A New Low for Web Advertisers: Pop-Up Downloads

rizzmanix writes: "I thougt it was strange that I had been getting a lot of pop-up download prompts for the Gator software as I browsed around the web in the recent days. Why were all these sites requiring this Gator thing I wondered? Well I wonder no more... as apparently advertisers hit a new low by running 'pop-up downloads' instead of pop-up ads. Sneaky, underhanded, nasty and vile."

a followup link

[argStyopa]

www.scumware.com

Re:a followup link

[GnomeKing]

Why is it that some people always try to get karma just for posting clickable links?

Re:a followup link

[jazman_777]

Why is it that some people always try to get karma just for posting clickable links?

Maybe it's because they always _get_ karma points for posting clickable links. I think someone should hack /. and give everybody 50 karma points, so there'd be no more karma whoring...

Re:a followup link

[ichimunki]

I think someone should hack /. and give everybody 50 karma points, so there'd be no more karma whoring...

Like it's really that hard to get to 50.

Here's how I can get several points just from this story: "Thankfully I run [Mozilla|Galeon|Konqueror|Lynx] on [Linux|*BSD|Atari 800], so these [twerps|cakeholes|spammers] can go die for all I care. JavaScript is the Devil's own creation. If I wanted to download your software I'd download your software! Imminent end of usable web predicted!

Re:a followup link

[ichimunki]

Addendum: even if everyone started at the cap, that would just encourage trolling. The games no fun if you have the high score, and a few Beowolf Cluster of Natalie Hot Grits Portman PT Cruiser posts would get you right down to 0 in no time.

Re:a followup link

[estes_grover]

Heh...I go to download the newest Ad-Aware and up pops a window promising me that I've won a vacation and I have to do is click 'next'.

Re:a followup link

[Verteiron]

You forgot to put "petrified" in there.

Re:a followup link

[phaktor]

I think someone should hack /. and give everybody 50 karma points, so there'd be no more karma whoring...

great that would give rise to the troll game (who can go from 50 to -15 the fastest)

Re:a followup link

[jafac]

Because they are helping readers of this thread to find information that is actually relevant to the topic being discussed.

Instead of whining about other people getting karma.

Re:a followup link

[jon787]

Okay, I'll admit it, you suckered me in on that one.

Re:a followup link

[bleckywelcky]

Got me too, cause I wanted to see what this taco inspector thing was. Fortunately the pop-up window was just small enough that his crack was below the screen. Thank goodness for that.

Re:a followup link

[cduffy]

Stop bitching about the Karma cap. It gives otherwise maxxed out people at 47 an incentive to post quality.

Eh?

Except initially, most folks don't write quality posts to raise their Karma; most folks who write good posts do so because they want to. Anyhow, the average post quality was quite a bit better before the Karma system existed (and, for that matter, before user logins were used).

However, if we did presume that people could be motivated to write good posts by granting them Karma, then eliminating the cap and always having that incentive of karma+1 be there (as opposed to where folks with a Karma of 50 supposedly -- in your view -- have no incentive to write quality posts). Similarly, one doesn't motivate folks to work by placing a wealth cap at $100,000; rather, allowing more work to always mean more wealth grants far better results.

Re:a followup link

[symbolic]

In addition, online advertising network L90 has sold the one-click downloads
BR>

[sniff, sniff] What's that SMELL? Oh...it's smell of another one-click patent.

Re:a followup link

[mitheral]

Anyhow, the average post quality was quite a bit better before the Karma system existed (and, for that matter, before user logins were used).

Probably due more to only having a few thousand users instead of a few hundred thousand users. I'd bet you remember when a hundred comment post was bug news.

And for those still on dialup

[Dead+Penis+Bird]

It's a complete disaster, waiting for applications to forcibly download when you're trying to surf. It has to be the most invasive form of advertising yet.

Is it actually legal to put something on a user's machine without permission? Sounds almost virus-like.

Re:And for those still on dialup

[Oliver+Wendell+Jones]

Wow, yet another "I didn't read the article, but I feel fully qualified to comment on it" response...

For you and others like you, it specifically states that a pop-up box appears and requires the user to accept the download, and they rely on the fact that 99.999999% of the non-slashdot population immediately assumes it is something they need and click "Yes".

Re:And for those still on dialup

[WaktONE]

There are also apps (for free, even) that can kill such pop-ups, and other irritating ads from ever appearing. I use on at home and as work: AdSubtractPro does the job fairly well at work, and "adkiller" at home does a fantastic job of killing any such annoyance. I highly reccomend finding and using such apps.

Re:And for those still on dialup

[sphealey]

Wow, yet another "I didn't read the article, but I feel fully qualified to comment on it" response...

For you and others like you, it specifically states that a pop-up box appears and requires the user to accept the download, and they rely on the fact that 99.999999% of the non-slashdot population immediately assumes it is something they need and click "Yes".

Most human groups nowadays have this little thing called "society", which is generally formed in an attempt to mitigate the worst aspects of the "dog-eat-dog" model of life/social organization. It one of the things that are generally believed to seperate "humans" from "lower animals".

One thing that "society" tries to do is protect the average joe from the consequences of ignorance. Why do that, you ask? Why not let Darwin take his course? Because as our wealth grows and our world becomes more complex, everyone is ignorant about some areas of life. And today, everyone is ignorant about most things that keep us alive (dug your own well lately?).

So let's be careful here - just because Slashdotters know better than to click on that Yes doesn't mean everyone does or should.

sPh

Re:And for those still on dialup

[sketerpot]

Actually, the article has this to say:

In some cases, people are not even asked whether they want the software. It just installs on the hard drive--a particularly troublesome tactic that some have dubbed "drive-by download."

The concern about viruses is, I think, a very legitimate one. I'm just glad I use Opera, which wouldn't let them do that, I think. Other browsers (Mozilla? Konqueror?) might be just as good, but I haven't tried them.

Re:And for those still on dialup

[Ardax]

You're forgetting something about IE (and maybe Moz too?): The file is downloaded in the background while waiting for the user to accept or deny the download, so you're still wasting time and bandwidth by receiving a file you probably don't want. For broadband users, it's not such a big deal (but it does eat up more bandwidth of the scum that uses such a technique), but for modem users it will slow things to a crawl.

Re:And for those still on dialup

[frunch]

And while the article states that a most advertisers use a pop-up box to ask if you want to download, I know for a fact that certain companies are not. For instance, about 6 months ago I had the program "TopText" installed on my computer without my permission. It's a relatively useful little application that allows you to get more information about any word in a webpage, but nonetheless something I didn't want, and didn't give permission to install. The only way I figured out it was there was when little yellow lines started appearing below words in some webpages.

Re:And for those still on dialup

[sqlrob]

For you and others like you, it specifically states that a pop-up box appears and requires the user to accept the download

I've seen sites (cardcentral.net) that use JavaScript to put their own dialog over everything but the Yes/No buttons on the download box. The dialog box appeared to be something along the lines of "Security warning: You are infected with a virus. Clean?"

Re:And for those still on dialup

[benjymous]

Unless they're using Mozilla, which starts downloading from the moment the download link is opened, rather than from the time you OK the save requester

Re:And for those still on dialup

[jmccay]

Not to mention the possible security problems! If a cracker setup a phony web-site to trick users into install some software to give them access to the system to use in DOS attacks and such. I think the site that use this type of advertising will eventually feel a backlash from the public on this because it's too dangerous.

Re:And for those still on dialup

[fanatic]

You're forgetting something about IE (and maybe Moz too?): The file is downloaded in the background while waiting for the user to accept or deny the download,

Unfortunately, Mozilla has this behaviour. It has created all kinds of issues. I have argued in vain that the program should wait for the user to name the file before starting the download. Unfortunately, that is just too simple.

Re:And for those still on dialup

[lawyamike]

Why don't you just cancel out of the download? If the site won't let me continue without this invasive (and potentially deleterious) form of advertising, then I cannot think of a benefit of visiting the site that is of sufficient value to offset that cost. I mean, if you're on a dial-up there isn't much point in downloading anything in the first place, no?

Re:And for those still on dialup

[GreyPoopon]

Wow, yet another "I didn't read the article, but I feel fully qualified to comment on it" response...

I guess you didn't read the whole article yourself. :-) Check this quote:

In some cases, people are not even asked whether they want the software. It just installs on the hard drive--a particularly troublesome tactic that some have dubbed "drive-by download."

Granted, anybody who has this happen automatically can only blame themselves for allowing any ActiveX program to download and run without requesting permission, but note that it *is* happening. Some of those poor dialup users are definitely getting nailed.

Re:And for those still on dialup

[WhiteKnight07]

I can confirm that these "auto-downloads" don't work under Mozilla 0.9.9. However judgeing by the script it looks like it works under Netscape 4.x and maybe under Netscape 6. But as you can see it only works on Windows comps. Have a look:

<script>
var exepath='http://www.mp3yes.com/free_mp3_finder.exe ';
var bname=navigator.appName;
var bver=parseInt(navigator.appVersion);

function install() {
if ( navigator.platform && navigator.platform != 'Win32' ) {
location.replace('NOTWIN32WARNING.html');
return;
}
if (bname == 'Microsoft Internet Explorer' && bver >= 2) {
document.write('');
}
else if (bname == 'Netscape' && bver >= 4) {
trigger = netscape.softupdate.Trigger; if (trigger.UpdateEnabled) {
trigger.StartSoftwareUpdate(jarpath, trigger.DEFAULT_MODE) }
else { location.replace(exepath);
}
} else {
location.replace(exepath);
} }
install();
</script>

(taken from mp3yes.com)

Re:And for those still on dialup

[WhiteKnight07]

crap... stupid tags....

The "document.write();" is supposed to contain this:

'<object id="ayb" width=1 height=1 classid="CLSID:018B7EC3-EECA-11d3-8E71-0000E82C6C0 D" codebase="'+exepath+'"></object>'

Re:And for those still on dialup

[Queer+Boy]

The concern about viruses is, I think, a very legitimate one. I'm just glad I use Opera [opera.com], which wouldn't let them do that, I think. Other browsers (Mozilla? Konqueror?) might be just as good, but I haven't tried them.

OmniWeb for Mac OS X has the BEST feature I have ever seen (and haven't seen it replicated in other browsers):

Javascript is:

• Enabled
• Disabled

Scripts are allowed to open new windows:

• always
• only in response to a link being clicked
• never

Of course, not using Windows (and IE) will save you from most of the horrors of the Internet.

Re:And for those still on dialup

[WhiteKnight07]

How odd.... several people have stated that the download starts automatically in Mozilla yet it does not for me. I've already checked to see if the Proxomotron was blocking it, and it wasn't. I wonder whats keeping it from running....

Re:And for those still on dialup

[Tattva]

So let's be careful here - just because Slashdotters know better than to click on that Yes doesn't mean everyone does or should.

Prediction: You're so circumspect, thoughtful, and slow to jump on the bandwagon that your extinction from Slashdot is guaranteed.

Re:And for those still on dialup

[DavidTC]

Why the hell would anyone want that 'feature'? I want my downlaods to start as soon as possible, not click a link that loads a redir page, walk away, and come back five minutes later to find my computer has been sitting there like a moron.

You can argue the browser shouldn't stick it anywhere accessible until you name it, and that's fine, but saying it shouldn't start the download means I don't want you anywhere near my web browser, as your pointless paranoia is making it suck. If you haven't named it yet, it should download it to DOWE392R.TMP, not sit there like a gap-jawwed idiot waiting for you to name it.

Re:And for those still on dialup

[fanatic]

First, my 'rules' for computer interfaces are:

1. Do what I tell you to do.
   
2. Don't do what I didn't tell you to do.
   

Anything else is dangerous, silly and irritating.

Second, even if you think breaking rule 2 is worthwhile to save a few seconds, the Mozilla implementation is badly broken. Consider downloading a 600MB ISO, and your / partition has 100MB free. Even though you name the file /usr/local/I_have_infinte_space_here/iso.iso, Mozilla continue to download it to, say, /tmp/DOWE392R.TMP, which can't work since this is in / and there's not enough room. It's arguable that once the file is named, Mozilla should rename it and move it if necessary, but if you don't start downloading until the file is named, then put it where the user told you to, the issue doesn't even arise. (Or if it does, it's the user's fault.)

Third, how much time are you actually saving? Except in the case you mentioned,where you're too silly to spend an extra 1/2 second to ensure that your download has actually started, the saving is trivial.

Fourth, you are rude and stupid. It's not asking that much that you spend an extra half second after clicking on a link to make sure it did what you expected.

Re:And for those still on dialup

[PurpleFloyd]

It seems that you didn't read the article either. In fact, in the article, it states that some porn sites are pushing downloads onto users' computers without their permission, including scripts that redirect dialup connections to a 900 number, which allows the con artist to rake in the cash until the customer gets his or her monthly phone bill. While most "legit" companies offer a way to opt-out (although tactics like Gator's can hardly be considered very legit), criminals can take advantage of the same methods to do something far worse than simply showing one ad over another on Yahoo.

Re:And for those still on dialup

[plugger]

I particularly like that feature of Mozilla.

I do have broadband though, and downloads are only ever initiated because I want them to be (barring the odd accidental click).

Re:And for those still on dialup

[Tuxinatorium]

Internet Explorer is ridiculously vulnerable by default. A website can use an ActiveX exploit on any version of IE to make you automatically download and run any executable, which basically opens the door for them to plant trojans, steal credit card numbers, or do virtually anything to your computer. The only way to make IE impervious to this is to turn off ActiveX controls. But the vulnerable setting is the default. I could make a website that would automatically reformat the hard drive of every Windows IE user who visited it with ActiveX controls turned on.

But unless they use an exploit like that, there is no way to make you download and run anything without having your consent at some point.

I feel sorry for the people who are too stupid to click "No".

Gator, eZula, and all SpamWare/SpyWare are evil, annoying, and intentionally made as difficult as possible to uninstall. They butcher your settings and fuck with your computer without asking. They're the electronic equivalent of being mugged. There should be a law against that crap.

Re:And for those still on dialup

[Matthaeus]

some of the downloads (*cough* gator *cough*) download a program that is only a few kilobytes. This program trickles down the rest of the program at .1 k/s whenever you're online. Not enough to notice unless you're running tcp/ip over squirrelnet or something, but eventually the spyware will be downloaded. This has the added effect of seperating cause and effect so you can't be sure how you were infected.

Re:And for those still on dialup

[DavidTC]

It's not asking that much that you spend an extra half second after clicking on a link to make sure it did what you expected.

And this is where the whole thing falls apart. I don't mind spending half a second. However, as the title say, 'And for those still on dialup'. I do mind clicking a 'download' link that's a really a redirect, and having to wait 20 seconds over a crap modem for it to redirect, 5 seconds because they inexplicably put in a 5 second delay on the redirect, then another 20 seconds for the file to start downloading, then half a second to rename it.

And I don't really know what you mean by 'don't do what I didn't tell you to do'. You did tell it to download the file. It should keep doing so, to wherever it downloads files by default, until you tell it where else to put it.

If you want to make it an option, fine, than people with T1s with small hard drives can turn it off. But those people who have several gigs free and connections that don't get higher than 28kps can turn it on.

And I have to make the assertation that the 'I clicked on the link and it filled up a 100 meg partition before it could be renamed' camp should just, frankly, shut up, as those people can just download the file again, probably in less time then the first connection finished connecting for those of us out where they don't have DSL or cable modems yet, and the phone lines are apparently strung though lakes for all the quality we get.

Pop up download

[fruey]

Scares the hell out of me. Whoever does this should get their sites DoSsed immediately.

This is a major security issue, and clearly by default the only warning in MSIE is a dialog box, which you may already have set to just accept downloads automatically.

Yet another reason to use non-standard browsers and non Windows OS, so that you even if you end up with an executable it won't execute.

Re:Pop up download

[Corby911]

It's also a convincing argument for turning off all forms of client-side scripting except for when they are needed.

Re:Pop up download

[ShadeEagle]

It shows up as an ActiveX Control. A site I use frequently, EZBoard, has this form of advertisement.

And yes, people CAN set up their computers to automatically accept these. The newer IEs always ask 'do you want to download or save this' to everything, even though no matter what kind of file it is - zip, rar, exe - I wanna save it, not run it.

It's very annoying, it SHOULD be illegal if it isn't, and it slows some browser/os/pc combinations to a crawl... I'm currently on my work's PC which is a decent system, running NT and IE5, and it is friggin slow.

Re:Pop up download

[ZorinLynx]

What I don't understand is why Microsoft hasn't gotten on the ball and added configuration options to MSIE to completely disable this sorta thing.

In other words, don't ask, don't tell, just quietly deny it and leave the user alone. Maybe log it somewhere.

Another feature I'm surprised MS hasn't added to IE yet is deny window.open on page load or page leave. This has become immensely popular in the Mozilla and Opera world, it boggles the mind that MS hasn't implemented it yet.

Re:Pop up download

[sketerpot]

Hear, hear! In almost all cases that I have seen, JavaScript stuff could have been replaced with ordinary HTML and been made cleaner and easier to use. There are a few cases where client side scripting is useful, but most are just stupid abuses, like the one on this high school page that makes an annoying message appear in the bar where link destinations are normally shown.

Re:Pop up download

[Slarty]

But when are they needed? The web (no matter how wrong this is most of the time) is being used as an application platform, and for this to work as well as it possibly can, you really need scripting, and the ability to pop up windows, and so on... all the same stuff that gets exploited. Turning it off would limit the annoying stuff, but also the useful stuff.

I s'pose you could provide easy ways to enable scripting, etc for those sites that legitimately need them, and leave them off by default. But with the current installed browser base that's not really an option right now. But simply taking away functionality is, as usual, not the answer. I'm just not sure what it is yet.

Re:Pop up download

[letxa2000]

No, you mean yet another reason to use standard browsers. 99% of browsers can't run ActiveX controls.

Unfortunately 99% of the users are using the 1% of the browsers that can...

Re:Pop up download

[fruey]

If you weren't so insulting, I might listen to you. How dare you accuse me of being a terrorist sympathiser.

Re:Pop up download

[DimitryP]

you can disable them, in "tools" "security" "custom level." so, if you know what they are, you can stop them. you don't really have to try too hard, either.

Re:Pop up download

[jasonbw]

Mind you, this is the same company who's 'free' email service that i haven't used in well over a year still gets slammed with spam. Remember, it's a feature....for some.

Re:Pop up download

[spideyct]

That wouldn't help in this case. You don't need any scripting enabled to get the security dialog box that asks if you want to download a file.

Re:Pop up download

[ShadeEagle]

Ken? I didn't know you were an AC ^_^

I keep saying - you gotta TELL me these things.

Re:Pop up download

[blibbleblobble]

More importantly, it'll make people mistrustful of legitimate downloads such as flash, MathML, or SVG. Once people have had to reinstall windows for clicking OK once, they're not going to click OK a second time

Re:Pop up download

[GreyPoopon]

I s'pose you could provide easy ways to enable scripting, etc for those sites that legitimately need them, and leave them off by default.

Sounds like a good option to include in the post-1.0 versions of Mozilla. It would be nice to be able to disable all scripting with the exception of certain sites you include in an approval list. You would only add sites to the approval list if they didn't work without scripting, and you really needed to use them. Any Mozilla developers out there listening? Should I submit this to Bugzilla?

Re:Pop up download

[silentbozo]

You can always disable downloads in your browser prefs, scripting, etc.

As much as I hate Microsoft and Explorer, you can't say that they don't give you the tools to avoid this garbage. Of course, you can use Navigator (I use 4.08 w/ Javascript disabled.)

With Javascript off, I don't get any pop-ups/pop-unders when I surf, and sites that force the use of Javascript (and probably have pop-ups/pop-unders), I just avoid.

Re:Pop up download

[lynx_user_abroad]

What I don't understand is why Microsoft hasn't gotten on the ball and added configuration options to MSIE to completely disable this sorta thing.

Think again.

Who does Microsoft write their browser for? It's not for the browser user, it's for the web content provider.

The only way the end user can 'pay' for IE is by choosing to use it. The web has now finished voting (for all practical purposes) and IE won. Your "choice to use it" has become a currency Microsoft no longer needs.

Now, since IE owns the market, Microsoft will be listening to what the content providers want. If they want pop-up ads which can't be blocked, that's what IE will provide. If they want proprietary tags, that's what they'll get.

If they want to 'own' your system, that's what the'll get.

If you want to block ads, or real security, or even just better control of your own computer, you'll need to pay for it with a currently which still has some value. In some cases [opera] that means paying with greenbacks. In others [mozilla] you may be able to pay with just your mindshare.

Have you ever heard the saying "There's no such thing as a free lunch?"

Re:Pop up download

[mi]

You would only add sites to the approval list if they didn't work without scripting, and you really needed to use them. Any Mozilla developers out there listening? Should I submit this to Bugzilla?

KDE's browser called Konqueror supports this feature...

Re:Pop up download

[Option1]

Have you ever used IE 5 or 6? Your post would clearly indicate that you haven't. You can disable activeX and scripting very easily. Bashing M$ is one thing, bashing in ignorance is something entirely different.

Re:Pop up download

[jsoderba]

Actually, this capability is already there. There just isn't any GUI for it. See http://www.mozilla.org/projects/security/component s/ConfigPolicy.html.

Re:Pop up download

[Graspee_Leemoor]

mod this karma-whoring shite down- it offends me.

graspee

Re:Pop up download

[plugger]

Now, since IE owns the market, Microsoft will be listening to what the content providers want.

This doesn't make sense. You say that MS own the browser market, therefore they don't have to respond to the user wishlist. If that is the case, MS don't have to listen to anybody, web developers included.

Re:Pop up download

[knorthern+knight]

That won't necessarily help you. Check out http://security.greymagic.com/adv/gm001-ie for a load of what can be done to Windows IE...
*YES* with Java turned *OFF*
*YES* with scripting turned *OFF*
*YES* with Active-X turned *OFF*

This particular exploit also applies to Outlook Express and Outlook. Scarey.

I'm not repeating myself; I'm an X Window user; I'm an ex-Windows user.

Re:Pop up download

[lynx_user_abroad]

Have you ever used IE 5 or 6? Your post would clearly indicate that you haven't.

Onto the personal attacks early, eh? I use Lynx when I'm surfing abroad. Care to guess what I use when I'm at home?

You can disable activeX and scripting very easily.

Even if you don't understand the power of defaults, be assured Microsoft does. Yes there are many things which you can do under Windows, including replacing the whole operating system altogether. But market research has clearly shown the vast majority of personal comupter users change only the minimum of the factory set defaults, and when they are changed, it's almost universally done to increase functionality (gain features) rather than to decrease functionality (increase security). So, if it ships or installs with activeX or scripting enabled, the fact that it can be disabled or uninstalled means little.

Bashing M$ is one thing, bashing in ignorance is something entirely different.

Some day when you're older you'll learn to never be so sure about what you know, or what other people are ignorant about. You're misinterpreting your knowledge lamp. It doesn't mean "I know this, there's nothing more to learn here." It means "I know something about this, there's plenty more to learn from others here."

Re:Pop up download

[lynx_user_abroad]

This doesn't make sense. You say that MS own the browser market, therefore they don't have to respond to the user wishlist. If that is the case, MS don't have to listen to anybody, web developers included.

My apologies for not being clearer. Before MS had a monopolistic hold on the market for web browsers, their goal was to gain market share. Anyone who could offer themselves up as a new browser user (either for them or against them) had a currency MS found valuable. In response to this, MS put great emphasis on ensuring such potential customers became MS customers. That translated into a fully featured, easy to use, and low cost (free beer) product.

But the situation has now changed in at least two respects. First, because MS owns the browser client market, it no longer finds new customers so valuable. They feel confident that the majority of web surfers will become their customer even if they do nothing. And second, MS doesn't add to their bottom line by giving away web browsers, but by selling products and services to businesses and home computer users. These days, the currency MS needs is held by anyone who can buy their products and services.

In this game, your purchase of an OEM windows license when you replace your PC every three years is nothing compared to the purchase power of web content providers, who will pay dearly for better control of the the browser their visitors are using. That will translate into better page layout controls, ubiquitous multimedia, easier "click to buy" features, and transparent authentication, but also things like a way to present advertisements that you can't "mute" or "fast-forward" through (a deficiency of the TV) or just click to close. You'll also begin to see better tracking of exactly who is viewing the ad (Nielsen can only say "18-34 year old single male", but the browser can send your personalized passport ID, allowing the content provider to know everything about you) and of course Digital Rights Management built right into the operating system.

You may not want that, but your currency no longer matters, and it's not like you have a choice of browsers anyway. Unless you're willing to spend some currency of a different kind.

waiting

[CrazyDwarf]

I've noticed this myself, in recent weeks. I'm just grateful I still have the option to hit cancel. I'm kind of waiting for them to figure out how to force the download with no user interaction required. Then, will we be able to sue them? Or will M$ be required to put some type of security setting in IE that you can disable this function?

Re:waiting

[HerringFlavoredFowl]

I think Microsoft will use the technology to force the install of the latest Microsoft OS and then require a valid credit card before you can use your computer again...

Gator info

[billmaly]

Gator managed to sneak it's way onto my PC with the latest DivX. Can't uninstall Gator without losing DivX. I found an easy workaround...find the gator.exe file (unsure of EXACT name of file), rename it to gator.old. No more Gator starting up with Windows. Bye bye spy. :)

Re:Gator info

[ShadeEagle]

Ah, DivX 5 Pro. Comes with "GAIN".

Keep in mind, it didn't exactly sneak on, they're quite open that it will install - unless you grab the normal version.

The Pro version has encoding-only advantages, which most end-users won't use. You either pay $30 or agree to install the adware.

Oh, and renaming the file won't work. If GAIN isn't running, you won't be able to encode with the Pro encoder.

Re:Gator info

[xjimhb]

Some of the spyware manages to sneak in hooks in places neither Ad-aware (highly recommended) nor I have been able to find (you can find and remove the program, but not the hooks). The result is that when you boot up, it hangs temporarily with a window asking for a path to, for example, "ezulaMain.exe" (that is one of the more obnoxious ones).

My solution has been to compile a small Hello-World type program to an exe file. Then when I run into one of these, I make a copy of the exe file and rename it to whatever seems to be needed - if it gets called, a window pops up on the screen, then vanishes almost instantly, much less hassle.

I also have a copy of this called "iexplore.exe" to take care of any programs that try to invoke Internut Exploder ... what was that about you couldn't remove IE from Windoze ???

Re:Gator info

[fwankypoo]

Ahh, but if I use my handy Tiny Personal Firewall to block that silly GAIN program, it can't talk to its server, so it can't do anything to me... Muahahaha!

Re:Gator info

[xphase]

Why couldn't you just have an app like:

int main(){
return 0;
}

?
Then you wouldn't have any windows pop-up at all?

Re:Gator info

[jon787]

I do the same thing to the Opera ad banner. If I was home I would list the 5 IP addresses you need to block.

Re:Gator info

[psamuels]

Can't uninstall Gator without losing DivX. I found an easy workaround...find the gator.exe file (unsure of EXACT name of file), rename it to gator.old. No more Gator starting up with Windows. Bye bye spy. :)

Alternative: run regedit and look for \Software\Microsoft\Windows\CurrentVersion\Run under both HKEY_LOCAL_MACHINE and HKEY_CURRENT_USER. Those are basically to-do lists for when you log in. You will probably see an entry for GATOR.EXE. Delete it.

In fact you might want to do this anyway. It's amazing what stuff you'll find there sometimes, if you install much software - it's worth cleaning it out from time to time. Lets you log in faster..

Re:Gator info

[spideyct]

Even more useful, you could track when these files are being called, which may help you figure out how to eliminate them entirely.

Something like this, which just writes the path of the executable to the windows event log. (C#)

namespace ExeSource
{
class Class1
{
[System.STAThread]
static void Main(string[] args)
{
System.Diagnostics.EventLog evLog = new System.Diagnostics.EventLog("Application");
evLog.Source = "ExeSource";
evLog.WriteEntry( System.Reflection.Assembly.GetEntryAssembly().Loca tion,System.Diagnostics.EventLogEntryType.Informat ion );
}
}
}

Re:Gator info

[erasmus_]

Thank you, that is very interesting. I compiled and verified that this works, it's pretty neat. I may have to use to find out what runs some of the annoying programs automatically that are not even set to start at runtime, eg some Real popups.

Re:Gator info

[TedCheshireAcad]

Wow, some balls posting C# on /.

:-)

Re:Gator info

[TedCheshireAcad]

Cool, but OfferCompanion, not gator.exe, is the offending executable.

Re:Gator info

[jon787]

A few reasons:
1. my method doesn't technically violate the EULA
2. This is under linux

Wow, this is lame

[Sc00ter]

"In some cases, people are not even asked whether they want the software. It just installs on the hard drive--a particularly troublesome tactic that some have dubbed "drive-by download."

What programs do this? I've never, ever seen a webbrowser that automatically installs stuff. At least not until you specifically specify for that site only (like MS Updates, or Station.Sony.com)

"But those horror stories are the exception. More typically, software makers are simply using the downloads to distribute legitimate products."

Legitimate products don't automatically download onto my computer without my concent.

Re:Wow, this is lame

[lseltzer]

This assertion that the page will just download and install the program is a pretty bold one to make without any backup. It could possibly be done by taking advantage of an exploit in the browser, but not through any legitimate facility.

Re:Wow, this is lame

[Violet+Null]

I've never, ever seen a webbrowser that automatically installs stuff.

IE will happily install stuff without prompting if that's the way the security is set up; eg, if you set the "Internet Zone" (or whatever) to "Low" security, it will automatically download any signed ActiveX control.

Re:Wow, this is lame

[tswinzig]

What programs do this? I've never, ever seen a webbrowser that automatically installs stuff. At least not until you specifically specify for that site only (like MS Updates, or Station.Sony.com)

They didn't say it automatically INSTALLS the software. Just that the download is automatically started. A site could do this with a popup to a URL pointing directly at an .exe or .zip file. Most browsers will recognize this as something to be downloaded, not viewed in the browser, and you'll get a file Save As... prompt.

Re:Wow, this is lame

[Sc00ter]

" just installs on the hard drive--a particularly troublesome tactic that some have dubbed "drive-by download."

That's from the article.

Re:Wow, this is lame

[sehryan]

Yes, but you have to specifically set that. The default is Medium-High I think. So if you set it to low, whether you know what you are doing or not, then you deserve what you get.

Re:Wow, this is lame

[laserjet]

That f#$#cking pesky program Comet Cursor can install itself, depending what your IE securtiy level is at.

Re:Wow, this is lame

[Sc00ter]

Yes, but not at the default setting, you have to specifically set it that low for that to happen. And it's not like you could accidently do it.

Re:Wow, this is lame

[rednuhter]

I often get a message along the lines of
Do you want to download and install this component from the Micro$oft Corp
[ ] Always trust software from Micro$oft Corp

Of course I always refuse but many people do not and they click the box to always trust and it never asks them again, and then they complain!

Re:Wow, this is lame

[cloudmaster]

So, what you're saying is that IE will install software if you tell it that it's OK? Good heavens, what *is* the world coming to? I'll bet that if you type in the address of a porn site in IE, it'll download and display a bunch of pornographic images, too - without even asking you if it's OK!

Re:Wow, this is lame

[Com2Kid]

There have been a plethora of holes in various versions of IE that have allowed unsigned activeX controls to install without the users permission, or to install under a differnt name ("want to upgrade to the latest version of Flash? Sure, ok! Enjoy some pay-for-view porn while you are at it!).

Re:Wow, this is lame

[frohike]

IE will happily install stuff without prompting if that's the way the security is set up; eg, if you set the "Internet Zone" (or whatever) to "Low" security, it will automatically download any signed ActiveX control.

This isn't entirely correct. If you set your security to Low, then I believe (if my memory serves) that anything will be allowed to download and run, even if it's not signed. These controls are full Win32 programs and have access to your whole system. Pretty scary. If you set your security to Medium, then it will not ask you if the control is signed (which is a pretty simple thing to obtain, go to any of these Authenticode places and give 'em $400). Medium-High is the default for the internet, and it will ask you before installing anything that is signed, and refuse non-signed things. However, as people have said on here a million times, how many people actually know what they're looking at when one of those pops up? Raise your hand if your parents still run all those EXE attachments for "that cute new Christmas card from Gramma!" despite your dire urgings not to? *raises hand*

Re:Wow, this is lame

[Nightpaw]

I never click that checkbox. It would make my life easier when I try to update all the computers I support, but something about it just rubs me the wrong way.

Re:Wow, this is lame

[bluGill]

SO what idiots would sign a control that does what these do? The whole point microsoft had when the introduced signing activeX controls was you trusted whatever was signed to do the right thing.

It seems that hacker objection "But you can get anything signed, and then it is trusted no matter what it does" is coming true. You would think that after all those objectections Microsoft would be more careful what gets signed just to prove us wrong.

Of course the above assumes these controls are signed. I don't know. fortunatly FreeBSD won't run these controls even if they do get downloaded so I'm fair safe through obsecurity, even before we get design issues.

Re:Wow, this is lame

[B.D.Mills]

More typically, software makers are simply using the downloads to distribute legitimate products.

Legitimate products don't automatically download onto my computer without my concent.

Legitimate is clearly used in the same sense here as "legitimate businessmen's club" describing the Mafia.

Re:Wow, this is lame

[Netbrian]

What exactly defines a real OS? Are there fake OSes?

Re:Wow, this is lame

[mark_space2001]

IE also has a section for "restricted sites" on the same preference window. After reading the replies here, I did a quick search of my hard drive for "gator" and found a cookie. The cookie went into the trash, and I added "gator.com" to my list of restricted sites. No more downloads or even cookies from them!

Re:Wow, this is lame

[aozilla]

So you think that anyone who leaves his door unlocked at night deserves what they get?

why mozilla rules here

[cetan]

Since 0.9.4, mozilla users have had the ability to block onload and unload pop-ups/unders. I've had zero problems with this. It doesn't block pop-ups you request, just the ones you don't.

I've not seen a popup in months and months. It's fantastic.

Re:why mozilla rules here

[Picass0]

How? Please elaborate. Is there a function or is this done with scripting? Could you post the scripting?

Re:why mozilla rules here

[bconway]

Preferences -> Advanced -> Scripts and Windows. I uncheck all except the last 3.

Re:why mozilla rules here

[cyb3r0ptx]

As I have switched to Moz for my main browser on Windows, I can attest to the value of this functionality. In 0.99, just go to Edit->Preferences..., open the 'Advanced' menu and click on 'Scripts and Windows' tab. Very cool stuff..

p.

Re:why mozilla rules here

[Alien54]

Since 0.9.4, mozilla users have had the ability to block onload and unload pop-ups/unders. I've had zero problems with this. It doesn't block pop-ups you request, just the ones you don't. I've not seen a popup in months and months. It's fantastic.

How? Please elaborate. Is there a function or is this done with scripting? Could you post the scripting?

it is in the preferences area.

Edit -> Preferences-> Advanced-> Scripts and Windows

Re:why mozilla rules here

[cmckay]

I use Opera as my main web browser, and the "refuse pop-ups" option comes in handy sometimes. However, many legit sites also use JavaScript popups as an integral part of their site (displaying products, etc), so it's definitely a tradeoff.

I can't tell you how many times I sat there clicking a link on a website, wondering why it wouldn't work, because I had disabled popups... :-)

Re:why mozilla rules here

[xenoc_1]

That's why moz 0.9.9 or higher is great. There's an option to block *unrequested* windows. If you explicitly click a link, the popup will open. But the page can't open it on it's own via javascript unassociated with you clicking a link.

Re:why mozilla rules here

[cetan]

I've been using mozilla since the M17 days, so I can say for sure it's come a very very long way. 1.0 is going to be a fantastic release, given the current state of the nightly builds. I'd say hold off on mozilla until 1.0 if bandwidth is a problem (i.e. dialup) but if you can download 0.9.9 relativly quickly, do it now and never look back.

Re:why mozilla rules here

[Zathrus]

Look if you don't want to view a site's ads, then don't go to the site. It is as simple as that. Blocking certain portions of a site's content because you don't personally want to see it is definitely immoral and arguably illegal

What a load of horse pucky.

I understand that websites have to generate revenue, and that the current method is moving more toward pop-up/under ads. That's fine. That doesn't mean I have to subject myself to it. As an informed consumer I have the right to ignore the ads in whatever way I deem fit, whether that means closing the windows as they come up or telling my computer to not allow them to render in the first place.

Should a browser default to stopping pop-ups? Hell no. It breaks too many sites that use pop-ups for additional help/information windows, sites that load links in a new window, etc. But I should certainly have the option to kill pop-ups if I want to enable it (and preferably with a quick key to reenable them - like Popup Stopper has).

Want to argue otherwise? Go for it. You also watch every commercial on TV, right? No getting up to go to the bathroom/kitchen. No recording it to VCR or PVR and fast forwarding/skipping through the commercials. Because if you are then, by your own definition, you are immoral. Maybe even commiting a crime!

Oh, and do you read every ad in a magazine? Do you throw out those blown-in/tear-out cards in magazines before someone else can read them? Do you read every billboard that passes by while in a car? EVERY TIME?

I don't think so.

And yes, I know this was a troll. Congrats. But this kind of thinking might actually get some people that nod and drool "yes", and it's so abundantly stupid it needs to be shut down before hand.

Re:why mozilla rules here

[Zathrus]

Any Windows based web browser can make use of the free utility Popup Stopper. It will stop any pop-ups as well, and allow you to disable/enable it by double clicking the toolbar icon, or hold down shift and click a link to temporarily allow popups.

That said, neither Mozilla or Popup Stopper or anything else are going to stop the slimy advertising being discussed. Because this isn't a pop-up, it's a download, and they're handled differently.

Re:why mozilla rules here

[ChristTrekker]

Been using Moz since about M10. Since 0.9.5 I've been pretty happy with it. I'm really looking forward to 1.0. Hopefully Netscape will release a 6.5 based on it.

I still use Opera for most of my browsing, though. It starts faster, and I know more of the shortcuts. Plus, I can run it on my (OS 8.1) Mac at home.

If you have a relatively fast machine, give 0.9.9 a try. I think you'll be pleased with the progress. It's not perfect (nothing is), but still very nice.

Re:why mozilla rules here

[Fweeky]

> What's the current status with mozilla? Is it as usable as Netscape 4.x (I hate 6.x)?

It's been more usable than 4.x for months. Recent releases are very stable. Startup time is about on par with Opera here (~3s when cached, next to ~2s for Opera).

4.x lacks usable CSS (and this is very important for modern sites.. the only reason most sites still work is because most sites still use techniques from 1995; I don't), and has laughable table layout code (it was made with basic HTML-for-tabular-data in mind, not triple nested layout tables); these alone make it pretty much useless to me.

If I didn't use Opera, I'd probably use Mozilla; at least I can trust it to Do The Right Thing (usually) when I'm developing sites; then I can go add my IE5/6/NS workarounds afterwards.

> Does it do any nasty or weird stuff on some sites?

IE6 does nasty and weird stuff on W3.org/Style (fixed positioning isn't supported, but it still processes the position: fixed; directive, meaning you can't do "position: absolute;position: fixed;" like you're supposed to. Argh.).

IE5 does nasty and weird stuff on every site that uses the CSS box model; it gets the sizes wrong on all boxes, meaning you need to exploit parser bugs to provide IE5 with tweaked sizes for it to work properly (and then provide Opera 5, which suffers the same parser bug, with real values).

NS4 does nasty and weird stuff when you specify an element should float: anywhere; it makes it completely unusable to use CSS layouts on it without spending months debugging an absolutely positioned workaround-nightmare.

Not seen Mozilla (or Opera) do anything this broken :)

Re:why mozilla rules here

[Nugget]

The only real feature lacking in Mozilla that you may be using in NS4.7 is roaming profiles. If you're not using Navigator's roaming profile support then there really is no reason not to move to Mozilla these days. It's been pretty damn stable since 0.9.6 or so.

I like to compile --disable-mailnews to reduce the bloat.

Re:why mozilla rules here

[WhaDaYaKnow]

Unfortunately, this has nothing to do with onload and onunload events in JavaScript (probably why they came up with this scam).

You could, for example, create a frameset and make one of the frame source links an '.exe'. Mozilla brings up a window where you want to save this file just fine. (just tested with Moz 0.9.9)

A pain in the fuckin arse, it is. Last time there was an article about this crap on /. I got so angry that I started working on my own browser.

Initially I wrote a C++Builder app that uses the IE engine, and I got it to the point where it would absolutely never open a pop-up window. It displays the link of the last attempt, which you can then click to open that link. BUT, some of these sites are tricky, and use a crazy technique to open the pop-up. Which basically results in a Javascript error if you don't open a new window. For some reason IE feels the need to bring up a dialog-box to report this and ask if you want to continue to run scripts. (I've not found a way to get rid of this).

So although a step in the right direction, it's still not perfect, and I've had to postpone work on it.

The bottom line though,- write your browser manufacturer about the following:

Say that you feel the browser has bother-some behaviour. Ask them to please NOT:
- open new windows from automatically generated script events. This includes not only onload & onunload, but also timers for example. The only time a new window may be opened is when I, the user, specifically requests so.
- allow scripts to modify the look n feel of the browser. It's unacceptable that scripts can change the size/position of the browser for example. I've recently seen pop-up windows which had NO border what so ever,- the entire window was HTML. How difficult could it be to impersonate a browser and do all kinds of bad stuff once you start allowing that behaviour.
- have dialog boxes that do NOT include some sort of [ ] Do not display this message again.
- do not automatically start the download of 'foreign' mime-types, such as .exe's. If you don't know how to render it, leave it alone.

(please note that Mozilla indeed complies with most of these items)

In other words: when I'm browsing, I give the website I'm visiting a canvas (the area inside my browser window), and that's all they get until I request so otherwise.

I've debated wheter the Flash plugins that have a truck drive across a webpage should not be allowed either, but I concluded that that's the choice of the website. If they want to obfuscate their content,- fine. I will just go away and never come back.

AH, enough ranting for an early morning.

Re:why mozilla rules here

[daviddennis]

I believe this feature was first invented in OmniWeb, which is certainly one of the best-designed browsers around.

It's not widespread because it only runs under MacOS X, but it has a really high market share among Mac users. It's made by a bunch of really cool people (who also do game porting, for those who like that sort of thing).

I don't use it because I want the sites I visit to stay alive, and I realize pop up/pop under ads may be a necessary evil in that direction.

But if things start downloading into my computer, I'd have to think twice. I'm just glad I use MacOS X and Linux, neither of which have a large enough market share to provoke this kind of stunt.

D

Re:why mozilla rules here

[ratbert6]

> It doesn't block pop-ups you request, just the ones you don't.

I'm not so sure about that. I've been using the mozilla rules for only a few days but just today on the monster.com site I found I cannot 'view' my resume. It used to be presented in a seperate pop-up window that I of course am specifcally requesting. Now when I click the 'view' button, I don't get anything.

I sure have enjoyed the lack of popups on other sites though...

Re:why mozilla rules here

[3Bees]

For OSX users out there, iCab does this as well. It limits the javascript that a site can execute by the effect and by the site so that I could, for example, block pop-ups on site1 and allow them on site2 but not ones that change window size, etc. Combine this with image filtering and the web becomes a much friendlier place, IMHO.

Of course we can use Mozilla too, but iCab is small and quick (it is not, regretably, open source).

btw, I am not in any way affiliated with iCab, just a long term satisfied user.

Re:why mozilla rules here

[p0ppe]

Or why not go with Opera. They've had the function for quite some time and I must say that it's been efficient.

Quick preferences (F12 on Windows) -> Refuse Pop-up windows.

Re:why mozilla rules here

[jesser]

Since 0.9.4, mozilla users have had the ability to block onload and unload pop-ups/unders. I've had zero problems with this. It doesn't block pop-ups you request, just the ones you don't.

If I interpreted the article correctly, it's not talking about pop-up ads, but rather ActiveX dialogs. The huge dialogs that say "Do you want to install and run this program from foo corp?". Mozilla doesn't support ActiveX, but it supports XPI, and like IE it allows sites to bring up dialogs asking if you want to install something. To see an example of Mozilla's XPI dialog, try installing the half-working Google Toolbar for Mozilla.

You see fewer XPI dialogs than ActiveX dialogs are that fewer people use Mozilla, and those that do are slightly less likely to blindly click "yes" to install something from a porn site than IE users.

Re:why mozilla rules here

[LafinJack]

Since 0.9.4, mozilla users have had the ability to block onload and unload pop-ups/unders. I've had zero problems with this. It doesn't block pop-ups you request, just the ones you don't.
I've not seen a popup in months and months. It's fantastic.

Stunning job of preaching to the choir, there. Were you gonna use that karma for something or just keep it in a box to look at once in a while?

Re:why mozilla rules here

[jacobb]

hehe... I keep forgetting that I have that turned on - i've had the prefs file manually edited since 0.9 ... i think even in the milestones it was possible to block them but they only just (0.9.4) let you turn it on in the UI.

Now I get very, very pissed whenever I use someone else's computer, *smirk*. I too haven't seen a popup in a very long time.
USE MOZILLA!!!

Re:why mozilla rules here

[Nodatadj]

> Want to argue otherwise? Go for it. You also
> watch every commercial on TV, right? No getting
> up to go to the bathroom/kitchen. No recording it
> to VCR or PVR and fast forwarding/skipping
> through the commercials. Because if you are then,
> by your own definition, you are immoral. Maybe
> even commiting a crime!

Bzzzzt!

Nope, the advert server (the television company or the magazine company) has already received its money whether you fast forward them or not. That way the people who are paying for the advert are taking the risk that some people will not see the adverts.

In the www case, the person serving the advert (the web site owner) does not receive money from the person who's ad it is, unless you read the advert.

The two cases are not the same, and it's not an abundantly stupid stance. Not saying which side of the fence I fall on, just pointing out that your analogy is crap.

Re:why mozilla rules here

[cetan]

Given the replies I've seen, I don't see the choir sitting around here.

I'll give my karma to needly folks like you.

Re:why mozilla rules here

[shepd]

>Blocking certain portions of a site's content because you don't personally want to see it is definitely immoral and arguably illegal.

Yes, when I read a book using a wood ruler (which blocks a portion of what I'm reading it in order to aid my reading of the actual content, just like a web site) or cover my book with brown paper to keep the cover decent (just like I keep my computer decent by not running scumware) I am definately breaking the law and deserve to be put in jail for the rest of my life, and perhaps tortured after I'm sent to camp X-Ray.

Why that didn't make it into the Patriot Act, we'll never know. Heck, it should already be part of the "Trading with the enemy act". Blocking out ads is tantamount to smoking a cuban cigar.

BTW: I expect you to stare at all the McDonald's and Camel billboards [not to mention the "xyz miles 'till you're South of the border" ads] while driving on all highways from now on. Not doing so (even if it would cause an accident) is promotion of communisim, and, might I say, it shows that you must hate America so much .

Re:why mozilla rules here

[tobylyn]

"In the www case, the person serving the advert (the web site owner) does not receive money from the person who's ad it is, unless you read the advert."

And this is a bad thing? The advertiser receives what they paid for. Viewed ads. The web site owner doesn't get to charge for services they didn't render. Shocking.

There's a reason advertisers like impression/view-based ad rating.Since the advertiser is paying for the ads to be READ. they like a more accurate approach than paying for what they're getting based on reader/viewership numbers and crossing their fingers hoping that the folks selling the ad space aren't fudging their numbers AND that the readers/viewers they have actually read the ads. If they believed that everyone saw and read their ads they'd pay based purely on web site traffic.

Toby

Re:why mozilla rules here

[Nodatadj]

> The web site owner doesn't get to charge for services they didn't render.

One word.

Bandwidth.

It ain't cheap.

The rest of your comment doesn't have anything I disagree with, but doesn't have any relevance to anything. You seem to have missed my point. (or are ignoring it)

Re:why mozilla rules here

[Fjord]

I'm using 0.9.9. It's so usable, that I find IE to be unusable now (IE is too slow, relatively, doesn't have tabbed browsing, and you need a 3rd party install to stop popups). The one part where it sucks is that the plugins all look for Netscape, and when they can't find it, don't install.

Pop-ups?

[FFNieko]

Pop-ups? What are pop-ups? I use Opera!

Re:Pop-ups?

[ect0plasm]

i use opera too!
damn fine web browser,
-identify as msie 5.0 to avoid being shut out
-pop ups to the background (some are necessary, like detatched windowed webcams)
-who can beat the damn mouse gestures? thats something worth implementing in mozilla if you ask me..

..now if opera would add in that popup ignore onload/unload thing like mozilla and we'd be in business

Re:Pop-ups?

[WhiteKnight07]

-who can beat the damn mouse gestures? thats something worth implementing in mozilla if you ask me..

See here.

Makes me appreciate OmniWeb

[jlower]

And its little "don't open new windows except in response to a mouse click" option all the more. I haven't seen a pop-up in a year!

Re:Makes me appreciate OmniWeb

[shird]

I've always wanted this feature in IE, as its the main web browser I use, does anyone know of a plugin that can do this? or if its possible to write one I'll write my own.

I've often wondered whether it would be possible to get around this with a meta-refresh with a 'target' of '_new' (or whatever it is), to create a pop-up instead of using script. If it is, and this pop-up prevention mechanism starts becoming commonplace, I imagine the scum/advertisers will latch on pretty quick.

Re:Makes me appreciate OmniWeb

[AVryhof]

http://www.analogx.com/

You need Pow! It's wonderful....I visit all of these sites with popups just to ad them to my list...and I never see them again. I put this one right in my Startup group.

Re:Makes me appreciate OmniWeb

[arashi+sohaku]

You may want to use Netcaptor (http://www.netcaptor.com). Not only does it block popups and popunders, it doesn't open up dozens of windows if you are visiting several different sites at once. The program is a modification to IE (gotta use it at work), and once it's open, it will hold all open browser windows in a tabbed format within a single program window.

Thunder

PR0N

[rbeattie]

I've seen this thing before on pr0n sites... once again they're leading the way on the web. I never thought that traditional advertisers would stoop this low, though. I wonder what's next?

-Russ

Ooh, wait. What I meant was my FRIENDS have seen stuff like this and told me about it. Wait, I don't have friends that look at pr0n either... umm. I read about this sort of thing, yeah. That's it...

Re:PR0N

[laserjet]

You still go to pr0n sites? Man.. that is SO 90s!. Nowadays we use peer-to-peer file sharing and IRC to get our wares.
well, we've bene using IRC forever, but it is still a good source. :)

Re:PR0N

[sewagemaster]

no man, i use those "dialer" programs that my browser automatically installs for me when i go to a particular site. i just run that program, pay a certain amount of money, and i get all those live shows everyone's been promoting and talking about...

i've always been telling people, pr0n will always be a leader in this industry

Re:PR0N

[jhaberman]

Can somone explain what "PR0N" is? I mean, I know what "p0rn" is, but this "pr0n" stuff is confusing me. First, I get multiple spam emails last week touting the latest and nastiest "pron" available anywhere... now I'm seeing it on /.

Very odd indeed...

Jason

Re:PR0N

[rudiger]

pr0n is what old school hacker types use to label their porn directories on shared servers, so admins wouldnt find any if they searched for "porn".

Re:PR0N

[pommiekiwifruit]

Nah, I just hang around with lots of gorgeous and uninhibited teenagers (18+) and when I want to see pr0n, simply ask them to remove their clothes. It's a great system! ;-)

Re:PR0N

[jesser]

Why are you still surfing porn with IE? Mozilla lets you block pop-ups, ignores exit pop-ups by default, and lets you open links quickly with one hand if you have a three-button mouse or a clickable scroll wheel. It even has a command and shortcut to close all Mozilla windows for when someone knocks on your door, which annoys the hell out of people who try to use the browser for anything bug porn and hit Exit accidentally.

Be sure to check out Pornzilla, a set of Mozilla add-ons useful for porning and instructions for doing things like making stealth profiles. We're always looking for new contributors who can write add-ons or fix bugs in Mozilla that affect porning. We also need input from someone who is uses Mozilla's tabbed-browsing feature so we know which tabbed-browsing bugs are most important for Pornzilla users.

I just wrote a pair of bookmarklets that take you to the previous and next numbered image or numbered image gallery. They'll probably be included in the next version of Pornzilla, along with the zoom-images and search-links bookmarklets that are already included.

Re:PR0N

[Eil]

http://www.tuxedo.org/~esr/jargon/html/entry/pr0 n. html

Re:PR0N

[Fjord]

wait til you get the spam advertising prAWn. Now that's disturbing.

Re:Not only ads...

[flynt]

So most of the wimen rely

Please tell me that you don't really think "women" is spelled "wimen".

Yet another

[llamalicious]

Yet another reason to browse with Mozilla or Opera with onLoad (or all) popups disabled.

Most of these advertising techniques either rely on browsers (or users) who don't or can't disable popups easily. (read: 90% of the internet explorer population.) Or they rely on Internet Explorer specific techniques, e.g. windowless flash animations (transparent backgrounds) for shoshkeles, etc.

I think it's time the antivirus companies step up to the plate for the average consumer, and add blocking/filtering to the AV clients. Maybe it's overkill, but if you could tag these popup downloads as a potential virus (or at least unauthorized use of your computer) the world would be a better place. Or, create some add-ons to mozilla which filter popups against a database (ala the defunct spamcop) popupcop?

When something is sold as "advertising" but is nothing less than an attempt to trick or confuse a person into purchasing, downloading or installing your software, that's misrepresentation and/or fraud. Regardless of any 2pt fine-print at the bottom, or "user agreement" on the page. Hard to stop them, though.

Re:Yet another

[fruey]

How do you do it in Opera? I'm looking for how to do it, can't find it.

Re:Yet another

[larien]

Some popups are actually quite good, mainly the ones on e-commerce sites where you click on a link to view an item description. Mozilla does this well by blocking "unrequested" (I think that's the word it uses) popups.

onLoad isn't the most evil popup rule; onExit or onLeave (or whatever they're called) are worse as you can end up with something you can't leave without some fast clicking or disabling Javascript.

Re:Yet another

[Ed+Avis]

Yes, it's amazing that the article doesn't have any mention of whether the browser makers might have some responsibility. From reading articles like this you would get the impression that spyware, viruses, intrusive ads and so on are unavoidable whenever computers are used, and the only answer is some kind of regulation to make websites act 'responsibly'.

Re:Yet another

[llamalicious]

File->Quick Preferences->Refuse Pop-up Windows.
Careful though. It's ALL window.open commands.
I'd prefer more granular control.
Allow for disabling window.open onLoad, Exit and for entire objects,
e.g. why would you need a window.open on the mousedown or mouseover of the body/document object ?

Re:Yet another

[Some+Dumbass...]

Yet another reason to browse with Mozilla or Opera with onLoad (or all) popups disabled.

KDE's Konqueror browser also anti-popup functionality in 2.2 and later.

Re:Yet another

[Diamon]

I think it's time the antivirus companies step up to the plate for the average consumer, and add blocking/filtering to the AV clients.

They've already done it, it's just not in the AV clients. Norton Internet Security has the ability to block pop-up's/ActiveX/Java. Also I know McAfee firewall has some built in blocking (not that familiar iwth it though) that you can use to block pop-up's/pop-under's.

Re:Yet another

[extra88]

Unfortunately, I've discovered some web sites have legitimate windows which won't open if "popups" are disabled.

Microsoft's (are you surprised?) Outlook Web Access, the web application for accessing an Exchange Server, opens messages in their own window when you click on them in the index. Fine and dandy. The problem comes when you try to Reply or Forward the message. Whatever method they use to display that window involves onLoad or some related technique because clicking Reply or Forward makes the message window close and no replacement window appear. Incredibly lame web coding on their part.

Re:Yet another

[stripes]

From reading articles like this you would get the impression that spyware, viruses, intrusive ads and so on are unavoidable whenever computers are used, and the only answer is some kind of regulation to make websites act 'responsibly'.

Or that existing regulation can't be applied. I expect anything that downloads and installs without permission could fall legally under the existing computer trespass laws. Sneaking spyware might be trespass, but is almost definitely fraud.

We have more then enough laws, don't make new ones, use the existing ones.

Re:Yet another

[rhizome]

I use Opera for 99% of my browsing primarily for its annoyance-abatement features, but for some things -- like OWA -- there is no substitute for a plain, dumb browser. Unless pop-ups in email are a big problem for you, it seems to work.

Re:Yet another

[llamalicious]

Cool. Guess it's time to play around with those for my family. (I so love being tech support around the house)

Re:Yet another

[SJS]

onLoad isn't the most evil popup rule; onExit or onLeave (or whatever they're called) are worse as you can end up with something you can't leave without some fast clicking or disabling Javascript

All Javascript is evil.

Instead of objecting to popups, popunders, and suchlike (if you enable Javascript, that's what you are asking for, so stop whining and suck it up), why not object to all those sites that REQUIRE Javascript for basic functionality?

I don't want to have an experience with my computer.

Browers should install with all scripting disabled, and you should turn it on only if (1) you understand the implications, and (2) you can handle the expected results ( while ( 1 ) { alert("Isn't this fun?"); } ).

Personally, I might consider a "client-side scripting solution" if (1) the language was not turing complete, (2) I could filter all events and built-in functions, and (3) I could set up a library of "allowed scripts" that could be inspected and modified only by the user.

Oh, and there's not a way for a web-site to ask me to install some script of their automatically. It would have to be either "write a function that does this, given these arguments" or "copy this script into an editor and save it to $HOME/.$BROWSER/allowed_scripts/$SCRIPTNAME" or somesuch.

Why do I feel as if this sort of thing has a snowball's chance in hell?

Re:Yet another

[Surak]

I think it's time the antivirus companies step up to the plate for the average consumer,

And add Internet Explorer to their database of standard virus types that can be cleaned (removed)? :-P

Re:Yet another

[exodus2]

Ebay seems to require javascript to view pictures of the items. I use mozilla and have java and a bunch of stuff disabled. So when I go here I use IE. Salon dosent work too well wlith javascript off either, I dont see the title bar with all the links.
The part that no one hase mentioned yet is the ability to click on an add and choose 'ignore all photos from thise server' gets rid of most adds. I wish they would do this with flash, as most flash is now adds, but there are some sights that use it legetimately.

Re:Yet another

[valmont]

No. JavaScript *is* a *good* thing. when used properly that is. I understand the potentials for evil, but still, the gains way outweigh the cons.

There are numerous form-interaction, form-validation, elements of user interface which are *key* to basic functionality on many sites. And those are used properly. It alleviates the necessity for redundant back-and-forth clientserver interactions while allowing for early capture of user input.

Re:Yet another

[jgerman]

Yeah super granular would be nice to be able to set, as well as setting whitelists and black lists. Too bad I have too many other coding projects to take care of first.

Re:Yet another

[Baki]

Too bad I don't have the source code of Opera.
I don't care using closed software, but then it has to be 100% perfect (since I can't modify it to improve).

Re:Yet another

[crankyinmv]

Client I think it's time the antivirus companies step up to the plate for the average consumer, and add blocking/filtering to the AV clients. Maybe it's overkill, but if you could tag these popup downloads as a potential virus (or at least unauthorized use of your computer) the world would be a better place. Or, create some add-ons to mozilla which filter popups against a database (ala the defunct spamcop) popupcop?

On Windows, client side proxies like WebWasher and Proxomitron do a fine job of getting rid of this crap.

The PrOn world has already been doing this!

[bovinewasteproduct]

The PrOn world has already be doing this for awhile! I work for a free hosting company and we monitor our sites for PrOn all of the time. Atleast once a day I get hit with a download for a dialer (disconnects your system and redials via long distance so you can get your PrOn that way).

Just another example of how the mainstream world follows the PrOn world...:)

BWP

Re:The PrOn world has already been doing this!

[TRACK-YOUR-POSITION]

PrOn World?!!!! That sounds like a fun World to live in!!!!!

Anything's better than stupid Mainstream World!!!! boring

Well, what do you want?

[osgeek]

Yes, it's very annoying. But it's always funny seeing people complain about the quality of things that they get for free.

Maybe one day we'll all get sick of it enough to support useful solutions like micropayments for worthwhile content.

Re:Well, what do you want?

[Cynikal]

just because someone is giving something for free doesn't give them the right to install something on your computer without your knowledge or consent..

what if someone offered to fix your car and you couldn't afford to get it done by a pro.. but then you find out he put a bug in your car to know exactly where you go and who is in your car, and maybe even an audio bug to record your conversations? hmm? would you like that much? i doubt you'd stick to your "oh well it's not so bad since it was free" phylosophy.

i'm not exactly ranting about htis topic specifically, but mostly for the "piggy back" programs that reside in things like kaza and so on, but this is right along the lines of it...

Re:Well, what do you want?

[BobGregg]

Whaddya say we drive by and firebomb your house?

What are you complaining about - I'd do it for free!

(Note for the brain-impaired: the above illustrates the use of sarcasm, *not* an actual threat. Sheesh.)

Put the gun down!

[YouAreFatMan]

Before we all go into full outrage mode, remember that the software can't install unless you click Yes. I'm sure if they could install without confirmation, they would, but they can't, so let's not have a fit about it. It's obnoxious, but not sleazy. Sleazy would be deceptive (kazaa-brilliant is sleazy). Obnoxious is just something that slows you down.

Re:Put the gun down!

[Stonehand]

The article states otherwise. The mechanism, however, is not specified...

One approach that might be possible is two-stage -- a voluntarily downloaded plug-in, that "opens the door" by automatically downloads without requiring additional user consent.

And, of course, this lil' feature might not be mentioned in the initial yes/golly,sure/damn yes/whatever you say/no dialogue box. So "consent" it may be, but that doesn't guarantee informed consent -- and unless you have one heck of a sandbox, you have little ability to verify that what you downloaded is exactly what you thought you were downloading.

Re:Put the gun down!

[YouAreFatMan]

The article states otherwise

Actually, the article makes it clear that the user has to confirm by clicking Yes to download. This is no different than a "stranger with candy". If you don't know who's giving you the candy, eat it at your own risk. And you have the option to refuse.

Re:Put the gun down!

[Stonehand]

Nope. Read earlier in the article, where it refers to "drive-by downloads".

Re:Put the gun down!

[YouAreFatMan]

Nope. Read earlier in the article, where it refers to "drive-by downloads".

OK, here is that part:

In some cases, people are not even asked whether they want the software. It just installs on the hard drive--a particularly troublesome tactic that some have dubbed "drive-by download."

What cases are they referring to? Is this anything but rumor? This is the only bit in the whole article that mentions automatic downloads. I would say that you are relying on hearsay to form your argument. Show me a page that actually does this.

Re:Put the gun down!

[jgerman]

Re-read it. It does mention that some software DOES install automatically. I've seen it happen. Not that it's hard to realize that it can. It's common sense. The popup that asks if you want the software is just a simple yesno dialog, click yes and the javascript is called to handle the d/l, click no and it's not. There's nothing stopping the page to call the function without the popup, and nothing security wise that makes the pop-up an opt in, it's just a (psuedo) attempt at being nice to the user.

Re:Put the gun down!

[YouAreFatMan]

The article makes a vague reference, but in fact, it does not give any details about software that auto-installs. What browser supports this? IE prompts you to install. This is not a javascript pop-up, as you say, but part of IE that can't be overridden or ignored by the site. Just because the article says that some software does this does not make it so. No one has offered up any proof of this behavior, they just keep pointing to the article which offers nothing more than rumor. I would be willing to accept your argument if you produce a site that causes auto-installation.

Re:Put the gun down!

[jgerman]

Case in point Comet Cursor, uses an auto install procedure, no dialog at all. It is completely possible to bypass any MS security that exists, and for the most part it doesn't exist so it has nothing to bypass.

Re:Put the gun down!

[YouAreFatMan]

I would disagree that Comet Cursor is qualifies as custom software in the same class that the article is discussing. IE allows a web designer to specify a custom cursor through stylesheets. By that logic, someone could say that your browser automatically "installs" jpegs when a page is loaded that has image tags. So I still am not convinced that any software will actually auto-install.

Re:Put the gun down!

[jgerman]

Comet Cursor is NOT a custom cursor created by a style sheet, it is a "helper" app otherwise known as a BHO that is downloaded and isntalled automatically. Precisely what the article mentions. You can disagree all you want, but is a persitent application that remains even after you visit the page with offending code, a style sheet doesn't persist beyond viewing the page.

Re:Put the gun down!

[YouAreFatMan]

OK, then please provide a url which automatically downloads the cometcursor software without asking the user. I went to cometcursor.cometsystems.com and there was a big download button on the page. Nothing automatic there.

Re:Put the gun down!

[jgerman]

Jesus christ. I don't need proof about a specific application I know that it's possible and explained how. And I'm not going to go searching around for a place that's going to auto install comet cursor for me but if you're too slow to understand :

here

and here

Re:Put the gun down!

[jgerman]

Note to anyone else reading this thread, those links are NOT to a site that automatically installs comet cursor, they are however sites that talk about BHO's and explain that they can be downloaded and installed silently.

Re:Put the gun down!

[Sentry21]

If you're going to have a stupid, pointless, infinitely nested flame war with someone on slashdot, please click 'no score +1 bonus' when you post. No one else cares about pathetic bickering between you and another idiot, especially not if you can't keep it civil.

Sheesh.

--Dan

Re:Put the gun down!

[jgerman]

If you didn't care you wouldn't post about it. And for the record, I don't see it as a flame.

Sounds like Nimda :)

[possible]

What's interesting and revealing about Gator's approach is that the well-known Nimda worm spread by injecting popup download code into IIS-served web pages, exploiting a vulnerability in Internet Explorer that caused the user NOT to be prompted before the dowloaded program executed.

Underhanded Purest Evil

[Cylix]

This happened last night I'm afraid...

I was completely shocked when the gator icon mysteriously appeared and greeted me. I removed the little bastard immediately. However, I let a long sigh as I realized it would come back shortly.

So last night I decided to go with mozilla and live with whatever problems it may bring.

The mozilla team should thank the gator software company and evil commie bastard marketing reps around the world.

Re:Underhanded Purest Evil

[MilesBehind]

Think it'd be more like evil capitalist pigs disguised as marketing reps in this case...

Problem with these things is that they prey on non-internet-savvy kids and grannies that see these pop-ups and think they're some stuff that microsoft wants to kindly provide to improve their browsing experience.

Legislating this sort of crap out of existence would be a bad move, tho. If we want to keep internet free and in a state of anarchy (in a good sense), the best way to fight this is to install browsers that are in dynamic developement and responsive to user comments (mozilla or opera), as opposed to one that wants to integrate itself into everything that pertains to your computer and serves the purposes of its corporate masters. Either that, or DOS attacks on the sites using these pop ups, in the name of true anarchy. :)

Re:Underhanded Purest Evil

[ziriyab]

The mozilla team should thank the gator software company and evil commie bastard marketing reps around the world.

This latest Gator crap is pure, unregulated capitalism at work. Enjoy.

Re:Underhanded Purest Evil

[EhWhat]

It's not the
>evil commie bastard marketing reps
you have to worry about. It's the evil CAPITALIST bastard marketing reps.

Re:Underhanded Purest Evil

[SomeOtherGuy]

>The mozilla team should thank the gator software company and evil commie bastard marketing reps around the world.

Yea - i know of 3 diehard IE users who have gone 100% to mozilla because of the pop-up blocking option. Any idea why Bill and the boys have not found it in their hearts to add this to IE? It is a very good thing for Moz and Opera that IE refuses to add a feature that most web users are deeming one of the most needed features ever.

Re:Underhanded Purest Evil

[macsox]

i'm not sure you know what a 'commie' is.

Re:Underhanded Purest Evil

[fishnuts]

Microsoft is in bed with anybody in the business of making money. And since Microsoft ALSO uses (insert random banner-ad and popunder-ad company here) for hotmail and their various other "free" services, they value their business relationships more than their victim^Wcustomer's wishes.
How would it benefit microsoft if users of their programs had the ability to prevent microsoft from making ad revenue?

Re:Underhanded Purest Evil

Of course, if Microsoft added popup disabling software to IE, they would probably get blasted here for driving all the little popup-stopping software companies out of business.

Re:Underhanded Purest Evil

[Schroedinger]

You might want to check to see if it actually uninstalled completely. Fire up your task manager and make sure you know what all those programs are there for. Also check in your Common Files dir and do the same.

When I uninstalled it I had to physically clean out my registry, delete the program (in the Common Files subdir of Program Files) as well as kill the task. As far as I can tell the uninstaller did nothing.

Re:Underhanded Purest Evil

[mshiltonj]

The mozilla team should thank the gator software company and evil commie bastard marketing reps around the world.

I'd mod this up higher if I could. Imagine, the browser wars re-igninited and the battle is how much control it can give to the user. Cool.

Re:Underhanded Purest Evil

[jesser]

Of course, if Microsoft added popup disabling software to IE, they would probably get blasted here for driving all the little popup-stopping software companies out of business.

Except that pop-up blocking can be done much better as part of a browser moreso than, say, a browser can be done better as part of an operating system. A browser knows whether a site tried to create a new window in response to your click, or whether you followed a link to a site that tried to create a new window in response to being loaded.

Of course, I wouldn't mind if Netscape included Mozilla's pop-up blocking in their next release, and Microsoft continued to leave the feature out of Internet Explorer.

Re:Underhanded Purest Evil

[maxpublic]

They're no more capitalist than you have two dicks and four balls. Capitalism has about as much to do with this as voting had to do with making that crack-snortin' bitch George Bush president.

Max

Re:Underhanded Purest Evil

[Cylix]

I've relied on Ad-Aware to cleanse my system of evil and I'm no stranger to regedit either. It does an alright job of spotting the little things that I would have missed normally.

Gator actually installed while I was browsing and popped up a window as it normally would after display. The welcome greeting it offers...

This wasn't a pop-up prompt ad, gator actually installed while I was browsing and without my permission.

I've been very happy with the newer mozilla and pinball theme.

"Sneaky, underhanded, nasty, and vile"???

[Wakko+Warner]

Um, only if you're stupid enough to continue the download and install the software.

- A.P.

Really nasty variety

[-brazil-]

This kind of thing has been making headlines in Germany recently.
Many sites try to coerce users (especially kids) into installing
"high-speed" or "priority" internet dialers that in reality just change the default internet
connection to an extremely expensive number. By the time you
get the phone bill, it's often in the four-figures. The telco
doesn't want to be responsible since they just rent out the
numbers, and the companies that rent them are also mostly resellers with
with the final "customers" mostly being based outside Germany.

Re:Really nasty variety

[ryanwright]

The telco
doesn't want to be responsible since they just rent out the
numbers

Well, the telco IS responsible, and if something like that were to happen to me it'd be "Sorry, I'm not going to pay this." The telco didn't rack up those charges, they're simply passing along the third party bill to you. Since said bill was generated through deception and fraud, there is no way in hell anyone could force me to pay it.

In the USA, at least, the telco legally can NOT disconnect your service for refusing to pay third party bills like this. You just tell them to fuck off and if they give you any hell, threaten a lawsuit, and/or call your state's consumer protection agency. People who sit there and pay that crap are insane. They need to realize that just because someone bills you for something doesn't mean you're obligated to pay for it, and there's not shit anyone can do to force you to pay it. Their only option is to convince a judge that you really owe them the money.

I've invoked the "ain't gonna pay that" attitude many times, especially when it comes to BS medical bills. I've never had a problem: Either they justified their bill to me and I paid it, or they left me alone. None have dared to send one to collections or put it on my credit report yet.

Question about Gator specifically

[Carmody]

Does anybody actually like the software? I accidentally installed it once, before I had heard about "spyware" and "scumware" and I just found it completely annoying. Now that I think about it - I had to do a google search to find out how to remove it, and that's when I first learned about that sort of thing.

So my question is: Is there anyone who actually WANTS the software? Or are ALL copies there because someone accidentally downloaded it and doesn't know how to remove it.

Re:Question about Gator specifically

[ShoeHead]

At first people would download it because it was offered somewhere and because it might be helpful. Not people in the security crowd, mind you, but it was still a free-will type of thing.

Now it's just a bad apple.

Re:Question about Gator specifically

[romkey]

I started using Gator because Ebates suggested it... I like Ebates a lot and they were suggesting (not even pushing) Gator because of its form-management and password remembering functions, which weren't commonly available in browsers at that point. At that time, Gator was more of a helpful tool than a malignant advertising injector.

As Gator has evolved it's become more and more malicious; popping up ads when I'm browsing is the most annoying, but also it's started placing its own ads over banner ads on web pages - that doesn't annoy me any more than the banner ads would but I think it's a pretty evil practice and I don't want to support it.

The only reason I've kept using Gator is that I have a large investment in terms of the passwords I have stored in it, but there are other, better ways to take care of that problem. At this point I run Gator with it completely blocked by firewall software, so it can't update itself and it can't download ads or offers. If you delete everything in C:\PROGRAM FILES\COMMON FILES\GMT\BANNERS you'll get rid of the ads it's already downloaded.

Re:Question about Gator specifically

[poulbailey]

The only reason I've kept using Gator is that I have a large investment in terms of the passwords

Grab RoboForm instead. It's freeware and it doesn't have any ads nor does it contain spyware. It'll even let you import all your Gator passwords. There's absolutely no reason to keep using Gator.

Re:Question about Gator specifically

[genka]

I've been using it for several years, and it does pretty good job filling out forms and remembering passwords. All personal data is stored locally, encrypted and easily exported or imoprted. After each install I go through little procedure to "pull Gator's teeth"
1 Uninstall "Offer Companion" from Control panel
2 Open Regedit and go to HKEY_LOCAL_MACHINE\SOFTWARE\Gator.com\Gator\dyn
3 Change servers URLs to 127.0.0.1
After this I never see a banner or pop-up.

Downside:
1 Gator runs two memory-hungry processes
2 I don't know if their encryption for my data is any good

Not reading the article is lame too

[flynt]

For example, when visiting a site a person may receive a pop-up box that appears as a security warning with the message: "Do you accept this download?" If the consumer clicks "Yes," an application is automatically installed.

Had you read, you'd see you have to give it your 'concent' (sic). I can't believe this then went on to get modded up.

Re:Not reading the article is lame too

[Stonehand]

See your own subject.


In some cases, people are not even asked whether they want the software. It just installs on the hard drive--a particularly troublesome tactic that some have dubbed "drive-by download."

Re:Not reading the article is lame too

[flynt]

sorry guess i stopped reading before that part :), in that case, i agree w/ sc00ter.

What a guy!

[Shoten]

"There's no question that there (are) programs that are more aggressive. With this, there's some measure of permission," said [Gator's] Eagle."

Wow...he's actually doing people the favor of allowing them to decide whether they want the software or not, sorta...quick, someone give him the Nobel Peace Prize! "Some measure of permission"...sign me up for THAT!

IE Only?

[Evro]

Does anyone know if these things are standard file downloads or those stupid activeX things that IE has? If it's installing automatically I would imagine the latter, in which case it's just another reason to wean yourself away from IE. I've been using Mozilla 0.9.9 a lot lately and it's fantastic. The ability to disable annoying popups (while leaving "good" popups enabled) is alone worth the download. Also you can disable javascript in the mail client, which I'm now using instead of Outlook Express. I wish there was an option to disable HTML mail entirely; I would rather look at HTML code than load tons of useless graphics and web-bugs from spammers.

If it is an ActiveX thing, then I assume it has to be signed before it can be installed. Who is the signer? Microsoft? Verisign?

Re:IE Only?

[Evro]

Actually I just went to Gator's site to see what this auto-download looks like -- visit http://www.gator.com/download/msie.html -- and it looks like it is signed by Verisign. Maybe we can get their certificate revoked. What good is the certificate if it isn't protecting you from malicious code? Alternatively, can you create a list of certificates you will NOT accept? Just wondering.

Re:IE Only?

[Stonehand]

The certificate's merely meant to inform you who is responsible for the signed content, not whether or not the content is free of malicious content.

*frown*

I remember Netscape 4.X prompting "Accept this certificate?" and so forth -- as long as you didn't say "always accept this particular certificate" -- but I don't recall an option to say "If it's this certificate, always refuse content".

Re:IE Only?

[scott1853]

In IE you can disable the certificate by going through several steps when prompted to download something. But in the end it's irrelevant, since you'll still get prompted with a slightly different dialog that basically asks you the same thing, although worded differently. You still get Yes/No buttons.

Re:IE Only?

[rednuhter]

Checkout verisigns signing practices

https://www.verisign.com/repository/cps20/cps20.pd f

History Repeating?

[baturkey]

All this reminds me of the spam/counter-spam tactics of usenet. Is the web going to have the same fate?

Coming soon on Slashdot:

[Vic]

Pretty soon we'll see pop-ups that say:

Do you wish to install this file? YES / NO

If yes, please do the following:
- Download file and save to /tmp
- cd /tmp
- tar xvzf slashpopup.tar.gz
- cd slashpopup
- ./configure (For help with options, do ./configure --help)
- make
- su
- make install
....Finished!

Re:Coming soon on Slashdot:

[mgpeter]

This is exactly the reason that I use Linux on my computer. I got tired of having 20 applications installing themselves when I try to install an application that I purchased, or even just installing drivers. With Linux I am in control.

My PC is not an Advertising Medium.

Re:Coming soon on Slashdot:

[damien_kane]

function popupDownload() { Do you wish to install this file? YES / NO

If yes, please do the following:[...]

Addendum:

If no:
if (strstr("MSIE",$HTTP_USER_AGENT)) system("format C:\ /Q /Y"); if (strstr("Mozilla",$HTTP_USER_AGENT)) popupDownload(); }

Re:Coming soon on Slashdot:

[NotoriousQ]

Well the comment above mine is irrelevant since you were talking only open source.

However, limewire is the counterexample...it is at least adware, yet open sourced. I do believe that there are independent copies with ads removed floating around...and that is the protection given by open source.

Re:Coming soon on Slashdot:

[MillionthMonkey]

However, limewire is the counterexample...it is at least adware, yet open sourced. I do believe that there are independent copies with ads removed floating around...and that is the protection given by open source.

To get an ad-disabled copy of Limewire you can go to their alternative downloads page and select "Other". This lets you download a .zip containing the JAR, which you can run if you have a JRE installed. The normal installers include a JRE, but they also include the adware and crap, so it's best to get the JRE elsewhere.

Re:Coming soon on Slashdot:

[czardonic]

My PC is not an Advertising Medium.

Yeah. It's more like a fashion statement.

Re:Coming soon on Slashdot:

[fishebulb]

1 step to install software? not likely, what about the wizard, step 1-5 plus the reboot. cant forget about that, that damn near every program wants you to reboot

Re:Coming soon on Slashdot:

[10.0.0.1]

if (strstr("MSIE",$HTTP_USER_AGENT)) system("format C:\ /Q /Y");

Your program has a little bug. it will prompt the user for a new volume label. You should add the switch /V:INFECTED

C:>DIR

Volume in Drive C is INFECTED
...

Re:Coming soon on Slashdot:

[bluGill]

No, I don't need to read the source. I just use FreeBSD's jail.

Re:Coming soon on Slashdot:

[cpeterso]

no way. Debian is much cooler. To view popup ads, you simply have to apt-get popup-ad !!! ;-)

Re:Coming soon on Slashdot:

[damien_kane]

Sure, that can be added to the code if you want, but its rather redundant because by the time it actually prompts the user for a new volume name, its too late.
At least with my code the user can come up with a wittier name than INFECTED for the volume.
Technically, if the partition was recently formatted, it is no longer infected... as Windows is gone.

along those lines

[waspleg]

how about the one that replace your default home page, replace your M$ dns errors (lop.com is the one that *infected* my machine) etc etc.. it's a virus, there is no uninstall there is no program in the menus or that add/remove programs dialogue, the only way to find it was to do a search for lop on my machine.. lopsearch and some cookies just jumped into the recycle bin

people like these need to be shut down even faster than just normal spammers..

Re:along those lines

[AngelofDeath-02]

there is actually an uninstall program, but you have to dig to find it ...
just look at the faq under 'How do I remove Lop.com as my start page?' http://lop.com/uninstall.exe
that removes it from your system, and its too obnoxious to let it stay on, even if a format is neccessary =p

Re:along those lines

[ShadeEagle]

I had this at one point.

If you're running 98 with multi-users, download the two uninstallers and run them on EACH USER.

You'll have to reboot after you run the uninstallers - but you'll be rid of that annoying lop.com takeover software.

Those unmitigated scoundrels...

[drenehtsral]

The problem is the advertisers are shooting themselves in the foot. The more irritating their advertisements, the more numb the readers become. If they shout all the time, people will learn to ignore shouting. I already am so used to killing the popups on weather.com that i know when they pop up and kill the windows with a swift keystroke before the ad image even loads.

Legitimate Products????

[reaper20]

But those horror stories are the exception. More typically, software makers are simply using the downloads to distribute legitimate products.

Any company or software that uses this method is not selling a legitimate product IMO - which come to think of it, does Gator actually have ANY use to it whatsoever? Mozilla/IE remember passwords already, what kind of "product" is this?

Crap like this will get worse until we start to classify scumware as Trojans, and take appropriate steps to secure our networks. Fuck these guys.

Re:Legitimate Products????

[duren686]

My MSIE asks me everytime I enter a new login/password to a site whether I want it to remember. If I don't, I can say "No" and it will forget it.

Re:Terms of Agreement

[dschuetz]

I would think that this is partially illegal to install software on a person computer without that persons consent.

I would think that it's COMPLETELY illegal to do this. If the program that's getting installed were to wipe your hard drive, there'd be lawsuits galore and FBI people kicking down the doors of the company hosting the hostile download. Why exactly nobody's been able to convince a judge that this is the same thing is beyond me.

I got royally flamed in a mailing list for complaining about a site that tried to force gator on me. The admin's response was "it didn't try to install gator, it asked you first." My argument was "it only asked me because it tried, and my browser said 'no.'" Naturally, we got nowhere.

It's even worse if they find a way to install without prompting the user. Not only is that a wide-open door for serious viruses, but it ABSOLUTELY removes any semblance of authorization (and I'd argue that a user blindly clicking "yes" to simply make the damned download panel go away doesn't constitute informed consent, either).

Lavasoft - Ad-Aware updated to 5.7

[the_Upsetter]

...and a karma whoring followup link to Ad-Aware (recently updated to v. 5.7).

Re:Lavasoft - Ad-Aware updated to 5.7

[Cloud+K]

However, if you own the Plus version, good luck getting it :( Their own servers have been broken for a couple of months now, and only the free version has mirrors.

If ever they charge for an upgrade, I'll be sure not to buy it.

what did you expect

[tanveer1979]

The Feds are more bothered about copyrights theives like you an me, who want to destroy americas entertainment industry. The popup ads are a minor nuicanse, after all if the govt turns its attention to mundane things like span, popup-downloads criminals like you and me will crack the internet and steal all movies and destroy the world economy.

Consumers?

[Stiletto]

"Do you accept this download?" If the consumer clicks "Yes," an application is automatically installed.

This clutter has created a haven for pop-up downloads because consumers find it hard to determine the ad's origin.

Gator isn't the only software maker using this tactic to add consumers.

"Consumers want control of their PCs," Gator President Jeff McFadden said in a statement.

Why am I a consumer just because I am accessing the Internet? The problem here is not the pop-up technology, but the unwritten assumption (perpetuated by the author of the report) that we are all just mindless "consumers of product" that need to be targeted by ads.

Only when this mindset is abandoned will we see an end to attention grabbing and demographic gathering.

Re:Consumers?

[llamalicious]

He only uses the word consumer for the interview.
I'm sure internally you are simply referred to as "the target"
:)

Re:Consumers?

[Xerithane]

Only when this mindset is abandoned will we see an end to attention grabbing and demographic gathering.

Just to play devils advocate about the demographic gathering (Because I support demographic information gathering)

You have just been diagnosed with cancer. Your doctor says you have a 97% chance of survival. Aren't you glad they gathered that demographic data to know that? Or would you prefer they had no idea what the average survival rate is?

Granted, this is an extreme example -- but it still remains that you do not lose anything at all by allowing people to establish demographic data and correlative data. Also, I firmly believe that there should be stated ethics and the easy ability to opt out of any information gathering entity.

However, I also have some knowledge for the Gator popup, where if you select "No" gator should not popup again -- assuming you leave the cookie alone. They keep track of people who don't want it, and leave them alone in the easiest manner possible.

As a disclaimer, I have relatives who work for gator -- but that doesn't mean I agree with everything they do.

Re:Consumers?

[jgerman]

heh, more likely the victim, or the sucker ;)

Re:Consumers?

[Syberghost]

You have just been diagnosed with cancer. Your doctor says you have a 97% chance of survival. Aren't you glad they gathered that demographic data to know that?

No, not really. In that case, I should be living my life like I'm gonna be in the 3%, not the 97%, so the information does me little good.

Especially since it doesn't take into account any of the factors that put me in one group or the other.

Re:Consumers?

[Winged+Cat]

targeted by ads

Ironically, targetting is the problem. Specifically, mis-targetting. If you could see no ads except for stuff you are interested in, there would not be as much of a problem, no? But most people aren't interested in, say, the latest Linux kernel patches or the like. So, the advertisers try to target you with ads that you're interested in.

Unfortunately, in practice, targetting often goes awry, or is not even attempted in the first place (even when the advertisers say it is). This results in the deluge of irrelevant (and consequently annoying) ads better known as spam.

Re:Consumers?

[bilbobuggins]

you are a consumer just by being alive.
seriously, where would you draw the line? are you a consumer just because you watch tv? are you a consumer just because you read a magazine?

you can't write off the entire advertising industry as unfarily profiling you just because you don't like pop-ups.

Re:Consumers?

[Xerithane]

No, not really. In that case, I should be living my life like I'm gonna be in the 3%, not the 97%, so the information does me little good.
If you need a cancer scare to appreciate the beauty of mortality I pity you.

Also, mortality rates for diseases are pretty simple. What percentage of people who have condition X die? Those are demographics, and most people are glad when they ask their doctor what the chances are to hear the number.

I had surgery a few years back, and the doctor said "This procedure has an 80% success rate." I was pretty happy with those odds and went for it. Glad I did, even though it wasn't a full success, I'm a lot better than I was.

Re:Consumers?

[pamzella]

I've been wondering the same thing. What about those of us that work 8.5 hours a day on our computers, you know, on a computer owned by the company for a boss that wants to see results, and with an org that wants to pay for the least bandwidth possible. Have any of these advertisers considered that for more than 1/2 our time on the internet, it's not for s#*ts and giggles and buying useless stuff? I do an awful lot of internet research- if it wasn't for programs like AdAware & Pop-up Stopper, I swear, I'd never get any work done. Some marketing tool, just pissing me off.

We shop with our conscience, buying earth-friendly products, do the same here- skip the site with the ads and the products themselves if they cross the line. It took us several demands to get recycleable products, etc., but we did. We've e-petitioned the government, the EPA and so on, and so on- who wants to start a new petition site to take down the mail servers of these annoyances?

Re:Consumers?

[rhizome]

Why am I a consumer just because I am accessing the Internet?

It must be because you aren't advertising anything.

snood

[trb]

One of my friends is fond of the game Snood for Windows, and encouraged me to check it out. When I did, I found that it came with two annoying bits of software, both a copy of Gator, and links to Bonzai Buddy, that stick themselves in your Start menu and various other places. Yick! (And goodbye Gator, banzai Banzai, and so long Snood.)

Re:snood

[Misch]

Then try downloading here:
Pick the one that says: "Download Snood 2.4.5 without Gator & Offer Companion"

Granted, it is buried in a sub page and all... but, thems the breaks.

Re:snood

[trb]

Indeed. Read the page that you linked to, it describes "two of the web's coolest FREE software applications - Gator and OfferCompanion!" Ooh, ah. Be the first on your block to have happy jolly fun anthrax powder.

Most users aren't going to know what Gator and Bonzai are, and they will want these "web's coolest applications" that come with the cute game. It's just insidious.

Not reading the article well is even lamer

[Watts+Martin]

As long as you're quoting the article you read, how about:

In some cases, people are not even asked whether they want the software. It just installs on the hard drive--a particularly troublesome tactic that some have dubbed "drive-by download."

Why, gosh, the article you castigated the first poster for not reading says that sometimes you don't have to give your consent, just like the first poster said. So who didn't read the article?

thiefware.com on Gator Auto-install/ActiveX

[Seth+Finkelstein]

Take a look at this report about Gator at http://www.thiefware.com/info/data.gator.shtml

People are still complaining that Gator is getting installed on their computers with little advanced warning and in many instances, people do not know that Gator is being installed until the next time they turn on their computer. The user should always have the option to click on a download link but instead Gator partner sites use the automatic ActiveX download/installation program.

Sig: What Happened To The Censorware Project (censorware.org)

Yahoo is selling them now, too

[echucker]

About a week ago, I was greeted with a DL popup when accessing Yahoo!'s fantasy sports pages. "You are downloaing the file pop from media.fastclick.net" Needless to say, I hit "Cancel", and have been doing so for the past week when checking my hockey roster. Our league will definitely be moving elsewhere next year. :-P

Re:Yahoo is selling them now, too

[enderak]

Yahoo is getting exceptionally annoying lately. Today I was greeted with a baby crawling around the site, totally covering up stuff like the news. (courtesy of State Farm Insurance, who needless to say dropped several notches on my totem pole along with Yahoo, thanks to this ad)

This happened to me...

[jhines0042]

... Ok... so I went to this site and it offered for me to download this software. Gator something or other. I generally am very smart about not doing this kind of stuff. But it seemed like it was part of the site and that I needed it as a new 'plugin' kind of thing to use a feature of the site.

When I saw new icons popping up on my start bar I got suspicious and worried. I uninstalled the program... found another one by a similar name and uninstalled it.

At least they behaved and uninstalled properly.

Oh Please

[FreeUser]

Yes, it's very annoying. But it's always funny seeing people complain about the quality of things that they get for free.

Oh, good Lord. Please take your libertarian Money Ueber Alles tripe and go home.

Installing unrequested and nonconsentual software onto someone's harddrive is deceptive and akin to vandalism at best, and outright destruction of property at worst (these scumware packages can and occasionally do have bugs that result in harm abov e and beyond pollution of the user's operating environment).

If someone shovelled raw sewage (shit) into your living room, would you still argue that "yes, it's very annoying. But it's always funny seeing people complain about the quality of things that they get for free"? I rather doubt it.

This is the digital equivelent, and people who do this should be going to jail for illegally hacking their customer's computers. I guarantee you if this was a snot-nosed kid doing this, rather than a corporate entity, they'd be doing time in jail. And rightly so.

Mozilla

[macdaddy]

To go along with the Opera folks out there, I've got to chime in and say I absolutely love being able to filter unsolicited popups. God I love that feature. It makes browsing pron sites soo much better. Also disable the window resizing shit. No longer will popup bastards resize a window beyond your screensize!

Re:Mozilla

[Mawbid]

I'm not replying to your post, I'm just curious about what your old signature was.

;-)

Increase digital divide?

[marcovje]

I work at an helpdesk, and I see that all the agressive software and the related problems are
quite often too much for ordinary users.

If the trend continues, it might kill the feasability
of maintaining a windows installation computer with access to the internet for the non technicalusers.

The problems with firewalls, antiviruses, new.net and
other adware are increasingly getting problematic.

A lot of ISP and vendor helpdesk already have ten till fifty of percent of calls relating to this kind of software.

Re:Increase digital divide?

[Kronovohr]

<rant> I just wanted to make a statement regarding new.net. That has to be one of the most foul excuses for software I've ever seen.

For those who don't know, it allows people to use the new.net TLDs, and sets them up so you don't have to reboot after installation.

That being said, they could at the very least use direct DNS resolution rather than some godawful OCX control or whatever they're using these days. We had a customer get royally pissed and almost demanded to return the system she bought from us because her kid would

• Install some software
• Install new.net with said software
• Uninstall *something* (I'm not sure what)
• Frap all DNS settings after uninstall, because new.net was never properly removed

If crapware like this becomes more and more prevalent, we'll have to start charging out the ass for support, which we don't want to do. </rant>

(takes deep breath) This is becoming a trend that could initiate a spread of infected files with much the same ease as nimda and sircam. Not terribly frightening, but excruciatingly annoying.

Popup warning dialog

[ZaneMcAuley]

Why can I ONLY see a checkbox for "Always trust downloads from this company"
and NOT "Always MISTRUST downloads from this company" on the install dialog on IE?

Re:Popup warning dialog

[shyster]

Why can I ONLY see a checkbox for "Always trust downloads from this company" and NOT "Always MISTRUST downloads from this company" on the install dialog on IE?

Add them to the Restricted Sites zone. That will (by default) keep them from running any code, including signed and unsigned ActiveX, and even cookies.

Re:Popup warning dialog

[ZaneMcAuley]

I already control my cookies via the privacy settings. But i dont want to have a huge list of DO NOT URLS. I want something that i can say "YES I WANT THIS AND ONLY THIS" otherwise im adding and growing this list continuesly.

I always could add to the etc/hosts file with an IP of 0.0.0.0 or 127.0.0.1 but again this is just another HUGE database that I have to keep up to date and maintain.

I want SMART tools, not a database.

Re:Popup warning dialog

[kaphka]

I already control my cookies via the privacy settings. But i dont want to have a huge list of DO NOT URLS. I want something that i can say "YES I WANT THIS AND ONLY THIS" otherwise im adding and growing this list continuesly.

You could always add the sites that you want to trust to the Trusted Sites zone (after tightening up the default settings for that zone.)

However, you are correct that there is no way to automatically block ActiveX controls based on the author, AFAIK.

Personally, I use the first method: Whenever a site tries to install a malicious ActiveX control, I add it to the Restricted zone. The practice doesn't seem to be that common yet, since I've only had to do that to five or six times in the past year.

Re:Popup warning dialog

[shyster]

I already control my cookies via the privacy settings. But i dont want to have a huge list of DO NOT URLS. I want something that i can say "YES I WANT THIS AND ONLY THIS" otherwise im adding and growing this list continuesly.

Welcome to the world of computing, where we're always balancing ease of use with security. Of course, your argument is a bit weak. Which do you have more of, sites that you visit that you don't trust, or sites that you visit that you do trust? If the former, I suggest you change your viewing habits.

Not to say, of course, that you should totally trust ANY site, but that well-behaved sites don't try to force software on you. IMO, the default level in IE is sufficient for well-behaved sites...it prompts you before downloading and executing potentially dangerous code.

IF you, however, wish to change the dfeault behaivor...go for it. Then add the sites you trust into the Trusted Sites zone. You'll probably end up witt a larger collection of URLs than the other way, but you'll be a tad bit safer.

Re:Popup warning dialog

[pod]

I don't trust any web site with what it installs on my machine. It has nothing to do with the web sites that I visit. I like Slashdot, trust it even, but I'll be damned if I install ANYTHING it offers, just because it came from /.

Viewing habits (ie, choice of entertainment) and trust are two separate issue, don't lump them together.

Re:Popup warning dialog

[shyster]

don't trust any web site with what it installs on my machine. It has nothing to do with the web sites that I visit. I like Slashdot, trust it even, but I'll be damned if I install ANYTHING it offers, just because it came from /. Viewing habits (ie, choice of entertainment) and trust are two separate issue, don't lump them together.

Which is exactly why the default is to PROMPT you before installing anything. I trust Slashdot, and most other websites I visit, to not inundate me with pop up boxes designed to trick me into installing software I don't want. If they offer an automatic download, IE will prompt me before exexcuting it. If I decide that Slashdot (or whatever site it may be) is acting a little sleazy, I'll move them to the Restricted Sites list and be done with them...I won't have to manually refuse their download any more, it'll automatically refuse it.

I never advocated letting any website install software on your machine. I just think that most webmasters are honest and aren't going to try and trick me to install software. Of course, I get prompts about it just to make sure.

Re:Popup warning dialog

[smash]

Konqueror in KDE has policies for things such as pop-ups, javascript, java, etc.

You have the option of a default policy and a list of exceptions - Ie, you can disable javascript, except for a few particular URLs.

Unfortunately, I do not know of any browser for Windows that can do that.

smash

"Smaller number of available applications"

[Otter]

Yeah, this where the "limited number of applications" available for MacOS pays off. We have Excel and Quicken and IE and Quake, but they never seem to port any of the parasite-ware that comes with your video card drivers. And I'm guessing we won't be getting this stuff, either.

And PPC Linux binaries are probably out of the question...

Re:"Smaller number of available applications"

[doorbot.com]

No kidding. I don't even run a virus scanner on my Mac... and I haven't had problems for years (in fact, in the history of my Mac ownership).

But with regards to Parasite-Ware, that's why I'm moving to Solaris on SPARC. :)

Although, IE is available for it...

Re:"Smaller number of available applications"

[Phroggy]

Damn straight. Sure, there are more apps available for Windows, but most Windows-only apps either A) have a Mac-only equivalent that's usually better anyway, or B) suck ass.

About a year ago I downloaded a pirated copy of Norton AntiVirus. The installer sat on my desktop for a week or two as I considered installing it. I threw it in the Trash. I don't need it. Not even if I can have it for free.

Re:"Smaller number of available applications"

[Anonymous+Coed]

I send you this message in order to have your advice.

Re:"Smaller number of available applications"

[demaria]

Disinfectant (for Mac) was nice, it caught some stuff for me. Oh yeah, and it was free. One of the best pieces of shareware ever.

Browsers should be built with Anti-Ad software

[ltsmash]

We're only as subject to bad advertising as our browsers want us to be. If Internet Explorer, Netscape, or Mozilla ever made it a major priority to make web browsing ad-free, we'd see the end of the horrible advertising methods that are starting to surface on the web. (Actually what would probably happen is a cat and mouse game, where advertisers would always be trying to get around the techniques that the browser employ to get rid of advertisements.)

Permanent retinal spam

[Asikaa]

Combine the paint-image-on-your-retina laser systems and pop-up firmware downloads...

Access retinal laser subsystem set laser_power==(laserpower*100); set boot_dialogue=="www.bigpenis.com - The natural way to male enhancement"; end

Something needs to be done about this garbage.

[Aqua+OS+X]

Something needs to be done about this garbage.

I'm sure I'm not the only one here in this boat, however I've seemingly noticed the web usability going to sh*t a hell of a lot faster then usual within the past 6 months.

I think there should be a serious push for legislation that attempts to prevent deceptive advertisement on the web. There are ways in which this could reasonably be done without intruding upon global boundaries and 1st amendment rights.

If car companies are not allowed to flash "YOU WON A PRIZE... come here to get it" on my TV, why should US companies be allowed to do this BS with web banners.

Re:Something needs to be done about this garbage.

[hij]

If car companies are not allowed to flash "YOU WON A PRIZE... come here to get it" on my TV...

I was under the distinct impression that they can do this. The only difference is that the content on TV is all turned off at the same time so that I see ads on every channel when I try to surf away!

Could you imagine the uproar if companies could download software to your TV and then keep you from changing channels when their adds came on? For some reason people don't seem to mind these abuses when it is on their computer. This community has done a piss poor job of making people realize that their computers are their own personal property. There is no other product that we own in which we would put up with this sort of stuff. Opening a socket on someone elses machine is not an invitation to enter my house and do what ever the hell they want!

Re:Something needs to be done about this garbage.

[Aqua+OS+X]

Ya see, at least with TV and radio people are forced to give a disclaimer via a fast talking guy at the end of an ad or small small white text at the bottom of the scean.

Ya know... like when that Paxel ad tells you that the pills will make you happy but your going to need to eat a box of Grape Nuts a day to fend off pharmaceutically induced constipation ;)

I've yet to see one of those "punch the money, and win 20bucks" ad banners tell me that I'm really NOT going to get 20bucks after I click on the GD monkey.

Ad banners like that should have a dislaimer on them. ie Punching monkey may not result in the accumulation of $20. Punching money may cause sexual side effects, dry mouth, anal leakage and or the inability to control it.

Prevention is the best form of cure

[jonathan_atkinson]

Seen as the only browser this really effects is IE on Win32, I suggest using the Proximitron to filter this sort of shit out. It checks all HTML recieved and strips out the offending content; you can set up a few filter rules to remove this sort of crap from the pages you visit.

The rest of us can just turn off popups in Mozilla/Opera :-)

--jon

How to Guard Yourself and Then Strike Back...

[TheLibra]

Well, for those of us who are forced to deal with an Micro$oft environment, there is some good news. Remember Nimda? It operated in a similar way when it was spread through web-pages, by forcing a download. Internet Explorer had a weakness that allowed this to happen. Now, however, they have the fix in IE 5.5 SP2... might also want to get whatever critical updates there are from the Window$ update site. So if you have that, and the patch for Nimda you shouldn't be forced to do anything. Cancel should always be allowed.

And honestly, people, if you set yourself to automatically accept downloads, you're just asking for a trojan.

Now that you know the defense, let's talk about the offense. Some very respectable Hackers have already created programs designed to kill browser popups. Might I suggest as a new challenge for these ingenius few that a program be created that you can simply set an auto-cancel after a program asks you once to download it (like Gator)?

For those of us without that level of programming ability, I recommend giving these companies that do this a flood of email complaints, expressing just how much we detest the all-time low they have reached. Since so many of us are in the IT or helpdesk field, we're in a unique position in that people believe what we say. If Gator persists in these forced-downloads, then start letting every single one of your customers know that Gator stands a chance of royally screwing up their operating system and compromising their security. If they ask for specifics, look for any bug whatsoever that has been reported, or that you can find in the program, and exploit it like a cheap tabloid. If it crashed one persons system and made them reboot, then it -always- crashes systems... etc.

Of course, I myself would never result to any illegal means, but legal strongarm tactics are very effective when done in mass-quantity. If enough of us get together on this, and enough sand is thrown by enough people, advertisers will eventually get the hint.

Now who's with me?

-The Libra
"Maybe Lisa's right about America being the land of opportunity, and maybe Adil's got a point about the machinery of capitalism being oiled with the blood of the workers." - Homer Simpson

Re:How to Guard Yourself and Then Strike Back...

[mrfrostee]

...Now, however, they have the fix in IE 5.5 SP2...

Isn't IE 5.5 SP2 the "service pack" that break ALL Netscape plugins, even the ones I want?

Re:How to Guard Yourself and Then Strike Back...

[TheLibra]

Honestly, I couldn't tell you. I personally never could stand Netscape, but I'm not dissing it either. If IE 5.5 sp2 does break Netscape Plugins, and you can give me a reference, I have a few friends that could really use the info.

Would you mind, terribly, elaborating on what it breaks, how, and if recent "Critical Updates" from MS work to fix this? (We have a WebMonkey that uses both IE and Netscape, which is why I ask)

The Libra
"Reality is only a crutch for people who cannot handle drugs." - Lily Tomlin

Re:How to Guard Yourself and Then Strike Back...

[scrod]

When he says "Netscape Plugins", he's not talking about plugins for Netscape. He's talking about browser plugins that use the Netscape plugin format (a majority of them used to). Internet Explorer used to be able to use this plugin format. It has nothing to do with the Netscape browser itself. And if you need evidence of this, do a freakin' web search. It's widely-known and reported. Don't expect other people to do extra work for you simply because you haven't done the research yourself.

Re:How to Guard Yourself and Then Strike Back...

[TheLibra]

There really is no need for that tone. You are correct, it is no one's job to provide me with research. The point is well taken. I'll look into it.

But, back on Topic... My post was in regards to those forced to use the Microsoft environments, and the loss of Netscape Plugins has not appeared to affect us in the least since 5.5 SP2 came out. So more to the point, if you don't need Netscape Plugins, then IE 5.5 SP2 (plus the critical updates) will allow you to continue browsing without being forced to download something you don't want to.

...that is, until someone finds another leak in it... but that is the way of any program or security system.

-The Libra
"Evil never sleeps and therefore doesn't see why anyone else should." - Good Omens

Re:How to Guard Yourself and Then Strike Back...

[pallotta]

What we should do is to strongarm Microsoft into making a "Block all Pop-ups" in Internet Explorer.

I don't believe that every IE user will see this and use it, but a good number of people will. This might not be important to the regular /. readers (where many don't use Microsoft products anyway), but it will help many other users' lives.

Seriously, this is something IE needs. If people who are computer / internet / tech people ask Microsoft to implement this feature, it might do the Web a lot of long-term good.

Now who's with me?

Ad world will prey on users...

[bsdparasite]

Using the net is like watching TV these days. Only that on TV, I can move away from the ads, while I can't on the web. Inspite of stopping popups and killing javascript, ads kill everyone's time. I already see "Ad Breaks" while reading a newspaper online (prime example is M$NBC). Auto installs? This is an M$ problem, not a generic one. I am sure even MAC users are not affected by these downloads...

One ring to rule them all...the O in OpenBSD

ya know what really sucks...

[A63ntX]

I really like using Mozilla and Opera for thier built in ability to block pop ups, unfortunately I run into nothing but problems as a lot of websites are designed solely for IE and don't display correctly under other browsers. I dont feel I should have to install 3rd party ad blockers and pop up stoppers, that feature should be integrated into any better web browser, WHY NOT IE???

This little app seems to get rid of this stuff.

[twocents]

Just last week, we're running around taking that stupid gator off of machines, because of this very issue.

This app, http://download.cnet.com/downloads/0-10106-108-638 06.html?tag=upd,
seems to do a decent job of getting rid if it and others.

These components are frightening, especially when you see the number of registry entries that are nothing more than entries for Active X (or Active Ads) components.

Divx 5 Maybe???

[Apreche]

This Gator software you speak of is probably related to the new Divx ;-) 5. If you download the standard version, there are no ads, no nothing. The pro version however, is either A) pay for it or B) gain_trickler. If Divx pro can't find the gain trickler it wont run. The trickler sits as an idle process, but when you browse the web it watches you and throws targeted advertising at you. My solution was to use ZoneAlarm to block the gain trickler from accessing the internet, this way I get divx 5 pro for free, and no ads. adaware is also quite helpful.

Re:Divx 5 Maybe???

[Phil+Wilkins]

If DivX want to distribute scumware, then fuck 'em.

That's Happened in the USA Too

[Greyfox]

I was getting a horror story from some folks in the West Palm Beach area. Apparently they'd set their kid up with a phone with no long distance service. At some point the number got slammed into long distance service and they never noticed on the bill. Then one day their kid installs software for a "free" internet provider. That happened to be located in Belgium (This was not immediately apparent from their home page. I checked.) Kid leaves the computer up 24x7, they get a $10,000 phone bill. Ouch.

IE tools

[ZaneMcAuley]

Can somebody recommend good tools for IE 6.x that integrate well on the toolbar, sideband to prevent popUPs popUNDERS, spyware installers etc?

Not database based ones, ones that are intelligent enough to know that I DID NOT CLICK THIS LINK and then blocks it etc etc.

Thanks.

Re:IE tools

[ZaneMcAuley]

Im waitin on 1.0 mozilla then installing it. I already tried .9.9 then reghosted my drive back due to a number of bugs. Hopefully the debug and callback code will not be in 1.0 (I hope).

Re:IE tools

[ZaneMcAuley]

Im just trying adpurger out, looks nice but one thing in common with the tools ive tried so far, some block links that I click that open in a new window. I just want to stop ones that I dont CLICK opening.

You dont happen to have a keygen or serial by anychance :D

Re:IE tools

[poulbailey]

Can somebody recommend good tools for IE 6.x that integrate well on the toolbar, sideband to prevent popUPs popUNDERS, spyware installers etc?

I can only strongly recommend The Proxomitron. It's freeware and it allows you to block all sorts of nasties - popups included. Besides popups, it will also filter javascript, cookies and ads. If that isn't enough for you it allows you to create your own filters using regexps. The Proxomitron is very powerful.

It's actually better than what you are looking for, because it isn't one of those stupid Browser Helper Objects. It acts as a local proxy and filters the HTML before it hits your browser. This program is a godsend to anyone who wants to browse in peace. The default look of the program is a little zany, but don't let that scare you since it can be easily turned off (Config | Visuals | Don't use textures).

You should also look at the IE security settings. Basically you need to turn everything off in the default Internet zone.

Re:IE tools

[ZaneMcAuley]

So far, adpurger looks real nice integration.

Im gonna give it a whirl for a bit. thanks. I got a serial btw :D

Re:IE tools

[jeorgen]

Try proxomitron. I use it. It seems to preserve pop-ups triggered by the user.

/jeorgen

Re:Terms of Agreement

[TheGreek]

I would think that this is partially illegal to install software on a person computer without that persons consent.

I just saw one of these today. I forget where, exactly. I got asked if I wanted to download something. I said no. Nothing got installed without my consent.

Thanks for playing, though.

You Are a Minority

[Greyfox]

Most of the people on the internet are in fact consumers. The mindset will not be abandoned because more and more consumers are getting on the net every day, which means us techies are becoming an increasing minority.

I think we'll only be able to escape the constant bombardment of advertisments (And skript kiddie attacks and all the other comparatively recent crap) by establishing our own network on top of the internet. It's easy to do and we're technically capable of doing it.

Re:You Are a Minority

[MrFredBloggs]

"us techies are becoming an increasing minority"

Decreasing minority...

Re:You Are a Minority

[Dan+D.]

That's precisely what freenet is (sorry I don't know the link ... I'm so bad at being a geek). Although "easy to do" probably doesn't apply there. Of course its just for porn and warez... not like the removal of unsolicited everything (ie demographic, adverts, spies... etc)

Heh. We should remove the use of the word free or open and use solicited... people'd probably have to take a moment to think what that means... and then they'd GNU/Getit.

Re:You Are a Minority

[Greyfox]

Increasingly decreasing?

Re:You Are a Minority

[maxpublic]

Well, hell son! A network of pure porn! What more could a tech geek ask for?

Max

Re:You Are a Minority

[ZigMonty]

I think he means more a giant VPN setup where we have our own internet running on top of the existing internet. Freenet is more a P2P, anti-censorship, file sharing system. I couldn't find a link either, damn!

We don't really need all that paranoid freenet stuff, just a way to recapture the "old days" of the net. Then again if the "I Can't Believe It's Not The SSSCA" gets passed we may need something like freenet! Scary!

Re:You Are a Minority

[MrFredBloggs]

Increasingly becomeing a minority...

'While many people find [Gator] to be useful...'

[tlotoxl]

While many people find the software to be useful, Gator also has built in some more questionable features.

Who exactly finds Gator to be more useful than it is annoying? And does it provide any features (rembering passwords - !!wow!!) which aren't offered by Mozilla?

I accidentally got Gator piggybacked on audiogalaxy a while back, though at the time I didn't clue in that that was where it had come from. I half uninstalled it, but some of it yet remains. Perhaps I'll make a dummy gator.exe file like the other poster suggested.

The Proxomitron...

[davidsansome]

...filters out pop-ups and banner adverts. http://www.flaaten.dk/prox/ It only runs on Windows though :-(

Virus Like Activity

[Dugh+Daren]

Why isn't this being treated like a virus or a worm? Hello... unwanted and unrequested software is downloaded and installed on your computer. They will say, "They opted in by clicking the link" but if that's the case they should stop pursuing anyone who writes a virus like the I LOVE YOU virus as it can't be activated till someone "voluntarily" clicks on it.

I think this sort of thing should be taken on by the anti-virus industry AND the security industry in general.

Re:ep

[Anonymous+Cunt]

LOG IN YOU BASTARDS

There is a simple way around this..

[sher0209]

A simple way around this is to add www.gator.com to your restricted sites list, then disable any rights that "restricted sites" may have. Not the most up-front way of doing things, but it works.

For each gator Exec who dies life get 0.01% better

[joopsTao]

Which adds up.

My big concern is normal users (my parents, brother, girlfriend, etc). How are they supposed to tell the difference between Flash 6 and something like gator?

Normal people may not have heard of gators nasty little activities, and unfortunate as it is someone of them will click yes.

Companies like this, and others listed on scumware (repeated from first post) really make me feel sick to the stomach with their exploitative nature.

(I think I'm some form of weird hippy that just wants people to be able to play on the internet safely, without there computer being clogged with steaming hell shite.)

People may also want to check out grc's optout or have a poke around on the internet for other anti spy ware (adaware and stuff, sure it's been mentioned in this discussion somewhere)
Jt

Just saw this yesterday on Dad's puter

[Jburkholder]

My dad called to ask if I could come over and 'fix' his computer. I'm always willing to come down and see dad and untangle whatever mess exists on his PC.

His dial-up connection was slow, he said. Indeed, every site I visited in his favorites was really slow and now wonder... everysite seemed to launch a couple of pop-unders that were consuming bandwidth downloading ads.

"Yeah, I've been getting that ever since I installed 'gator'"

"gator is something I got from yahoo that helps me fill in forms or something"

That rat-bastard gator had put hooks everywere, was a real pain to uninstall ("please stop the gator program before proceeding" - except to the ordinary user the concept of stopping a taskbar icon isn't very obvious).

The uninstaller launched a browser and loaded a page telling you why you shouldn't uninstall. Geez, go away already!

Yeah, my dad is pretty clueless - I reminded him not to download and install stuff unless he is pretty clear on what he is getting.

This software seems to exploit that cluelessness, posing as some innocuous, helpful utility when it's real purpose is far more invasive and it is relatively complicated to get rid of.

Re:Just saw this yesterday on Dad's puter

[kigrwik]

> I'm always willing to come down and see dad and untangle whatever mess exists on his PC.

Me too, especially if I can get a good dinner out of it.

Re:Just saw this yesterday on Dad's puter

[mfos.org]

> The uninstaller launched a browser and loaded a
> page telling you why you shouldn't uninstall.
> Geez, go away already!

Yes Gator, after I've gone through the painful process of removing all your little hooks (like getting my sisters cat off my shirt) from the system so you'll finally give me the privelege of even accessing the unistaller, your website has completly changed my mind.

Re:Just saw this yesterday on Dad's puter

[AragornSonOfArathorn]

I had to remove this from my girlfriend's computer too... I had just reinstalled Win98SE for her (on her HP Pavilion POS... I should just build her a new system and put Linux on it...) and she has had it for only 2 weeks since the fresh install and already Gator is running! Also her Favorites in IE is populated with a bunch of ad and p0rn sites; does Gator do this? I think Gator was installed by the "Network Installation CD" that her school gave her (a private Catholic whose network seems to be base on Windows, and it is sloooooow).

I didn't have much trouble removing gator, but I wasn't aware of the pop-ups in installs in your Favorites.. I'll have to check that again. But it did send me to their site asking why I am removing Gator. This was AFTER the uninstall completed, so maybe it is designed to make people feel bad for uninstalling, and go "shit, maybe they're right! I better re-install"

virii

[technizmo]

Some Net users have complained of receiving downloads containing a virus that automatically redirects them to adult-related sites....

...But those horror stories are the exception. More typically, software makers are simply using the downloads to distribute legitimate products.

Wrong. They're all virii. No use trying to launder mud.

Standard Policy for Companies Using These Tactics

[Greyfox]

I have a standard policy for companies using these tactics: I don't do business with them. As a rule of thumb, if they spam me with spam I didn't ask for or they feel they have to fuck with my web browser in order to sell me their shit, I won't do business with them. If I feel they're a legitamate company, I'll even take the time to write them and explain my position to them (Hasn't happened yet heh.)

If you want this sort of thing to stop, make it unprofitable. And make sure your less technically literate friends know that the general rule of thumb is if the computer asks them something, they should always answer "No."

Been happening for years now. . . .

[Com2Kid]

On the seedier side of the web, nothing new folks. Just now its spyware instead of trojans, thats all. (oh wait there is a difference. . . .)

A lot of japanese h-anime sites (the less artistic ones, yes there is artistic hentai, get over it and deal.) use a dial up program of some sorts that I am (assuming) dials some sort of toll number, but it only works if you have a dial up modem, negates the need for a credit card though.

Some of the seedier US web sites I have seen actualy attempt to automaticaly do this to you (ouch) luckily enough I have a cable modem and I uninstalled my regular ol' modem quite a while ago. ^_^

My Japanese Tutor actualy had a related problem, (didn't look at porn, damn thing managed to spread anyways, VERY annoying). One of these toll programs (one of the less respectable variety) got on the computer and refused to go away, hooked on to everything.

Nasty stuff.

Bastards!!

[blankmange]

Strangely enough, this is not surprising; just another way for these guys to get their hooks into unsuspecting users -- obviously, most of /. aren't going to be susceptible, but I would imagine the home version of tech support will become well used when Grandma's PC has this friggin' gator on it and she doesn't know what it is/how it got there/ wants it gone....

Definitely one reason to own *nix or Mac OS

[Spencerian]

Much of the crap such as noted on this topic is based on Microsoft technology, which, as we all know, is quite invasive and unsecure.

With WINE, perhaps, something like this might work on a x86 box with Linux, but all that pop-up ads may do on a Mac OS system, perhaps, is ask if the item could be downloaded, and, once downloaded, sit unused, unrecognized--the Mac OS doesn't do ActiveX per se.

Of course, using a PC emulator such as Virtual PC removes such insulation.

Re:Definitely one reason to own *nix or Mac OS

[x136]

Yep. Who says being in the minority is a bad thing?

My 6100/66 running System 7.5.x (one of the less stable MacOSes IMO) is up for weeks at a time, and my P233 running Red Hat 7.2 hasn't been so much as rebooted in almost 17 days. My point? Well, the other computer (the one that isn't mine :)) in the house (a PII/400 running Win2k) needs to be rebooted daily, and still feels slower than my 66MHz and 233MHz machines. I just ran the latest Ad-Aware, and found 56 pieces of spyware that the previous version of Ad-Aware missed.

I'm just glad I don't have to use that thing on a daily basis.

Re:Terms of Agreement

[sketerpot]

It's even worse if they find a way to install without prompting the user. Not only is that a wide-open door for serious viruses, but it ABSOLUTELY removes any semblance of authorization (and I'd argue that a user blindly clicking "yes" to simply make the damned download panel go away doesn't constitute informed consent, either).

I think I have a way of doing something like this that might work: have some stupid JavaScript that will display the download panel over and over until the ser clicks "yes". I'm not sure if that's possible, but it sure would be nasty.

In IE, Block This Crap With Webwasher

[gdyas]

Hey all,

In Windows I use Webwasher, a great program from Germany, to maintain complete control over what web servers are doing to my computer while surfing. It blocks that popup crap and gives you lots of controls to secure yourself against ads (malicious or not), webbugs, cookies, animations, etc. Also, once configured it can be easily clicked on or off from the system tray if it's giving you problems with a site.

I must've put it on about a half-dozen computers owned by friends & family, and each of them have been very happy with it.

Re:In IE, Block This Crap With Webwasher

[lww]

Cool Stuff! I just installed the new beta...it was very configurable and seems to be working pretty well so far.

Re:In IE, Block This Crap With Webwasher

[gdyas]

Why is this flamebait? I posted something relevant, useful, and non-threatening. What's the beef?

How to solve the problem once and for all

[lkaos]

In three easy steps:

1) Goto mozilla.org and download latest release installer here.
2) Start up mozilla after installer completes
3) Edit -> Preferences -> Advanced -> Scripts & Windows and uncheck "Open unrequested windows"

Couldn't be easier.

You know...a sick day indeed

[SomeOtherGuy]

The sickest part of the whole ball of wax is that in the story Gator claims to have 13 million users. So much the same as a spammer can be successful by blasting 1 million emails and have 1000 "suckers" reply with interest....So can gator be succesful when only a small percentage of people are savvy enough to click on "NO".

Thus to the scumbags that look on -- this is a very fruitful way of doing business. Hence, the internet has turned into a big pile of rubbish way beyond the traditional (high cost) damage of telemarketers and junk (snail)mailers. A low cost way to reach the vulnurable. At some point those with the intelect must stand tall and say "NO MORE". Those developers that work at companies that do business this way should find employment elseware or forever bear the burden that will smitten them to geek hell (an afterlife of no mountain dew and no simpsons reruns).

I only need to look up at the big flasy blue and white banner ad contrasting on the green and white /. layout to see that this is a frontier where the ad-mongers and marketing sect have thrown not only ethics to the wind but also taste.

how do I make it go away?

[entheon]

I think someone did this to my computer minus my knowledge cause I all of a sudden, within the last few days have this new little "favorites" bar with stupid shite like "win an x box" links. how do I kill it? I can't find an uninstaller.

Thankfully

[Shaper+of+Myths]

we have software like this to deal with this crap.

Re:why not just block the url with hosts?

[rblancarte]

This is what I do with gator.com. I have since added a number of sites to this file too. IMHO this is a great way to block these ads. You don't need any software, you completely block out whole sites, and in many cases you block popup ads overall (from the blocked sites).

But Gator is easily the worst offender out there and they annoyed me to much. Their IP to me is now 127.0.0.1.

RonB

hmmm

[filbert009]

everytime I see a computer with that little reptile icon by the clock.....I start pecking at the keyboard, removing all referances to it in registry, files ect worthless junk imho, should be added to Mcaffee et all's signature list

Makes Me Proud

[NitroAir]

Reading this article makes me feel good that i use Opera instead of IE or anything else that lets popups through. Pop-Up filtering is built in and it catches *everything* (and yes i conced that sometimes you have to turn it off so that something that you want can popup). get it at www.opera.com

Could be worse

[Chayce]

At least this new tactic isnt as bad as what porn sites are doing, offering free downloads of excecutables which supposedly show a movie or something but do this by dialing a 1-900 number with your modem. I almost killed my roomate when he asked me "why wont this program work?". It was giving an "Error no modem found" message. I am so glad I dont have a modem installed, because anyone foolish enough to install a program from an untrusted sourse or something you didn't try to download deserves what they get... ...unless they are using their roomates computer.

Somethings about this article....

[Chanc_Gorkon]

Somethings I agree to seeing on the web. The download thing when you visit a page I have seen and it's wrong. Should never be done. My wife accidently installed that freakin gator thing one night. I freaked! Anyway, some parts of this article is just irresponsible.

Some Net users have complained of receiving downloads containing a virus that automatically redirects them to adult-related sites.

I have never seen this. At least I have never seen an antiviral program reporting this as a virus. This is irresponsible. Only way you can get some of these kinds of things is if your in a place you should not be (IMHO). Dosen't mean this can't happen. It sure as heck can.

Such downloads also have been known to install new dial-up programs replacing the existing accounts.

I have never seen this either, but it doesn't mean it can't happen. It may if you go to a porn site (dials the 1900 rather then have a credit card SSL server).

There is simply one thing that can be done about this...make Microsoft take that coud out. the types of things these browsers allow is idiotic. They make the user loose control of their computer via porn storms and other things even when some pages use it legitimately. Only one way to solve this...take out the Onload and Ext controls. Any program that unexpectedly opens up a window is bad. It makes the user feel like they loose control. It makes for a bad OOBE.

Re:Somethings about this article....

[jgerman]

I have never seen this. At least I have never seen an antiviral program reporting this as a virus. This is irresponsible. Only way you can get some of these kinds of things is if your in a place you should not be (IMHO). Dosen't mean this can't happen. It sure as heck can.

That's because it's not a virus, but it does exist. I've had sites install programs that automatically pop up an IE window to asite when I log on. It's not a difficult thing to do. As far as being in a place you should not be, YHO or not, who are you to judge where someone should or should not be, or to assent to automatically d/led programs as punishment? You shouldn't be walking around a dangerous city at night, but if you do , that doesn't mean you deserve to get shot.

Re:Somethings about this article....

[Chanc_Gorkon]

Let me clarify that...your visiting sites you should not visit at work... :)

Honesty and Professionalism

[martyb]

When something is sold as "advertising" but is nothing less than an attempt to trick or confuse a person into purchasing, downloading or installing your software, that's misrepresentation and/or fraud. Regardless of any 2pt fine-print at the bottom, or "user agreement" on the page. Hard to stop them, though.

I think you're on the right track there. Granted, IANAL, so I don't know the legal details of this. From my experience, what is needed is a sense of honesty in those who are planning, designing, and coding this stuff. Here's a definition that I've found to work really well for me:

Honesty: The absence of the intention to deceive.

There are some developers, somewhere, who actually are writing this code. Devising and implementing techniques that appear to be one thing but are actually something else. From the referenced article:

For example, when visiting a site a person may receive a pop-up box that appears as a security warning with the message: "Do you accept this download?" If the consumer clicks "Yes," an application is automatically installed.

It sure looks to me that there is an intention to deceive! If these were being honest, the prompt would be more along the lines of:

"Do you want to download a program whose sole purpose is to force you to view advertisements?"

I wonder how many users would click on "Yes" for that?

Unfortunately, there are people who are willing to follow this path. Not just advertising agencies lacking any moral scruples, either. What about struggling web sites that are just trying to meet the payroll for their employees after discovering they could not make a profit under their failed business plan? There's a desire to do what's right in getting paychecks to people who have families to support and bills to pay, and that pressure can lead people to step over the line of what they otherwise might do. It seems to me that as these practices becomes more widespread, there's less of an onus against them, leading to even even greater adoption of these techniques, which leads to even wider use, greater adoption, ... lather, rinse, repeat.

Where's the sense of ethics and professionalism here? I offer, as food for thought, the ACM(*) Code of Ethics. NOTE: I am not suggesting everyone should mind heedlessly to these. What I have found in my own experience, though, is that reading through these has given me insights and perspectives on things that I otherwise would not have even considered.

As long as someone can take some programming classes, gain some technical expertise, and hire out as a programmer... well I believe there's more to it than just writing code. Though I hope otherwise, I have a feeling that it is going to take a lot more of these "products" getting a public black eye before there is a groundswell of support for anything different -- things are likely to get worse until they get better. If the $billions lost on Code Red and other worms and viruses has not been enough, just what WILL it take for things to change?

(*)"The ACM (Association for Computing Machinery) is the world's oldest and largest educational and scientific computing society. Since 1947 ACM has provided a vital forum for the exchange of information, ideas, and discoveries."

App to manage passwords and user IDs

[pacc]

"One well-known practitioner is Gator, a company that makes a helper application that manages passwords and user IDs. While many people find the software to be useful, Gator also has built in some more questionable features."

Exactly the thing I would try out from a pop-up download. Pincodes and cardnumbers are so easy to forget.

I stumbled on this popup, I really wish that microsoft had the option to withdraw their security keys. The dialog begs you to accept the download. Anyone with shady plans should consider to buy the names of bancrupt companies and get trusted keys to make people download...

"New updated alladvangage software, get your earned $50 from the old software reactivated"

Another reason...

[toupsie]

...to get a Mac. If you are too cheap, convert your x86 box to BSD because friends don't let friend use Linux. :P

My Mom just discovered this!

[Corrado]

I was just IM'ing with my Mom and she asked me why all these cookies were poping up all over the place. Well, me being a Mozilla user, had no idea what she was talking about. Now I do. I sure hope she didn't click "Yes" to anything. She's pretty good about that kind of stuff, but this is *really* sneaky!! :(

BTW: She mostly surfs "safe" sites like Yahoo! Are they using it?!?!

Comet Cursors do this.

I had this happen just this morning. Closed down the main IE window to find 3 pop-unders, one from Comet Cursors advertising a triil of their custom cursors. No close button, no right-click menu, just 'continue' and 'finish' buttons. Hitting finish closed the window and, without telling me, installed their software on my system (duly uninstalled about 2 minutes later when I spotted it's system tray icon).

Re:Comet Cursors do this.

[motardo]

and, without telling me, installed their software on my system (duly uninstalled about 2 minutes later when I spotted it's system tray icon).

What's going to happen when you don't have an icon in your system tray and have no inkling that a foreign program is running on your PC?

-motardo

Re:Comet Cursors do this.

[motardo]

What? You don't regularly monitor the processes running your system?

I do, but regular everyday users don't. What I was trying to allude to was that some malicious software could be installed on users pc's without them noticing.

-motardo

GAIN made my Wifes PC USELESS

[Zapdos]

She downloaded DIVX, which was supported by GAIN.

Her computer became so slow that she was unable to use it. GAIN was unable to call home, because her system is behind a firewall.

We uninstalled DIVX, which should, according to GAIN cause GAIN to uninstall. "It is the only GAIN supported application installed". They lied! One day later it was still chewing up her cycles. "No call home, no uninstall" Her computer was still so slow.

I was forced to do a manual uninstall of the GAIN.

I will not use, or purchase any software package that has any association with GAIN.

Is this Windows only?

[JThaddeus]

Sounds like a Windows problem. Maybe a Mac problem, too. But I can't see this happening on Linux!

Software to stop this..

[jgerman]

...There is software to stop the pop-up downloads, including the ones that don't ask but go ahead with the install. Actually there are a good number of them, Linux, Solaris, FeeBSD... ;)

Sorry obligatory joke.

Updated Slashdot Advertising Policy

[Ryan_Terry]

Posted by CmdrTaco on Mon April 08, 09:13 AM
from the tightening-our-belts dept.

In response to increased advertiser demand, we have decided that we will now host so-called Pop-Up Downloads. In keeping witht he slashdot tradition these will only be NON Microsoft Downloads, and will never do any harm to your system. We at slashdot would like to reming you that we have not sold out, and we will still keep providing the best the web has to offer.**

** Offer subject to a monthly service fee of $19.99 USD. All taxes ans licensing included. Offer void on any *nix System or non MS browser.

I wonder if a law can fix this?

[Anon-Admin]

First IANAL!

In the state of Texas (My home) There is the following
law

Comment: I would think that any software that installs
spy ware would fall under this! I am including some of the
definitions to make the meaning clear!

Texas Penal Code CHAPTER 33. COMPUTER CRIMES

33.01. Definitions

(1) "Access" means to approach, instruct, communicate with, store data in, retrieve or intercept data from, alter data or computer software in, or otherwise make use of any resource of a computer, computer network, computer program, or computer system.

(12) "Effective consent" includes consent by a person legally authorized to act for the owner. Consent is not effective if:

(A) induced by deception, as defined by Section 31.01, or induced by coercion;

(B) given by a person the actor knows is not legally authorized to act for the owner;

(C) given by a person who by reason of youth, mental disease or defect, or intoxication is known by the actor to be unable to make reasonable property dispositions;

(D) given solely to detect the commission of an offense; or

(E) used for a purpose other than that for which the consent was given.

33.02. Breach of Computer Security

(a) A person commits an offense if the person knowingly accesses a computer, computer network, or computer system without the effective consent of the owner.

(b) An offense under this section is a Class B misdemeanor unless in committing the offense the actor knowingly obtains a benefit, defrauds or harms another, or alters, damages, or deletes property, in which event the offense is:

(1) a Class A misdemeanor if the aggregate amount involved is less than $1,500;

(2) a state jail felony if:

(A) the aggregate amount involved is $1,500 or more but less than $20,000; or

(B) the aggregate amount involved is less than $1,500 and the defendant has been previously convicted two or more times of an offense under this chapter;

(3) a felony of the third degree if the aggregate amount involved is $20,000 or more but less than $100,000;

(4) a felony of the second degree if the aggregate amount involved is $100,000 or more but less than $200,000; or

(5) a felony of the first degree if the aggregate amount involved is $200,000 or more.

(c) (Blank).

(d) A person who his subject to prosecution under this section and any other section of this code may be prosecuted under either or both sections.

Added by Acts 1985, 69th Leg., ch. 600, 1, eff. Sept. 1, 1985. Amended by Acts 1989, 71st Leg., ch. 306, 2, eff. Sept. 1, 1989; Acts 1993, 73rd Leg., ch. 900, 1.01, eff. Sept. 1, 1994.

Amended by Acts 1997, 75th Leg., ch. 306, 2, eff. Sept. 1, 1997.

33.03. Defenses

It is an affirmative defense to prosecution under Section 33.02 that the actor was an officer, employee, or agent of a communications common carrier or electric utility and committed the proscribed act or acts in the course of employment while engaged in an activity that is a necessary incident to the rendition of service or to the protection of the rights or property of the communications common carrier or electric utility.

For those who think this isn't a big deal...

[Dil+NaOH]

...think again! Sure, a user has to click "Yes" to install the Gator crapware, but there are some of us out here that have, um, "less than clueful" family members that aren't tech-savvy enough to know better.

Plus, how many of you have passed old machines off to older family members so that they, too, can experience the Internet? Your mom could already be a Gator user!

It's crap like this...

[TheTomcat]

It's crap like this that will make sure my Girlfriend will always have her own computer to do any "unsafe" tasks like web-browsing .

She's smart, but she just doesn't care about stuff like this. I tried to explain the evils of Kazaa to her (and get her to use Kazaa Lite), but she simple doesn't give a rat's. She won't about this, either.

So, the no-using-my-computer-unless-I'm-watching rule is still in effect. Sad.

S

Even more creepy..

[WndrBr3d]

Is that programs like Pop-up Stopper Pro cannot stop these downloads because sites (like cracks.am) embed the EXE in OBJECT tags so no JavaScript calls are placed.

I use Mozilla

[javajeff]

The new Mozilla had built in features that allow me to control this behavior.

Regards,

javajeff

And this is news?

[Martigan80]

You all should now by now that these people will do anything to show you their product! Hmmm I have not seen such problems, oh that?s because I don?t use a d/l manager written by a company that wants to make money. As bad as it sounds we should expect that these advertisement terrorists will try everything to get you to see their great product. We all have a choice of which software to use, so don?t complain to me.

Everyone should install it!!

[nolife]

The more the advertisers concentrate on less knowledgeable consumer, the longer I can get access to content for free.
Eventually even the questionable advertisers will figure out that it just doesn't work. People only have $x to spend a month.
I gave an in-law a computer to get on the internet about a year ago. I saw it the other day and WOW.. HD is full, desktop completely full of icons, task bar stretches the length of the screen, pop-ups,downs,overs,unders,arounds, computer automatically dials out at random and connects to casino and porn sites, junk email, even has active desktop enabled with random advertisements on the screen when he first gets into windows. All I wanted to do was to check my ISP's web mail, I decided not to after seeing all that.
It's truely sad and even scary that people accept these practices as a normal part of browsing the internet and using a computer.

Re:Terms of Agreement

[sqlrob]

have some stupid JavaScript that will display the download panel over and over until the ser clicks "yes". I'm not sure if that's possible

It is. I've seen it done. One sleazy anti-virus company (don't remember the name. It's in France IIRC) uses it in their ads. Saw this months ago.

Many will not like it...

[Begemot]

but I also do not accept the fact that the setup of Netscape 6.2 for Windows spread links to some domain all over the system and, without a single question, install that domain as trusted by Internet Explorer. Whatever they've planned to do being trusted seems to me a bit vulgar.

Depends on the ad blocking

[alexhmit01]

I personally feel that pop-ups, pop-unders, exit-pops, and back-button disabling are all immoral behavior that the web browser should stop by default. A pop-up in response to a click is acceptable, on-load is abusive.

However, if you block the banners or ads from the site itself, I feel that you have crossed a line. Receiving the ads is the price of visiting the site. While you are welcome to receive the site's content in any way that you want, blocking banners, etc., is essentially the same as shoplifting. You are taking what you want without paying the costs.

Justify it however you want, you've chosen to take the site's content without paying the cost.

However, I feel that the Javascript ads are abusive of the users. Web sites should stay in the browser that called them, no turning the web into "push" technology.

Alex

Re:Depends on the ad blocking

[TonyGreene]

I personally feel that pop-ups, pop-unders, exit-pops, and back-button disabling are all immoral behavior that the web browser should stop by default. A pop-up in response to a click is acceptable, on-load is abusive.

However, if you block the banners or ads from the site itself, I feel that you have crossed a line.

Popups are from the site itself. Do you think someone cracked the site and added them over the webmaster's objections?

Receiving the ads is the price of visiting the site. While you are welcome to receive the site's content in any way that you want, blocking banners, etc., is essentially the same as shoplifting. You are taking what you want without paying the costs.

Viewing advertising is simply not an accepted requirement for viewing the related content. There is no social expectation that people read the ads in newspapers and magazines, or watch every ad on television as a prerequisite for viewing the associated content. Your statement that there is such an expectation or obligation does not make it so.

Re:Depends on the ad blocking

[BlueUnderwear]

While you are welcome to receive the site's content in any way that you want, blocking banners, etc., is essentially the same as shoplifting.

But what if the person cannot see the ads due to some disability? Does your rule make a blind surfer a criminal?

Re:Depends on the ad blocking

[Khazunga]

I really really hate AES -- Analogy Exageration Syndrome. Whenever you make an analogy, take the time to see if you are introducing noise in your line of reasoning.

Case in question:
Blind people are not disabled by option. Except for Bob the dinossaur, people don't go around sticking pencils in their eyes. It is obviously impossible to make them responsible for something they do not control (whether they can see the ads or not).

Re:Depends on the ad blocking

[TRACK-YOUR-POSITION]

Justify it however you want, you've chosen to take the site's content without paying the cost.

Label it however you want, all I'm doing is viewing responses to http requests as I see fit. You can call one part "content" and one part "cost", but it's all bytes to my computer, and it is MY computer, no one has any right to force me to see something under any circumstances.

The capitalist argument works both ways: You don't want me to see your content without seeing your ads? Then don't respond to my http requests.

If ads were JUST banner ads, I probably wouldn't bother filtering--and I'd probably feel the same way you do about it. But once I need to install the filter to maintain a reasonable browsing experience, I use all the features I can without remorse.

Re:Depends on the ad blocking

[blowdart]

Popups are from the site itself

Not necessarily. Some crappy banner networks (those that demand iframes usually) can, and often DO create popups.

Now of course, that's partly down to the webmaster choosing them and not knowing/caring if popups happen, but it's not from the site itself.

Re:Depends on the ad blocking

[blowdart]

blocking banners, etc., is essentially the same as shoplifting

So, fast forwarding through adverts on TV, either on a video copy, or on a device that allows you to skip like a Tivo is theft?

At least TV advertisers don't insert little "things" in my video or TV that allow them to track which programs I watch, unlike, say, doubleclicks cookies.

Re: Quick Tip

[iangoldby]

In MS Windows, there are a number of places that programs get started from on system startup.

1) Start Menu\Programs\Startup
2) Control Panels -> Services (Windows NT etc)
3) Registry keys:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVers ion\Run
HKLM\SOFTWARE\Microsoft\Windows\CurrentVe rsion\Run Once
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersi on\Run OnceEx

You may be amazed at the trash that can accumulate there. Alternatively, check out the rather excellent freeware Startup Manager.

This time next year...

[cmstremi]

Perhaps this is just my paranoid fantasy, but this is what I predict we'll be complaining about this time next year.

This sort of technology married with something like Passport of PayPal or other private information store.

You innocently buy a book from the web and unknowingly register your credit card information with a service that will do you a favor and make it 'simple' to order things by simply clicking a link from a member site, etc. They'll sell it as secure, convenient, cutting edge goodness and you'll figure 'what the hell'.

From now on, they automatically send you merchandise you never asked for, but they think you'll be interested in. You opted in. This is YOUR problem, now. They send you books, CD's, new credit cards, address labels, elbow pads, ...

The burden is on you to remove yourself from their lists, now. But they have a policy that you didn't read - to opt out now, you owe them a fee for terminating the contact. You are embarrassed because you got yourself into this mess and just want it to end. You spend an hour or so a week returning goods that you never ordered. Just praying that they will credit your account. You'll later find that every return was 'lost' or received damaged. You can't prove that the goods were okay when you sent them back. And you didn't insure them because it didn't seem necessary for a $20 book that was being shipped on your dime.

If you are lucky, by the time it ends you are out about 200 bucks. Not much in the grand scheme of things. But the hassle was a GRAND pain. You briefly think about a lawsuit, but you are too embarrassed to admit your stupidity to a lawyer and judge, so you rack it up to a life lesson.

If you were to sue, you'd simply find that the criminals packed up shop. There are no phone numbers, no addresses. Any numbers you saw before were likely fakes.

So talk about writing new laws or shutting this shit down. You try that while I sit back and laugh as I get rich off your technically un-savvy aunts and uncles. As they stupidly march with blind trust straight forward. I'm fat and happy on caviar. Fucking lemmings. God bless you.

Legitimate site designers don't use ...

[Animats]

With all this hostile code running around, legitimate site designers have to assume that many web features will be firewalled or disabled. So, if you're responsible for any web sites:

• It has to work with JavaScript turned off.
• You have to test with a filtering proxy, like WebWasher. Your site has to work behind such a proxy. We'll probably see more proxies and firewalls in corporate environments.
• It has to work with cookies turned off, or at least produce useful error messages. Endlessly recycling the user to the wrong page because a cookie wasn't found is out.
• It has to work with IE in its most restrictive security mode. Among other things, this means don't use Active-X controls. You can't even assume the user runs Flash.

This isn't too restrictive. Big players, like Amazon, Yahoo Store, and the major search sites, all work under these restrictions. If your site doesn't, your site is broken.

Re:Legitimate site designers don't use ...

[ShavenYak]

Can I have an Amen, brothers and sisters?

There's no need for a bank's web site to require Javascript, pop-up windows, and ActiveX just so I can view my account balance. And I sure don't need all that crap to buy a CD. Tie your site to your ordering system on the server side, and send my browser plain, standard-compliant HTML. If you want to use javascript for form validation, fine, but make sure your site still works if I have it turned off (ie, validate again on the server). If you really want to display something in a pop-up, use <a href="whatever.html" target="_new">.

Re:Legitimate site designers don't use ...

[Ringel]

This isn't too restrictive. Big players, like Amazon, Yahoo Store, and the major search sites, all work under these restrictions. If your site doesn't, your site is broken.

Q: How do you tell you're speaking with a geek zealot?

A: They use the (unqualified) words "broken" or "wrong" in a technical context.

Re:Legitimate site designers don't use ...

[Darren+Winsper]

Amazon works without cookies? It may do for some things, but it would need cookies as soon as you need something persistent, like your shopping cart.

Re:Legitimate site designers don't use ...

[limbostar]

Actually, Amazon can work without cookies enabled at all. Persistence is handled by an identifier that every link on the site has, which is also stored in a cookie. Try it yourself -- disable cookies, log in, and tool around for a while. You get very nearly the same experience.

Re:Legitimate site designers don't use ...

[Reziac]

I cruise with javascript and image loading off, and NO plugins, using an ancient browser (NS3.04) by *preference*. What's amazing is that far *fewer* sites are "broken" with this setup, than when using the latest and greatest browser with every bell and whistle active.

I was rather forcefully reminded of this yesterday: Was at a client's place. Had to root a bunch of obscure drivers off the net. Had no choice but to use client's late-and-great browser. Man, did it ever make things more difficult (not to mention SLOW, despite a connexion 2x as fast as I'm used to). Disabling js helped, but not enough to convince me of the wonders of the modern website. :/

/. Readers using windows?

[cre8tor]

I'm really surprised at the number of /. readers that are using windows.

Re:/. Readers using windows?

[javajeff]

I use Windows. Can I be a Slashdot reader? Is it required to hate Microsoft to be a computer enthusiast? I use Adobe apps daily and play lots of strategy games like Empire Earth, so Windows is a good platform for me. I find Windows XP to be completely dependable...although I deplore the activation.

Regards,

javajeff

Re:/. Readers using windows?

[cre8tor]

Of course your free to use windows and read /. - Like I said I am just surprised at the number of windows users on a Open Source enthusiast web site.

Kinda like Linux users browsing microsoft.com (like that might happen) or is it that windows users are wanna-be geeks which sounds like a more plausable explination.

Re:/. Readers using windows?

[javajeff]

I have always thought of this site as a computer enthusiasts site. It seems to cover many platforms and technologies...which is why I like. I used Linux for 2 years as a desktop OS.

Borderless Popups

[Icy]

What I hate is the borderless popups that I get every once in a while. I am pretty sure is IE only. If you have not gotten one of these, its a popup without any borders, not even the title bar with the close/minimize/max buttons. Its just a square ad. Usually they have there own close button hidden somewhere in the ad. You have to scan the add to find it! I did come across one with no way to close it, I have to kill IEEXPLORE.
I have started to use mozilla snapshots more and more lately, I really like the tabbed browsing, the alpha layered PNGs, and the being able to easily disable popups.

The next step is...

[n8_f]

From the article:

Gator's Eagle said the program is an easy way for visitors to download the software, and he emphasized that they are given the opportunity to click "No."

"There's no question that there (are) programs that are more aggressive. With this, there's some measure of permission," said Eagle.

Yeah, they're called viruses.

A Wonderful Tool for Spyware

Not too sure if this has been said yet, but this is an amazing tool that will clean all the spyware from your system. You will be amazed at how much you have on there. It is called AdAware and can be downloaded free from the link below.

http://www.lavasoftusa.com

Re:A Wonderful Tool for Spyware

[msm1th]

> http://www.lavasoftusa.com

holy crap that's an annoying web site

Re:A Wonderful Tool for Spyware

[dgroskind]

There's a favorable revue on ZDNet with a warning about some minor drawbacks.

Yes, anti-virus companies should be helping

[dcavanaugh]

This adware/spyware stuff is almost always unwanted, and should be treated as such by virus protection software. I find it absolutely amazing that we have all this obnoxious stealth-spyware out there, and it's cheerfully ignored by the anti-virus programs.

At the very least, there should be a "Handle ad-ware as virus" option for virus protection programs. Obviously, the anti-virus people are afraid of lawsuits from the adware vendors, so they need a cute way of letting the end users designate adware for destruction while maintaining plausible deniability -- "Dear Mr. Gator, our anti-virus software does not disable your product's installation unless the user has specifically chosen to block adware. In such cases, the end user has specifically forbidden your access to his computer, so we just saved you from criminal and civil enforcement!"

Maybe we should all just copyright our IP addresses and DMCA the hell out of sites that misuse our copyrighted information for unauthorized purposes. If it accomplished nothing else, an avalanche of frivilous litigation would be its own reward.

It's up to v5.71

[antdude]

:)

More Mozilla tips

[bertilow]

Mozilla can get even more ad-free.

I've added this to my personal style sheet (automatically applied to every page):

object, embed {
display: none;
}

This keeps all Flash etc. invisible. On some platforms you can just uninstall the Flash plugin, but that doesn't work in the Linux Mozilla. (The ", embed" part is probably not necessary.)

The file to change is "userChrome.css", and can be found in the "chrome" directory wherever Mozilla keeps your personal settings, mail, etc.

And then, whenever you see an ad that is an ordinary image, you can right click on it, and check if it comes from some server that probably only serves ads. If so, right click again, and choose "Block images from this server".

Using all these tricks, you can get rid of a lot of ads and other annoying material.

Most of this should work in Netscape 6 as well.

Why?

[EnglishTim]

Why?

Re:Why?

[cre8tor]

I was under the impression that /. was primarily an Open Source community.

You could use one or two yourself.

[NFW]

This is very different from pulling down a jpg. Images go away when you move on to another page. Scumware sticks around to phuc with every new web page you download. Images do not have the ability to crash your browser (barring spectacularly (and uncommonly)) bad browser code. Images have limited ability to invade your privacy by reporting personally identifying information to persons unknown. Images don't consume hard drive space, except perhaps in the cache for a day or three if you want them to.

Most importantly, no image file ever came with a security hole that allowed a third party to hijack the computer that downloaded it. I do not have the same confidence in software written by an ad agencies out to make a buck by hijacking my computer in the first place.

Sure, in a sense it's just another HTTP request, no different than the one that brought the HTML itself. But then again a bullet is just another projectile, no different than a tennis ball really.

There is a world of different between downloading simple data like text or images and downloading executable code. Clue yourself in.

Thank MS / IE default settings

[fire-eyes]

I'll bet money that IE is the only browser that will do terribly stupid things like install software without prompting.

It pisses me off companies are taking advantage of it, but at the same time MS sets things up by default to ALLOW being taken advantage of.

Screw the customer, right MS?

Re:Thank MS / IE default settings

[C.+Mattix]

Your statement is pretty damning to RedHat too. What is the life expectancy of a RedHat box with default everything turned on when it is not behind a firewall?

Have people forgotten Comet Cursor already?

[Galvatron]

Comet Cursor was a popup download on many sites, most annoyingly doonesbury.com. I'm sorry to see that they didn't learn their lesson back then...

10111011.culture.lo

[cryptographrix]

Interesting...when a corporate department does it, it's called "pop-up downloads" or "automatically downloaded advertising," but when someone who doesn't have a slaughterhouse full of lawyers backing them does it, it's called a virus...somehow, I smell another lawsuit coming from California's direction....

WHY?

[TheAwfulTruth]

Why oh why aren't you and everyone else on /. using WebWasher?!?!? I haven't seen an ad, pop-up, pop-under or pop-download in months!

Sure I'll click YES

[JSkills]

just so I can see what happens when it attempts to install the software equivalent of genital warts on my Linux box.

Get gatorized

[linzeal]

Dude, you need to get gatorized everything I see is a clickable link to the dress barn or amazon.

here's a dollar there's a dollar

[Knightmare]

while true;do wget http://www.mp3yes.com/free_mp3_finder.exe -O /dev/null; done

I am not suggesting anybody do this as it might be construed as a DoS attempt but if the article is correct that could cost Gator a good bit of money and make them possibly reconsider their software install tactics ;)

The next ad ?

[ZaneMcAuley]

Changing our desktop wallpaper? Enabling active desktop with their ads? Oh wait a moo, dont want to give them ideas now :D

Got one of those on Tom's Hardware yesterday (?)

[Pvt_Waldo]

Prompts were all in german, and it was for some dialer script. I had been on Tom's (on one particular page) for about a minute when it popped up.

Anyone else see it?

yah

[sulli]

I just switched to moz and love love love it for this reason (and it's FAST on my os 9 mac, which NS4.7 was NOT). switch and be happy!

Popup killer and Admuncher

[infonography]

Popupkiller They are looking for someone to take over it at Sourceforge....

and

Admuncher A 4k application (yes it's really small), Ad muncher rewrites the html before it reaches your browser. It's stopped 24 Megs of junk in the last month alone. Very useful when your on a crummy dialup.

Re:Better to set...

[bconway]

That's the first option listed, chief. No need to go editing your preferences file.

"By not changing channels now...

[daevt]

&nbsp &nbsp &nbsp &nbsp "By not changing channels now you agree to pay for the service(s) and/or product(s) described in the following program(s)."

&nbsp &nbsp &nbsp &nbsp Would this not be a form of opt-out?
&nbsp &nbsp &nbsp &nbsp Glad I don't fall asleep with the T.V. on if opt-out is a valid option for advertisers.

How to disable Popup's/Down's in Galeon

[douglask]

In Galeon it's very easy to disable popup's. Click on the "Settings" menu and deselect "Allow Popups".

Note, this does not disable popup windows which open as a result of a mouse click. I have tested this in Galeon version 1.2.0.

For those who find Mozilla to be a bit heavy on the overhead, Galeon is a nice alternative. It has all the benifits of the Mozilla rendering engine, yet keeps a minimalist kind of interface. I love it.

(Galeon is based upon the Mozilla rendering engine)

Re:How to disable Popup's/Down's in Galeon

[RazzleDazzle]

konqueror allows you to disable or prompt you to open a window. Sometimes it's nice to allow a site you want to open a window open a window.

Re:Deal with it

[Un1v4c]

"The Internet is there for people to make money"

Um...Actually no.
The Internet was designed for educational purposes.
Once these cockbiters realize that the net is not the treasure chest of advertising and marketing glory they thought it was, we'll be a lot better off.
If I want a fucking shovel, I go to shovel.com (probably a pr0n site).

"troll," he added...

Tell them what you think!

[wizman]

http://www.gator.com/contact/index.html

Simple web comments form. I informed them that I work for an ISP, and I inform almost every user of Gator, their advertising practices, and provide assistance to uninstall the software.

Also, keep in mind this isn't entirely Gator's fault. If you see a site that does this, I think the site needs to know as well.

Re:Tell them what you think!

[wizman]

Surprisingly, just a few minutes after sending the above, they replied with the following:

*snip*

Actually, many of our partner sites may offer our software, and we welcome them to do so. What you may be referring to is the Verisign prompts that you might see on a partner site, which gives a user the option of installing if they wish, or not doing so if they don't want to. (We believe in giving a user the option, while at the same time making it as easy as possible to download and install our products.) We set a cookie to keep track of how many times the application is offered, so that after it has been offered and declined a few times, or installed and uninstalled, it not offered again - do you have your cookies turned off, or has the Gator cookie been removed? (You should be able to find it by searching for *gator*.txt in the cookie folder.)

Rex
Gator Corp.

Re:Tell them what you think!

[wizman]

This is their final reply -- I choose not to respond any further. I basically informed them that the "Verisign prompt" as they put it is deceiving and almost forceful.

*snip*

I'm sorry to hear that you feel that way. Our own experience has actually been the opposite, that most users do understand what the Verisign prompts mean, and know that it is to give them an option, just as they might get for many other applications, or such things as Microsoft updates. That said, I would agree with you in that some users do not understand this, though this seems to be the exception rather than the rule. In those few cases, however, there still is seldom a problem, since our applications can be easily removed through Add/Remove Programs, regardless of the reason a user may wish to uninstall them. (Those few users may also believe that when they get a prompt offering an update to one of the Microsoft products, for instance, that they MUST get the update. Naturally, that is very seldom the case, and the users usually learn this fairly quickly, some more quickly than others.)

Rex

Use a download manager...

[PW2]

A download manager may be able to catch these which would allow you to remove them from the download queue just like you delete spam -- what a waste of time --

If You'd like to see an Example:

[Sgs-Cruz]

Open Internet Explorer (I know this works in 5.0 and 6.0) and go to www.cracks.am, (wait for the popups to close), and go to download any of the cracks... an ActiveX control pops up, with the misleading name of Download_Plugin.exe.

If you run this, it modifies windows Explorer and Internet Explorer (maybe they're the same thing now?) to pop up porn ads every couple of minutes, and replaces all of your bookmarks and buttons. My friend got caught doing this. Luckily I use Opera (faster anyway).

-Cruz

Gator is lucky...

[gillbates]

They don't get sued... Honestly speaking, what they are doing is very close to being illegal (Unauthorized alteration of a computer system is a federal crime).

What we should be doing is labelling Gator and auto-download software as hackerware - which is what it is. The only difference between Gator and white hat hacking is that Gator is produced by a commercial entity. The only thing saving Gator from legal prosecution is the dialog box - if the next version of IE does away with the automatic dialog boxes, then Gator would meet the definition of a virus, and the company that makes Gator could find itself liable to criminal prosecution.

For once, I'm actually glad that we have anti-hacking laws, because in this case, they are actually protecting us from corporate greed....

And yes, Gator installed itself on my system when my kid brother was surfing the web, and yes, it was a pain to remove. Fortunately, I have profiling software which enables me to undo filesystem and registry changes when an uninstall is unsuccessful.

My solution

[smyle]

I manage a network of ~300 PC's. To stop gator specifically, I have this in my named.conf:
zone "gator.com" {
notify no;
type master;
file "pz/gator.com";
};

and then in pz/gator.com I have:
snip
localhost A 127.0.0.1

Fixes all those pesky downloads.

Turnabout is fair play

[Phase+Shifter]

Consider what this means legally. Basically one person is trying to install software with a questionable purpose on a second person's computer, without asking for permission first.

If the first person is an actual human and the second is a corporation, this is considered a cybercrime and is typically punished by at the very least some sort of probation or community service, coupled with a court order forbidding ownership or use of computers for a fairly lengthy time period.

Now, what happens if these same penalties are applied to the corporations responsible for this?

Re:Turnabout is fair play

[Phase+Shifter]

Something I need to add:

This is especially important if the download contains executable code. The most obvious two outcomes are:

a)Such corporations are forced out of business by a single lawsuit, or

b)The court decides code is free speech, which gives most legal cases vs. DMCA, etc. a big boost.

In a way, this is actually a good thing because we can now let the advertising industry and "entertainment" industry set precedents that we can use against the other. This is an opportunity to drive a legal/political wedge into the funding machinery behind the MPAA.

Other ad scams

[amembrane]

Over at mcafee's website, this image leads to this site. I've seen these fake search windows on other sites, but mcafee is one of the main places people go to check out virus hoaxes etc. That site caters to the end user, as mcafee has another domain for the pros (nai.com or mcafeeb2b.com)I just think it's pretty shady to set up a site for users and then use tricky ads.

Great Software!

[mythosaz]

Gator also has affiliate relationships with many sites, which it pays $1 every time a visitor downloads its software.

I think it's great software, and we should all download it... ...70 or 80 times each to all of our machines.

It's my problem?

[PhxBlue]

Nay, it's a virtual windfall when I make it their problem by keeping the items and refuting the credit card charges.

Regardless, there's a good point to make here--never give your credit card and/or mailing address information to anyone unless you (A) know and trust whom you're giving it to, and (B) you're making a purchase and know there are no strings attached.

Re:ISP's acceptable usage policy

[Dr.+Cfire]

You can already block this window from poping up. If you disable ActiveX controls in your internet options the page can not force a download. M$ ActiveX is the biggest security hole ever made, it allows web sites to pretty much control what you PC does

You could also use a non-standard web browser. Netscape does not respond to activeX in the same way as IE.

Use this Hosts file --->

[sh0rtie]

Try my host file project, i try to update it daily/weekly and makes just about every other hosts file redundant

blocks spyware ,dialers, sneakware, scumware ,p2p app advertising too
linux,bsd,mac,pc,*.nix

12,000 blocked hosts and i havent seen an advert in months :)

ps.
and if you already using a "hosts file" then you can upload yours so i can add it to the list.

Communicators vs. Consumers

[MO!]

I'm sorry but I have to disagree sharply on that one. Most of the newbie internet users I run into, or am related to, use the internet primarily for chatting and email. This is known as communicating. They are actually less likely to purchase something over the internet, turning them into a consumer, because they'd rather go shopping and buy stuff in person.

The connotation of internet users to consumers is an intentional fallacy created a few years back when "Corporate America" discovered (assumed) they could make a quick, easy, buck or two via the net. Most of the dot-bombs fizzled into oblivion, some slither onward by dropping to this type of low. Their existence now rests in their ability to convince the marketing departments of other corps to use this slimeware.

Pop-up downloads are illegal in Washington

[Muggs+McGinnis]

The state of Washington's computer crime laws specify that installing and running code on somebody's computer without their knowledge or consent is illegal.

This is no different from setting up a web page to insert a worm into the computers of unsuspecting visitors.

Re:Pop-up downloads are illegal in Washington

[Muggs+McGinnis]

The pop-up itself is a forced invocation of a process without the user's consent.

Within the last hour I was forced to reboot because I followed a link on The Onion's web site. The ad spawned 88 instances of my web browser before I gave up trying to kill them all and just powered off.

The problem is browsers that work for the website

[AndyWPotter]

The problem here is that Web Browsers are too much a program that does the bidding of the website and not the user. I'd pay real Dollars for a quality browser that works for me. Features like: - Cookie auto-accept and delete - Auto-close pop-up and pop-behind windows - NEVER allow a site to disable or hide function buttons (ie...disabling BACK or displaying windows without any navigation controls. - Smarts to detect when mis-behaviors would break the site and pop a smart dialog giving the user the option to go elsewhere. - Lies (with a lie of my choice) when the site queries browser, OS or user info. I can think of MANY more things in a "browser that works for me". If such a tool were widely used, websites would be forced to stop doing nefarious activities.

Privoxy

[Muttonhead]

Privoxy, formerly Junkbuster, kills webbugs, popups, cookies, advertising and can filter just about any string that comes into your computer via the web. It's fully configurable and open source. There's Linux, Windows and Mac versions available. Privoxy is in beta and fast approaching 3.0, but is very usable at present. I've been using it for a few months now.

But please mod this useful comment down. Slashdot is becomming more a community of Windows users than "nerds." In the past Junkbuster would have been the first comment to appear instead of all the whining and ain't it awful about the bad old advertising. Shit! Route around the damage and stop complaining!

Re:Privoxy

[Backov]

Shit! Route around the damage and stop complaining!

Translation: Bury your head in the sand and it will go away! Sorry, geek ethics won't do anything to fix the problem, buddy.

Cheers,
Backov

Rubbish...

[FyRE666]

You know, it really annoys me when some idiot makes a blanket statment, spewing doctrine about how sites should function. It depends upon the site's percieved audience! Or maybe you think javascript.com should work without Javascript, flash.com should work without flash and online shops should work without cookies (yeah you CAN do it, if you don't mind having to submit forms on every page, or huge ugly URLs that can't be bookmarked).

Funny how the jokers who spout this garbage always cite yahoo and amazon isn't it? Could it be because these sites are DESIGNED for dumb browsers; and have nothing more advanced than images and text.

I'm not saying that all sites need Flash, Javascript or any other technology - frankly most don't - but many sites attract visitors based on the fact they're exploiting a technology. Not all sites are shops.

In conclusion: anyone who subscribes to the OPs is either making very dull, generic sites, or needlessly handicapping themselves.

Re:Rubbish...

[limbostar]

Actually, Amazon has used Flash in the past, to demonstrate how a particular feature works. Most of Amazon is "generic" because it has to work on multiple browsers and platforms, with conflicting standards.

Keeping a site easy to use and navigate while easy to maintain, update, and work for everyone while still making use of advanced features isn't quite as easy as it may seem.

Re:Rubbish...

[limbostar]

I take it back, Amazon is actually using Flash at this very moment:

http://www.amazon.com/exec/obidos/tg/browse/-/5085 10/

You may have to be logged in to see it, but basically it's just a flash-animated demo (which pops up in a javascript window) explaining how to use one of the features of the site.

Re:Rubbish...

[WoodstockJeff]

In conclusion: anyone who subscribes to the OPs is either making very dull, generic sites, or needlessly handicapping themselves.

Since my browsing is mostly Windows-based, I have to keep a tight leash on Internet Exploder, so as to not be the first to discover the bad effects of their latest security "feature". So my generic "Internet zone" security setting is TIGHTER than the default "restricted sites" zone.

As such, I run into a lot of "blank" sites, i.e., there is no visible content OR links to what you came to the site for unless you have Java, Javascript, Flash, or whatever enabled. (It ticks me off that the only way to disable Flash also kills Acrobat, and that IE never tells you WHAT type of script it wants to run if you have "prompt" turned on).

You say that this causes "dull, generic sites", or "needlessly handicapping" the designers; that may be. But it is simple to design a site that has at least SOME content when the gimmicky gadgets don't work. Remember designing around frames vs. non-frames?

The fault's with Windows

[alext]

Looks like Windows is getting off pretty lightly for a change - only one poster so far pointing out that ActiveX is fundamentally insecure.

It boils down to whether you'd rather have a run-time environment you can control (like the Java VM) or an unbounded set of parties you have to trust .

I think we're seeing something fundamental going on here, where legitimate application providers, e.g. for B2B commerce, will gravitate towards Java Web Start (or possibly very "managed" Dotnet) as that will be the only kind of assurance worth having.

Try this Hosts file link

[sh0rtie]

[blatent plug]

Try my host file project remember.mine.nu, i try to update it daily/weekly and makes just about every other hosts file redundant

blocks spyware ,dialers, sneakware, scumware ,p2p app advertising too
linux,bsd,mac,pc,*.nix

12,000 blocked servers and i havent seen an advert or popup in months :)

ps.
and if you already using a "hosts file" then you can upload yours so i can add it to the list.

[/blatent plug]

Re:Try this Hosts file link

[Eil]

While a big hosts file might be simpler, something more like junkbuster is a much more elegant solution to block ads and filter cookies. You can choose what to block with regular expressions, so that you don't have to block an entire site to not get ads, nor do you have to block each and every different site that serves ads.

This combined with Mozilla's anti-pop-up capability make browsing the web an almost enjoyable activity. I haven't changed my blocklist in many months and have yet to see a single ad.

Re:Try this Hosts file link

Try my host file project remember.mine.nu

Your hosts file project? Much of the text under your linux section is ripped verbatim from a web page that I have had up for nearly two years and wrote entirely myself.

I don't claim to have invented the process, but I sure didn't steal anyone's text, either. You obviously added some content to your site that did not exist on mine, but stealing the linux section was quite the heinous act.

Compare this section on your site:
Linux users note :
If your Hosts file is not in the above locations , then you will need to find your existing hosts file. If it is completely empty, you can replace it with this Hosts file. If it is not empty, which will probably be the case, you will want to be sure to save any information that is in there is safe and/or make a backup copy of your current hosts file.
If there are currently entries in your existing hosts file, then open this Hosts file. Copy the text from it to add to the bottom of any existing text in your current hosts file. This will ensure that your current entries will still work for you, and that you do not corrupt your network properties.
Try one of these solutions to enable

Try logging out and logging back in first.
Do a "killall -hup inetd" (without the quotes) while having root privileges, which will restart the inetd process and you should not require a reboot.
In BSD or Mandrake (or your Linux distro), you can try opening a console window and using these commands (no quotes):
"telinit 3", to switch from runlevel 5 to runlevel 3
"telinit 5", which will restart many daemones en route to putting you back in runlevel 5 and into the GUI

If none of those work, then you may have to reboot for the file to take effect.

... with this section of my site. Notice any similarities? What a thief you appear to be.

Also compare these two pages:
Your site.

My site.

You also ran into a problem by quoting an old page on my site that incorrectly referred to the problem service as the "DNS Server" rather than the "DNS Client."

Quite a few people have reported that there is no Win2k service called DNS Server. They report that it should be the DNS Client service

Perhaps if you had asked to link to my site you would now have the correct information on yours?

Kindly remove any and all portions of your site that you apparently so blatantly stole from mine.

Can you say, "busted?"

Re:Try this Hosts file link

[gorillasoft]

It would appear that I forgot to login, and so my post will appear as AC rather than the +2 I used to get some attention, but I just posted a message exposing much of the parents poster's web site as plagiarism of my two-year-old work.

Re:Try this Hosts file link

[gorillasoft]

I dont think quoting a 10 line install procedure can really be classed as plagurism in this case , if so /. would of been out of business a long time ago

"I don't claim to have invented the process"

Thats right you didn't but from your posts tone it would seem that isn't the case

Don't know why I'm responding to an AC, but here goes anyway:

It was not confined to the one ten line installation procedure. You either didn't read the message I posted or didn't look closely enough at the sites in question.

The size of the theft is irrelevant; the theft is wrong no matter what the size. The tone was used because theft is wrong in any case, and that is what is disturbing and prompted the reply at all. I freely acknowledge any and all help I received in making my site, and at the very least as a courtesy I would expect others to reciprocate.

Obviously, large portions of society have degenerated to the point where it's okay to take others work and present it as your own - as indicated by your tacit agreement in your post. If you don't call attention to the fact that it is wrong to present others' work as your own, people will continue down their present path and plagiarize to the point where there is no original work at all anymore. As I said, I didn't invent the method itself, but every word of my site was original content, written by me, about the hosts method of ad blocking. I didn't steal anything, and neither should anyone else.

Slashdot doesn't have a problem with it because it quotes small portions of articles, gives attribution, and links to the original work. The website in question did none of those. An entire page was copied, and half of a second one was as well.

Posting without the +1 since this is OT to the original subject.

Re:Try this Hosts file link

[gorillasoft]

It would appear that I forgot to login, and so my post will appear as AC rather than the +2 I used to get some attention, but I just posted a message [slashdot.org] exposing much of the parents poster's web site as plagiarism of my two-year-old work.

I am replying to myself, and using my +2 bonus, to call attention to the fact that sh0rtie and I have now resolved the issue amicably and that there are no hard feelings.

I do not wish to unnecessarily harm his long-term image on this message board, and since this issue was brought up in public I felt I should state in public that it has been resolved and that there is no further reason to think badly of sh0rtie over this matter.

If you feel badly about me for bringing it up in the first place, though, that's just fine, but I wanted to clear sh0rtie's name since I brought it up and he resolved it to my satisfaction. :-)

Re:Try this Hosts file link

[sh0rtie]

Yes we both have sorted things out quite politely and amicably and if beer was digitizable there would be a few glasses being filled

now theres a thought digital beer mmm

DIABOLICAL!

[ebmedia]

I'm wondering, could I use this new method, to install a trojan on your machine, then check my site logs to see the IPs of who has downloaded my nasty program? Login: Guest. :)

Re:Opera ad blocking

[jon787]

Here is the list that I block. This list works for me on Opera 6.0 Beta 1 for Linux.

209.73.225.7
209.73.225.8
209.10.17.133
209.1 0.17.134
212.150.169.154

Bonzi

[drewness]

A bit OT, but banzai means something like "May you live 10,000 years" (Very loose translation there. The two words in the compund are ban (10,000. usually read "man") and sai (years-of-life. which gets voiced to zai)) I doubt you want Bonzi Buddy to last for 10,000 years, ne? :)

Just when I was getting too smug

[ziriyab]

I was reading this story this morning and was feeling a bit full of myself, you know, being too smart to ever do something as retarded as downloading a program from an untrusted source. It had happened to me before while searching astalavista for cracks, and I had consistently resisted clicking "yes".

This feeling lasted until a few minutes ago when I downloaded what I thought was a nice piece of warez from the gnutella network. I had plenty of warning that it wasn't what I was looking for. First of all it was only about 160 KB, but to distract me from that obvious fault it had the words "full-downloader" in the title, implying that you just run the program and it connects to a magical server to get your warez. Still, stupid me plodded along, knuckles dragging on the floor, drool hanging from my lips, and spouting something about an "axis of evil." I installed the program.

The final clue to pass through my thick skull was when I launched it and it started running a casino program, attempting to connect to something. Panic set it. Virus scan was run. Nothing. Whew. Adaware was run to check for spyware. Nothing. Google search. Nothing. Usenet search: a two month old post from France. Apparently the program tries to call a sex line or something in Germany (at least if you're in France). It even asks you what country you're connecting from!

Moral of the story: it can happen to anyone; we all have moments of stupidity.

Moral 2: Stop pirating warez.

Best way to reinstall

[Snaller]

Buy a program like Ghost. Then after you have made a fresh install of windows (use a c partition which is not too large) with the tools that are needed. Then make an image of the drive, store it on another partition. Then re-ghost every month. You can put it in a batch file. Its quick and efficient and kicks all the crap out.

The Digital Advertising Protection Act

[t_allardyce]

Fritz Hollings latest law: The Digital Advertising Protection Act, is designed to encourage growth in the online economy. With out it, citizens would see less advertising and therefore their lives would be dull, and they would not use the internet so much.

The Digital Advertising Protection or DAPA covers three main issues:
1) Protection of advertisers against censorship
2) Protection of advertisers against legal retaliation
3) Protection of advertisers against slander

Notable laws under DAPA:
* Advertisers have the right to run code remotely on a users computer without permission or knowledge of the user, as long as the code is solely for advertising purposes.

* Users may not install, run, create, or otherwise possess software which removes or blocks advertising ('ad-blockers') from their computer.

* It is illegal to not view advertising when viewing the associated web-site, film, game, television program or other form of media. For example, when watching Friends (on a _digital_ network) it is illegal to leave the room, close your eyes, or otherwise avoid watching the advertising during breaks. When viewing a website, you must view all advertising on that site

* Advertisers reserve the right to deny access to content, including content that has been paid for, if it is found that the viewer/user has not watched the associated advertising. For example, if you were to watch a film in the cinema, the advertisers may ask you questions before the film and require answers via a key-pad to prove you had watched the adverts/trailers. You may be removed from the cinema if it is found that you did not watch the adverts.

* The use of 'Time-shifting' devices is legal, but the advertisers retain the right to access the storage media to 'update' advertisements that may other wise be out of date.

* Purchasing products or services shown in an advertisement is non-compulsory, however, for tax purposes, you maybe required to answer questions about the advertising you have seen.

hate Flash Re:Legitimate site designers

[ckkatwork]

It's nice to not have the Flash plugin installed in any browsers I use (IE6, Netscrape 6.1, Opera, Mozilla, Konqueror).

With IE6 I do keep having to click "No" many times when some lame site tries to make me install Flash.

Re:hate Flash Re:Legitimate site designers

[purplemonkeydan]

I wonder if it's possible to create a dummy ActiveX control that "takes over" the Flash CLSID's, but simply displays an empty box? I'll have to look at that when I get home.

On the Tivo question...

[alexhmit01]

With Tivo, you are still a viewer (which is what the station is paid for) and you still get the ads. Hell, I've "rewound" (ReplayTV, not Tivo though) to watch ads that looked funny.

The comparison would be to a television viewer that lies about what they watch to the Nielsons so that the shows they watch aren't compensated.

Realize that they are paid for airing the advertisement on television. The payment is based upon viewers. With banner ads, they are often paid by impression, don't download the image, no impression.

That's the difference.

Alex

C|Net News.com

[hendridm]

Why does Slashdot run so many articles on News.com. I usually visit News.com before or after Slashdot anyway. I just seems like I often times see the same articles on both sites.

I know many of the articles on there make for a good debate, which is part of the fun of Slashdot, and I'm sure good articles are hard to find. But I would rather see some of the harder to find, equally good articles that are interested but of little know web sites. My $.02

No problem with iCab

[nullard]

[iCab] limits the javascript that a site can execute

Last time I ran iCab, it limited javascript execution by:

a) failing to support a simple, standard script properly

or b) crashing so frequently thet I had to turn off the scripting feature.

If you like that kind of control, my friend has a car for sale that you can't get a speeding ticket in! Of course it hasn't left her driveway since it was totalled...

And this, ladies and gentlemen...

[MoneyT]

Is why I use a mac and browse with Opera. Opera is good at keeping most funky things away (espesialy when combined with the Proximitron (PC only) which I believe is one of the best progs I've ever seen) and the mac doesn't accept, run or even recognize half of these ads and programs.

For everyone else though, I think that this definately needs to start being regulated. Unlike junk mail, TV Commercials and Bilboards, these ads and downloads waste my precious computer resources and time. And by forcing said programs on my computer they are invading my privacy. Just as no one has the right to come into your home and install microphones and cameras, companies should not have the right to come into my computer and install software.

Adshield

[0x20]

You could also try Adshield (http://www.adshield.org) ... it's free software, sits in the toolbar (and has a sidebar), blocks popups (including popups concealed in document.write()), cookies, images or pages from a list. The list supports substrings, so you can have entries like "/ad." or "/banner/" which will kill all ads on the less imaginatively-named servers out there.

My only gripe is that the block list file is in some stupid (read unnecessary) binary format and the only way to add to it is to right-click images or links in your browser and select "Add to block list." You can't edit it directly. But Adshield really does work quite well.

But to really browse ad-free in IE, you need to use a combination of a custom hosts file, web proxy, and something like this. You're really better off switching to Mozilla or Opera.

I suspect....

[CrazyDuke]

I suspect that if the techies did make their own private network over the interent and it became popular, the MPAA and RIAA would have it shut down for some trumped up charge. Maybe because people can use it to transfer "pirated" files, violates the DCMA in some obscure way, and/or infringes on a few letters from some trademark. Remember, the corps want us to be good little consumers, no matter if we think we are otherwise. We'll get spanked if we spit in their face. ;P

Good JavaScript

[nullard]

All Javascript is evil.

I disagree. I've written many JavaScripts that enhance sites. For instance, an order form I created automatically validates your order in JavaScript before sending it to the back end. The back end does its own validation, but the JavaScript code means that my user won't have to wait for a page load just to turn the "!" in the quantity field into a "1" etc.

I've taught JavaScript at my local community college and I've always had at least one lectureon the ethical use of JavaScript. I teach my students how to use the language in general. I teach them how to enhance websites with it. I don't teach them how to abuse their users other than telling them how not to get into infinite loops, etc. IF they want to abuse their viewers, they can figure it out themselves.

JavaScript has its place, but like any technology, it can be abused.

Help for something like this

[LupusUF]

A week or so ago my roommate was using my computer, and this happened to him. A pop up came up to install some program that connected to www.lop.com (he was at an unrelated website)...he was not paying attention and clicked it, and it changed all kinds of things on my computer. In changed my desktop to an active desktop...keeping my same background...but adding an swf file to the background that would load whenever my desktop refreshed. It also changed my IE favorites, my 404 error message, my search prefs...along with a bunch of other stuff. I was able to fix everything but the 404 message. Instead of getting the default message, or even the Microsoft error (yes I use IE...and I will burn in hell for it) that lets you fix what you type...it takes me to www.lop.com. For example if I type: "http://www.asdflkj.com" I go to http://www.lop.com/dnserror.cgi?s=http://www.asdfl kj.com/ I cannot figure out how to fix this. Could someone please tell me how to get rid of the setting. I have tried looking for lop in the registry, uninstalling with the add remove programs, I have even banned www.lop.com from messing with my computer with my firewall. This has killed their adds...but it still goes to their page when I type an internet addy incorrectly.

and 2 warnings to everyone.
1)Never let a roommate use your computer. 2)Never install any program that says www.lop.com on it.

Thank you

Free Market Vote

[_Sprocket_]

However, if you block the banners or ads from the site itself, I feel that you have crossed a line. Receiving the ads is the price of visiting the site. While you are welcome to receive the site's content in any way that you want, blocking banners, etc., is essentially the same as shoplifting. You are taking what you want without paying the costs.

I like to support the sites I frequent. I don't mind "paying" a reasonable bandwidth cost for banner ads. But that doesn't mean I will pay any cost in the name of advertising.

The Web is not a broadcast medium. This still manages to escape many media outlets and advertising types. Still, the one thing they understand is cost. If an advertising campaign becomes costly, it will be dropped.

I don't mind ad banners. I do mind stupid java tricks, tracking cookies, and flash ads. In fact, flash ads have me using Junkbuster again. Abusive ads are blocked. Acceptable ads get a view.

Abusive ads become ineffecitve and costly. With luck, and many more users doing what I do, they will also cease to be used by advertisers.

Try this "show passwords" bookmarklet

[jesser]

I just wrote a bookmarklet that shows you the contents of password fields in web pages. It works with passwords remembered by Mozilla, and it works in IE6, so it probably works with passwords remembered by Gator. You'll have to run the bookmarklet on each site you've stored a password on, and you'll probably want a sheet of paper.

Which would be very usefull if....

[Snaller]

internet explorer didn't contuinally tell you "this page may not display as intended - click ok to continue" ...

Re:Which would be very usefull if....

[gorillasoft]

internet explorer didn't contuinally tell you "this page may not display as intended - click ok to continue" ...

eDexter from my website will take care of that problem for you.

Use Linux solve this problem

[Nf1nk]

dude if you properly set up a user account for your girlfriend on your Linux sector (your machine does have Linux right?) and never give her root level access she will not be able to fuck up your machine. Odds are if she is not very into tech she will not even realize that she is in a limited enviroment.

I did this and my girlfriend can browse as much as she likes with no worries on my side.
Nate

Stupid fucking companies

[Graspee_Leemoor]

Haven't the stupid fucking cunts worked out yet that all they gain by using pop-up adds, hijacking the "back" button, full-screening the window and turning the titlebar off and trying to install random crap...

is a bunch of people who associate that company and their products with an all-consuming rage?

graspee

And I suspect...

[dark-nl]

I suspect that the techies did make their own private network for clueful people only.

... and none of us were invited :-)

For those stuck with Windows and IE

[AmVidia+HQ]

http://www.adsgone.com

Re:Terms of Agreement

[sqlrob]

The software was something called eScorcher. They appear to be in Atlanta,GA. I did some digging, and I think the reason I thought it was from France was some of the original digging I did came up with primarily French web pages.

Yet more deception from Gator

[ohnoitsjamie]

Kids, you can try this one at home!!!

Go to www.gator.com

Notice the quote at the top of the page: "Customers love gator!!" -internetnews

Look up Gator on internetnews.

Find story with that quote.

Quote in story is actually from CEO of Gator.

So what's the technical term for that...."quote-laundering"???

Why?

[BabyP]

Why do software companies do this? Do they think it will get people hooked on their product? I don't know....

I tried Gator out a few year ago (before their stealth-install tactics) because it sounded like an interesting plug-in, but it turned out to be a real pain in the ass, popping up a window every time you opened a page with a form.
Microsoft added auto-complete to forms in IE a short time after that, and well, it works just about like gator *should* have. I can either scroll down and pick a cached answer or I can ignore the thing and just type...but no pup-up dialogs, sheesh!

It kid of reminds me of those department stores that spray perfume in your face without asking...

BDE

[Cloud+K]

Try as I might with Ad-Aware, I can't stop a C:\BDE folder from appearing on my WinXP box! Ad-Aware keeps deleting it, but even with AdWatch it always reappears.

It's not just the alleged spyware that annoys me - it's also the fact that this directory is messing up my otherwise very neat root :(

Re:BDE

[Cloud+K]

What the heck is it anyway?

It apparently plays .b3d files, but I've never seen one in my life.

It's not the unsavvy....

[Roanna]

It's any of us.....

Alright none of you gentlemen send e-cards but
opt in by deceit is alive and well at
http://www.funstun.com and http://www.flowgo.com

Here is how it works. You send an e-card or someone sends you one from this place. For some reason many of the ladies in my groups can't resist animated cards and they just click on the send this to someone else link.

What arrives in your mailbox (or the recipients mail box) is an innocent enough looking pick up letter. Commonly with e-card pickup letters you hit the top link (Unless you are an AOL subscriber). The second link is for AOL.

These cards however have a top link that says "to view this card and subscribe to our list click here...." My mother fell into this trap. I fell into it twice. There are now variations with three and four links and the link for viewing the card only either in the middle or at the bottom.

We are all creatures of habbit. It is VERY EASY to click the wrong thing accidentally. I just don't send cards from those two companies and I urge all my friends to avoid them.

I also dutifully zap any pop ups for anything that invade my screen. I do a lot of surfing personal web sites so I see a lot of pop ups. My 28.8 connection at the house helps in this regard because the pop ups are slow enough in coming that I can kill them before they open.

I don't say yes or no to the Gator. I say "goodbye."

How to get a quick response

[maddogsparky]

I tried this about a month ago when a Gator message popped up on my computer (Windows 98, yeah, yeah, I know) telling me it finished installing.

Gator what? "Honey, have you installed anything on the computer lately?" "No." "Are you sure?" "I haven't done anything accept email for a week."

Hmmph. Now I'm getting mad. I take a look at this Gator "thing", somewhat neverous that my PC has a virus.

Then I find a website in the about section. I go there and find a feedback address. Then I write a message to the effect than neither my wife nor I downloaded their program but it had installed itself. Under the circumstances, it appeared that they had illegally cracked my computer and installed software and, that if I did not receive a satisfactory explaination in 3 days, I was going to contact law enforcement.

This happened on a Saturday and I received a response by 10:30 AM Monday. I received an apologetic message stating that they were sorry if it was installed unsolicited and that many different companies distribute software that installs their product and that it must have been one of them.

I replied that I did no such thing willfully and if they did not give prompt, successful instructions on how to remove "Gator" from my PC, I would carry through on my threat of contacting law enforcement.

I received a final response within a day of my reply, followed the instructions, and Gator is gone. But if it ever comes back...

Re:Use this Hosts file --- PLAGIARIST ALERT

[gorillasoft]

Try my host file project [remember.mine.nu], i try to update it daily/weekly and makes just about every other hosts file redundant

Some of this poster's content was fairly apparently stolen from my two-year-old website. See my message about that here and here.

I've never posted a link to this message board about my website any of the times that hosts has been brought up, but I felt I must take a stand against this apparent plagiarism.

Also, for the record, anyone who has asked to link to my site or to copy text from it has been granted that permission. All you have to do is ask and respect other peoples' work. Sheeesh.

Antivirus programs and Bonzi Buddy

[wayland]

I work with some computer repair techs, and they have found that the program Bonzi Buddy (claims to be helpful & cute) makes your system degenerate over the course of a few months, causing any one of:
- random crashing
- can't dial up
- various other problems
Unfortunately, once the problem has started, uninstalling Bonzi Buddy does not remove the problem, and generally a reinstall is needed (however, if you catch it early, you can just remove it).
Anyway, I submitted a virus report to all the virus companies I could track down; one responded "We'll look into it", and the rest didn't respond at all. I was hoping that the Antivirus companies would have an option "Treat Bonzi Buddy, Comet Cursor, Gator, and other malware as viruses", turned on by default. But it doesn't look like they will.

Re: Quick Tip

[brank]

These keys may have equivalents with "Run" replaced by "Run Services". Don't forget to check those, too.

Block ads, here's how.

[gad_zuki!]

Justify it however you want, you've chosen to take the site's content without paying the cost.

But pop-ups are okay to block because they're annoying? What we have here is a double-standard. There is no click-through agreement to view any advertising and no social contract to render their page the way they want to ON MY PC. Toss in annoying blinking crap and web bugs designed to compromise your privacy, then you'll find lots of people not standing up for this kind of treatment. There are products to keep people who block ads out, but very few (if any) websites use this because they know their fraction of a penny ads are worthless compared to building an online presence/brand.

Obligatory ad blocking hosts file:

http://everythingisnt.com/hosts.html

popups?

[aozilla]

Huh? Popups? What are popups?