Slashdot Mirror
A New Low for Web Advertisers: Pop-Up Downloads
rizzmanix writes: "I thougt it was strange that I had been getting a lot of pop-up download prompts for the Gator software as I browsed around the web in the recent days. Why were all these sites requiring this Gator thing I wondered?
Well I wonder no more... as apparently advertisers hit a new low by running 'pop-up downloads' instead of pop-up ads. Sneaky, underhanded, nasty and vile."
www.scumware.com
-Styopa
Scares the hell out of me. Whoever does this should get their sites DoSsed immediately.
This is a major security issue, and clearly by default the only warning in MSIE is a dialog box, which you may already have set to just accept downloads automatically.
Yet another reason to use non-standard browsers and non Windows OS, so that you even if you end up with an executable it won't execute.
Conversion Rate Optimisation French / English consultant
Gator managed to sneak it's way onto my PC with the latest DivX. Can't uninstall Gator without losing DivX. I found an easy workaround...find the gator.exe file (unsure of EXACT name of file), rename it to gator.old. No more Gator starting up with Windows. Bye bye spy. :)
What programs do this? I've never, ever seen a webbrowser that automatically installs stuff. At least not until you specifically specify for that site only (like MS Updates, or Station.Sony.com)
"But those horror stories are the exception. More typically, software makers are simply using the downloads to distribute legitimate products."
Legitimate products don't automatically download onto my computer without my concent.
Free Mac Mini
Since 0.9.4, mozilla users have had the ability to block onload and unload pop-ups/unders. I've had zero problems with this. It doesn't block pop-ups you request, just the ones you don't.
I've not seen a popup in months and months. It's fantastic.
In Soviet Russia...michael would be rotting in Siberia!
I've seen this thing before on pr0n sites... once again they're leading the way on the web. I never thought that traditional advertisers would stoop this low, though. I wonder what's next?
-Russ
Ooh, wait. What I meant was my FRIENDS have seen stuff like this and told me about it. Wait, I don't have friends that look at pr0n either... umm. I read about this sort of thing, yeah. That's it...
Me
Yet another reason to browse with Mozilla or Opera with onLoad (or all) popups disabled.
Most of these advertising techniques either rely on browsers (or users) who don't or can't disable popups easily. (read: 90% of the internet explorer population.) Or they rely on Internet Explorer specific techniques, e.g. windowless flash animations (transparent backgrounds) for shoshkeles, etc.
I think it's time the antivirus companies step up to the plate for the average consumer, and add blocking/filtering to the AV clients. Maybe it's overkill, but if you could tag these popup downloads as a potential virus (or at least unauthorized use of your computer) the world would be a better place. Or, create some add-ons to mozilla which filter popups against a database (ala the defunct spamcop) popupcop?
When something is sold as "advertising" but is nothing less than an attempt to trick or confuse a person into purchasing, downloading or installing your software, that's misrepresentation and/or fraud. Regardless of any 2pt fine-print at the bottom, or "user agreement" on the page. Hard to stop them, though.
Before we all go into full outrage mode, remember that the software can't install unless you click Yes. I'm sure if they could install without confirmation, they would, but they can't, so let's not have a fit about it. It's obnoxious, but not sleazy. Sleazy would be deceptive (kazaa-brilliant is sleazy). Obnoxious is just something that slows you down.
Robotiq.com is heavily tested on animals
What's interesting and revealing about Gator's approach is that the well-known Nimda worm spread by injecting popup download code into IIS-served web pages, exploiting a vulnerability in Internet Explorer that caused the user NOT to be prompted before the dowloaded program executed.
This happened last night I'm afraid...
I was completely shocked when the gator icon mysteriously appeared and greeted me. I removed the little bastard immediately. However, I let a long sigh as I realized it would come back shortly.
So last night I decided to go with mozilla and live with whatever problems it may bring.
The mozilla team should thank the gator software company and evil commie bastard marketing reps around the world.
"You should always go to other people's funerals; otherwise, they won't come to yours." -- Yogi Berra
This kind of thing has been making headlines in Germany recently.
Many sites try to coerce users (especially kids) into installing
"high-speed" or "priority" internet dialers that in reality just change the default internet
connection to an extremely expensive number. By the time you
get the phone bill, it's often in the four-figures. The telco
doesn't want to be responsible since they just rent out the
numbers, and the companies that rent them are also mostly resellers with
with the final "customers" mostly being based outside Germany.
The illegal we do immediately. The unconstitutional takes a little longer.
--Henry Kissinger
Does anybody actually like the software? I accidentally installed it once, before I had heard about "spyware" and "scumware" and I just found it completely annoying. Now that I think about it - I had to do a google search to find out how to remove it, and that's when I first learned about that sort of thing.
So my question is: Is there anyone who actually WANTS the software? Or are ALL copies there because someone accidentally downloaded it and doesn't know how to remove it.
God is real unless declared integer
"There's no question that there (are) programs that are more aggressive. With this, there's some measure of permission," said [Gator's] Eagle."
Wow...he's actually doing people the favor of allowing them to decide whether they want the software or not, sorta...quick, someone give him the Nobel Peace Prize! "Some measure of permission"...sign me up for THAT!
For your security, this post has been encrypted with ROT-13, twice.
Pretty soon we'll see pop-ups that say:
/tmp /tmp ./configure (For help with options, do ./configure --help)
Do you wish to install this file? YES / NO
If yes, please do the following:
- Download file and save to
- cd
- tar xvzf slashpopup.tar.gz
- cd slashpopup
-
- make
- su
- make install
....Finished!
The problem is the advertisers are shooting themselves in the foot. The more irritating their advertisements, the more numb the readers become. If they shout all the time, people will learn to ignore shouting. I already am so used to killing the popups on weather.com that i know when they pop up and kill the windows with a swift keystroke before the ad image even loads.
---
Play Six Pack Man. I
But those horror stories are the exception. More typically, software makers are simply using the downloads to distribute legitimate products.
Any company or software that uses this method is not selling a legitimate product IMO - which come to think of it, does Gator actually have ANY use to it whatsoever? Mozilla/IE remember passwords already, what kind of "product" is this?
Crap like this will get worse until we start to classify scumware as Trojans, and take appropriate steps to secure our networks. Fuck these guys.
I would think that this is partially illegal to install software on a person computer without that persons consent.
I would think that it's COMPLETELY illegal to do this. If the program that's getting installed were to wipe your hard drive, there'd be lawsuits galore and FBI people kicking down the doors of the company hosting the hostile download. Why exactly nobody's been able to convince a judge that this is the same thing is beyond me.
I got royally flamed in a mailing list for complaining about a site that tried to force gator on me. The admin's response was "it didn't try to install gator, it asked you first." My argument was "it only asked me because it tried, and my browser said 'no.'" Naturally, we got nowhere.
It's even worse if they find a way to install without prompting the user. Not only is that a wide-open door for serious viruses, but it ABSOLUTELY removes any semblance of authorization (and I'd argue that a user blindly clicking "yes" to simply make the damned download panel go away doesn't constitute informed consent, either).
...and a karma whoring followup link to Ad-Aware (recently updated to v. 5.7).
the most mysterious thing you'll see today
See your own subject.
In some cases, people are not even asked whether they want the software. It just installs on the hard drive--a particularly troublesome tactic that some have dubbed "drive-by download."
Only the dead have seen the end of war.
"Do you accept this download?" If the consumer clicks "Yes," an application is automatically installed.
This clutter has created a haven for pop-up downloads because consumers find it hard to determine the ad's origin.
Gator isn't the only software maker using this tactic to add consumers.
"Consumers want control of their PCs," Gator President Jeff McFadden said in a statement.
Why am I a consumer just because I am accessing the Internet? The problem here is not the pop-up technology, but the unwritten assumption (perpetuated by the author of the report) that we are all just mindless "consumers of product" that need to be targeted by ads.
Only when this mindset is abandoned will we see an end to attention grabbing and demographic gathering.
One of my friends is fond of the game Snood for Windows, and encouraged me to check it out. When I did, I found that it came with two annoying bits of software, both a copy of Gator, and links to Bonzai Buddy, that stick themselves in your Start menu and various other places. Yick! (And goodbye Gator, banzai Banzai, and so long Snood.)
As long as you're quoting the article you read, how about:
Why, gosh, the article you castigated the first poster for not reading says that sometimes you don't have to give your consent, just like the first poster said. So who didn't read the article?
Sig: What Happened To The Censorware Project (censorware.org)
Yes, it's very annoying. But it's always funny seeing people complain about the quality of things that they get for free.
Oh, good Lord. Please take your libertarian Money Ueber Alles tripe and go home.
Installing unrequested and nonconsentual software onto someone's harddrive is deceptive and akin to vandalism at best, and outright destruction of property at worst (these scumware packages can and occasionally do have bugs that result in harm abov e and beyond pollution of the user's operating environment).
If someone shovelled raw sewage (shit) into your living room, would you still argue that "yes, it's very annoying. But it's always funny seeing people complain about the quality of things that they get for free"? I rather doubt it.
This is the digital equivelent, and people who do this should be going to jail for illegally hacking their customer's computers. I guarantee you if this was a snot-nosed kid doing this, rather than a corporate entity, they'd be doing time in jail. And rightly so.
The Future of Human Evolution: Autonomy
To go along with the Opera folks out there, I've got to chime in and say I absolutely love being able to filter unsolicited popups. God I love that feature. It makes browsing pron sites soo much better. Also disable the window resizing shit. No longer will popup bastards resize a window beyond your screensize!
Why can I ONLY see a checkbox for "Always trust downloads from this company"
and NOT "Always MISTRUST downloads from this company" on the install dialog on IE?
----- Whats wrong with this picture? http://www.revoh.org:1234/whatswrong
And PPC Linux binaries are probably out of the question...
What I'm listening to now on Pandora...
Access retinal laser subsystem set laser_power==(laserpower*100); set boot_dialogue=="www.bigpenis.com - The natural way to male enhancement"; end
Asikaa
Come in, twenty-seventy-seventy, your time is up.
Wow, yet another "I didn't read the article, but I feel fully qualified to comment on it" response...
For you and others like you, it specifically states that a pop-up box appears and requires the user to accept the download, and they rely on the fact that 99.999999% of the non-slashdot population immediately assumes it is something they need and click "Yes".
A computer once beat me at chess, but it was no match for me at kick boxing -- Emo Phillips
Well, for those of us who are forced to deal with an Micro$oft environment, there is some good news. Remember Nimda? It operated in a similar way when it was spread through web-pages, by forcing a download. Internet Explorer had a weakness that allowed this to happen. Now, however, they have the fix in IE 5.5 SP2... might also want to get whatever critical updates there are from the Window$ update site. So if you have that, and the patch for Nimda you shouldn't be forced to do anything. Cancel should always be allowed.
And honestly, people, if you set yourself to automatically accept downloads, you're just asking for a trojan.
Now that you know the defense, let's talk about the offense. Some very respectable Hackers have already created programs designed to kill browser popups. Might I suggest as a new challenge for these ingenius few that a program be created that you can simply set an auto-cancel after a program asks you once to download it (like Gator)?
For those of us without that level of programming ability, I recommend giving these companies that do this a flood of email complaints, expressing just how much we detest the all-time low they have reached. Since so many of us are in the IT or helpdesk field, we're in a unique position in that people believe what we say. If Gator persists in these forced-downloads, then start letting every single one of your customers know that Gator stands a chance of royally screwing up their operating system and compromising their security. If they ask for specifics, look for any bug whatsoever that has been reported, or that you can find in the program, and exploit it like a cheap tabloid. If it crashed one persons system and made them reboot, then it -always- crashes systems... etc.
Of course, I myself would never result to any illegal means, but legal strongarm tactics are very effective when done in mass-quantity. If enough of us get together on this, and enough sand is thrown by enough people, advertisers will eventually get the hint.
Now who's with me?
-The Libra
"Maybe Lisa's right about America being the land of opportunity, and maybe Adil's got a point about the machinery of capitalism being oiled with the blood of the workers." - Homer Simpson
The certificate's merely meant to inform you who is responsible for the signed content, not whether or not the content is free of malicious content.
*frown*
I remember Netscape 4.X prompting "Accept this certificate?" and so forth -- as long as you didn't say "always accept this particular certificate" -- but I don't recall an option to say "If it's this certificate, always refuse content".
Only the dead have seen the end of war.
This Gator software you speak of is probably related to the new Divx ;-) 5. If you download the standard version, there are no ads, no nothing. The pro version however, is either A) pay for it or B) gain_trickler. If Divx pro can't find the gain trickler it wont run. The trickler sits as an idle process, but when you browse the web it watches you and throws targeted advertising at you. My solution was to use ZoneAlarm to block the gain trickler from accessing the internet, this way I get divx 5 pro for free, and no ads. adaware is also quite helpful.
The GeekNights podcast is going strong. Listen!
There are also apps (for free, even) that can kill such pop-ups, and other irritating ads from ever appearing. I use on at home and as work: AdSubtractPro does the job fairly well at work, and "adkiller" at home does a fantastic job of killing any such annoyance. I highly reccomend finding and using such apps.
I was getting a horror story from some folks in the West Palm Beach area. Apparently they'd set their kid up with a phone with no long distance service. At some point the number got slammed into long distance service and they never noticed on the bill. Then one day their kid installs software for a "free" internet provider. That happened to be located in Belgium (This was not immediately apparent from their home page. I checked.) Kid leaves the computer up 24x7, they get a $10,000 phone bill. Ouch.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Can somebody recommend good tools for IE 6.x that integrate well on the toolbar, sideband to prevent popUPs popUNDERS, spyware installers etc?
Not database based ones, ones that are intelligent enough to know that I DID NOT CLICK THIS LINK and then blocks it etc etc.
Thanks.
----- Whats wrong with this picture? http://www.revoh.org:1234/whatswrong
One thing that "society" tries to do is protect the average joe from the consequences of ignorance. Why do that, you ask? Why not let Darwin take his course? Because as our wealth grows and our world becomes more complex, everyone is ignorant about some areas of life. And today, everyone is ignorant about most things that keep us alive (dug your own well lately?).
So let's be careful here - just because Slashdotters know better than to click on that Yes doesn't mean everyone does or should.
sPh
I just saw one of these today. I forget where, exactly. I got asked if I wanted to download something. I said no. Nothing got installed without my consent.
Thanks for playing, though.
I think we'll only be able to escape the constant bombardment of advertisments (And skript kiddie attacks and all the other comparatively recent crap) by establishing our own network on top of the internet. It's easy to do and we're technically capable of doing it.
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
In IE you can disable the certificate by going through several steps when prompted to download something. But in the end it's irrelevant, since you'll still get prompted with a slightly different dialog that basically asks you the same thing, although worded differently. You still get Yes/No buttons.
In some cases, people are not even asked whether they want the software. It just installs on the hard drive--a particularly troublesome tactic that some have dubbed "drive-by download."
The concern about viruses is, I think, a very legitimate one. I'm just glad I use Opera, which wouldn't let them do that, I think. Other browsers (Mozilla? Konqueror?) might be just as good, but I haven't tried them.
My dad called to ask if I could come over and 'fix' his computer. I'm always willing to come down and see dad and untangle whatever mess exists on his PC.
His dial-up connection was slow, he said. Indeed, every site I visited in his favorites was really slow and now wonder... everysite seemed to launch a couple of pop-unders that were consuming bandwidth downloading ads.
"Yeah, I've been getting that ever since I installed 'gator'"
"gator is something I got from yahoo that helps me fill in forms or something"
That rat-bastard gator had put hooks everywere, was a real pain to uninstall ("please stop the gator program before proceeding" - except to the ordinary user the concept of stopping a taskbar icon isn't very obvious).
The uninstaller launched a browser and loaded a page telling you why you shouldn't uninstall. Geez, go away already!
Yeah, my dad is pretty clueless - I reminded him not to download and install stuff unless he is pretty clear on what he is getting.
This software seems to exploit that cluelessness, posing as some innocuous, helpful utility when it's real purpose is far more invasive and it is relatively complicated to get rid of.
If you want this sort of thing to stop, make it unprofitable. And make sure your less technically literate friends know that the general rule of thumb is if the computer asks them something, they should always answer "No."
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
On the seedier side of the web, nothing new folks. Just now its spyware instead of trojans, thats all. (oh wait there is a difference. . . .)
A lot of japanese h-anime sites (the less artistic ones, yes there is artistic hentai, get over it and deal.) use a dial up program of some sorts that I am (assuming) dials some sort of toll number, but it only works if you have a dial up modem, negates the need for a credit card though.
Some of the seedier US web sites I have seen actualy attempt to automaticaly do this to you (ouch) luckily enough I have a cable modem and I uninstalled my regular ol' modem quite a while ago. ^_^
My Japanese Tutor actualy had a related problem, (didn't look at porn, damn thing managed to spread anyways, VERY annoying). One of these toll programs (one of the less respectable variety) got on the computer and refused to go away, hooked on to everything.
Nasty stuff.
Need help treating your acne? Come here!
Much of the crap such as noted on this topic is based on Microsoft technology, which, as we all know, is quite invasive and unsecure.
With WINE, perhaps, something like this might work on a x86 box with Linux, but all that pop-up ads may do on a Mac OS system, perhaps, is ask if the item could be downloaded, and, once downloaded, sit unused, unrecognized--the Mac OS doesn't do ActiveX per se.
Of course, using a PC emulator such as Virtual PC removes such insulation.
Vos teneo officium eram periculosus ut vos recipero is.
<rant> I just wanted to make a statement regarding new.net. That has to be one of the most foul excuses for software I've ever seen.
For those who don't know, it allows people to use the new.net TLDs, and sets them up so you don't have to reboot after installation.
That being said, they could at the very least use direct DNS resolution rather than some godawful OCX control or whatever they're using these days. We had a customer get royally pissed and almost demanded to return the system she bought from us because her kid would
If crapware like this becomes more and more prevalent, we'll have to start charging out the ass for support, which we don't want to do. </rant>
(takes deep breath) This is becoming a trend that could initiate a spread of infected files with much the same ease as nimda and sircam. Not terribly frightening, but excruciatingly annoying.
In three easy steps:
1) Goto mozilla.org and download latest release installer here.
2) Start up mozilla after installer completes
3) Edit -> Preferences -> Advanced -> Scripts & Windows and uncheck "Open unrequested windows"
Couldn't be easier.
int func(int a);
func((b += 3, b));
The sickest part of the whole ball of wax is that in the story Gator claims to have 13 million users. So much the same as a spammer can be successful by blasting 1 million emails and have 1000 "suckers" reply with interest....So can gator be succesful when only a small percentage of people are savvy enough to click on "NO".
Thus to the scumbags that look on -- this is a very fruitful way of doing business. Hence, the internet has turned into a big pile of rubbish way beyond the traditional (high cost) damage of telemarketers and junk (snail)mailers. A low cost way to reach the vulnurable. At some point those with the intelect must stand tall and say "NO MORE". Those developers that work at companies that do business this way should find employment elseware or forever bear the burden that will smitten them to geek hell (an afterlife of no mountain dew and no simpsons reruns).
I only need to look up at the big flasy blue and white banner ad contrasting on the green and white
(+1 Funny) only if I laugh out loud.
Somethings I agree to seeing on the web. The download thing when you visit a page I have seen and it's wrong. Should never be done. My wife accidently installed that freakin gator thing one night. I freaked! Anyway, some parts of this article is just irresponsible.
Some Net users have complained of receiving downloads containing a virus that automatically redirects them to adult-related sites.
I have never seen this. At least I have never seen an antiviral program reporting this as a virus. This is irresponsible. Only way you can get some of these kinds of things is if your in a place you should not be (IMHO). Dosen't mean this can't happen. It sure as heck can.
Such downloads also have been known to install new dial-up programs replacing the existing accounts.
I have never seen this either, but it doesn't mean it can't happen. It may if you go to a porn site (dials the 1900 rather then have a credit card SSL server).
There is simply one thing that can be done about this...make Microsoft take that coud out. the types of things these browsers allow is idiotic. They make the user loose control of their computer via porn storms and other things even when some pages use it legitimately. Only one way to solve this...take out the Onload and Ext controls. Any program that unexpectedly opens up a window is bad. It makes the user feel like they loose control. It makes for a bad OOBE.
Gorkman
When something is sold as "advertising" but is nothing less than an attempt to trick or confuse a person into purchasing, downloading or installing your software, that's misrepresentation and/or fraud. Regardless of any 2pt fine-print at the bottom, or "user agreement" on the page. Hard to stop them, though.
I think you're on the right track there. Granted, IANAL, so I don't know the legal details of this. From my experience, what is needed is a sense of honesty in those who are planning, designing, and coding this stuff. Here's a definition that I've found to work really well for me:
There are some developers, somewhere, who actually are writing this code. Devising and implementing techniques that appear to be one thing but are actually something else. From the referenced article:
It sure looks to me that there is an intention to deceive! If these were being honest, the prompt would be more along the lines of:
I wonder how many users would click on "Yes" for that?
Unfortunately, there are people who are willing to follow this path. Not just advertising agencies lacking any moral scruples, either. What about struggling web sites that are just trying to meet the payroll for their employees after discovering they could not make a profit under their failed business plan? There's a desire to do what's right in getting paychecks to people who have families to support and bills to pay, and that pressure can lead people to step over the line of what they otherwise might do. It seems to me that as these practices becomes more widespread, there's less of an onus against them, leading to even even greater adoption of these techniques, which leads to even wider use, greater adoption, ... lather, rinse, repeat.
Where's the sense of ethics and professionalism here? I offer, as food for thought, the ACM(*) Code of Ethics. NOTE: I am not suggesting everyone should mind heedlessly to these. What I have found in my own experience, though, is that reading through these has given me insights and perspectives on things that I otherwise would not have even considered.
As long as someone can take some programming classes, gain some technical expertise, and hire out as a programmer... well I believe there's more to it than just writing code. Though I hope otherwise, I have a feeling that it is going to take a lot more of these "products" getting a public black eye before there is a groundswell of support for anything different -- things are likely to get worse until they get better. If the $billions lost on Code Red and other worms and viruses has not been enough, just what WILL it take for things to change?
(*)"The ACM (Association for Computing Machinery) is the world's oldest and largest educational and scientific computing society. Since 1947 ACM has provided a vital forum for the exchange of information, ideas, and discoveries."
Exactly the thing I would try out from a pop-up download. Pincodes and cardnumbers are so easy to forget.
I stumbled on this popup, I really wish that microsoft had the option to withdraw their security keys. The dialog begs you to accept the download. Anyone with shady plans should consider to buy the names of bancrupt companies and get trusted keys to make people download...
"New updated alladvangage software, get your earned $50 from the old software reactivated"
She downloaded DIVX, which was supported by GAIN.
Her computer became so slow that she was unable to use it. GAIN was unable to call home, because her system is behind a firewall.
We uninstalled DIVX, which should, according to GAIN cause GAIN to uninstall. "It is the only GAIN supported application installed". They lied! One day later it was still chewing up her cycles. "No call home, no uninstall" Her computer was still so slow.
I was forced to do a manual uninstall of the GAIN.
I will not use, or purchase any software package that has any association with GAIN.
Get a free ipod.
...There is software to stop the pop-up downloads, including the ones that don't ask but go ahead with the install. Actually there are a good number of them, Linux, Solaris, FeeBSD... ;)
Sorry obligatory joke.
I'm the big fish in the big pond bitch.
You're forgetting something about IE (and maybe Moz too?): The file is downloaded in the background while waiting for the user to accept or deny the download, so you're still wasting time and bandwidth by receiving a file you probably don't want. For broadband users, it's not such a big deal (but it does eat up more bandwidth of the scum that uses such a technique), but for modem users it will slow things to a crawl.
Pax, Ardax
First IANAL!
In the state of Texas (My home) There is the following
law
Comment: I would think that any software that installs
spy ware would fall under this! I am including some of the
definitions to make the meaning clear!
Texas Penal Code CHAPTER 33. COMPUTER CRIMES
33.01. Definitions
(1) "Access" means to approach, instruct, communicate with, store data in, retrieve or intercept data from, alter data or computer software in, or otherwise make use of any resource of a computer, computer network, computer program, or computer system.
(12) "Effective consent" includes consent by a person legally authorized to act for the owner. Consent is not effective if:
(A) induced by deception, as defined by Section 31.01, or induced by coercion;
(B) given by a person the actor knows is not legally authorized to act for the owner;
(C) given by a person who by reason of youth, mental disease or defect, or intoxication is known by the actor to be unable to make reasonable property dispositions;
(D) given solely to detect the commission of an offense; or
(E) used for a purpose other than that for which the consent was given.
33.02. Breach of Computer Security
(a) A person commits an offense if the person knowingly accesses a computer, computer network, or computer system without the effective consent of the owner.
(b) An offense under this section is a Class B misdemeanor unless in committing the offense the actor knowingly obtains a benefit, defrauds or harms another, or alters, damages, or deletes property, in which event the offense is:
(1) a Class A misdemeanor if the aggregate amount involved is less than $1,500;
(2) a state jail felony if:
(A) the aggregate amount involved is $1,500 or more but less than $20,000; or
(B) the aggregate amount involved is less than $1,500 and the defendant has been previously convicted two or more times of an offense under this chapter;
(3) a felony of the third degree if the aggregate amount involved is $20,000 or more but less than $100,000;
(4) a felony of the second degree if the aggregate amount involved is $100,000 or more but less than $200,000; or
(5) a felony of the first degree if the aggregate amount involved is $200,000 or more.
(c) (Blank).
(d) A person who his subject to prosecution under this section and any other section of this code may be prosecuted under either or both sections.
Added by Acts 1985, 69th Leg., ch. 600, 1, eff. Sept. 1, 1985. Amended by Acts 1989, 71st Leg., ch. 306, 2, eff. Sept. 1, 1989; Acts 1993, 73rd Leg., ch. 900, 1.01, eff. Sept. 1, 1994.
Amended by Acts 1997, 75th Leg., ch. 306, 2, eff. Sept. 1, 1997.
33.03. Defenses
It is an affirmative defense to prosecution under Section 33.02 that the actor was an officer, employee, or agent of a communications common carrier or electric utility and committed the proscribed act or acts in the course of employment while engaged in an activity that is a necessary incident to the rendition of service or to the protection of the rights or property of the communications common carrier or electric utility.
It's crap like this that will make sure my Girlfriend will always have her own computer to do any "unsafe" tasks like web-browsing .
She's smart, but she just doesn't care about stuff like this. I tried to explain the evils of Kazaa to her (and get her to use Kazaa Lite), but she simple doesn't give a rat's. She won't about this, either.
So, the no-using-my-computer-unless-I'm-watching rule is still in effect. Sad.
S
I've seen sites (cardcentral.net) that use JavaScript to put their own dialog over everything but the Yes/No buttons on the download box. The dialog box appeared to be something along the lines of "Security warning: You are infected with a virus. Clean?"
It is. I've seen it done. One sleazy anti-virus company (don't remember the name. It's in France IIRC) uses it in their ads. Saw this months ago.
I personally feel that pop-ups, pop-unders, exit-pops, and back-button disabling are all immoral behavior that the web browser should stop by default. A pop-up in response to a click is acceptable, on-load is abusive.
However, if you block the banners or ads from the site itself, I feel that you have crossed a line. Receiving the ads is the price of visiting the site. While you are welcome to receive the site's content in any way that you want, blocking banners, etc., is essentially the same as shoplifting. You are taking what you want without paying the costs.
Justify it however you want, you've chosen to take the site's content without paying the cost.
However, I feel that the Javascript ads are abusive of the users. Web sites should stay in the browser that called them, no turning the web into "push" technology.
Alex
In MS Windows, there are a number of places that programs get started from on system startup.
s ion\Rune rsion\Run Oncei on\Run OnceEx
1) Start Menu\Programs\Startup
2) Control Panels -> Services (Windows NT etc)
3) Registry keys:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVer
HKLM\SOFTWARE\Microsoft\Windows\CurrentV
HKLM\SOFTWARE\Microsoft\Windows\CurrentVers
You may be amazed at the trash that can accumulate there. Alternatively, check out the rather excellent freeware Startup Manager.
Perhaps this is just my paranoid fantasy, but this is what I predict we'll be complaining about this time next year.
...
This sort of technology married with something like Passport of PayPal or other private information store.
You innocently buy a book from the web and unknowingly register your credit card information with a service that will do you a favor and make it 'simple' to order things by simply clicking a link from a member site, etc. They'll sell it as secure, convenient, cutting edge goodness and you'll figure 'what the hell'.
From now on, they automatically send you merchandise you never asked for, but they think you'll be interested in. You opted in. This is YOUR problem, now. They send you books, CD's, new credit cards, address labels, elbow pads,
The burden is on you to remove yourself from their lists, now. But they have a policy that you didn't read - to opt out now, you owe them a fee for terminating the contact. You are embarrassed because you got yourself into this mess and just want it to end. You spend an hour or so a week returning goods that you never ordered. Just praying that they will credit your account. You'll later find that every return was 'lost' or received damaged. You can't prove that the goods were okay when you sent them back. And you didn't insure them because it didn't seem necessary for a $20 book that was being shipped on your dime.
If you are lucky, by the time it ends you are out about 200 bucks. Not much in the grand scheme of things. But the hassle was a GRAND pain. You briefly think about a lawsuit, but you are too embarrassed to admit your stupidity to a lawyer and judge, so you rack it up to a life lesson.
If you were to sue, you'd simply find that the criminals packed up shop. There are no phone numbers, no addresses. Any numbers you saw before were likely fakes.
So talk about writing new laws or shutting this shit down. You try that while I sit back and laugh as I get rich off your technically un-savvy aunts and uncles. As they stupidly march with blind trust straight forward. I'm fat and happy on caviar. Fucking lemmings. God bless you.
This isn't too restrictive. Big players, like Amazon, Yahoo Store, and the major search sites, all work under these restrictions. If your site doesn't, your site is broken.
Not too sure if this has been said yet, but this is an amazing tool that will clean all the spyware from your system. You will be amazed at how much you have on there. It is called AdAware and can be downloaded free from the link below.
http://www.lavasoftusa.com
What's going to happen when you don't have an icon in your system tray and have no inkling that a foreign program is running on your PC?
-motardo
Not to mention the possible security problems! If a cracker setup a phony web-site to trick users into install some software to give them access to the system to use in DOS attacks and such. I think the site that use this type of advertising will eventually feel a backlash from the public on this because it's too dangerous.
At the next eco-hypocrisy-meeting, count the private jets used to get to the meeting. Should be interesting to see that
This adware/spyware stuff is almost always unwanted, and should be treated as such by virus protection software. I find it absolutely amazing that we have all this obnoxious stealth-spyware out there, and it's cheerfully ignored by the anti-virus programs.
At the very least, there should be a "Handle ad-ware as virus" option for virus protection programs. Obviously, the anti-virus people are afraid of lawsuits from the adware vendors, so they need a cute way of letting the end users designate adware for destruction while maintaining plausible deniability -- "Dear Mr. Gator, our anti-virus software does not disable your product's installation unless the user has specifically chosen to block adware. In such cases, the end user has specifically forbidden your access to his computer, so we just saved you from criminal and civil enforcement!"
Maybe we should all just copyright our IP addresses and DMCA the hell out of sites that misuse our copyrighted information for unauthorized purposes. If it accomplished nothing else, an avalanche of frivilous litigation would be its own reward.
:)
Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
You're forgetting something about IE (and maybe Moz too?): The file is downloaded in the background while waiting for the user to accept or deny the download,
Unfortunately, Mozilla has this behaviour. It has created all kinds of issues. I have argued in vain that the program should wait for the user to name the file before starting the download. Unfortunately, that is just too simple.
"that's not encryption - it's a new perl script that I'm working on..." - from some Matrix parody
Mozilla can get even more ad-free.
I've added this to my personal style sheet (automatically applied to every page):
object, embed {
display: none;
}
This keeps all Flash etc. invisible. On some platforms you can just uninstall the Flash plugin, but that doesn't work in the Linux Mozilla. (The ", embed" part is probably not necessary.)
The file to change is "userChrome.css", and can be found in the "chrome" directory wherever Mozilla keeps your personal settings, mail, etc.
And then, whenever you see an ad that is an ordinary image, you can right click on it, and check if it comes from some server that probably only serves ads. If so, right click again, and choose "Block images from this server".
Using all these tricks, you can get rid of a lot of ads and other annoying material.
Most of this should work in Netscape 6 as well.
Why?
I do, but regular everyday users don't. What I was trying to allude to was that some malicious software could be installed on users pc's without them noticing.
-motardo
Most importantly, no image file ever came with a security hole that allowed a third party to hijack the computer that downloaded it. I do not have the same confidence in software written by an ad agencies out to make a buck by hijacking my computer in the first place.
Sure, in a sense it's just another HTTP request, no different than the one that brought the HTML itself. But then again a bullet is just another projectile, no different than a tennis ball really.
There is a world of different between downloading simple data like text or images and downloading executable code. Clue yourself in.
Build stuff. Stuff that walks, stuff that rolls, whatever.
Comet Cursor was a popup download on many sites, most annoyingly doonesbury.com. I'm sorry to see that they didn't learn their lesson back then...
"The question of whether a computer can think is no more interesting than that of whether a submarine can swim" -EWD
Changing our desktop wallpaper? Enabling active desktop with their ads? Oh wait a moo, dont want to give them ideas now :D
----- Whats wrong with this picture? http://www.revoh.org:1234/whatswrong
That's the first option listed, chief. No need to go editing your preferences file.
Interested in open source engine management for your Subaru?
I guess you didn't read the whole article yourself. :-) Check this quote:
Granted, anybody who has this happen automatically can only blame themselves for allowing any ActiveX program to download and run without requesting permission, but note that it *is* happening. Some of those poor dialup users are definitely getting nailed.GreyPoopon
--
Why is it I can write insightful comments but can't come up with a clever signature?
I can confirm that these "auto-downloads" don't work under Mozilla 0.9.9. However judgeing by the script it looks like it works under Netscape 4.x and maybe under Netscape 6. But as you can see it only works on Windows comps. Have a look:
e ';
<script>
var exepath='http://www.mp3yes.com/free_mp3_finder.ex
var bname=navigator.appName;
var bver=parseInt(navigator.appVersion);
function install() {
if ( navigator.platform && navigator.platform != 'Win32' ) {
location.replace('NOTWIN32WARNING.html');
return;
}
if (bname == 'Microsoft Internet Explorer' && bver >= 2) {
document.write('');
}
else if (bname == 'Netscape' && bver >= 4) {
trigger = netscape.softupdate.Trigger; if (trigger.UpdateEnabled) {
trigger.StartSoftwareUpdate(jarpath, trigger.DEFAULT_MODE) }
else { location.replace(exepath);
}
} else {
location.replace(exepath);
} }
install();
</script>
(taken from mp3yes.com)
We're going to make information free Mr. Anderson, whether you like it, or not.
What we should be doing is labelling Gator and auto-download software as hackerware - which is what it is. The only difference between Gator and white hat hacking is that Gator is produced by a commercial entity. The only thing saving Gator from legal prosecution is the dialog box - if the next version of IE does away with the automatic dialog boxes, then Gator would meet the definition of a virus, and the company that makes Gator could find itself liable to criminal prosecution.
For once, I'm actually glad that we have anti-hacking laws, because in this case, they are actually protecting us from corporate greed....
And yes, Gator installed itself on my system when my kid brother was surfing the web, and yes, it was a pain to remove. Fortunately, I have profiling software which enables me to undo filesystem and registry changes when an uninstall is unsuccessful.
The society for a thought-free internet welcomes you.
Why is this flamebait? I posted something relevant, useful, and non-threatening. What's the beef?
The only tool you've got against psychosis is experience.
Prediction: You're so circumspect, thoughtful, and slow to jump on the bandwagon that your extinction from Slashdot is guaranteed.
personal attacks hurt, especially when deserved
Try my host file project, i try to update it daily/weekly and makes just about every other hosts file redundant
blocks spyware
linux,bsd,mac,pc,*.nix
12,000 blocked hosts and i havent seen an advert in months
ps.
and if you already using a "hosts file" then you can upload yours so i can add it to the list.
The connotation of internet users to consumers is an intentional fallacy created a few years back when "Corporate America" discovered (assumed) they could make a quick, easy, buck or two via the net. Most of the dot-bombs fizzled into oblivion, some slither onward by dropping to this type of low. Their existence now rests in their ability to convince the marketing departments of other corps to use this slimeware.
I AM, therefore I THINK!
I think Microsoft will use the technology to force the install of the latest Microsoft OS and then require a valid credit card before you can use your computer again...
TastesLikeHerringFlavoredChicken
But please mod this useful comment down. Slashdot is becomming more a community of Windows users than "nerds." In the past Junkbuster would have been the first comment to appear instead of all the whining and ain't it awful about the bad old advertising. Shit! Route around the damage and stop complaining!
Looks like Windows is getting off pretty lightly for a change - only one poster so far pointing out that ActiveX is fundamentally insecure.
.
It boils down to whether you'd rather have a run-time environment you can control (like the Java VM) or an unbounded set of parties you have to trust
I think we're seeing something fundamental going on here, where legitimate application providers, e.g. for B2B commerce, will gravitate towards Java Web Start (or possibly very "managed" Dotnet) as that will be the only kind of assurance worth having.
[blatent plug]
,dialers, sneakware, scumware ,p2p app advertising too
:)
Try my host file project remember.mine.nu, i try to update it daily/weekly and makes just about every other hosts file redundant
blocks spyware
linux,bsd,mac,pc,*.nix
12,000 blocked servers and i havent seen an advert or popup in months
ps.
and if you already using a "hosts file" then you can upload yours so i can add it to the list.
[/blatent plug]
With Tivo, you are still a viewer (which is what the station is paid for) and you still get the ads. Hell, I've "rewound" (ReplayTV, not Tivo though) to watch ads that looked funny.
The comparison would be to a television viewer that lies about what they watch to the Nielsons so that the shows they watch aren't compensated.
Realize that they are paid for airing the advertisement on television. The payment is based upon viewers. With banner ads, they are often paid by impression, don't download the image, no impression.
That's the difference.
Alex
I like to support the sites I frequent. I don't mind "paying" a reasonable bandwidth cost for banner ads. But that doesn't mean I will pay any cost in the name of advertising.
The Web is not a broadcast medium. This still manages to escape many media outlets and advertising types. Still, the one thing they understand is cost. If an advertising campaign becomes costly, it will be dropped.
I don't mind ad banners. I do mind stupid java tricks, tracking cookies, and flash ads. In fact, flash ads have me using Junkbuster again. Abusive ads are blocked. Acceptable ads get a view.
Abusive ads become ineffecitve and costly. With luck, and many more users doing what I do, they will also cease to be used by advertisers.
I just wrote a bookmarklet that shows you the contents of password fields in web pages. It works with passwords remembered by Mozilla, and it works in IE6, so it probably works with passwords remembered by Gator. You'll have to run the bookmarklet on each site you've stored a password on, and you'll probably want a sheet of paper.
The shareholder is always right.
Haven't the stupid fucking cunts worked out yet that all they gain by using pop-up adds, hijacking the "back" button, full-screening the window and turning the titlebar off and trying to install random crap...
is a bunch of people who associate that company and their products with an all-consuming rage?
graspee
The software was something called eScorcher. They appear to be in Atlanta,GA. I did some digging, and I think the reason I thought it was from France was some of the original digging I did came up with primarily French web pages.
Anything else is dangerous, silly and irritating.
Second, even if you think breaking rule 2 is worthwhile to save a few seconds, the Mozilla implementation is badly broken. Consider downloading a 600MB ISO, and your / partition has 100MB free. Even though you name the file
Third, how much time are you actually saving? Except in the case you mentioned,where you're too silly to spend an extra 1/2 second to ensure that your download has actually started, the saving is trivial.
Fourth, you are rude and stupid. It's not asking that much that you spend an extra half second after clicking on a link to make sure it did what you expected.
"that's not encryption - it's a new perl script that I'm working on..." - from some Matrix parody
It seems that you didn't read the article either. In fact, in the article, it states that some porn sites are pushing downloads onto users' computers without their permission, including scripts that redirect dialup connections to a 900 number, which allows the con artist to rake in the cash until the customer gets his or her monthly phone bill. While most "legit" companies offer a way to opt-out (although tactics like Gator's can hardly be considered very legit), criminals can take advantage of the same methods to do something far worse than simply showing one ad over another on Yahoo.
That's it. I'm no longer part of Team Sanity.
I wonder if it's possible to create a dummy ActiveX control that "takes over" the Flash CLSID's, but simply displays an empty box? I'll have to look at that when I get home.
Gator what? "Honey, have you installed anything on the computer lately?" "No." "Are you sure?" "I haven't done anything accept email for a week."
Hmmph. Now I'm getting mad. I take a look at this Gator "thing", somewhat neverous that my PC has a virus.
Then I find a website in the about section. I go there and find a feedback address. Then I write a message to the effect than neither my wife nor I downloaded their program but it had installed itself. Under the circumstances, it appeared that they had illegally cracked my computer and installed software and, that if I did not receive a satisfactory explaination in 3 days, I was going to contact law enforcement.
This happened on a Saturday and I received a response by 10:30 AM Monday. I received an apologetic message stating that they were sorry if it was installed unsolicited and that many different companies distribute software that installs their product and that it must have been one of them.
I replied that I did no such thing willfully and if they did not give prompt, successful instructions on how to remove "Gator" from my PC, I would carry through on my threat of contacting law enforcement.
I received a final response within a day of my reply, followed the instructions, and Gator is gone. But if it ever comes back...
science is a religion
internet explorer didn't contuinally tell you "this page may not display as intended - click ok to continue" ...
eDexter from my website will take care of that problem for you.
Try my host file project [remember.mine.nu], i try to update it daily/weekly and makes just about every other hosts file redundant
Some of this poster's content was fairly apparently stolen from my two-year-old website. See my message about that here and here.
I've never posted a link to this message board about my website any of the times that hosts has been brought up, but I felt I must take a stand against this apparent plagiarism.
Also, for the record, anyone who has asked to link to my site or to copy text from it has been granted that permission. All you have to do is ask and respect other peoples' work. Sheeesh.
Justify it however you want, you've chosen to take the site's content without paying the cost.
But pop-ups are okay to block because they're annoying? What we have here is a double-standard. There is no click-through agreement to view any advertising and no social contract to render their page the way they want to ON MY PC. Toss in annoying blinking crap and web bugs designed to compromise your privacy, then you'll find lots of people not standing up for this kind of treatment. There are products to keep people who block ads out, but very few (if any) websites use this because they know their fraction of a penny ads are worthless compared to building an online presence/brand.
Obligatory ad blocking hosts file:
http://everythingisnt.com/hosts.html
Huh? Popups? What are popups?
ok then your [sic] infringing on my copyright! Could you as [sic] me next time before STEALING my comments for your own?