Slashdot Mirror
Blocking Pop-ups at the ISP Level?
roXet asks: "I work for a small ISP that offers dial-up and DSL in Louisiana. In the wake of the big boys' new wave of pop-up and spam blocking advertisements, I am looking into providing these services for our customers. I hate the thought of filling my customers machines with proprietary software, if for no other reason than I see it creating a support nightmare for our call center. I have found several options for blocking spam at the network level, but I have yet to find a good solution for getting rid of pop ups. Has anyone found a good method of doing this at the ISP level?"
You can set them up with an alternative browser. Mozilla Firebird is fast and does popup blocking, and is by no means proprietary.
Blocking website popups at the ISP level would be hard. Sure, you could set up your own http proxy and replace occurances of "open(" with something else, but it's so easy for a web site to obfuscate their popup code to get past such a filter and you would also be breaking countless sites that don't use popup ads.
You can no doubt block gator and a bunch of other insidious adware though. Just block all their domains and executable filenames. Most low end firewall/routers have a url filtering feature that's adequate for this. The people who are hit by the most popups often have one or more of these installed and don't know about it.
Wouldn't that involve the ISP looking at what you're doing, and be a horrid invasion of privacy?
I definitely do not want my ISP monitoring my packets. And yes, I expect many replies to this to say "Oh they watch everything you do". I don't subscribe to that level of conspiracy theory.
propz to GNAA.
Instead of proprietary software you could distribute browsers that are open, and block pop-ups and spam. All this being default settings.
The problem with popups isn't the window it opens, but rather it opening without expressed permission. Use Opera or Mozilla and popups are no longer a complaint. Why filter at the ISP level? There are some sites that use them legitimately. (Not auto popups, but opening of popup windows via click.)
"Derp de derp."
If you do want to use IE, the Google toolbar has a good popup blocker.
.-=Wit is educated insolence=-. -Aristotle
And you can redirect known banner ads, popups, etc. It can't get 100% of popups, as that is higher-level application layer. But you can block html to known "bad" hosts. The biggest issue is that it may inadvertantly block stuff people want to see (such as the random person that actually wanted to buy the wireless video camera).
...
You would need a way to tell the difference between a popup that the user wants and a popup that they don't.
1. Strip all javascript popup code from the html as it passes through your proxy.
2. Block all access to specific URLs that the popups try to load. Of course, the popup window will still appear, it'll just be empty.
1 will never work and 2 sucks (plus it'll never work).
I'm happiest with konqueror's 'smart' popup blocking where it doesn't block popups that result from an action I take.
Here before all but 8486 of you.
toolbar.google.com (works with IE, and now blocks pop-ups) is another option from mozilla etc (which may not work with certain sites).
A long time ago, I signed up with a local ISP and they sent me a copy of Netscape Navigator. As a result, it was a few years before I even knew that MSIE existed.
Do your users a favor. A big favor. Strongly insist that they use a modern, good quality web browser, like Mozilla, and make copies easily available.
There have been several replies already saying "give them a different browser". However, reading the request, it is quite clearly stated that changes to the client machine are not desireable due to the support time involved. :)
So shaddap about the browsers already!!
But, back to the question at hand, I'm afraid that blocking at the ISP level will be:
A - fairly difficult due to obfuscations. The ISP really isn't going to be doing anything different than a normal pop-up blocking mechanism at the client would in terms of figuring out what is or is not pop-up code and the pop-up people (insert scary mental image here) are already doing their level best to defeat that.
B - potentially a legal problem as any blocking mechanism that the ISP implements at the network level will, in effect, be interfering with the clients' "communication" with the website in question. The FCC might have something to say about that.
However, I'm sure there could be a way to set up a database and have people opt-in for pop-up blocking service. IANAL but I would think that them actually requesting such service would clear most legal hurdles.
As for solutions, I wonder how hard it would be to extract the relevant code from Open Source browsers and make a little routine to rewrite/replace scripts on the fly...? It would almost have to be a proxy though so you could track (and allow) pop-ups which were actually requested.
Well if your upto the bigbrother aspects of it. run a http proxy, in transparant hijack mode for example, so that users dont have to config a thing. And start filtering content for known popup codes, and you could use techniques designed for banner blocking, such as html washing or just blocking certain blacklisted domains.
There are several HTTP proxies which filter popups. Webwasher offers a commercial solution. A webproxy is at a disadvantage compared to a webbrowser because the browser can take temporal script behaviour into account much easier than the proxy.
I doubt you're going to find what you're looking for. You'd need a proxy that would parse the HTML and strip out offending javascript. That sounds like it would be pretty tough, and that it would eat a lot of cycles on your end.
Another problem is that you need to keep some popups -- ones that are generated by clicks -- and toss out others, the ones that show up automatically.
I don't know how browsers solve the problem, but I'd be interested to know.
If I were going to try to implement it, I'd probably set things up so that a click event turns off pop up blocking for a short window of time, although that's probably kludgier than what the browsers actually do.
If it is what they're doing, though, it wouldn't be something you could implement in a proxy server.
My company uses popups and would like them to not be blocked. So please share what techniques you're using for blocking so we can try to get around them. Thanks.
Spam and popups are two very, very different problems. I do think SPAM is very capable of being handled at ISP level in most cases, but pop ups are a browser problem. As long as you use a decent browser, such as Mozilla, which blocks them easily, you can't do a thing about it - unless you can filter http traffic and somehow block all javascript, which to my knowledge is not possible or desirable. Just give all your clients a CD with Mozilla on it, and tell them to use that. For most pages, it renders just fine. ESPN.com has major issues with pages rendering properly with any browser other than IE, but for the most part, those alternative browsers work great and are loaded with cool features.
Argh. No. Not transparent proxies, unless you're providing an opt-in mechanism (say, a value-added service) to do so. It's *so* frusterating when ISPs start mucking with my network connection (firewall incoming and outgoing SMTP or transparently proxy it, block outgoing DNS, etc).
ISPs bitch about how they can't provide tiered service. Spam blocking, popup blocking, firewalling, are *all* great things to toss in value-added packages to provide tiered service. They, however, drive many people (who don't *want* said "service") to tears.
Another option would be a opaque proxy and to provide a mini application that sets it up.
May we never see th
I'm a recent convert from IE after getting sick of all the popups day in and day out.
Mozilla Kicks a$$ for blocking pop-up ads.
Either that or Build a custom app for your customers.
Dolemite
_______________
Save the World! Use a Quote!
A good blacklist should have zero false positives, and still block a good deal of ads. I use Dan Pollock's hosts file, and it works pretty well. It blocks Hotmail's in-page ads, along with a lot of others. It also has some sites that set malicious tracking cookies and popup traps blacklisted. Of course, you should check each url for validity, but it should work pretty well. Also, I suggest you put a page on your site that contains suggestions for Internet security, including links (and preferably easy tutorials) to things like Adaware, Spybot, and the like. Oh, and a link to Firebird (or Mozilla) would be good, too... ;)
A popular solution is Privoxy's popup blocking chained with Squid's caching. In my opinion, that's the way to go. Privoxy by default also blocks ads and webbugs and nasty javascript and other things, but you can disable those features.
These could probably be configured as a transparent proxy if you don't want to set it up manually on users' computers, but speaking as a power user, I would never sign up with an ISP that stuck me with a proxy I couldn't avoid.
Random and weird software I've written.
http://www.proxomitron.info/
Proxomitron is a proxy that provides that as well as many other features. Since it is a proxy you could put it on your servers and provide access only for your subscribers. Make it optional. Most good browsers offer easy switching between proxy and non-proxy mode.
Proxomitron offers more then just popup blocking, and also by letting them use the ISP as a proxy they have an additional level of anonymity.
You would need to configure Proxomitron to a useful, but not too invasive level, or offer multiple proxies at different levels of restrictiveness. Then the use can pick which one they want depending on their needs. Document it all really well on your support site.
"Anything is possible with enough programmers, time and pizza." (Substitute caffeine for time as needed.)
Here. The version free for non-commercial use is no longer available, though (pity!)
Mozilla is great but let's face it, for a lot of people The Internet means Internet Explorer and Outlook Express. So, as part of the setup get all of your new users to install either the Google Toolbar or the Avant Browser add-on for IE. They both do an excellent job of blocking popups in IE.
"An unarmed man can only flee from evil, and evil is not overcome by fleeing from it." Col. Jeff Cooper
And what happens when websites sue you for denying them income because you blocked their popups?
I frequent several sites, arstechnica.com would be the most prominent, which ask that you do not block ads or popups, as they are the revenue stream, no matter what personal views you may have on advertising the net.
1: Block popup ads
2: Revenue per popup goes down
3: Popup prices go down
4: More people buy popups for advertising
5: More popups! You Lose!
And I suggest that all of you who will inevitably reply saying "ITS MY COMPUTER I DECIDE WHAT GOES ON IT AND WHAT STAYS", realize that the webmasters of the sites you frequent don't put banners and popups on their sites to annoy you - they do it because running sites costs money. Dilute advertising by blocking it, and it's worth less. Then, everybody can buy MORE than they could in the first place, and you have twice as many popups otherwise.
If these options don't suit you, there's an alternative network you can restrain your activities to. Something about a 192.168 subnet springs to mind.
Hey Taco! Looks like you're using the "infinite monkeys and typewriters" scheme to generate Ask Slashdots again...
Just put a website informing of means (with links) to avoid these popups: alternative browser - there are plenty of them: Avant Browser, MyIE, Mozilla, Opera etc. And let them choose by themself. It is not in ISP buissnes what an user is doing with his (or her) own bandwith - mind that. AFAIR Google Toolbar also blocks popups and it does not involve switching browser (which my problematic) - it just works and weights about 500KB.
You don't need to do anything (in fact, it is better that you don't). The IE upgrade coming down the pipeline in summer will have auto popup blocking. Check the latest post on the main slashdot page.
a lot of posts (rightly) mention that most known tricks to blocking pop-ups will present problems for the small minority of users who want the pop-up (or websites where legitimate pop-ups happen to fall into the filter). Perhaps the solution would be some sort of "opt-in". Similar to opting into the spam blocking at Yahoo Mail (and I suppose Hotmail). A little setting through a web interface to enable or disable the pop-up blocking.
Keep your grubby mits off my packets.
I'd like like to plea with you (and all ISPs) not to do anything like this.
As far as I know, your only options are:
* Making the user use some sort of filtering software, e.g. Proximotron or Google Toolbar.
* Making the user use a browser with built-in popup blocking.
* Filtering HTTP requests.
I recently had a big problem getting an XML-RPC based app to work. Turns out that Proximotron had been installed (without my knowledge) on the client system, and was adding it's popup blocking stuff to the XML-RPC response. While this is fine for HTML, it is definitely not ok for XML.
You can argue that XML-RPC/SOAP is a perversion of the HTTP standard, but apps using it are already deployed, and as a network admin I have to deal with it. Please don't make my job harder.
On the slim chance that your ISP is using a windows-based proxy, you could use Ad Muncher.
It is of course windows-only but is able to filter popups (and other adverts) from html/javascript as they pass through the proxy. It has also received top marks from popup-killer-review.com, beating all reviewed conventional popup stoppers (like google toolbar etc), except for one, which it scored equally with.
A linux port is currently being worked on, if you'd like to be notified when it's available just use the contact page on admuncher.com.
The way it gets around, say, certain kinds of Javascript, is by rewriting the function text as it goes by. But it doesn't know what is and isn't actually a script. Any webpage containing the word "open" followed by an open parenthesis -- there's one in the comment currently at the top of this page -- gets rewritten to "PrivoxyWindowOpen(..." to defang the Javascript, even when it, well, wasn't. The comment makes no sense as it actually appears on my screen, because it isn't what the user wrote. Being familiar with Privoxy, I back up, reparse, and keep going.
We've all probably seen similar things in email. Anytime members of a certain mailing list start discussing XHTML examples, their snippets have things like "<link_LINK-DEFANGED foo..." and I have to blink a few times before I figure out what they actually wrote and what they didn't.
Customers of an ISP would be seriously confused and explosively pissed off if this happened to them. Maybe offer levels of filtering; they can choose various ports on your proxies to get them, etc.
You cannot apply a technological solution to a sociological problem. (Edwards' Law)
Simply set up a proxy server on your network (NOT IN BETWEEN) and then tell people how to set up the proxy server.
Let users have capability of unmolested connection OR anti-crap proxy filter connection. Everybody's happy.
1. I think I lost you somewhere between the part where pop-up ads became less effective and the part where advertisers buy more of them.
IANAWebMaster, but I would think that a reduction in the effectiveness of pop-up ads would result in a reduction in the number of pop up ads.
3. If you want to support a site, then *you* can enable the pop-up ads for that site (not hard on mozilla). Don't force everyone on the internet to view ads for a website that only you may like (that'd be like requiring atheists to recite the "under god" part of the plegde of allegiance--which some fascists seem to think is a good idea...but that's another story).
2. also, you said "And what happens when websites sue you for denying them income because you blocked their popups?"
Last I checked websites do not have the right to earn money. Some websites may say that they require you to look at their pop-ups, but those restrictions apply to customers and not to their ISPs (would Girl Scouts of America sue god if it turned out I had joined and wasn't quite female?).
4. oh and here's the part of the post I like best--where I get to brow-beat you with a mollusk.
A loopy guy like you deserves his own special subnet. After consulting with numerous shellfish in the field, it was decided that the 127.0.0.0/8 subnet must have been made just for you. (A FULL CLASS A!)
Don't worry about me though...I'll get along just fine with my 255.255.255.255/0
--
void slashbot::dopost(Posttemplate post)
{
post.encoding = INTERLACED;
post.crypt = DOUBLE_ROT13;
post.submit();
}
You either take control of their computer %100( ex: corporate controlled, they need the BOFH ; I hope you see the stupidity levels involved in the publics usage of well their own drones), advertise at em(same as one just a lucrative corporation) , or provide bulletproof software/support.
I can use windows, I can keep it healthy; argue with an idiot and you are an idiot. ; but the public is not ready for it so we have a job market for "the computer guy" , side effect of the American economy IMO. I would hypothesis that other countrys general populace enjoy the same benefits but I've never been fortunate enough to leave our borders.
If you Just resolve some domains and sub domains you can get alot of em and speed up your customers connections too... Just beaware of what is underlying what your "Breaking"..
:)
I doubt anyone you want to find anything in the ads*.doubleclick.com domain
Who needs WiFi when we can have Packet Over Sheep! http://datacomm.org/PoS-InternetDraft.txt
I suggest set up a proxy to do the filtering, and instruct users who want it to configure the proxy. Or, install a transparent proxy and have a proxy to bypass it for users who DO want pop-ups.
Make even shorter URLs - 8LN.org
I didn't expect a quick and easy answer to this one, and I didn't get it. I only hoped someone might have figured it out.
Forcing my users through a proxy server is not going to be an acceptable answer, although the google toolbar may be. I may also think about recommending Pop Up Killer (http://sourceforge.net/projects/puk/).
The only other solution that I thought of was taking one of the pop-up blocking host files that you find out on the internet and putting that in my dns to point those domains to localhost.
Be warned no matter what scheme you choose, the user must have the ability to turn of the blocking on the fly, because there will be good websites that any popup blocker will interfere with.
::i visited slashdot and all i got was this lousy sig::
I'm establishing a wireless community network and you damn betcha it's filtered. IPCop at the door, DNS and packet filters, 80GB of localized cache and QOS assurance - no ad domains, no popups, and no p2p apps. We're a small town but there are still other ISPs available even here - if someone wants to run kazaa let'em pay $20 a month for dialup access and leave the rest of us to enjoy our fat, ad-free community. Common carrier status? Tell that nonsense to AOL and MSN...
The old TIS FWTK had a http-gw proxy that could filter out all activex and javascript. It probably wouldn't be too hard to patch the code to filter only the open() call.
2. Offer different proxies with multiple levels of popup/junk filtering that your savvy customers can opt-into.
3. Send out a CD with free versions of Ad-Aware, Spybot S&D, and so on. Or point them to links like the online version of X-Cleaner or one of many online virus scans.
4. You could also be a real saint and figure out how to put most of the important Windows Updates on CD for your dial-up users and have it automatically do its thang. At a minimum, the Service Packs and Security Rollups will make you their hero.
5. ???
6. Profit!!!
We know there isn't a quick fix solution, but 1 and 2 are eminently doable. I personally use a proggie called AdMuncher(.com) and since Dec. 25th its blocked 13,100 ads/popups/etc and supposedly saved me around 102MB of bandwidth. It ain't free, but goddamn its good (and only 157K).
[Fuck Beta]
o0t!
What's the difference between you blocking popups, and you substituting "local" advertisements for all banner ads?
In both cases, you can make the argument that you're making things better for your customers. Instead of showing them popups, or lousy ads that they don't care about, you can put your own ads in there which are probably more relevant. After all, isn't it better to see an ad for the local car dealership than one for Gator?
Of course, no matter how noble your intentions, you're still committing copyright infringement. You're changing the content of websites without their permission. That's a no-no. Especially when you're profiting from it, either via the new ads sold, or the lack of ads.
You'd be a lot easier to prosecute than 1 million individual users with popup blockers too.
Ralph
This story interested me because nearly half of our users have come to us requesting pop-up blocking within the company. We use IpCop as our proxy/firewall for over 100 users. I'm sure someone could rig Dan's Guardian or some content filter out there to do the job, but we have had very good success with Goggle's latest toolbar for IE. The users can keep using the browser of their choice, the toolbar lets them search quickly, and the toolbar blocks popups. We have also blocked the spyware sites that we are aware of by using IPCop's hosts file and have run AdAware on the workstations religiously.
I'll admit that it is a pain to install the toolbar on 100 machines, but I would like to think that it has saved us the time and agony of making our poor little firewall try to do something it wasn't designed to do in the first place.
I also realize our corporate user group is not the same as your ISP's user group. You have less control over the machines that access your services. However, you have to remember the KISS principle: Keep It Simple Stupid. If there is software that a user can install to block popups, that puts the choice in their hands. You can recommend the software and even provide an instruction set for doing it. Heck, you could even advertise that, "We will help you stay popup free."
Anyway, I highly recommend the latest google toolbar. You can download it here.
user@host:/usr/bin$ whatis
java: nothing appropriate.
Doing that for a 60 user company is a lot different to doing it for an ISP though, you'll want something like proxomitron but on a much larger scale.
or is that just me?