A New Low for Web Advertisers: Pop-Up Downloads

rizzmanix writes: "I thougt it was strange that I had been getting a lot of pop-up download prompts for the Gator software as I browsed around the web in the recent days. Why were all these sites requiring this Gator thing I wondered? Well I wonder no more... as apparently advertisers hit a new low by running 'pop-up downloads' instead of pop-up ads. Sneaky, underhanded, nasty and vile."

Sounds like Nimda :)

[possible]

What's interesting and revealing about Gator's approach is that the well-known Nimda worm spread by injecting popup download code into IIS-served web pages, exploiting a vulnerability in Internet Explorer that caused the user NOT to be prompted before the dowloaded program executed.

Really nasty variety

[-brazil-]

This kind of thing has been making headlines in Germany recently.
Many sites try to coerce users (especially kids) into installing
"high-speed" or "priority" internet dialers that in reality just change the default internet
connection to an extremely expensive number. By the time you
get the phone bill, it's often in the four-figures. The telco
doesn't want to be responsible since they just rent out the
numbers, and the companies that rent them are also mostly resellers with
with the final "customers" mostly being based outside Germany.

Re:Really nasty variety

[ryanwright]

The telco
doesn't want to be responsible since they just rent out the
numbers

Well, the telco IS responsible, and if something like that were to happen to me it'd be "Sorry, I'm not going to pay this." The telco didn't rack up those charges, they're simply passing along the third party bill to you. Since said bill was generated through deception and fraud, there is no way in hell anyone could force me to pay it.

In the USA, at least, the telco legally can NOT disconnect your service for refusing to pay third party bills like this. You just tell them to fuck off and if they give you any hell, threaten a lawsuit, and/or call your state's consumer protection agency. People who sit there and pay that crap are insane. They need to realize that just because someone bills you for something doesn't mean you're obligated to pay for it, and there's not shit anyone can do to force you to pay it. Their only option is to convince a judge that you really owe them the money.

I've invoked the "ain't gonna pay that" attitude many times, especially when it comes to BS medical bills. I've never had a problem: Either they justified their bill to me and I paid it, or they left me alone. None have dared to send one to collections or put it on my credit report yet.

Question about Gator specifically

[Carmody]

Does anybody actually like the software? I accidentally installed it once, before I had heard about "spyware" and "scumware" and I just found it completely annoying. Now that I think about it - I had to do a google search to find out how to remove it, and that's when I first learned about that sort of thing.

So my question is: Is there anyone who actually WANTS the software? Or are ALL copies there because someone accidentally downloaded it and doesn't know how to remove it.

Re:Terms of Agreement

[dschuetz]

I would think that this is partially illegal to install software on a person computer without that persons consent.

I would think that it's COMPLETELY illegal to do this. If the program that's getting installed were to wipe your hard drive, there'd be lawsuits galore and FBI people kicking down the doors of the company hosting the hostile download. Why exactly nobody's been able to convince a judge that this is the same thing is beyond me.

I got royally flamed in a mailing list for complaining about a site that tried to force gator on me. The admin's response was "it didn't try to install gator, it asked you first." My argument was "it only asked me because it tried, and my browser said 'no.'" Naturally, we got nowhere.

It's even worse if they find a way to install without prompting the user. Not only is that a wide-open door for serious viruses, but it ABSOLUTELY removes any semblance of authorization (and I'd argue that a user blindly clicking "yes" to simply make the damned download panel go away doesn't constitute informed consent, either).

Not reading the article well is even lamer

[Watts+Martin]

As long as you're quoting the article you read, how about:

In some cases, people are not even asked whether they want the software. It just installs on the hard drive--a particularly troublesome tactic that some have dubbed "drive-by download."

Why, gosh, the article you castigated the first poster for not reading says that sometimes you don't have to give your consent, just like the first poster said. So who didn't read the article?

How to Guard Yourself and Then Strike Back...

[TheLibra]

Well, for those of us who are forced to deal with an Micro$oft environment, there is some good news. Remember Nimda? It operated in a similar way when it was spread through web-pages, by forcing a download. Internet Explorer had a weakness that allowed this to happen. Now, however, they have the fix in IE 5.5 SP2... might also want to get whatever critical updates there are from the Window$ update site. So if you have that, and the patch for Nimda you shouldn't be forced to do anything. Cancel should always be allowed.

And honestly, people, if you set yourself to automatically accept downloads, you're just asking for a trojan.

Now that you know the defense, let's talk about the offense. Some very respectable Hackers have already created programs designed to kill browser popups. Might I suggest as a new challenge for these ingenius few that a program be created that you can simply set an auto-cancel after a program asks you once to download it (like Gator)?

For those of us without that level of programming ability, I recommend giving these companies that do this a flood of email complaints, expressing just how much we detest the all-time low they have reached. Since so many of us are in the IT or helpdesk field, we're in a unique position in that people believe what we say. If Gator persists in these forced-downloads, then start letting every single one of your customers know that Gator stands a chance of royally screwing up their operating system and compromising their security. If they ask for specifics, look for any bug whatsoever that has been reported, or that you can find in the program, and exploit it like a cheap tabloid. If it crashed one persons system and made them reboot, then it -always- crashes systems... etc.

Of course, I myself would never result to any illegal means, but legal strongarm tactics are very effective when done in mass-quantity. If enough of us get together on this, and enough sand is thrown by enough people, advertisers will eventually get the hint.

Now who's with me?

-The Libra
"Maybe Lisa's right about America being the land of opportunity, and maybe Adil's got a point about the machinery of capitalism being oiled with the blood of the workers." - Homer Simpson

You Are a Minority

[Greyfox]

Most of the people on the internet are in fact consumers. The mindset will not be abandoned because more and more consumers are getting on the net every day, which means us techies are becoming an increasing minority.

I think we'll only be able to escape the constant bombardment of advertisments (And skript kiddie attacks and all the other comparatively recent crap) by establishing our own network on top of the internet. It's easy to do and we're technically capable of doing it.

Been happening for years now. . . .

[Com2Kid]

On the seedier side of the web, nothing new folks. Just now its spyware instead of trojans, thats all. (oh wait there is a difference. . . .)

A lot of japanese h-anime sites (the less artistic ones, yes there is artistic hentai, get over it and deal.) use a dial up program of some sorts that I am (assuming) dials some sort of toll number, but it only works if you have a dial up modem, negates the need for a credit card though.

Some of the seedier US web sites I have seen actualy attempt to automaticaly do this to you (ouch) luckily enough I have a cable modem and I uninstalled my regular ol' modem quite a while ago. ^_^

My Japanese Tutor actualy had a related problem, (didn't look at porn, damn thing managed to spread anyways, VERY annoying). One of these toll programs (one of the less respectable variety) got on the computer and refused to go away, hooked on to everything.

Nasty stuff.

Re:And for those still on dialup

[Ardax]

You're forgetting something about IE (and maybe Moz too?): The file is downloaded in the background while waiting for the user to accept or deny the download, so you're still wasting time and bandwidth by receiving a file you probably don't want. For broadband users, it's not such a big deal (but it does eat up more bandwidth of the scum that uses such a technique), but for modem users it will slow things to a crawl.

Re:And for those still on dialup

[sqlrob]

For you and others like you, it specifically states that a pop-up box appears and requires the user to accept the download

I've seen sites (cardcentral.net) that use JavaScript to put their own dialog over everything but the Yes/No buttons on the download box. The dialog box appeared to be something along the lines of "Security warning: You are infected with a virus. Clean?"

Re:And for those still on dialup

[jmccay]

Not to mention the possible security problems! If a cracker setup a phony web-site to trick users into install some software to give them access to the system to use in DOS attacks and such. I think the site that use this type of advertising will eventually feel a backlash from the public on this because it's too dangerous.

Have people forgotten Comet Cursor already?

[Galvatron]

Comet Cursor was a popup download on many sites, most annoyingly doonesbury.com. I'm sorry to see that they didn't learn their lesson back then...