Porn sites that do this... I sure could use the FCC's help there :)

Well, it is a start I guess...

Uh huh...

What gets me is not that someone registered those names and cybersquatted (I'm all for that), but that this kind of annoyance (popup Spam) is actually clicked through and these Casinos, fake/genuine Viagra, etc. sites make any money at all.

Are you the one clicking on them?

Blah blah blah... "IE sucks cuz I can turn off popups in Moz..."

Re:Uh huh...

[unitron]

How can anybody get through to one of these sites and spend any money with them if their computer is crashing from the overload of trying to open half a zillion pages at once? Is this guy covertly doing these people a favor by luring those who would spend their money at those sites and frustrating them to the point of giving up?

Re:Uh huh...

[unitron]

Great minds caught in the same rut :-)

whoa....not at the top of my list

[ruebarb]

Finally, a practical use for the FCC...Thank God. This is one of the few times where a little government intervention wouldn't hurt.

Try explaining to your boss why the firewall detected all these adult site alerts when all you were trying to do was look for Dana Bourgouis guitars...

Or your wife/girlfriend for that matter.

RB

Re:whoa....not at the top of my list

[TBone]

Bah, the only reason my wife gets mad at me for looking at porn is when I don't share and show her some of the wierd crap that shows up in those popups :)

Re:whoa....not at the top of my list

[frknfrk]

i doubt my wife will be figuring out how to read the firewall logs any time soon.

not that she's incapable, but as far as she cares, the server room is 'the place where if i go in, the internet stops working!'.

-sam

Wow!

[Red+Aardvark+House]

And I thought X-10 was bad!

This type of advertising only frustrates users and creates animosity between advertiser and potential customer. This is an obvious and sometimes extreme nuisance, having to shut down your broweser at times!

Alienating your audience is not a good business practice.

Re:Wow!

[edhall]

The guy was only exploiting a system that pays money based on "impressions" or "exposures." He set up traps that generated as many ad exposures as possible, but it made no difference to him whether the ads made a possitive impression on anyone.

This is why most of the ads were for porn, since he needed advertisers who didn't check what the presentation of their ads would look like or the nature of the site itself. Outside of porn, few advertisers are that lax any more. I'm sure that, given a choice, even porn advertisers would want a "friendlier" presentation than this guy gave them. But they don't care enough to even check. In the mean time, this guy was raking in a hundred or more ad exposures per victim.

-Ed

Re:Wow!

[dragons_flight]

According to this US News report, X10.com had the 14th highest traffic of any domain in the month of august. Pretty impressive for a site that sells something almost no one wants.

Has anyone else noticed that their special deals are always about to expire in the next day or two, and yet the offer itself doesn't change for weeks on end. Maybe someone should get them on deceptive advertising?

Re:Wow!

[4of12]

And I thought X-10 was bad!

So did I.

But then I thought: while you and I hate them for their annoying advertising barrage, we have been satisfactorily indoctrinated that:

X10 ~ web cameras

as well as dozens of the usual time-proven suggestions that if you get $PRODUCT that sexy attractive young women will find you irresitably sexy and attractive.

If the message was delivered, then despite your protests, you can expect more of the same annoyance.

Re:Wow!

[jfdawes]

Yeah, I want to go out with some girl who has a bizarre web-cam fetish.

Re:Wow!

[benedict]

A source in the NYS Attorney-General's office tells me that that type of thing is illegal but generally not considered harmful enough to go after (gov't lawyers generally being overworked).

I asked because I saw the same type of fraud on store.apple.com.

Re:Wow!

[MaxVlast]

Ooooh...I hope X-10 doesn't see your post. They don't actually sell web cameras, they sell wireless cameras. (All NTSC, no computer)

It seems like it didn't even work as well as you're giving them credit for =)

Re:Wow!

[jesser]

Not all porn sites pay per impression. Gamma Entertainment, a company that runs several large porn sites, will pay you either $25 per sign-up (through text, banner, or pop-up links) or five cents per banner click. If your pop-up ad is annoying, nobody will intentionally click on it and sign up, and you won't get paid. They won't pay you for banner impressions at all, probably because they recieved a large number of complaints that webmasters were claiming pop-up ads as impressions.

I'm sorry this sounds like an ad. I don't work for them and if I was trying to make money from this post, I'd have created a referral-kickback link.

Re:Wow!

[infiniti99]

Has anyone else noticed that their special deals are always about to expire in the next day or two, and yet the offer itself doesn't change for weeks on end. Maybe someone should get them on deceptive advertising?

I don't think anyone could do anything about it. These types of schemes have been around forever. I still hear "call in the next 10 minutes, and receive..." in radio ads TODAY. This is 2001, and apparently everyone falls for the same crap. Or the advertisers think we do..

Re:Wow!

[K8Fan]

I complained to the people manning the X-10 booth at CEDIA (Custom Electronics Design & Installation Asssociation - home theater and whole house electronics) convention. I tried telling the booth weasle how hated their ads are, and the smug jerkwad just kept repeating how many million "page views" they kept getting. I told them they could just as effectively get their logo tattooed on frat boys ass cheeks and pay them to drive around mooning people. Or use a soldering iron to burn the logo into a 2" by 4" and run around wacking people in the face with it.

Unclear on the concept does not seem to even come close to describing these morons. We have to do something more.

Re:Wow!

[digitalmuse]

I personally would click on enough X10 banners to drive them straight to #1 if I got to smack their booth-weasels with a 2x4(bearing the proper X10 logo) for each click. hey, maybe we can get a double-sided LART for this purpose!

FTC, not FCC

[GrenDel+Fuego]

This was the federal trade commission, not the Federal Communication Commission.

I was curious when they became involved with net traffic.

another step towards the ruin of the web.

[Cheetahfeathers]

As much as I hate popups like that, government regulation of such is even worse. Also, what can they do about overseas sites? Are they going to try and put it under the same controls as overseas TV broadcasts?

The proper way to fix this is to fix the browsers so they don't allow this to happen.

FCC, stay the hell out of the net.

Re:another step towards the ruin of the web.

I agree. Believe me, I would love to see the end of all this control that web sites can have, but I don't think the government should be the ones who have the say. Software does a good job at being able to stop this. Don't like all those pop-up ads? Disable JavaScript (on a per-site basis for example). It should be up to the user what can and can't be done on thier machine, not the government.

Re:another step towards the ruin of the web.

[cyb3r0ptx]

"Doesn't Mozilla have a nice feature to disable the document.open() method in javascript?"

Yes, which is why Mozilla has become my browser of choice. I use it not for the pr0n sites (surprisingly) but the majority of 'legitimate' sites that believe that annoying their users w/ pop-ups is a good idea.

The feature that you speak of can be found HERE. You might also want to take a look at the Configurable Security Policies for Mozilla. These features are nice, but the only drawback is that there isn't a good GUI to add/remove sites from your blocklist.

Re:another step towards the ruin of the web.

[BlueTurnip]

Bravo! A voice of reason.

Once again people seem to be looking to the government to solve problems they can solve themselves, by using an appropriate browser and learning how to configure it!

By lazily handing this problem over to the government and allowing them to "solve" it, we are setting more precedents which erode our First Amendment rights. Honestly, do we really want the government telling us how we can and can't write JavaScript programs?

Re:another step towards the ruin of the web.

[frknfrk]

you know, that's a good point. it's funny that we cry and bitch and moan because instead of letting us fight technology (CSS) with technology (DeCSS), the government passes a law.

here, because the end result is SPAM or annoying pop-ups, suddenly we start cheering, instead of demanding that we be allowed to police ourselves when it comes to technology? the great answer is corporations shouldn't have protection against technology, but our mail inboxes and browser windows should?

btw, it was the FTC, not the FCC (redundant, i know, i've seen it pointed out a few times already).

-sam

Re:another step towards the ruin of the web.

[jesser]

Once again people seem to be looking to the government to solve problems they can solve themselves, by using an appropriate browser and learning how to configure it!

Default browser configurations should not be vulnerable to a DoS attack that has been widely exploited against web users for years. Good defaults are more important than configurability, especially when your target market includes people who don't want to look through thousands of options to find a combination that fixes the problem without breaking legitimate uses of JavaScript.

In other words, if you could convince me that it's not the government's responsibility, then I would argue that it's the browser maker's responsibility rather than the user's.

Re:another step towards the ruin of the web.

[lizrd]

By lazily handing this problem over to the government and allowing them to "solve" it, we are setting more precedents which erode our First Amendment rights. Honestly, do we really want the government telling us how we can and can't write JavaScript programs?

Fortunately, what's happened isn't that the government has decided to regulate javascript, the FTC is just making a reasonable application of existing laws against deceptive business practices. What we're seeing here is legal action against deceptive practices. We are not seeing action to outlaw the use of a particular technology, or any restriction on your right to write and distribute any sort of javascript tool that you like. What we are seeing is a crackdown on a business practice that was already unethical and illegal.

Be very wary of falling into the trap of thinking that adding 'and do it with a computer' to the end of some already common thing makes it new and different. That's what Amazon did (We're going to keep our customers address and credit card number in a rolodex 'and we do it with a computer') and we all hate them for it.

Also be wary of falling into the trap of thinking that because the Internet is international no one can exert any authority over it. While it is certianly true that the US FTC has little to no authority over what foriegn companies do with offshore servers, there is still a responsiblity to put a stop to illegal actions when you are able to do so.

Re:another step towards the ruin of the web.

[astroboy]

FCC [sic], stay the hell out of the net.

Oh, for pity's sake.

It is exactly the FTC's job to enforce legislation against deceptive trade practices. These `typo' sites are exactly that, and fall under the same laws that would apply to Real-World marketing under names intentionally similar to trademarks.

Re:another step towards the ruin of the web.

[mosch]

That's what Amazon did (We're going to keep our customers address and credit card number in a rolodex 'and we do it with a computer') and we all hate them for it.

Speak for yourself, and the slashdroids. I don't hate amazon at all, I use them all them time, they're extremely convenient and have reasonable prices. As far as I can tell, they really were the first site to offer one-click shopping. If you can prove otherwise, go collect your $10,000 Bounty

Everything is obvious in hindsight.

Re:another step towards the ruin of the web.

[benedict]

Fraud is fraud, whether it's perpetrated over the phone, the web, in print, or in person.

Re:another step towards the ruin of the web.

[ShaunC]

>It is exactly the FTC's job to enforce legislation
>against deceptive trade practices. These `typo' sites are
>exactly that

Perhaps there are legal precedents (I guess now there certainly is one) but I don't agree that typo sites are deceptive trade practices. If I'm trying to go to Google and I wind up at Goggle.com - which by the way is exploiting the typo - there's no way I'm going to mistake that for the actual Google site. Likewise, if I'm trying to visit Anna K's site and I wind up at a page that pops up 20 adult ads, it's unlikely I'm going to think that my future wife is running a porno business :)

It's one thing to manufacture some soda, name it Caca-Cola, and try to pass it off as The Real Thing. Setting up a website and profiteering off of people who [can't spell|make typos] is different, though. You aren't advertising your "product," you aren't trying to deceive anyone, you're just profiteering off of accidents.

Maybe the reason I think the scenarios are different is that one's proactive and the other's passive... Regardless, I don't see why this is the government's business.

Shaun

Re:another step towards the ruin of the web.

[lizrd]

I was hardly speaking for myself, merely turning around the slashbot line to illustrate why I don't have a problem with the FTC right now. I really don't have a problem with Amazon, and continue to shop there when I can't find a better price elsewhere.

As for the one click shopping thing, I think that Amazon probably was the first to add 'and we do it with a computer' to keeping customer information on file for convenience. In the larger picture I don't see a whole lot of difference between a cookie with your name and billing information on it and a library or video store card with the same information. But my beef about that isn't with Amazon, it's with the patent office.

Re:another step towards the ruin of the web.

[philipdl71]

I completely agree. There is no reason why the government should be regulating this AT ALL. The reason why the internet is as good as it is today is because the government hasn't been involved in it. Everything the federal government touches turns to shit. This should be fixed at the browser level. There is no need for a new law against this!

Re:another step towards the ruin of the web.

[philipdl71]

This is a good point. Everyone seems to bitch about how we should have first ammendment rights to write code such as DeCSS and laws like the DMCA interfere. NOW we are letting the government tell us that certain forms of code are illegal to write. Does anyone see a problem with this?

Re:another step towards the ruin of the web.

[BlueTurnip]

In other words, if you could convince me that it's not the government's responsibility, then I would argue that it's the browser maker's responsibility rather than the user's.

Actually, I think it is the user's responsibility to choose a browser that behaves the way they want. No one is forcing them to use Explorer or Navigator. There are many browsers to choose from, most of which are free, and several of which allow you to disable pop-ups without turning off Javascript. I much prefer to choose for myself what features I want rather than the government telling me which features my browser is allowed to have!

Re:another step towards the ruin of the web.

[BlueTurnip]

The only part of what they did that could be called remotely fraudulent was using misspellings of common names to fool people. If so, that is a trademark issue, and should be settled in courts.

What seems to bother the FTC here is that these sites appear to hold people "captive". What they might call captive, I might call aggressive use of JavaScript in advertising. I really am not comfortable with the government making decisions about the proper way to use JavaScript, and yes, I've been held "captive" by pop-up sites before. I generally just restart the browser. I certainly never asked the government to get involved!

Re:another step towards the ruin of the web.

[Jagasian]

Yes, Amazon may have been the first company to offern one-click web orders, but that doesn't mean that the patent isn't obvious. It is a very common and obvious concept in human-computer interface design, to minimize the number of inputs (clicks, presses, etc) required for a user to communicate a desired request to the computer. Obviously the minimum for such a request would be 1 press or click or whatever, because anything less would imply that the user has no say, and anything more would be inefficient.

You aren't supposed to be able to patent the stupidly obvious!

Re:another step towards the ruin of the web.

[Kierthos]

You may have heard of DARPA-net at some point, hm?

Kierthos

Re:another step towards the ruin of the web.

[philipdl71]

yeah, Darpa-net was abandoned. What is your point?

Re:another step towards the ruin of the web.

[philipdl71]

Well at least there are two of us here that understand reason and the principles of limited government. The rest of slashdot has gone communist, sadly.

Re:another step towards the ruin of the web.

[EFGearman]

I believe that his point is that it was a precursor to the modern internet. And also that it was government sponsored.

EFGearman

Re:another step towards the ruin of the web.

[lizrd]

Interestingly, I consider myself to be a pretty strong proponent of small government and that's why I'm encouraged by this particular situation. What has happened here is that existing laws have been applied to a new situation. The necessity of an organization like the FTC in a limited government is a topic which is open for debate, but in the case of this debate let us assume that the FTC has already been created and given the task of enforcing consumer protection laws. What I do admire about this action is that action has been taken under existing laws. We aren't seeing some brainless senator pushing legislation to ban javascript for the good of the children.

Re:another step towards the ruin of the web.

[philipdl71]

I'm not disputing this. Not everything the government has done is bad. I'm just saying that if the government had say decided to immediately start regulating the internet after it had grown a little I don't think you would have the internet that you have today. The reason the internet has evolved to the point that it's at is because the government let it be and did not interfere with it's development.

The internet would have been created eventually with or without the government's help.

FTC not FCC

[billscarwasher]

The title should be FTC, not FCC. BIG difference...

hey, he is trying...

[Karmageddon]

The district court has ordered Zuccarini to take his sites offline, the FTC said, while the case continues. But as of early Monday afternoon, at least one site registered to Zuccarini, Annakurnikova.com, was still functional.

Hey, give the guy a break, he's trying. He closes down most of his sites, but whenever he hits the "back" button they all start up again. Those damn javascript-based admin tools...

Re:hey, he is trying...

[CBOS]

*grin

Neverending popup...

[FortKnox]

Hope this will include the "Neverending popup", where you point to a site that popups a copy of itself, which popups a copy of itself, which popups a copy of itself...

I think the troll link "comp-u-geek.com" (DON'T GO THERE!) does that...

Re:Neverending popup...

.net, not .com. Actually, the site's been down for a while, so we just have to link to the goatse guy, via geeknotes if we're bored.

Re:Neverending popup...

[StikyPad]

Heh.. comp-u-geek is a legitimate website. But I'm sure they'll appreciate ./ effect. Though I doubt we're the target audience for home lessons of Outlook Express.

but sites still exist

[nilstar]

what about all the non-typo sites that exist? Well, how about using the no-popup feature of mozilla/netscape 6.x and dump the ie browser!

Re:but sites still exist

[spongman]

my site uses popups to provide modeless functionality such as settings, login, info etc... (and no, none of them 'lock' you in, or even contain any advertising). we just did it that way because it makes sense, and it makes the site 'feel' a little more like an application. howevr, if you disable pop-ups or javascript then we're screwed.

it's a shame that after all this time we finally have a decent set of publishing functionality (dhtml/javascript) that's available and consistent (w3c) across many platforms, but that that same functionality is being killed by idiots like this that just want to make a quick buck. it's a public nuisance and should be outlawed, then maybe the rest of us can go back to doing somthing useful.

now what was i doing?

Re:but sites still exist

[jesser]

my site uses popups to provide modeless functionality such as settings, login, info etc... (and no, none of them 'lock' you in, or even contain any advertising). we just did it that way because it makes sense, and it makes the site 'feel' a little more like an application. howevr, if you disable pop-ups or javascript then we're screwed.

If the elements on your site that trigger your page to open new windows are links or buttons, there's a Mozilla setting people can use to allow that kind of new window while disallowing onload/onunload pop-up ads. If the site randomly throws up new windows, your users probably close 30% of them before they load thinking they are pop-up ads, so you might as well change the triggers to be links or buttons.

good! I've always hated Zuccinni

[Telek]

er, I mean Zuccarini.

But seriously. There's a fine line between .. no scratch that, there's a night and day difference between registering typo sites and displaying a pile of non-porn ads, and registering those sites and trapping the user in a net where they can't get out and displaying pornography to them for the sole intent of making a buck. especially when said users could be children or people who find pornography offensive.

I've seen a few sites who grab a typo site and just use it to promote their own (not indecent) site, but also provide a link on their site to the site that "you might have wanted" instead. I think that's fair enough, no big harm there, but to intentionally trap people. Wow. I never thought I'd be praising government intervention on the internet...

Does all this really work though?

[GreyyGuy]

One thing that surprised me is that this slime ball has been sued for this before and lost 57 cases tied to 200 domain names and been fined $800,000 to $1,000,000. And he's still doing it. The only reason he would still be doing this is if it is profitable, above and beyond court costs and fines.

Who is falling for all this and patronizing the sites that trap you like this?

Re:Does all this really work though?

[HerrNewton]

he's probably making his money on impressions, not clicks.

Re:Does all this really work though?

[nanojath]

"Who is falling for all this and patronizing the sites that trap you like this?"

Well, I'm not a big fan of the word addict, but I gotta assume that people with at the least a "problem" with porn and/or gambling are doing the work, wouldn't you think?

It's hard for normal people like us to imagine, but yeah, I gotta assume there are people out there for whom a porn or gambling pop-up is basically like sitting a needle full of smack in front of a junkie.

And yes, it's very sad.

Re:Does all this really work though?

[tregoweth]

Who is falling for all this and patronizing the sites that trap you like this?

Horny people who don't type well?

Re:Does all this really work though?

[Nachtfalke]

Hey, you try typing with just one hand.

Umm, nevermind....

Re:Does all this really work though?

[EisPick]

Who is falling for all this and patronizing the sites that trap you like this?

Ho rny people who don't type well?

Like this guy: http://www.herbzipper.com/.

Don't worry, it's funny, not disgusting.

Fix this At Browser

[Rashkae]

Even though I'm sure we all had good intentions (if not complete thoughlessness) when all these cool features were added to JavaScript. But really, isn't it time that this gets fixed at the Browser end? I cannot think of *any* good reason for browsers to allow JavaScript to modify how buttons like Back and Close opperate without confirmation by the user. (it would also be trivial to apply a reasonable limit, like say 3, to pop-up windows). Microsoft and Netscape should both be *really* embarrassed that this issue is being addressed by the governent and potential legislation before they've even had a chance to suggest ways of fixing the situation.

Re:Fix this At Browser

[weez75]

I think we should go with the multiple-document interface. I know it's a pain, but be able to launch 4 or five sites within the same application window instead of launch entirely new browsers. Then within the application have a setting that limits the number of branched or spawned sites. That would make me happy and still allow me to use the javascript features.

Re:Fix this At Browser

[Si]

Which, of course, is what opera does.

Re:Fix this At Browser

[JoeShmoe]

I think it is especially embarassing that Microsoft/Netscape cannot grandularize the ActiveX or JavaScript functionality. Your choices are "Run All" or "Run None". There needs to be a way to differetiate between normal redirection (which is often used by legit sites)or pop ups (which is of course used in advertising) and those malicious elements such as "On Back" or "On Close" or "Maximize Full Screen with no buttons anywhere". I cannot stand it when I have a button in my taskbar that refuses to respond to a right-click Close command. That kind of control interferes with my GUI and should not be tolerated.

- JoeShmoe

Re:Fix this At Browser

[weez75]

Exactly, just as older verions of Mozilla and Mosaic did...

Re:Fix this At Browser

[roca]

Actually, Mozilla, Netscape 6.x, Konqueror, and other browsers provide a high degree of control over Javascript, including ways to turn off pop-ups, window resizing, etc. Just stop your ignorant ranting and google for "Mozilla configurable".

Re:Fix this At Browser

[Styros]

IE does have some control over that. If you stumble onto one of those sites where you're in pop-up hell, put that site into in the Restricted Sites Zone, and it'll stop all javascript from running next time.

Re:Fix this At Browser

[jesser]

There are no user-visible options for what web sites are allowed to do in Mozilla, so I don't find it surprising that users complain that they're given an all-or-none choice.

You can get some documentation on Mozilla's configurable security policies here, and you can also test the new hidden pref to prevent web pages from opening new windows while they are loading or while the user is leaving the page. Note that the new hidden pref is still buggy: it catches some things it shouldn't, such as clicking a javascript: link in a page while the page is still loading, and fails to catch cases like onmouseover and onfocus.

Re:Fix this At Browser

[Mongr]

There are plenty of 3rd party programs that fix this annoying feature of IE (if the user can't be bothered to install mozilla).

For instance: Panicware's Pop-Up Stopper and Surf Pal products.

They work well.

Re:Fix this At Browser

[larien]

Javascript doesn't actually change the function of back or close; it just traps "windowclose" or "exitframe" (no, I don't know Javascript, but I do know there are events which handle these things). The JS traps this and launches a new window where the author wants you to be.

FWIW, the only time I've seen this implemented to a fully irritating degree was the home page of Rev Don Kool (a notorious web troll on comp.unix.*).

Oh, and as has been pointed out, several browsers have options to limit this behaviour, such as Konquerer. I'm sure someone could get a comprehensive list together of which browser do and don't have some support for disabling openWindow()

Re:Fix this At Browser

[rabidcow]

Yes, mozilla definitely needs to grow ui for these hidden features, but in time that should come.

It would be nice to get better granularity even than that, tho.
Someone mentioned that some other browser will let you disable "window.open" except on mouse click, which would be cool, as well as the possibility to even disable new window openning at all.

Re:Fix this At Browser

[BlowCat]

I cannot stand it when I have a button in my taskbar that refuses to respond to a right-click Close command.

1. Install IceWM

2. Put to user.js for Mozilla:
user_pref ("capability.policy.default.Window.moveTo", "noAccess");
user_pref ("capability.policy.default.Window.resizeTo", "noAccess");

3. Enjoy

Re:Fix this At Browser

[MobyDisk]

It isn't supposed to catch onmouseover and onfocus. There are legitimate uses for that.

Re:Fix this At Browser

[jesser]

It isn't supposed to catch onmouseover and onfocus. There are legitimate uses for that.

I meant that it's supposed to prevent web pages from opening new windows while handling onmouseover and onfocus events. There are very few legitimate uses for that, and once aggressive advertisers realize they can't use the onload event, they'll use one of those instead.

Re:Fix this At Browser

[Rufus211]

Your choices are "Run All" or "Run None".
Not so anymore:

mozilla.org today released Mozilla Milestone 0.9.4. New to this release is the ability to disable the JavaScript window.open() method during page load and unload events.

Been using this feature for almost a month (Well, since 0.9.4 came out) and it works perfectly, no sites that I've gone to have been broken, and no pop-ups!

Re:Fix this At Browser

[Mawbid]

Or you could use a hybrid solution. "Open popups in tabs" in Galeon. Middle clicking still opens a new window.

Re:Fix this At Browser

[pdh11]

ANT Fresco deliberately omitted any JS "features" which could enable malicious web pages to set a trap. OEMs made us put them back in again.

Peter

Re:Fix this At Browser

[toolman_nick]

I could not agree more, I think that it should be fixed at the browser. it should be user option to even use popups.. I HATE them and wish that there was a way to disable them for ever and to never use them!! some sites have so many of them that most of the time it locks up windows and then you have to reboot.. that does not seem right.. rebooting because of Java-Script windows overwelming windows....

Re:Fix this At Browser

[Sinistar2k]

Perhaps the FTC should be made aware of Opera and Konqueror?

I was discussing this issue with last night with my wife when she asked, "Well, if Konqueror has the option to turn off window.open [no, she didn't say "window dot open"], why doesn't Microsoft just do that?"

Because Microsoft derives revenue from popups. Same reason they don't let you disable HTML mail even though it continues to be a security issue - the mail they send ties into tracking that helps them drive revenue. If they let you disable these two avenues, they lose money.

This is all speculation, though Hotmail does shove a popup on your screen while you're using it (and just think about how many people use Hotmail).

Why does the govt. have to regulate this?

[StaticLimit]

This is a client-side browser issue. If we had a competative browser market, someone might find it useful to "innovate" a feature into the browser to disable popups, or cue up the popups and let the user decide whether to let them fire.

Was it Konquerer that put a similar feature into their browser? If so, big huge kudos to them.

Regardless, I don't see Microsoft champing at the bit to reduce end-user annoyance over this, and I'm surprised, because I can't imagine how the IE team can browse the web without getting fed up with that crap and saying "fsck (or maybe chkdsk) it! I'm going to "innovate" a way to stop this!".

- StaticLimit

Re:Why does the govt. have to regulate this?

[SuiteSisterMary]

Lets face it. Konquerer does it, they're lauded. Had Microsoft done it, people would have complained about how they were ignoring standards and dictating standards.

Re:Why does the govt. have to regulate this?

[jmv]

This is a client-side browser issue.

Arguing this is like arguing what Code Red/Nimba is just an IIS issue. Sure IIS should be more secure, but there's still a malicious intent. The same for this. Sure, the "don't close from JavaScript" feature shouldn't be on by default, but there's always going to be a hole somewhere in all browsers. This kind of behaviour should not be allowed.

Re:Why does the govt. have to regulate this?

[abulafia]

That's crap. In response to a request, a server is sending a text stream to a client. If you don't like what your client does with it, use a better client. Sorry, but it is just that simple.

-j

Re:Why does the govt. have to regulate this?

[metis]

Why does the govenment regulates cleaning your dog poop from the street? Can't we have Dupont invent a tarmac that disolves it?

Why does the government regulate noise? Can't you invest in better insulation for your home?

The reason is simple. It is cheaper to have a cop fine one thousand offenders than to have one billion consumers invest is an expensive technological solution.

The issue here is not innovation but nuisance. What is bad about nuisance, by definition, is that it forces you to chose between suffering it and paying something to get rid of it. An innovation that removes a nuisance does not improve your quality of life. It merely restores it. Thus having a free arm race between nuisance makers and anti-nuisance solution makers is a waste of intelligence and money that are better spent on something that actually makes life better. That is something every town council understands, and that is why nuisance is regulated.

The only difference here is that the internet allows people to be a nuisance from a greater distance. That makes it apropriate for federal rather than local regulation.

Re:Why does the govt. have to regulate this?

[Lemmy+Caution]

This is sort of like saying that someone hits you over the head, it's because of a failure on your part to grow a protective carapace.

Re:Why does the govt. have to regulate this?

[jmv]

So I guess (part of) Nimba is legal then, since one of the (4-5?) ways it propagates is through malicious Javascript in web pages. Also, I guess it means I can write a program that wipes your hard drive, label is as a text editor and make it available for download. It's your responsability if you download it.

Re:Why does the govt. have to regulate this?

[jesser]

Had Microsoft done it, people would have complained about how they were ignoring standards and dictating standards.

I doubt it. The W3C pays very little attention to privacy and security in most of their recommendations. The fact that web sites aren't allowed to look into an <iframe src="http://www.amazon.com"> and pull out your name from the "welcome" message is not standardized anywhere, and in fact each browser has slightly different rules about what things you can pull out of and push into frames whose content is from another web site.

The W3C's ignoring security has also led to some holes that affect multiple browsers, such as web sites being able to find out whether a link is marked as visited using CSS. Yes, your boss could point you to a web site that creates invisible links to the last 200 slashdot stories, quietly counts the number that are marked as visited, and reports back to your boss how much /. you've been reading at work lately.

Re:Why does the govt. have to regulate this?

[Mr.+Slippery]

That's crap. In response to a request, a server is sending a text stream to a client.

The issue is that the server is essentially misrepresenting the text stream it will send to the client upon a request. That's fraud. They're doing it for purposes of profit, and are doing it to clients in more than one state, and getting paid by advertizers in multiple states. That's interstate commernce.

That makes it a job for the FTC. Sic 'em, boys.

Re:Why does the govt. have to regulate this?

[Overt+Coward]

Possibly, but those bashing MS in that case would be wrong. In the end, the browser is the one responsible for rendering the content, and providing an option to limit the extent of the display is not ignoring or dictating standards in any way.

Re:Why does the govt. have to regulate this?

[abulafia]

I am certainly more comfortable with being responsible for what I download than with having to have a team of lawyers to feel comfortable posting content.

I'm sorry, but I feel this is a software security issue. As always with security issues, some people want a legal palliative to make them feel better ("Take a DCMA and an Anti-Spam and call me in the morning."). Others use software that doesn't behave in undesirable ways.

I am being a bit harsh here, but think about it for just a bit. There are consumer choices to make this crap go away, as many have noted in this topic. This really does seem to be a case of "Doctor, it hurts when I click there."

-j

Re:Why does the govt. have to regulate this?

[reflector]

Why does the govenment regulates cleaning your dog poop from the street? Can't we have Dupont invent a tarmac that disolves it?

Why does the government regulate noise? Can't you invest in better insulation for your home?

Bad analogy, I think. The street is a public area, and people are responsible for their actions (and those of "their" pets, not that I believe that one animal, such as a human, can own another animal, such as a dog, that's no different than slavery). With the noise example, that's an UNINVITED invasion of your home, a kind of assult, no one has the right to do that.

In the case of a website, no one can force you to visit that site. If you go there and run their javascript, that's a choice that you make. And if you intended to go elsewhere but made a typo, the typo was your mistake, as well, not theirs.

As far as your argument about nuisance, you could substitute the word "obscenity" for "nuisance". Who decides what a nuisance is?

All in all, I trust the feds a lot less than I trust some stupid greedy spammers.

Re:Why does the govt. have to regulate this?

[jmv]

I think there's a middle between the two extremes. I think you should not be liable *except* in the few cases where it's pretty obvious that the intent was to directly cause damage. If someone writes an editor that has a bug that ends up wiping your drive, it's an accident. However if the same guy advertises an editor that startes by system("/bin/rm -rf $HOME"), I think it should be illegal. Where to draw the line, I don't know.

But advocating that you're not responsible if you spread worms/virus is plain dangerous. Why don't you extend that to crasking into systems... after all, you're just sending bits to random ports on a system...

Re:Why does the govt. have to regulate this?

[metis]

Who decides what a nuisance is?

In this case, the FTC made the an initial decision. This decision will be reviewed by the court. The court decision will be reviewed by congress and congress decision will be reviewed by voters.

If you go there and run their javascript, that's a choice that you make.

According to your logic, if I invite a plumber to fix my sink, I cannot call the police if he starts emptying my refrigerator. If I enter a restaurant, the owner is free to poison me. etc. Doesn't it make sense to use common sense and see that all privileges that we grant each other when we willingly engage in transactions are limited and assume a trust that they will not be abused?

Re:Why does the govt. have to regulate this?

[reflector]

In this case, the FTC made the an initial decision. This decision will be reviewed by the court. The court decision will be reviewed by congress and congress decision will be reviewed by voters.

That's true, of course, but you're not addressing the point I was trying to make, which is:
Why is the government in the business of defining what a nuisance is in the first place?
I find the tyranny of the majority to be an unacceptable way of dealing with many problems. For example, homeless people could be defined to be a nuisance, and thrown in jail just because people don't want to look at them.

According to your logic, if I invite a plumber to fix my sink, I cannot call the police if he starts emptying my refrigerator.

Not true, you're misrepresenting my views with another innacurate analogy.

If I enter a restaurant, the owner is free to poison me.

Again, untrue.

Doesn't it make sense to use common sense and see that all privileges that we grant each other when we willingly engage in transactions are limited and assume a trust that they will not be abused?

I don't think that it does make sense to make that assumption. The fact that some of us browse with JS on, and websites can pop up as many windows as they want is a technical problem, and it should be dealt with as such, not as a political problem.

Seriously...

[mindstrm]

this shouldnt' fall under the jurisdiction of the fcc?
I thought the FCC was there to regulate certain things... like radio, and television (as it's broadcast, and involves many public concessions to work, right-of-way, etc).

How can they dicatate what a website can do? Sheesh.

5500 Sites! Curious.

[BrookHarty]

Wheres he hosting all these sites?
Where is he buying his domains from?
What OS is he using?

Sounds like alot of work for popup sites, he must be making damn good money after lawsuits.

Re:5500 Sites! Curious.

[Spy+Hunter]

All the typo sites probably point to the same computer. As for what OS he is using, Netcraft says:

The site www.annakurnikova.com is running Apache/1.3.6 - 448 user - IKM 11211999 (Unix) on FreeBSD.

They go on to say the netblock he is using belongs to CWIE LLC.

Some might argue

[jd]

That this is Bad and Wrong, that the Free Market should decide, and freedom should be for all. Well, aside from the fact that those people can bugger off, you could argue this two ways:

• The "Free Market" wasn't free, that it had been kidnapped by a pack of Ogres, and that if it hadn't been liberated by the FTC, it would have been turned into Market Burgers.
  
• The "Free Market" =DID= decide. It told the FTC that it was the watchdog, and should bloody well watch!
  

Bitching aside, this decision is a Good Thing. It forces people who deliberately break something to think again. This might not be terribly popular, but who cares. This decision will do more to stop terrorism on the Internet than all the marketroid sponsored carp ever will. It will genuinely have a positive impact on how the Internet is seen and used. And that may be the best thing that has happened in a VERY long time.

FCC going about it the wrong way?

[compugeek007]

My feelings are mixed on this one. I don't like the FCC monitoring web sites like this - what is next? Banner Ads? Non-trapping pop ups? As much as I hate the infinite windows, what if (although far-fetched) there were "trapping" ads for the Boy Scouts, or some Christen group? Would the FCC REALLY care about this? My worries are this precedent may be used further down the line to censor web content in some way.

IMO the FCC should make a standard for browsers (read Internet Exploder) to not allow this function to operate on their browsers. This may also serve the double purpose by limiting the security holes Microsoft can put on your machine through unneeded bells and whistles on IE.

--cgeek--

I'm happy, but...

[DaSyonic]

I can't say this is good. Noone likes those popup ads that lock you in, and do other unethical things. However, I dont think it's good for the government, or anyone, to say it's illegal/disallowed.

Namely, You are connecting to THEIR machine.
Mail server administrators block spam because they are using their resources, why can't these people claim the same? After all, you're using THEIR resources, shouldnt they have the right to send any data on a connection that YOU initiated? (Though I realize you might not have intentionally made that connection; they can be sneaky, but the point remains.)

I just don't like regulation, If it's bad and wrong, it's the clients job to work with the received data. But noone's blaming Microsoft, Netscape, Mozilla, or Konq (and you really can't blame the last 2, they're implementing things to take care of this junk).

Target a solution, rather than the cause and punishment.
That's just my view.

Re:I'm happy, but...

Nah, this is like false advertiseing, or violation of trademark, on a massive scale. The FBI isn't going after just popup sites, or just typo sites, but sites that can effectively damage the reputation of the sites they 'copy'. And try to make money off it at the same time. We are not sacrificing any freedom here, this is just about getting an a$$hole off the net.

Re:I'm happy, but...

[jesser]

But noone's blaming Microsoft, Netscape, Mozilla, or Konq

Really?

(and you really can't blame the last 2, they're implementing things to take care of this junk).

I don't know about Konq, because its authors chose not to release a version that runs on my platform of choice, but Mozilla doesn't yet ship to block pop-up advertisements (or even "hydras", the most annoying type) by default. It has a hidden pref to disable the window.open() function while a page is loading or unloading, which should become a visible pref once bugs are worked out. I hope the pref is eventually turned on by default, at least for the case of hydras.

Re:I'm happy, but...

[Kwil]

You're going to a house party at someplace you've never been before. You walk up to the likely house, you can hear music inside, and it looks like a party and you knock. They let you in. After looking around, you realize, "whoops.. wrong place" and go to leave..

Except they've locked all the doors and windows and won't let you go.. but hey.. it THEIR house.

Yeah right.

Kwil

Re:I'm happy, but...

[erroneus]

You have a terrific point on this however, this is almost like "Virus" code. The user clearly did not want this result... this was not solicited or expected. The user has fallen victim to something and should me mostly blameless in this.

More importantly, this is a wonderful lead-in for anti-spam legislation. We cannot seem to make SPAM unpopular enough because apparently, the air-headed people outnumber the people who have better things to do that filter through crap email all day long.

If the government can step in on this, maybe we'll get SPAM legislation passed finally.

I'm scared to use legislation as a tool to get rid of "unwanted behavior." Frankly, I'd rather just see these unethical people get sued and lose in court really bad. Legislation lasts longer than the offender lives and the precedent can and often is twisted to server other unscrupulous purposes.

Ashcroft's take?

[Sorklin]

I wonder if this would be considered as terrorism in Ashcroft's proposed law?

Re:Ashcroft's take?

[isomeme]

I wonder if this would be considered as terrorism in Ashcroft's proposed law?

Yes, but hacking your client to filter it is a DMCA violation. :)

Re:Ashcroft's take?

[Lonath]

Umm no, he was doing this to make money, so it's ok.

Re:Ashcroft's take?

[isomeme]

Nothing like the Zen experience of having the first moderation your comment gets be "-1 Overrated". :)

Re:Accountability

[Snootch]

I'm not sure, but running Windows probably makes you a lot more susceptible.

I sincerely hope you're joking. All you need is a Javascript-enable browser! Making capital out of stupid people is what Microsoft seems to be famous for. I wouldn't want that kinda press myself...

Why more government involvment?

[cyb3r0ptx]

I agree that these sites are annoying and have no good purpose, but is government involvement really the answer?

Re:Why more government involvment?

[WildBeast]

I agree with your agreement. I don't like it but I don't want government intervention. I can take care of myself, government should stop telling people what to do.

Another reason

[bjsvec]

He is probably not paying the fines.

If I got a $800,000 fine I wouldn't be able to pay it.. so what happens then?

Re:Another reason

[BlowCat]

Perhaps you declare bankruptcy and live 7 (or 10?) years without credit cards.

Not a big deal unless you are running a business.

IANAL. YMMV.

Mod parent UP

[The+Panther!]

I was going to post this, but you beat me to it, and in fewer words.

Net Darwinism

[Uttles]

Is this really so bad? You have to a) run IE, b) have javascript security at it's lowest, and c) type in an incorrect URL in order for this "trap" to work... do we really want these people running around on the net anyway?

(humor)

As long as they allow scripting...

So people use scripting for imaginative ways that nobody had expected. Then people start complaining. Hello!!!! New and unexpected uses are what scripting are all about. To be programmable means that things will be asked that you hadn't anticipated. (Otherwise, there is no need to program them.) Therefore you have to expect abuses when you introduce such a technology. Scripting engines do not belong in browsers, mail clients, news clients, and so on. It was plain irresponsibility for Microsoft, Netscape, and the others to do this to their products. Years ago I saw the coming security nightmare that we live in today. It arose from the "browser wars" between IE and Netscape. This functionality wasn't about making websites better, it was about trying to have a gimmick feature that the other didn't have. This gold-plating not only lead to shoddy implementations, but bloated browsers, bloated websites, and immeasureable amounts of wasted bandwidth.

Now that Netscape is dead, the problems unfortunately remain. Browsers shouldn't have scripting embedded in them, period. If you like scripting, then you have to expect and put up with this crap. There's no way to legislate people to stop doing things like this.

The only way to stop them is to disable scripting on your browser. The more flexibility a program has, the less secure it is. Scripting adds almost no value to websites, and is now just a tool of marketers, used more against you than for you. They track you with it. They take over your web experience with it. They keep tabs on what you're doing... and sometimes even take over your machine when flaws are discovered and exploited. I have serious problems with other people running their code on my machine, and therefore disable all scripting.

Consequantly, I don't every seem to have any problems with pop-up windows, pop-under windows, "trapped" browsers, infinite-loop "back" buttons, etc.

Turn off scripting. Encourage websites to stop using it. The web is full of more than enough bloated crap already. While you're at it, get rid of flash, and all the rest of the plugins.

Re:As long as they allow scripting...

[Anml4ixoye]

*sigh* I'll bite this one...

Scripting adds almost no value to websites, and is now just a tool of marketers, used more against you than for you.

Not quite. I use Javascript religiously and responsibly. It provides form validation, interactive elements, and menu selections you can't do any other way (save going to the server for form validation).

And yes, I use pop-up windows. I use them for useful purposes. To build web applications, not just fun toys to show pictures of my cat. Some of us want this functionality, use it responsibly, and understand the risks involved.

However, I agree with you to a point. Compromise. Don't be afraid to shut off scripting, but don't remove it completely. If you don't like it, then don't use it, but allow those of us who do like it and use it the ability to enjoy our web experience and use it for productive purposes other than just hitting refresh on Slashdot every 5 minutes.

This might slow the push for filtering?

[ClarkEvans]

My aunt is furious about when her 6 year old child accidently does a typo and porn sites pop up everywhere. Perhaps if this stops, it will lessen the demand for filtering software. Filtering software, IMHO, is very bad; definately the worse of two evils. At least shutting down a web site could possibly have a court process attached to it...

Re:This might slow the push for filtering?

[alexjohns]

Sorry, but there is no way that filtering software is evil when used by a 6 year old. No way. I have a 3 year old. He'll have filtering software on his machine until he's at least thirteen or until he figures out how to disable it. If he's savvy enough to outgeek his dad who's been geeking for over 20 years more than him, then he deserves his porn.

People who are rabidly anti-filtering forget that for some purposes it is useful. Alcohol, cigarettes, guns, porn - all things that an age-filter is useful for. I can't watch my son every moment he's online. This prevents inadvertent finger presses more than deliberate ones, at least until they get to a certain age. When my son gets to that age, he and I'll talk.

Re:This might slow the push for filtering?

[CodeShark]

Damn right and I wish I had a moderator point for you.

Leading to my obligatory pet peeve that gov'ts should mandate that the cyber-patrol software creators not encrypt their filter lists so that intelligent users, parents, and sys admins had an honest chance of getting a good day's worth of research done without the filter nazi mucking things up, and the ability to add any and all sites (which are not in the filter lists) for my family that I feel should be.

Re:This might slow the push for filtering?

[rabidcow]

Filtering software is good.
Mandatory filtering software is bad.

If you (as an adult, fully capable of making your own choices in life) are not allowed to access something, be it filterred or shut down by law, then it is a restriction of your freedom. (If that's important to you.)

If you (as an adult/parent) choose for you and your dependants to not access something, that is a use of your freedom. (If that's important to you.)

Re:This might slow the push for filtering?

There is only one problem with your idea. Filtering software doesn't work well. This can be demonstrated. Anyone with a background in pattern recognition etc. will tell you that it isn't likely to work well any time soon.

So what you are saying is 'sign me up for a service that won't block a lot of porn/whatever, and will block a lot of 'good' sites. Oh, and as an added bonus, some questionable organization is making those decisions for me with *no transparancy* since they claim (bullshit) that they need to keep their lists private for 'security' reasons.

So hook your kids up. Let some company decide what sort of spin to put on their web experience, one that you won't be able to check (easily).

Re:This might slow the push for filtering?

[Samrobb]

There is filtering software that works well in these instances. Instead of depending on pattern recognition, keywords, or any other technology, you set up your kid's filter to "deny all except" and then explictly enumerate the sites that s/he is allowed to access.

Before you start screaming: no, you can't cover every possible "good" site this way. But you can cover a heaping helping, and add more as needed. This sort of filter doesn't work too well past a point, but - as the original poster said - that's the point where you need to sit down, talk to you kid about things, and let them start flying solo.

Until that point, strong filters can help keep your 7 year old from being baraged with porn if they misspell "nickatnite.com"; and personally, I think that's a good thing.

Re:This might slow the push for filtering?

[charon_on_acheron]

It's not like they are shutting down porn sites here. They are shutting down pages that many people will get 'trapped' by when they mistype a web address. And since many of the sites targeted are children-oriented, not adult oriented. Are these children "fully capable of making [their] own choices in life"?

And as far as you not being allowed to access something, when was the last time you tried to access one of his "41 variations on the name of pop star Britney Spears"? Never? Yeah, I thought so. When was the last time you tried to access the sewer system in LA, and were not allowed to crawl through the piles of shit? Again never? And you are complaining about being denied access to something. Get real. The only thing being denied is the pleasure of being deluged with hundred of porno images that link to crappy porno sites, or even crappier "free porno" sites that link to crappy porno sites. Just like they can't paste Playboy or Hustler pages all over the front window of the local market.

For the record, I think the government should leave all businesses alone. But they don't. So I am not going to climb on my highhorse over one selfish pig that gives the rest of us pigs a bad name.

Re:This might slow the push for filtering?

[rabidcow]

If I want crap, I should be able to get it.

OTOH, I do think it's wrong to lurk using mis-spelled domains. (which I think I had originally meant to mention, but oh well)

In the end, these sites specifically *should* be shut down, but because they are an extereme of false advertising (the domain name does not provide what is expected), not because the alternative is to filter it out.

And this makes money?

[bigdavex]

I find it pretty amazing that some people, after having their browser assaulted with annoying pop-ups, go on to actually buy things from these merchants. I guess spammers and phone salesman make money too, but I find this equally strange. I would hope this sort of thing would fix itself through consumer pressure.

Oops

[StikyPad]

Oops, ./ should have been /. Hopefully we were in the root directory to start with so it doesn't make a difference.

evil intrusive code.

[motherhead]

I for one couldn't be more delighted. Having to ditch the browser because you stumbled into a shitty web porn glue trap is about as intrusive and evil as code gets without being viral.

hmmm... then again i wonder how all this bodes for microsoft... Smart Links indeed...

It's about time...

[huckda]

This as well as the 'close' pop-up crap should finally be banned...
as for the FCC dictating standards and then trying to uphold them as far as Browsers are concerned and the 'control' factors...

I'm not sure which I'm more comfortable with...

alt-f4

or more Federal Control

The FTC regulates trade

[tester13]

This is a great thing. The FTC protects people from fraud and other illegal business practices. That is what they are doing in this instance. The FCC regulates the airwaves, television, and so forth.

The government isn't "getting involved in the internet" in any new creative way. They are just protecting consumers (us) from fraudulent illegal business practices

Next time get the FCC FTC thing correct before you post, it completely changes the context of the article.

disabling intrusive scripts

[corvi42]

I can get a warning when I enter or leave an ssl session if I want it.

I can get a warning when I accept cookies if I want it.

I can even get a warning when I submit a form if I want it.

All of these are fairly trivial run-of-the-mill type web actions, but something as annoying & intrusive as creating pop-ups and altering my browsers history list cannot be disabled. When oh when are we going to see the ability to disable pop-ups & other intrusive/obnoxious script actions like this?

Re:disabling intrusive scripts

[Edgewize]

When oh when are we going to see the ability to disable pop-ups & other intrusive/obnoxious script actions like this?

As soon as you upgrade to Mozilla 0.9.4.

Re:disabling intrusive scripts

[corvi42]

right on!
I was going to put 0.9.4 on soon, but now I guess i'll do it immediately.

unauthorised javascript

[rpeppe]

this issue is interesting: a colleague at work was today
looking for a bug in some Javascript (we maintain
our own web browser), and after delving down
through the deliberately obfuscated javascript
code, it became obvious what it was trying to do:

it went through all links in the document, attaching
a javascript "front-end" to each link that did an http GET request
informing the remote site what had been clicked on,
before actually following the link. the technique
used seemed fairly dodgy (the request was purporting
to be for a non-displayed image), but it's interesting
to see what a fairly reputable site is prepared
to do in order to get as much information off you as possible (without your knowledge).

how reasonable is that? i don't like it, but is that sort
of subterfuge the kind of thing we'd like to stop too?

[PS. apologies if this appears twice - it looked like /.
had rejected the previous ones; and then the whole
server seemed to crash: what was going on there then?]

Re:unauthorised javascript

[Stiletto]

What I want to know is what kind of programmer sunk so low as to agree to do this sort of stuff? The lack of ethics displayed by some dot-com programmers makes me ashamed to be part of the computer industry.

Re:unauthorised javascript

[Chagrin]

Your description of the situation is quite vague. Without knowing what the javascript was really doing, it's impossible to know if this would be an "unethical" approach for a reputable site.

Re:unauthorised javascript

[greenrd]

Google occassionally serves up pages which check what links you click on (not using Javascript), presumably to improve its rankings. Of course the difference there is you can hover your mouse over the links and if you have a decent browser see where they point, so it's not disguised.

Re:unauthorised javascript

[rpeppe]

well, here you go. this is where the javascript code lives (you'll find it easier going if you have a javascript beautifier or the patience to tease the code apart a little). the page we originally found it on was here.

it looks like www.websidestory.com is the responsible party. i wonder how many sites they've fitted out like this...

at least the code doesn't work on our browser! can anyone out there work out exactly what information the script is divulging?

Re:unauthorised javascript

[TheMidget]

They have rent to pay and food to buy just like you.

The ladies "working" at night near the trainstation also need to pay their rent and put food on the table. But at least they do a honorable job: their goal is to satisfy their customer rather than to annoy him.

Re:unauthorised javascript

[TheMidget]

I'm someone totally else (always post AC because of privacy issues), but I'd take a job like that.

You do realize that the well-payed programmers of Slashdot do have access to the log files, and could post your IP address if they wanted. But fortunately for you, their ethics forbids them to do such a thing.

From the article....

[carlos_benj]

Zuccarini did not immediately respond to calls for comment.

Heck no! He's too busy trying to shut down 5,500 sites......

Re:blah blah

[kindbud]

more wasted seconds, don't mind me

Omniweb baby!

[SimJockey]

Don't think it's available for anything other than OS X, but Omniweb has great javascript control. There is actually a setting to not execute a pop-up window unless it is from within the domain of the website you are at. Very slick, haven't seen an X-10 ad in a long time. Plus it has some sweet cookie handling options, like accept but don't save. (This may be old news on other browsers, but I've been stuck with IE for a long time.)
Only downside is I can't do my banking with it, but other than that it's the perfect browser for me.

Couldn't have happened to a more deserving guy

[swordgeek]

I noticed in the article that the guy had 'at least 63' trademark infringement lawsuits filed against him last year, 53 of which he lost.

Maybe if he's lucky Canter & Siegel will represent him. :->

Wish I could disable buttons

[macdaddy]

I wish I could figure out how to disable buttons with javascript. See I'm a Neomail user. It's a great webmail app. It has its own set of navigation buttons (images with links) to navigate the site with. Using the Back, Forward, Reload, and other common buttons breaks the session, forcing the user to see an error and login again. Instead of directing the user straight to the neomail.pl script, I wrote a simple HTML page with news, help, etc.. on it and POST to that script. Much easier to work with and change. I need to find some way to spawn a new window (or change the existing parent) to either disable the buttons or disable that entire button bar. Any ideas? Kudos to the FTC for their actions. I wouldn't mind having his source though. ;)

Re:Wish I could disable buttons

[dastardly.xiii]

you can indirectly. you can pop-up a new window that has no navigation buttons on it. Of course if you have disabled pop-ups in your browser it wont work at all.

A warning to users not to use the navigation buttons would probably be a much better solution.

Yep.

[mindstrm]

My bad as much as theirs.

Having the FTC do this is an entirely different matter.... it makes much more sense.

It changed my Homepage

[Captain+Pooh]

I wonder if I can sue a website operator for changing my homepage without my knowledge while visiting the operators site?

Re:It changed my Homepage

[jesser]

Do you know how the website operator did that? I had that happen to me twice while I used IE 5.5 and never figured out how it was done.

Java = Junk

[ThePlumber2]

Just turn java and javascript off.... Clears the problem up quick and makes your linux machine "More Secure(tm)". PS While your at it, turn cookies off also.

Re:Java = Junk

[ThePlumber2]

Damn straight.

Interesting

[zpengo]

The real question is, is this a violation of the owner's civil liberties, or a victory against spammers?

This topic should clarify a lot of the hypocrisy among the /. crowd; What's *your* opinion on this issue? And how does that opinion compare to, say, what you would feel about the court shutting down your anti-Microsoft site?

Re:Interesting

[jesser]

The real question is, is this a violation of the owner's civil liberties...

No. Your right to swing your javascript stops where my browser's chrome starts.

Re:Interesting

[benedict]

Bah.

Fraud and criticism are different types of activities and they receive correspondingly different levels of First Amendment protection.

That's not hypocrisy, it's common sense.

Re:Interesting

[aozilla]

Agreed, but how exactly does this constitute as fraud? I can understand if he is lying about a product which he is selling, but trapping people in with javascript which they shouldn't have on in the first place isn't fraud, and IMHO shouldn't be illegal.

Looking at the bottom right hand corner of my browser I see a little green check and the words "Trusted sites". What that means is that slashdot.org is allowed to use javascript on my browser. Annakurnikova.com will not be added to that list, of course.

Re:Interesting

[canadian_right]

Its not fraud, its a "misleading or deceptive" business practice which the USA's FTC frowns on.

Re:Interesting

[aozilla]

I guess as long as they are laws directed toward unfair business practices, and are only civil (not criminal), it's not so bad. Once you engage in interstate commerce you agree to some extent to follow the particular rules our government has set up. As long as whatever expenses they have catching and prosecuting this guy are ultimately paid for by the fines, I guess it's a win-win-lose (us-them-him) situation.

/. is victimized too by these sites

[Ryu2]

Check out:

salshdot.org
slsahdot.org
slahsdot.org
etc...

Later reported:

[Ratteau]

In an ironic twist of fate, when Zuccarini attempted to take down his 5500 sites, 72,296 new sites were instantly spawned. When he tried to remove those, 9,375,012 more were created. The FTC suggests he reinstall brain 1.0

Stupid

To everyone who thinks this is a good thing for the government to be envolved in: "Get a real browser!". For a couple versions now Mozilla has had the ability to disable the JavaScript functions that can open windows. It's currently not available from the GUI, but they have complete instructions for how to edit the config file to disable pop-ups. I use it and love it. Take responsibility for your own browsing.

I doubt you will ever see this sort of feature in a non-Free browser, because corporate interests would not permit them to add it. Microsoft probably owns some of the sites that annoy us with pop-ups. Think about it.

IE Pr0n browsing safe again

[Alan]

Because the benevolant and wise microsoft has decided to tie the brower into the OS, you'll notice there is no "quit" option in IE. Under linux you can kill these sites by exiting netscape or galeon or whatever with ^q. IE you have to pretty much reboot to get rid of them.

Go MS!

Re:IE Pr0n browsing safe again

[Baron+of+Greymatter]

In Netscape, if you disable Javascript they won't appear in the first place.

Great News!

[sirgoran]

For me this is wonderful news.

Since there are some days when I can't even spell my own name correctly this will help me out a lot. I know you've been there too. Too much alcohol, not enough sleep, and the caffine is taking its sweet time to kick in.

Now if they'd only come out with spell-check for the location bar in my browser I'd be set!

Goran

No.

[dsanfte]

Namely, You are connecting to THEIR machine.
Mail server administrators block spam because they are using their resources, why can't these people claim the same? After all, you're using THEIR resources, shouldnt they have the right to send any data on a connection that YOU initiated?

No.

If I open cnn.com, I know what to expect when I get there, news. If my little sister tries to open up Britney Spears' webpage for info on Britney Spears, and lands in this guy's javascript porn-ad trap, not only is it a federal crime (she's 8 years old), but my little sister did not initiate the connection expecting the deluge of porn advertisements.

By the same token, Microsoft doesn't have the right to wipe my linux partition every time I visit their update site to patch winME.

Re:No.

[abulafia]

If your sister gets a pal to drive her to the Britney Spears' concert, and they take her to a crappy party with crude people playing music she doesn't like, that sucks for her. But it is not a crime. She showed poor judgement in making choices, perhaps her parents showed poor oversight, but it isn't a crime.

-j

Re:No.

[jwkane]

Your analogy would make sense if she found her way to the party by following signs for "Brittney Spears Party" along with a bunch of other kids who followed signs to "Backstret Boys Party" and "Madona Party"; upon arrival was presented with pornography and when she flags a taxi in an attempt to return home, the driver circles around the block and kicks her back to the 'party'.

It not poor judgment. It _is_ a crime.

Re:No.

[Merk]

A federal crime? So if your sister types in "whitehouse.com" into her browser and gets a porn site that's a federal crime? Even if she mistyped it?

Re:HEHEH

[microbob]

Oh hell, good one.

Signed,

Stump

Re:good! I've always hated Zuccinni

[dhovis]

To blockquote you:

especially when said users could be children

The first time I ran into one of these sites was when I was trying to visit the web site for Nickelodeon (the kids TV network) and I misspelled it. I was using IE on a Win98 box and since every window is a separate process, you can't kill IE as a whole, so the only thing for it was to press the power button. Pretty disgusting when you think about it, because most of the people you are going to trap that way are going to be kids, and they definitely should not have been looking at the pictures that were displayed.

That does bring up the point that to some degree it is a problem with the software. At least I know on a Mac (OS9 or OSX), I could just kill the IE process and not have to forceably shut down the computer. Anybody out there know how to do this on Win98?

How is this different from e-mail spam?

[jesser]

A spam message wastes some of my bandwidth and a few seconds of my time. A "hydra" pop-up ad wastes some of my bandwidth and more than a few seconds of my time. The fact that I posted my e-mail address on my web site does not give you permission to use my resources to market to me. Clicking a link at a TGP (list of porn galleries) must imply a little more consent, because I obviously put up with banner ads, but I don't see why it should imply any more consent than "you may display things in this browser window". Not "you may open new browser windows or otherwise make it difficult for me to leave your site".

We deal with spam by first by black-holing rogue networks, then through government regulation, and perhaps occasionally through international pressure. Why are we skipping straight to government regulation for pop-up ads, rather than trying the black-hole approach first?

window.open()

[arodland]

yeah... recent konqy and (I think) mozilla can ask for confirmation on window.open().

Anyone remember Prodigy?

[WyldOne]

pop-oever, po-unders, scripting ... bah. I'm beginning to think Podigy had the right ida. Limit what a advertizer could do in the form of advertizing. (aka the bottom ad bar) At least the ads where related to the area that you browsed.

When is advertizers gonna wake up and make a site designed to show off the newest toy?

Oh wait ... thats what search engines are for.

Be careful of the precedent this sets

[consumer]

While on the surface this sounds entirely good, it leaves some things open to interpretation. What's the feature that makes these sites illegal? Is it the fact that their URLs were close to the URLs of popular sites that young people might visit? That was true for etoy.com. Is it that the sites in question had offensive material on them? The etoy.com site had a picture of the bombed Oklahoma building with the caption "Such work requires careful training" and pictures of women in S&M garb.

It's difficult to draw the distinction without getting into questions of intent, and that's dangerous territory. In short, be careful what you ask for when talking about typo sites.

It's not the FCC, it's the FTC

[Animats]

This is an action by the Federal Trade Commission, which enforces laws regarding false advertising and shuts down various forms of scams. The legal theory is that this is a form of deceptive advertising, and it's hard to argue otherwise.

It's good to see that the FTC isn't totally out to lunch under the Bush administration. Usually, the FTC takes wimpy actions like asking somebody to cease and desist what they're doing. This is an unusually aggressive response.

I couldn't disagree more!

[addaon]

How much control should a web site have over the user's browser? As much as the user gives it, of course! Now, even in brain-dead browsers like IE there are zones, where you can simply say "If i don't know this domain, don't give it full control." The default of giving away user control is admittedly unfortunate... but it is the user, by choosing the software, that is giving the site, explicitly, this freedom.
Yes, explicitly. I have installed a piece of software which has no purpose other than to let a web site control my browser... and now controlling my browser is illegal? Huh? If I didn't want to do it, I wouldn't have installed the software...

Re:I couldn't disagree more!

[Scudsucker]

How much control should a web site have over the user's browser? As much as the user gives it, of course! Now, even in brain-dead browsers like IE there are zones, where you can simply say "If i don't know this domain, don't give it full control."

I shoudn't have to do that. I can go download an addblocker or a different browser, but my grandma isn't going to be able to do that.

but it is the user, by choosing the software, that is giving the site, explicitly, this freedom.

The hell I am. Nobody "chooses" to give these sites the right to launch porn pop ups as fast as you close them, or maximize the browser or anything else. This sites just take it.

Re:I couldn't disagree more!

[charon_on_acheron]

And 99% of the users out there never installed Windows or Internet Explorer. It was "just there" when they bought a computer. So they are not included in you little thought experiment. For the rest of us, we get what we deserve for not restricting access to our computer. But the FTC took the action inresponse to either parents whose children hit these sites, or the owners of the correctly typed sites that this guys sites were mistyped variations of. Those people didn't install the software, so they never "explicitly" gave the web sites the "freedom" to do the popup assaults.

Re:I couldn't disagree more!

[addaon]

Nobody "chooses" to give these sites the right to launch porn pop ups as fast as you close them...

Sure they do. Heck, you do. First, by going to porn sites, which are significantly more likely to have porn popups than, say, cnn.com. Second, by using javascript. Third, by allowing javascript to open new windows.

Here, if that idea is still uncomfortable to you, I'll give you a way to deny responsibility. Maybe you're not the one choosing to allow websites to open windows (although, clearly, you are); rather, whoever added that feature to the browser you, um, don't choose to use but use anyway chose to allow web sites to do this. Those copper wires going into your network card do not magically give another computer miles and miles away the ability to do anything.

Popup traps vs Trojan Horse bombs

[jwkane]

What is the fundamental difference between a person intentionally creating a javascripted page that 'traps' a browser and an annoying but relativly benign 'traditional' trojan horse bomb (ala: cookie monster)?

In both case:
1) you download something from the net which advertises itself as being desirable.

2) when that download is processed/executed the results of execution are not the desired or advertised results.

In addition:
Removal of the downloaded item generally requires the end-user to take an undesirable action. (popups require you to exit the browser, trojan bombs often require extensive cleanup).

I would be the first to admit that popup traps are not as directly harmful (in general) as a traditional trojan. But that is only a difference in degree. There are trojans which have equally minor effects.

Should the method used to spread and execute malicious code matter? I would think a popup trap would be viewed as much worse than most trojan horse efforts since the effects are cross-platform. Even worse, the author must be making some serious $$ off our annoyance. How many of our CPU cycles have been wasted by this loser?

Strike back!

[rmadhuram]

This is somewhat analogous this: I go to a grocery shop and ask for Zuccarini instead of Zucchini. Suddenly I get bombarded by hundreds of golf balls, cricket balls and soccer balls. Now I have an option to throw back the balls at him, however unfortunately it is not possible on the internet. Hence I welcome FTCs decision.

Someone explain

[Pope]

Why the powers that be (MS and Netscape) allowed visible browser buttons to be disabled in the first place?
On another note, this should teach those who are trolling for porn to at least spell correctly!
Taco, pay attention. :)

Pay attention!

[drodver]

He's made $800,000 - $1,000,000 from these sites, which the FTC would like to take away. It does not say he's been fined for that much. Also, he lost 53 of the cases not 57, it doesn't say if he was fined beyond losing the domain names. Check your facts!

Re:good! I've always hated Zuccinni

[Unknown+Poltroon]

you can do endtask from ctrl alt delete, but its a pain in the ass, as you still have to kill individual windows.

Problems with Prevention

[TedCheshireAcad]

If M$ were to take out the popup functionality, or even keep it off the default configuration, it would certainly kill these crappy advertising campaigns, but cause a few problems. Web app sites would have to be re-designed to some degree, so yes, M$ would be shooting their ASP and .NET initiative somewhat in the foot, but not too bad. As useful as popups are to leet JavaScript advertisement coders, they do serve a legitimate purpose.

Of course...if enough of them popped up, you would just run out of RAM. :-)

An easy way out of this for IE and Moz

[weave]

Just do the "work offline" option in your browser.

When you backclick or close, the next site(s) will attempt to pop up, but no further code will be loaded and hence the hell will eventually end.

I always click "work offline" before trying to exit or back out of any of these questionable sites now BEFORE the cascading crap starts...

Re:An easy way out of this for IE and Moz

[rmgrotkierii]

I did that once in Netscape, and ugh, heaven-forbid I should of been able to get it to "work online" state again. I ended up leaving Net 4.x alone back when I used Windows. It was IE all the time for me :(

Great..

[schon]

If you stumble onto one of those sites where you're in pop-up hell, put that site into in the Restricted Sites Zone

[sarcasm]
What a great idea! I'm sure glad Microsoft is there to make these wonderful innovations for me!
[/sarcasm]

First, this 'solution' wonderfully misses the point that most people didn't want to go there in the first place - once they get bit by this, then they'd probably never go back again, which makes putting something in the 'twilight zone' pretty pointless.

which leads to point #2: if they DID want to go there, they've already been bitten by the popup monster.. Talk about "closing the barn door after the horses have eaten your children."

Third, I would wager that 99% of people who use IE have no idea what 'security zones' do, or how to put a site into one even if they knew.

New Browser Windows

[leinerj]

Okay - I'll probally get flammed for this. But if you are using Internet Explorer you can start up IE with the -new command and have each browser open in a seperate process. That way, your main browser won't lock up or be forced to 'end task' if your popup windows get out of control.

Re:New Browser Windows

[NevarMore]

tried it. that rarely works for the really nasty sites that we're talking about in this thread. you have to close each popup individually, doing so triggers more popups. the only way out for me sometimes is a log off or reboot.

the excluded middle

[benedict]

There's nothing inconsistent about condemning bad law while praising good administration of a good law.

I know libertarianism-soaked Slashdot doesn't like to think this way, but there does exist a middle ground between the positions of "laws are bad, mm-kay?" and "government is the answer to everything".

OmniWeb for OS X fixes this elegantly

[nbvb]

OmniWeb for OSX solves this with a checkbox labeled:

"Allow Pop-Up Windows Only When Link is Clicked On" (or something similar)

Which means, it'll only pop up a window if and only if you click on something deliberately.

Nice. Very, very nice.

Re:OmniWeb for OS X fixes this elegantly

[foyle]

The exact wording of the preference in OmniWeb 4.0.5 is:
Scripts are allowed to open new windows:

• always
• only in response to a link being clicked
• never

I always use the second choice. This means I'm totally surprised by all the pop-up ads when I'm using IE instead of OmniWeb.

psst, Mozilla on Linux.

[twitter]

I've only been using Mozilla for a week or so, but I'm impressed, and imagine this is not a problem. Featurs such as right click, "block this image" to kill add.doubleclick.whatnot are very cool. It looks good and works great. Java is back on and I don't fear it will be able to replace system files. Blocking images is tricky, but I've been seeing fewer adverts and more real content. Bassed on that, I imagine the fix is already in and this is an M$ specific problem.

That makes the implications worse. Does this mean that anything that makes MSIE do unexpected things can be shut down by the Feds? As M$ careens further and further into it's own little propriatory world, who's to say they won't put up yet more "standards" that make innocent sites look bad to M$ users, who then pull their hair out and curse the site. Is this an old pattern emerging again?!

I've heard that M$'s crappy software was powerful, but this is too much.

Re:I couldn't disagree more! with your disagreemnt

[metis]

The only reason I have a window is to allow me to see what is outside. Does it give you permission to stand in front of my window and make lewed or threatening gestures? Stores allow customers to come inside and handle their wares. Does this make shoplifting legal?

The implicit contract between web-user and web-server operator is that the latter takes control of the browser for the purpose of showing the former something that he or she may conceivably want to see. Ignoring this contract is an abuse. What is wrong in a government agency tracking and prosecuting abuse?

Who needs these stupid features?!?!

[rice_burners_suck]

The only detail I'm curious to know about this whole thing is... why the fsck did Netscrape and Mafiasoft put these alleged "features" into their defective browsers in the first place?! A back button should do what it says, namely, go BACK, not open 6.02x10^28 pr0n windows!

Shameless plug: I just use Opera. It costs money, which I gladly paid, because it actually WORKS unlike the previously mentioned excuses for browsers! Version 5.12 is great, as nearly all sites work the same as on the defective browsers--this includes online banking and bill-paying that didn't previously work with version 4.

And even if you don't use Opera... Friends don't let friends use Mafiasoft products!

Re:Who needs these stupid features?!?!

[StuffYourReligion]

Well, Mr. Hippocrite you're obviously using "MafiaSoft" products if you're using Opera 5.12. That is a Windows-only version.

Practice what you preach. I agree that Opera rocks; it is the only browser I use--and GNU/linux is my only O/S. You should try it if you're so damned anti-Microsoft.

ok, I can think of some that might like it.

[twitter]

This type of advertising only frustrates users and creates animosity between advertiser and potential customer.

I've heard that some people pay to be abused, humiliated and embarassed. What better way to get all of that than to have your six year old daughter open one of these sites in front of your wife who never thought well of that internet thingy?

It's a joke. I hate spam, porn and this Zuchinni loser.

Still, for reasons posted above, I worry about this shutdown. Should the govenment shutdown web sites that simply take advantage of a crummy browser on a single crappy OS, and thus give official government protection to those products?

trying to exit the browser doesn't always work

[aufbau]

when the user visits these sites, their back button behavior in most popular browsers is modified as to open multiple pop-ups featuring ads for adult entertainment and gambling sites when pressed, and uses other technology to basically 'trap' the browser until the entire application has to be closed.

Worse, recent Mozilla builds won't even leave pop-up hell using the Exit command if you've enabled the Quick Launch feature. I have filed bug 98923 about this problem. (I used a trick someone mentioned here to disable pop-up ads, so I don't encounter this bug often.)

Re:good! I've always hated Zuccinni

[alcmena]

Wintop will do it. It's on Microsoft's site (though you have to look *really* hard). It's part of their kernel toys.

Anyhow, you can open it up and it can kill IE in just a few mouse clicks.

I disagree.

[0bjectiv3]

In addition to being mostly unenforceable (because not all websites fall under the FTC's jurisdiction), this law ignores the capabilities of the browser itself. While I'm sure the politicians don't know this, it's easy to write a browser that prevents this sort of abuse. While it's tempting to throw legislation at a problem, it's foolish when there's an obvious solution. Don't we have enough unenforceable laws already?

If you use Mac use iCab/OmniWeb

iCab has given users amazing control over JS for ages (and of course from the GUI. If you don't want a web site to:

access the referer
open new windows
move windows
touch the toolbar
write in the status line
create cookies
ask for cookies
access history
etc

You can prevent them from doing it with the click of a button. You can apply the settings to all web pages and choose sites where the filters won't be applied.

You can even decide what type of Javascript will be executed by turning on/off:

JavaScript 1.0
JavaScript 1.1
JavaScript 1.2
JavaScript 1.3
JavaScript 1.4
JavaScript 1.5
JScript

among many, many other things

It must be one of the most configurable browsers out there.

For general browsing it's extremely fast, small and flexible and cannot be beat at saving web archives. One word of warning though. It feels like a finished browser but is still in Preview. Make sure you don't have any duplicated Text encoders on your system.

For OS X iCab is still being primed. OmniWeb however, will give you enough control over popups.

Re:Wow! 1st amendment rights...

[ackthpt]

Consider how they might defend this under the 1st amendment:

Congress shall make no law respecting an establishment of religion, or prohibiting the free
exercise thereof, >or abridging the freedom of speech or of the press; or the right of the
people peaceably to assemble, and to petition the Government for a redress of grievances.

The defendents argument might be taken from the same precedent which allows "freedom of speech" to include the invasiveness of phone solicitation, granted the phone solicitation doesn't automatically cause your phone to ring over and over until you listen to the message all the way through (a la Homer's Happy Dude scam in the Simpsons), but constitutionally, where does is the line drawn between the right of someone to make a sales pitch to someone who breaks into your house and harrangues you until feign death?

Re:good! I've always hated Zuccinni

[Wolfier]

Use Alt-F4 instead. I remember it always works faster than popups pop up.

Watch out, White House!

[ShaunC]

If they're going after this guy, you can bet whitehouse.com is next!

Shaun

Make it too costly for them

[Wokan]

If X10 wants their ads to get out there, maybe those of us with some spare time on our systems hands can devote it to a script that constantly downloads their advertisements. With enough people doing it, their bandwidth costs may finally outstrip their sales enough that they have to pull the web ads.
Not a DoS or anything. Just pulling the ads repeatedly to drive up their bandwidth. Maybe we can take them from 14th place to first for a bit without giving them a dime to cover it.

Hey dumbass

[Pope]

http://www.ftc.gov/opa/2001/10/cupcake.htmtarget=_ top

What's with you fucking idiots trying to put "target=" in your URL's!? It has never worked, and if I want a new goddamn window, I'll make my own!

why doesn't the FTC go yell at microsoft?

[mickeyreznor]

Sure, this pop up thing of a problem. But wouldn't it be easier to go yell at microsoft to include a pop-up disable feature in IE? This guy is a dickhole, but let's not forget that this ms could have given us an easy fix for this pop up shit.

Finally!

[ukyoCE]

If I drove my car into McDonald's and the exit moved every time I drove towards it, it would be called Kidnapping, or something similar. But it's perfectly legal for some assholes to trap you on their web site? I hope the government takes this opportunity to give legally give us back control of our own computers.

Browser security has a technical solution-AdShield

[nagumo76]

People should be annoyed by popup trojan links and traps until they download AdShield for IE or use a browser like Konqueror that stops this crap out of the box. Microsoft should have added this to IE 6 but they are a bunch of lazy monopolistic twits. Netscape should have too but they are circling the bowl so I'll cut them some slack. I E is better because it lets you make the menus toolbar, and address bar go on one line at the top and lets you use more screen for viewing the page.

Comment removed

[account_deleted]

Comment removed based on user account deletion

I can only say this is a Good Thing

[Nexum]

Personally this problem is one that is obviously escalating and getting quite out of hand. Therefore, I think we should welcome not only government sponsored efforts to prevent this offensive and irritating "pop-up fiend", but also employ a myriad of client-side measures. Those saying the problem should be handles in one paricular way are missing some of the point, both the browser vendors and the government have a part to play in ensuring that this doesn't become a more serious problem.

Some people have said that this action amounts to the silencing of freedom of speech. It doesn't, these websites full of adverts are there for you to read if you wish, and this guy's particular little set of sites would still be up and running for you to view if he hadn't have made them so intrusive, offensive and irriating to the accidental visitor.

Now I'm using DSL these popups have gotten even worse, with a 56k modem I used to be able to close the popups before the replicating javascript had fully loded into the page, and they'd just close quietly. With a faster connection it soon becomes insanity.

My recomendations are thus... 1. Create a specific option in browsers to prevent the opening of new 'popup' windows. 2. Set the default level of prevention at ONE pop-up window per visit to a specific domain. 3. By default prevent all 'Hydra' windows (close one, another pops up initiated by the OnClose event. Or even worse, another pops up right away on the OnLoad event). There is *no* legitimate use of 'hydra' popups except to baffle and irritate and confuse.

Like many slashdotters I view the internet as more than an 'online service'. It has it's own environment, it's own communities and it's own culture. Albeit dramatic, this practise of pop-ups pollutes and clutters the internet (and is spreading to ever more legitimate sites) to the extent that my mother or younger sisters panic and don't know what to do when they seemingly can't close the browser for new windows popping up (they don't know about the task manager, and wouldn't remember how to use it if i told them).

We must remember that these things may be a nuisance to us, is distressing and offputting to people who are less well acquanted with the workings of the internet, and for these people to be turned (even frightened) away by such things flies in the face of the open nature and 'information for all' philosophy that I am sure we as slashdotters and web-users hold very dear.

Re:I can only say this is a Good Thing

[t_allardyce]

or...

tell microsoft to fix it _now_ (and fix outlook) or advertise that their software contains massive security holes (trading standards).

or...

Use Opera (www.opera.com)

Dumb governments, bad microsoft

[t_allardyce]

OMG governments are dumb. They don't bother dealing with the major problems (like the DMCA, and peoples rights going down the drain) but when something happens that affects them in their little worlds (someone was browsing pr0n and got caught by a 'trap') they finally deal with it, but they manage to screw it up by targeting the _wrong_ group. Why deal with this at the widest point by shutting down sites that are run by idiots? why not target the bottleneck - i.e the few browsers that allow this sort of thing to happen.

After browsing with opera for the last year, i haven't had any trouble with right-click scripts, source hiding, or trapping... As soon as i open IE, i loose control of my own computer. Why does microsoft (its mainly them) seem to think that anyone else should have any sort of access to my computer? Only i decide what goes on in there. This sort of thing plays on the fact that most people don't know whats going on on their computer and for most that do, its to complicated and not worth the effort to fix. Its like conning people. I think closed source is generally the theme here, as microsoft would just love to have an internet where everything is closed ms binaries and if the designer doesn't want you to print something... you can't unless you dump the screen to printer or reverse engineer everything.

Personally i find web-designers the scum of the earth. I question even letting them decide what colours to use on a page (yellow text on white. WHY?) and wait for the day when a nice proxy will filter the web and convert _everything_ into a format similar to gnu.org (the way html should be) stripping all the pointless java menus and gimmicks.

The web-designers have a right to put up what they want. Microsoft has an obligation to either write software that doesn't allow such massive security holes, or advertise their software as flawed.

Re:Dumb governments, bad microsoft

[jedwards]

If you don't write all your own software then you are already letting other people 'control' your computer.

You trust the linux developers with the kernel code, you trust microsoft with IE code; is it a reasonable expectation on the part of the browser developer that you are not going to trust the code writen by the webpage author?

Re:Dumb governments, bad microsoft

[t_allardyce]

Not sure about where you are, but here we have a silly little thing called trading standards, which means if you sell/advertise something.. it better do what you say it does.

"is it a reasonable expectation on the part of the browser developer that you are not going to trust the code written by the webpage author?"

Yes. Allot of sites are out to get you in any way possible. So far i have yet to see a page that opens a new window for anything useful, however i would still like to have that function available in case i find a site that does. I want a list of functions on the side of my screen that i can disable/enable as i need.

Web-sites should be viewed in a sandbox where they have absolutely no control of anything outside, microsoft seems to think otherwise which is the main reason that we have outlook virii. microsoft are releasing bad code and mis-advertising it.

In the meantime, there's pop-up preventer software

For those who still endure the drudgery of Winblows at work or home, go to www.panicware.com and get the Pop-Up Stopper. Works great, non-intrusive, can be disabled with a quick double-click on the tray icon.

Re:Wow! 1st amendment rights...

[chromatic]

Nothing in the Constitution compels us to listen to or to view any unwanted communication, whatever its merit. . . We therefore categorically reject the argument that a vendor has the right under the Constitution or otherwise to send unwanted material into the home of another. . . We repeat, the right of a mailer stops at the outer boundary of every person's domain.

-- United States Supreme Court, Rowan vs. U.S. Post Office, 1970

Why scripting turned off is wonderful

[WillSeattle]

Now that Netscape is dead, the problems unfortunately remain. Browsers shouldn't have scripting embedded in them, period. If you like scripting, then you have to expect and put up with this crap. There's no way to legislate people to stop doing things like this.

No, there is a way to legislate this. We programmers just don't want to admit that the language is wrong, that we may be forced, due to unintended consequences, to amend the Javascript code.

And this is something the FCC or FTC could require be fixed, just as they can change the standards for HDTV (FCC due to communications standards, FTC due to trade implications).

The only way to stop them is to disable scripting on your browser. The more flexibility a program has, the less secure it is. Scripting adds almost no value to websites, and is now just a tool of marketers, used more against you than for you. They track you with it. They take over your web experience with it. They keep tabs on what you're doing... and sometimes even take over your machine when flaws are discovered and exploited. I have serious problems with other people running their code on my machine, and therefore disable all scripting.

Consequantly, I don't every seem to have any problems with pop-up windows, pop-under windows, "trapped" browsers, infinite-loop "back" buttons, etc.

Turn off scripting. Encourage websites to stop using it. The web is full of more than enough bloated crap already. While you're at it, get rid of flash, and all the rest of the plugins.

I do this too, but yahoo, slashdot, and cNet all try to pop up Javascript - it's boring clicking "No" each time, but a lot better knowing they can't run the code on my PC. And I don't get to choose which browser I use at work, or the default settings ...

I'm not happy and don't want to pay dollars

[WillSeattle]

I can't say this is good. Noone likes those popup ads that lock you in, and do other unethical things. However, I dont think it's good for the government, or anyone, to say it's illegal/disallowed.

Like killing people, blowing up things, or taking your PC from your home while you're at school?

Namely, You are connecting to THEIR machine.
Mail server administrators block spam because they are using their resources, why can't these people claim the same? After all, you're using THEIR resources, shouldnt they have the right to send any data on a connection that YOU initiated? (Though I realize you might not have intentionally made that connection; they can be sneaky, but the point remains.)

I just don't like regulation, If it's bad and wrong, it's the clients job to work with the received data. But noone's blaming Microsoft, Netscape, Mozilla, or Konq (and you really can't blame the last 2, they're implementing things to take care of this junk).

Target a solution, rather than the cause and punishment.

Wrong. Some people send spam with http get requests to request an image, then use the request to track who responded and what server it was. I did not consent to this.

Basically, it comes down to privacy. I have the right to shoot intruders in my home with a gun. I should be able to do the same to the CEO and execs of the spam firms that use such tricks.

After all, it's home invasion, no?

Hand-Eye Coordination

[Conesus]

Aren't most of you geeks great Quake3 or UT players? Hence you should at least have good hand-eye coordination, right?

Well, use that ability, and close windows before anything loads... If one happens to slip by you, and open three windows, well, you know have one second to close a window every third of a second, and it goes on and on. Actually, if you do want to practice, without all the blood and gore, why not just use this little activity. [Yes, I am aware you can turn off all violence in these games, but why bother nudging around with your fabulous 3D video card]

Re:good! I've always hated Zuccinni

[xanadu-xtroot.com]

Here is a link to the Win95 Kernel Toys. Wintop is part of this package.

Not quite sure...

[UberNex]

But i've seen a bunch of posts about how this espcially hits the big market browsers like IE. I don't know about anyone else but when I run IE it's with Java (and cookies!) turned off. A little one second jaunt into the security menu and no more pop-ups... bleh.

Re:Wow! but...

[jafiwam]

Dont forget, high traffic could be caused by piggybacking on the other high traffic web sites they advertise with; for example weather.com probably contributed 1,000's of hits for x-10 just from my own usage alone...but I never once clicked on anything they were offering.

Every time you visit one and download the images in the ad, you are creating traffic on the domain.

So high traffic does not equal high interest or success, just that they shoved their ads on that many users.

Ouch!

[r_j_prahad]

This is gonna really hurt the FreeBSD counts on next months Netcraft report.

Netcraft page for CWIE LLC

Slashdot has one...

[iotaborg]

Just noticed this a few days ago... by a typo of course... unimporant but...

www.slahdot.org

All I can say is...

[bteeter]

Good!

I hate getting stuck at those sites. Unfortunately, pop-ups and pop-unders are becoming all the rage. I hope they FTC can use their authority to close down some more of these sites.

Brian
* 100% Linux Web Hosting - NO Windows - No Code Red - No Nimda Worms

there's a difference

[Scudsucker]

Linux kernel code doesn't make it a piece of cake for someone to modify your computer or browser without your consent. Internet Explorer does.

Re:good! I've always hated Zuccinni

[dhovis]

No, end task dosn't work, because it only kills one window.

What is worse is that if you hit "end task", Windows trys closing the window normally first, which causes more windows to open.

Security should be the default

[stevenj]

There should be no need for user-visible options for this sort of preference: the browser should be secure against such annoyances by default.

Re:Security should be the default

[jesser]

Some users may need to create expceptions for sites they trust, most likely those sites were written before people realized that window.open was abused so often that its use would have to be restricted. Also, some users may want to place further restrictions on all sites if they visit many malicious sites, such as "you many only open a new window if I ctrl+click a link".

I agree that security should be the default, but I think some user-visible options are also necessary in this case.

Re:good! I've always hated Zuccinni

[dhovis]

I'll have to try that, Thanks.

Re:good! I've always hated Zuccinni

[yomegaman]

I don't think it's at all unreasonable to require that pr0n not be distributed to children and that it be clearly labeled as such on the outside of the package somehow. This guy's scam fails on both counts.

Let the censorship begin!

[NineNine]

Well, here it is. Perfectly LEGAL sites are being shut down because a government agency simply doesn't like them. Kiddie porn is one thing, but what this guy was doing is LEGAL! We're already waaaaay doen the slippery slope, now, people. This is the biggest threat yet to the Net. Be careful about what you put on your website. Too many popups, or annoying ads, and the FTC can shut you down. Who knows what's next? CONTENT they don't like??

Re:Let the censorship begin!

[OzJimbob]

You have that much faith in the legal system? You're SO sure that everything that's legal SHOULD be legal, and everything that's illegal SHOULD be illegal? Your post displays nothing but blind support for government and judicial policy; it fails to take into account issues much more important than what your fore-fathers decided to write into law. There's a difference between being exposed to popups and ads, and having a malicious remote site essentialy take control of essential functions of your computer, and potentially causing destruction of your data. That ain't bullshit - when javascript causes dozens of pop-up windows and crap to surface on my Windows PC at work, the whole thing tends to go down...too bad if I had something important being edited in Word at the time. What about those little programs that go around now that force your (Windows) PC to PPP into pay-per-minute porn sites without your realizing? Is that perfectly okay too? Just because you can't be bothered earning money and making a living an honest way, and instead run a bullshit content-less porn site, you are concerned that YOUR freedoms will be removed.

http://www.slahdot.org/

[NSupremo]

http://www.slahdot.org/

Look I found one.

Just like DeCSS

[ikekrull]

They don't like what a piece of code does, so they ban it.

I can't believe people are supporting moves to dictate what you are or are not allowed to express in a piece of code.

This functionality is, i'm sure, in the W3C standard for Javascript, so criminilizing this is pretty stupid.

Now, if your browser is engineered so poorly that it allows you no control over this behaviour - i.e. a site author is free to mess up your web browsing experience, shouldn't you ask the manufacturer of that browser to do something about it?

Don't restrict this guy from publishing anything he wants to on the web. The control over whether to view that content should be in the user's hands.

I know that M$ etc. would love to turn the web into a heavily regulated, TV-like environment where most content is approved and published by a few mega-corps, with government regulations on what is or is not acceptable, but that idea makes me sick to the stomach.

i mean, how hard would it be to have a preference setting for 'ask me before allowing javascript to open a new window'? Give the user a choice, don't make it a crime to write this type of application (for which there are many perfectly legitimate uses)

Making rules for what types of applications you may or may not publish on the web is surely a free speech issue.

'Sorry, window.open() is now a federal crime.' doesn't cut it with me.

The problem is with the tools that web browsers expose to site developers. The site developers should be free to put any tags they like up on the web.

This is why web browsers are free to ignore markup they do not support.

Re:Just like DeCSS

[sik+puppy]

This is the FTC. To get them to act, the individual has to be engaged in deceptive/illegal business practices.

Not only is he deceiving the people who mistype the website name, but he is collecting revenue from porn sites, gambling sites, etc that aren't getting traffic that they want. The porn operator doesn't want little johnny or susy - they don't have credit cards.

I don't see where writing the code is being made a crime. Its deceptive business practices that have attracted the governments notice.

two words

[Archfeld]

POPUP KILLER, sadly afaik win32 only but it works wonders on those annoying pop ups and pop unders

Very good...

[Picass0]

Now I wish the feds would do something to stop the pop up adds that interupt my TV shows every 10 minutes. I hate those.

Good Stuff...

[ansonlau]

I hate those bogus sites. Finally someone is getting rid of them.

First Ammendment infringement, or is it?

[torklugnutz]

These sites are set up to take advantage of typos, but they do it in an advanced way, which causes your browser to work in an atypical way. Since there is also porn involved, I can see how this would be a problem. For instance, in a school setting, where bringing up porn can cause embarrassment and possible disciplinary action from instructors.

Plus, using the internet costs money, so commandeering a person's system should be illegal. There is already a law banning telemarketing from cell phones. To me, it seems like the same thing.

If the sites just had irrelevant content and didn't take control of the browser, I don't think the government could touch him, but since his programming works in an almost virus-like manner, his sites should be shut down.

Re:First Ammendment infringement, or is it?

[sik+puppy]

One of his sites, per the cnet story, was cartoonnetwork.com.

It doesn't take a genius to figure that a substantial percentage of the visitors to this site will be children. To deliberately expose children to porn is criminal.

I strongly oppose the "but its for the children" tack as justification for shutting things down, but when you blatantly target them like this, you've wandered into extremely dangerous territory.

Personally, I don't allow activex, java, etc to run, except on sites I explicitly trust, but the vast majority of people either aren't aware or aren't technically savvy enough to do these things. There's a reason AOL is the number 1 isp. (I know I'm preaching to the choir)

Anyway, this idiot is no better than a spammer, and deserves the same treatment.

Re:First Ammendment infringement, or is it?

[jesser]

One of his sites, per the cnet story, was cartoonnetwork.com.

I think the cnet story was trying to say he owned a misspelling of cartoonnetwork.com. It took me a few seconds to figure out what that sentence was trying to say, as well. That doesn't change the fact that many of his hits were from children, but it does mean that he didn't get hits from 60% of the people trying to find the cartoon network's web site.

Here's the sentence: "Zuccarini registered many misspellings of popular sites, such as Cartoonnetwork.com, the FTC said, in a bid to draw traffic from sloppy typists."

Re:First Ammendment infringement, or is it?

[sik+puppy]

A little late on the reply, but at one point, I read he has 15 misspellings of cartoon network.

I have a couple of friends who are former surfwatch employees, and they were familiar with a many of the porn sites. These sites were absolutely opposed to children visiting them. They do not want kids traffic, as they don't generate revenue, and they do generate parental and political problems.

Overcomplexity is to blame.

[fmaxwell]

Because a bunch of morons thought that the web had to look like television, they put ActiveX, VBScript, Javascript, Flash and other crap into browsers and plug-ins. This, not surprisingly, lead to many vulnerabilities like the one exploited here. (Who is the genius that decided that the "Back" button should be able to be redefined by any website that the user viewed?) If the web simply displayed pictures and text, we would not have this idiotic problem. Lest you laugh, that's what books and newspapers have done for centuries and they still seem mighty useful and popular.

We have seen this overcomplexity lead to many problems. Look at Microsoft Outlook: some group of idiots decided that displaying text, or even pictures, was not enough. So they added Visual BASIC scripting to it. And HTML that you can't turn off. Suddenly any nitwit could create an e-mail Trojan horse that emailed itself to every person in the address book. Or Outlook could display some web site in the preview window, play annoying music, or provide confirmation to a spammer that you received and saw his message.

It's time that we started demanding robust, secure applications even if it means that web sites won't be able to display animated, dancing piglets.

Re:How cool can it be?

[unitron]

Okay, let's say that the moderation system exists solely to improve the browsing experience of those who do so at +1 or higher. What then is the point of reducing the karma of innocent victims of a site bug?
If someone makes what would have been an up-moderated comment if it had landed in the story the commenter submitted the comment to, then suposedly this is a person one would want in the pool of potential moderators.
What if this one down-modding is the only one they get, and the only reason they aren't given mod points? Kinda defeats the purpose, doesn't it?

Re:How cool can it be?

[staticdragon]

Thank you MadAhab. Yes, my comment was supposed to end up in the disussion about the body heat powered battery. Sucks to lose karma for an error but I don't think I post to slashdot enough to really care about karma anyway.

Another example..

[bbh]

Noticed a long time back that www.sourcefourge.net is one of these sites. Is nothing sacred!

bbh

Hate to nitpick, but... [RANT]

[FallLine]

But my beef about that isn't with Amazon, it's with the patent office.

That's not the patent office's job. It is not, has not, and should NEVER be their job. The USPTO's primary function is to act as a mere repository of claims. Inventors file their claim so that they can officially document what their claims are and when they filed them. When necessary, the inventor can take any infringers to court, using their fillings as evidence. The COURTS are the ones that are designed to resolve conflicts. It's only secondary and incidental that the patent office has any real filtration function whatsoever--the primary objective there is to keep the Signal to Noise ratio as a reasonable level. They do this by doing some nominal checking for prior art (which there clearly isn't any in 1-click's case) and through other means. But it's not intended to be THE decider of worth or originality.

Anyways, the point is:

Don't blame the patent office. Blame the courts or blame the applicant, where appropriate.

Don't even necessarily blame the "system". Realize that ALL systems have problems, the question is whether our system itself is relatively optimal. I believe that if you take a few steps back, you'll see that the system, the way it is today, is well thought out and makes a lot of sense. [FYI, it works too!]

Think about it: Do you really want or think it makes sense to put all the hurdles up front? Consider how costly it is to decipher the various claims, prior art, research, and so on. It's simply unrealistic. Do you really want to give some gov't bureaucrat that kind of power if you're an inventor? Do you want to give up your ability to argue your case OR, alternatively, allow potential problems to resolve themselves.

Re:Hate to nitpick, but... [RANT]

[FallLine]

Actually, up until (IIRC) the late 70s, they did screen patents closely for merit. It's only been relatively recently that the "dump it off on the courts" philosophy was introduced.

The USPTO has surely relaxed a bit due to the drastic increase in the number of applications, but you're incorrect if you think the USPTO has _ever_ been the actual or intended determinant of the patent. Anyways, the courts don't have to overturn, they can simply declare that the product or service did not infringe on the patent, or even if they do, simply award nominal damages for negligible infringement.

The patent office needs to be reorganized to actually examine applications closely again, and WHO CARES if they make a damn profit. Any money saved by insisting that the PTO is profitable ends up being wasted in court anyway.

I never stated or implied that the PTO should be a money making operation. However, it is simply ridiculous to ignore the economic implications of operating the patent office in a given matter. This is true not just for the patent office, but also for the various inventors which file their claims with them. Put simply, not all patents deserve the same scrutiny, allowing market-like mechanisms to deal with it is a much more appropriate mechanism insofar as it does not waste resources on patents that are irrelevant or worthless. Most patents simply aren't even worth the filing costs, never mind the legal costs. [This has been true since the foundation]

Re:good! I've always hated Zuccinni

[unitron]

If every IE window is a separate process (and I have that option selected), why is it when I'm trying to do something useful like find information on a particular 2 cycle engine carburetor or an older Compaq monitor vertical scan circuit or whatever, and I've got several pages that I want to see open, if one causes IE to choke, it closes everything?

Easy fix...modify your hosts file

[freeschwag]

I got tired of pop-ups and re-programmed back buttons long ago( a couple months, I think)...I found an extensive block list on the net somewhere and added all that data to my hosts file that dumps all those addresses to localhost (127.0.0.1). Poof, tons of banner ads don't show up, back button redirects might get one or two windows open, but they are they are typically blank explorer windows. Ah, my online experience is so much better. If you come across another site you find "offensive" (but pr0n is so much fun too watch, just look at the stats, 250 movies made last year, 14000 pr0n flicks...hmmmmm)If I wanted to be blasted with ads, jeez I'd watch TV, oh guess I have to buy one first...email me if you want me to send you a copy of the hosts file I'm using.

Freeschwag@(nospam)hotmail.com

If it's free, it's me!

Back button

[Phroggy]

An important technical point: it sounds like the Back button was not actually reprogrammed to perform a different action. Rather, an onUnLoad event handler was specified in the BODY tag to execute a bit of JavaScript code when the window was closed. There are legitimate uses for this that are not annoying, although offhand I can't think of any (probably cleaning up things that were previously set, perhaps on a site that is designed to use multiple small windows for some special purpose).

Re:Back button

[pkesel]

The onUnload event can be used to set cookies that save form data that has not been sent to the server. I've used it on enterprise applications (only to appease stupid users) but I can't imagine doing it on an internet app.

Nice name: company + guy

[Publicus]

I wanted to find out about making zuccini cupcakes, but all I got was pr0n! waaaa!

W00t!

[veddermatic]

Me likee.

Registering typos is a smart, good thing (regradless of what you think =) but "trapping" is just plain WRONG.

I am pleassed to see this type of thing, assuming it actually gets implemented with some knowledge and thought.

Imagine surfing pr0n without holding your fingers poised over Alt-F4!

Oh, and to they guy who (anon) responded to my sig about being dyslexic as "we used to call you idiots who couldn't spell", I think we used to call folks like your mom "Dumb bitches who couldn't afford abortions"

Re:Konqueror

[jesser]

[Konqueror] allows you to control the behavior of the popups. Either you can let them popup, have it ask before pop'n them up, or deny them.

Since you seem to be on a platform that Konq runs on, I'll ask you: does Konq block pop-ups by default, or does it just give you the option to block them? If it blocks pop-ups by default, I'll commend its authors for being the first JS-supporting browser to ship in a state not vulnerable to the pop-up hydra DoS attack. If not, it's still good that you can block them. (I haven't checked Mac-only browsers, so I could be wrong about the "first" part.)

False alarms: sPEEch, peTITion, clASS

[yerricde]

People who are rabidly anti-filtering forget that for some purposes it is useful.

Explain it to Heather, who encountered censorware that changed her name to H****** because of the substring "eat her." The words "freedom of s***ch," "pe***ion," "cl***," "cu***ber," "**** school," and "A Plu* **am" are also perfectly legitimate, but because they contain substrings, they trip false alarms in hypersensitive filter software. See this page about a pe***ion for a sample, and see this page for more information on false alarms.

Re:False alarms: sPEEch, peTITion, clASS

[alexjohns]

From This page: "The Electronic Frontier Foundation believes that personal and parental choice is the best filtering mechanism of content on the Internet. The development of technological filtering tools and children's services will go much further to promote the safety of children and free speech than any legislation."

The fact that there are closed source (so to speak) filtering solutions doesn't mean that all filters are bad. False alarms I can live with, him typing in "www.whitehouse.com" and staring at a picture of a woman sucking on a dick is not something I can live with. There's a reason why my wife and I lock the bedroom door when we're uh, 'doing it', there's a reason I don't let him have a subscription to Playboy, there's a reason he doesn't go to bars with me.

There's all kinds of injustices done to children every day. Overexuberant filtering software is pretty far down the list of things we need to address. As I said, when he gets close to being a teenager, we'll talk, but that's 10 years away and no one has the ability to forsee what the 'net experience will be like at that point, anyway. In the meanwhile, he'll get access to disney.com and nickjr.com and that's just about it. (And, of course, here I'll get the flames about how bad Disney-fication is to kids. Actually, my son is really into Scooby-Doo at the moment. I didn't get into it until I was in my early teens. Does that mean he's a child prodigy?)

What's your algorithm?

[yerricde]

So WHAT if they aren't perfect? Improve them.

How would you design your censorware to distinguish between Rep. "Dick" Armey and "Dick" meaning male genitalia? I'd like to see the algorithm you propose to use that won't set off too many silly false alarms.

Quick key-press to stop IE popup hell

[yatest5]

Not that I *ever* browse porn sites, but pressing alt-F4 closes new windows faster than they can spawn new ones.

Right to lif^He? (was Re:Interesting)

[Simon+Brooke]

The real question is, is this a violation of the owner's civil liberties, or a victory against spammers?

The guy is setting out to deceive the unwary. Do you have a civil right to deceive people? Of course people decieve people all the time, and some forms of deceit are considered legal (and, equally, some illegal). But there's a big difference between being legal and being a civil right. What it seems to me this is fundamentally about is the right to lie, and as far as I'm concerned that is not a civil right.

Re:Your sig

[greenrd]

rm: `/root' is a directory

Juts like DeCSS SHOULD HAVE BEEN HANDLED!

[Per+Abrahamsen]

It is NOT the code that is banned, it is a particular use of the code that is banned.

This is how DeCSS should have been handled, the code itself should be legal, but using it to make unauthorized copies of DVD's should be illegal.

Using DeCSS to play DVD's or to make copies under "fair use" should be legal, of course.

(sorry for shouting)

Give the power back to the users!

[Per+Abrahamsen]

The real problem is that Netscape and to a lesser degree Microsoft have been bending over backwards to give full control of the presentation to the content provider, against the original idea of HTML to let the content provider describe the content, and leave the presentation to the user, or the software acting on his behalf.

Such traps are just the absurd symptoms of how control of the users machine have been taken away from the user, and given to the content provider. The real way to combat this is to tranfer control back to the user, and demand content based markup over presentation based markup.

Test Your Skills..

[webworkz]

Has anyone ever seen crashme.com?

I find this site incredibly stupid.. or incredibly smart when accessed by a stupid person.

If you haven't seen it, it counts down and then just keeps popping up new browser windows until you eventually lock-up. The neat thing about it is that it tells you to save your work.. the owner must be a real nice guy *cough*idiot*cough*.

If you feel like testing your skills; let it count down and give it a head start.. Then see if you can close the windows as fast as it pops them up. Yes, I do fall under the "stupid person" category as I have actually tried this.

Re:Test Your Skills..

[webworkz]

Haha. That's kind of funny considering the point of the web site.

You'd figure someone that actually took the time to write that script would take the time to make sure it worked in most instances.

Wouldn't it make more sense to modify browser?

[walterbyrd]

Trying to shut down everybody that does this sort will obviously be futile.

Seems to me that it would be much easier, and more effective, to make some changes in the browser; so rogue sites would not be able to disable back button, etc.

Re:good! I've always hated Zuccinni

[hearingaid]

I'm guessing you're running Windows IE.

remember, IE is a part of Windows?

thus, when IE dies, so does Windows. :)

don't know if it's the same guy...

[Frederic54]

but www.gamcopyworld.com and www.taghuer.com both points to sex site...
I know I mispelled them some times ago and restet them

We aren't just bitching.

[scathed]

No one is truly objecting to government involvement that has posted to this thread. The objection is to *how* the government chooses to become involved. To control how programmers write their code - that's how the government has chosen to address this particular problem. Infringing upon the civil liberties of programmers rather than finding an actual solution. It's dangerous perspective - that creates a climate where the Internet is seen as evil, and scary, and the only way to tame it would be to create more and more restrictions.

By no means am I an anarchist, but nor am I a capitalist. To rail against the constrictive efforts of the government is just, because they opt to take the easy solution rather than an equitable one.

Re:I couldn't disagree more! with your disagreemnt

[metis]

As you say, this isn't a perfect world. That is why the requirement that regulation be perfect is pointless. People mess up everything, and society stumble along by a myriad of checks and balances.

regulation does work. For example, the streets are not covered with litter and dog poo, and none of my neighbors remodel their appartment during the night. Of course, there are failures and problems, because as you said, the world isn't perfect.

There is no such contract. You speak of a illusion, a ghost, if you will.

An implicit contract exists in every human transaction, and becomes legally binding whenever the courts say so. Of course, judges can and do err. To prevent such "imperfection" your seem to want to to ban human judgement.

Code is speech

Yes, and code also does stuff. That is why it is the business of the courts to decide which speech is protected and in what circumstances. Your all or nothing attitude doesn't fly and never will.

Period. End of story

No, the story just begins, the story of making distinctions and bringing human intelligence to bear on life.

Sooner or later that FTC will shut down a site a majority of people doesnt think is "abusive"

And then someone will appeal the decision and the courts will decide whether the rights of the minority have been somehow inapropriately curtailed. And if the court will judge wrongly, you and me can demonstrate in Washington until we get politicians to appoint smarter judges.

And in the end, it still isn't perfect. Because nothing is, not even the technological shiboleth.

This is more like NIMDA than DeCSS

[raindog2]

How exactly is exploiting *this* Javascript behavior any more acceptable than NIMDA's web vector?

I think hydras are much more like a virus than they're like DeCSS. They deliberately produce undesirable behavior on the machine you own. In fact, I'd put many copy protection schemes into that category as well...

Turning off popups is ok but...

[hether]

Turning off popups is ok but then what do you do for sites who have legitimate reasons to open things in a new window? For example when you have a ? next to a word that links to a quick popup definition of that word.

I tried browsing with a popup stopper product in place and there seems to be no differentiation between links you click on that you WANT to open in a new window versus those that just open on their own do to a javascript function of some sort. Is there any way to differentiate between the various kinds of popups or the reason they are coming up? Does anyone know of a popup stopper product that does? I don't want to stop ALL popup windows, but anything with the X-Cam or similar that just shows up under my other windows or things that load upon page load or page unload.

On a side note, I have been trying to switch to using Opera exclusively after using it on and off for awhile and can tell you that it isn't working out as I hoped it would. There are several sites I can't visit even when I identify myself as MSIE 5. One is the site for my online banking. I'm thinking it has to do with SSL or some other security feature. Still for the most part - I love Opera!!

Re:Turning off popups is ok but...

[Yer+Mom]

AdSubtract lets you configure popup blocking on a per-site basis, but only in the Pro version which costs money. The other versions don't do popups at all.

Proxomitron should let you do this as well, but the configuration is a little more complex. OTOH, it can do a whole lot more and it's cheaper :)

Re:Accountability

[Snootch]

wrong idiot. I use mac running old safe Netscape Navigator 3.0.1 (the only one ever shown to have no backdoors or exploits) and I have javascript off usually. Plus it has a history menu to jump back anyways, unlike the pc version of IE.

Hmm...I don't exactly see how that goes against my point - you do not have a Javascript-enabled browser, ergo you are safe.

Re:good! I've always hated Zuccinni

[Telek]

remember, IE is a part of Windows?

thus, when IE dies, so does Windows. :)


WHAT are you talking about? If you're on windows 9x then having iexplore.exe go wacky doesn't effect the rest of the processes, just kill all the internet explorer windows. If you're on windows 2000/Xp/NT just kill the root iexplore.exe process and all IE windows will go poof.

what you said makes no sense.

Re:good! I've always hated Zuccinni

[Telek]

If every IE window is a separate process

Umm, no, you're confusing explorer windows with internet explorer windows. There is no option to "open every internet explorer window in it's own process". And I don't know why you'd want the "open every explorer window in it's own process" anyways.

Thus you can just kill the root iexplore.exe process and all of the ie windows under that process (i.e. spawned from that site) will die with them. You *cannot* open a new iexplore.exe process from within internet explorer.

Re:good! I've always hated Zuccinni

[unitron]

"Tools, Internet Options, Advanced, Launch browser windows in a separate process"

Of course we are talking about MS here, so when they say separate process who knows if that means what it would to anybody talking about any other OS. (I mean, what the bleep is a "friendly" URL or error message?)

I've had the problem happen both with windows launched by right-clicking and clicking "Open in new window" and with windows launched by calling iexplore.exe via the Start button menu.

Usually it just murders all the IE windows but not anything else, although if I get trapped in hydra-headed pop-up hell, that'll sometimes lock up the whole machine and require a cold boot.

I do hope that there is a special circle of eternal torment for whoever thought it was a smart idea to give the file manager and the browser the same name.

Re:Your sig

[rmgrotkierii]

is this better? :P

Re:good! I've always hated Zuccinni

[Telek]

what?!

"Tools, Internet Options, Advanced, Launch browser windows in a separate process"

I don't have that option. I do have that under explorer as tools, folder options, view, advanced settings, launch folder windows in a seperate process.

(I mean, what the bleep is a "friendly" URL or error message?)

right click, choose "what is this?", and it will explain it to you.

I've had the problem happen both with windows launched by right-clicking and clicking "Open in new window" and with windows launched by calling iexplore.exe via the Start button menu.

right-click and "open in new window" opens in the same process, running another iexplore.exe creates a new process.

if a window goes berserk or crashes or you kill the process, it will only kill all of the windows that were launched from that process... your other iexplore windows will be fine and unharmed.

and unless you're using windows 9x then you can't kill the system by having popup hell with iexplore windows.

I do hope that there is a special circle of eternal torment for whoever thought it was a smart idea to give the file manager and the browser the same name

Huh?

"Internet Explorer" and "Explorer" is not that small of a difference, and what does it matter? They're two seperate names. I don't understand your beef.

I am glade

[mpost4]

it is annoying to end up at those sites, there is one the is aimed at slashdot too. i forget the exact spelling of it, since it was a typo i might not ever remember, but i had to do killall -9 mozilla-bin to excape it.