Slashdot Mirror
Why Your Pop-Up Blocker Doesn't Work Anymore
An anonymous reader writes "If you've noticed that pop-up ad windows seem to have made an unwelcome return into your life, it's because they're not using the same easily blockable technology as before. The Adimpact system uses DHTML to annoy you, and there's no immediate prospect of a solution."
Almost completely devoid of content.
...but I got so distracted with those shiny X10 pop-up ads.
I'm just surprised it took this long to be honest.
Nothing more annoying than getting a huge flash video animation splatted in front of the article you are reading, with no obvious [X] to click immediately.
Won't be long before the anti-popup firefox plugins can detect css-based popup and allow you to disable them as well. Only problem is they can't be disabled across the board because it would break a lot of the "web2.0" functionality of websites.
Adblock plus, problem solved!
What popups?
This mostly popup free browsing experience brought to you by the makers of Firefox and NoScript.
DHTML popups are no big deal at all. They don't open a new window. They don't "pop under". They don't re-open when you try to close them...
The solution to them is simple and already implemented. Close the tab, and never return to that site again. Ever.
Problem solved.
"The Dynamic Popup Generator can create pressure pop-ups, unblockable DHTML pop-ups, PictoPop-ups, conditional popups, instant opt-in pop-ups, and rotating pop-ups"."
Wait, I have the answer...keep Javascript disabled for websites that do not really need it! Right now, I have Javascript enabled for...3 websites, all of which are trusted sites from either my job or my school. Popup free browsing, and incidentally, pages use less CPU time.
Seriously, why do we need Javascript to read articles or blogs? If your web apps are abusing Javascript to display ads, maybe it is time to consider not using web apps, or finding "friendlier" companies.
Palm trees and 8
Between ABP and firefox... I forget the internet even has adds.
I found it much less intrusive once every host in the adimpact.com domain started serving up 404 Not Found for all pages.
DNS is your friend, especially when your nameserver is declared a master for that domain and the zonefile contains a wildcard record pointing all names to the IP address of your own dedicated nothing-there Web server.
I use Firefox with the AdBlock Plus, NoScript, and FlashBlock add-ons installed. I haven't noticed any pop-up ads.
[Sir Garlon] is the marvellest knight that is now living, for he destroyeth many good knights, for he goeth invisible.
Unfortunately it would be an arms race of sorts, similar to virus definitions... requiring dom scripting to identify a particular class or id or attribute or some other unique element in the ad (possibly the image src which means it could piggy back on ad-blockers already in use)...
The idea is to use the DOM to walk back up from the unique Ad element to the containing div or divs, then turn them off or delete them.
Another way would be to identify the offending function in the script and set it to return false or something similar.
Someone could play around with greasemonkey or YUI anywhere and create a sample distribution...
I don't personally go to enough sites that do this to make the effort, so I'll leave it as an exercise for the class.
A fool throws a stone into a well and a thousand sages can not remove it.
... are like free endorsements for Firefox + adblock plus + NoScript + ... some other extensions.
The more they keep annoying users, the more popular the solution becomes.
Tie two birds together: although they have four wings, they cannot fly. (The blind man)
As with all spam/issues there will eventually be a solution/fix, and then another way to get around the solution, then another solution, and then...
Need I go on?
See: Red Queen Effect
Use flash blocker.
Also Opera has a facility to easily block a feed. Right click, click on the offending item, click done. you're done.
How many sources does this company have? Unless they have a lot, their adds are gone.
I don't know if FF has this or not ...
It has subtracts too!
See my journal for slashdot ID's by year. Mine created in 2005. http://slashdot.org/journal/289875/slashdot-ids-by-year
Just this week Yahoo mail started serving up ads that pop up an annoying window every time your mouse passes over it. I hope Yahoo loses a lot of market share over this. I know it was the impetus I needed to switch over to Google mail. Of course Yahoo doesn't offer mail forwarding so you lose your email address. Serves me right for ever using a provider that doesn't make it possible to migrate away.
- For the complete works of Shakespeare: cat
wouldn't it be a better solution to serve a 1 pixel image to every pixel-like request, or just an empty page?
This space is intentionally staring blankly at you
NoScript (which is really annoying in and of itself, but that's another story).
You got that right! I removed 'NoScript'. Every, and I mean every, stinking website I went to had most of their content dependent on scripts. So, I had to constantly click on allow for this time, or for this page, etc... And many times, even after enabling scripts for that page, they still wouldn't run. Very few websites didn't have that problem. Scripts are just too ubiquitous to block.
"Bloody hell", I thought, is that what the web looks like?
Then I went back to Firefox with AdBlock/NoScript.
Do not want.
No sig today...
Yahoo's business model is based on installing unwanted toolbars and hijacking people's home pages.
I refuse to have anything to do with them.
No sig today...
Check out http://dhtmlpopups.webarticles.org/ for a quick set of examples of these.
It looks like a bit of experimentation could yeild a reasonably reliable greasemonkey script to kill these when not click initated.
Spyder
I've been using a hosts file since around 2003. It blocks out all those ads, popups, spyware,adware, stops alot of virii from calling home, you name it. I scan my computer about once a month, and I haven't had any of the 'serious outbreaks' of adware like all my friends. They all swear by their software programs to block it(ultimately, they always end up reformatting when they cant quite get rid of them all) but my solution uses no resources and doesn't require 'scanning' for them regularly.
I use it on my parent's computer and only update it once a year at Christmas. Even with only updating once a year they haven't gotten any adware/spyware yet, and it's been 3 years.
I highly recommend it. Give it a try, there's nothing to lose but the crapware.
http://www.mvps.org/winhelp2002/hosts.htm
Block all DHTML, problem solved ! Also I think I am fairly well protected against those things, Thank you addblock plus and noscript.
Installed Ad-Aware again, didn't find anything interesting, then booted from a microSD reloaded an image from 3 weeks ago.
Oh, well--at least I proved the image was good!
"Reality is that which, when you stop believing in it, it doesn't go away." - Philip K. Dick
this "solution" to the return of pop ups is of course akin to curing your hangnail by cutting off your foot
are you familiar with the phenomenon of the guy who doesn't own a television, and must remind every stranger he meets of this fact, constantly? if you look at the comments here, this article seems to have brought out the similarly quirky "look at me! i don't use javascript! i don't use flash!" brigade
ok, so you are proud of your bare html existence. good for you
but you might have noticed that the internet has evolved since 1994, and technologies, such as AJAX, are transforming the web browsing experience in GOOD ways, such as google maps. javascript is not merely cruft to make your anchor links animate. likewise, can you argue with the success and value of a site like youtube? which, by the way, works in flash?
javascript and flash are not in any way absolute negatives for the internet experience. they are merely useful tools whose usage is evolving, in good and bad ways. to disavow that obvious observation and just flat out block them does not make you wiser, it makes you an odd appendix of history. trumpeting your monklike ascetic internet existence doesn't add anything of value to the conversation, because, no, blocking javascript and flash is most definitely not the solution, really
when you announce that you don't use these technologies, all you show us is that you are indulging in some sort of odd attention-seeking disorder with a strange misplaced pride
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
I think a more interesting feature would be for browsers to allow you to limit iframe src, js src, and css src to HAVE to refer to the same domain of the page that you are on (similar to the current restrictions on cross-domain scripting (as in, scripts talking to scripts)). In this case, we just apply it to the HTML and CSS in general.
That way people like me can use JS to our heart's content on the same site we're currently on, and others are screwed.
Just put it in as an optional feature in the popup blocker on your browsers and let users enable or disable that as they see fit. Then you won't necessarily need ABP + NoScript + FlashBlock all installed or else doom for them!
Use an old browser that doesn't support DHTML, or recode Firefox or other FOSS
Free Martian Whores!
I hate pop ups with a passion so if these DHTML pop up scripts are implemented on a large scale I'm gonna be hella-peeved.
Is there any sort of registry setting that can be tweaked to disable dhtml?
Or maybe a registry setting to limit the rendering of pages to a certain HTML Standard?
Sig Follows: "Suppose you were an idiot. And suppose you were a member of Congress. But I repeat myself." -- Mark Twain
Something that I started to do when I see those popups within the page is to imediatly hit F5 to refresh. Most places will only show you that add once so they set a cookie to track if you saw that or not.
So by hitting F5 it you viewing the page again for the 2nd time.
Im a gamer, not a grammer major. This post is full of spelling and grammer mistakes.
DHTML overlays have been around for years - I know, I've been working in the industry for years *ducks* and they've been around longer than I have. Where is the story here? http://www.adopstools.net/index.asp?page=richmedia§ion=layer go on - make your own.
for(b=(a=0)+1;;b+=(a+=b))print(a+"\n"+b+"\n");
are you familiar with the idiotic windows vista practice of asking you to approve every executeable before it runs? after awhile, the average user just mindlessly clicks "approve" and doesn't even read the warning. and this is perfectly appropriate behavior: its the boy who cried wolf. an alert at every false positive leads people to completely ignore the alert
likewise, noscript is a wonderful extension... for the odd power user who likes such finetuned control over the minutiae of his browsing experience, and is keenly mindful and thoughtful about every site he visits and how he wants to profile his javascript footprint there
this describes perhaps 0.001% of web users
a real solution to the pop up problem is not to push the issue out to the end user and make them manage and fine tune their javascript footprint. in fact, as a solution, noscript represents a worse burden in terms of time and mental effort on the end user than simply closing pop ups when they open
and no, this doesn't mean the average end user is stupid simply because he doesn't want to exert the mental effort. a highly intelligent end user shouldn't have to work hard at his browsing experience, he just wants to browse with abandon, and that's a perfectly appropriate instinct. the end user, from the dumbest to the brightest, should not be expected to consider every click he makes on the web equivalent to the mental effort required to make a move in a game of chess
no, the real solution is to fine tune the browser's intelligence about how to handle pop ups. the advertising parasites are getting smarter, so the browser needs to get smarter. that's the real solution. an arms race between browser code and pop up code
but, no, i'm sorry: the end user must not be harassed even further, and that's what your noscript "solution" represents
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
and nothing happened. I feel so felt out and disappointed now.
As the island of our knowledge grows, so does the shore of our ignorance.
Along the right-hand side, presumably crippled by NoScript: "Please enable javascript to view the most popular posts list."
The irony makes my head hurt.
no one should be expected to micromanage their browsing experience like this. i'm glad you do. but your behavior represents perhaps 0.001% of web browsers. you're mental effort is noble, but not ideal
no, really, your behavior is not ideal. because i should not have to consider every click i make on the web in the same way i would consider a chess move in a game of chess. i should, as a rule, click with abandon, and the browser should be intelligent enough to manage the cruft and parasites for me
you fix the problems we are talking about here, like pop ups, by improving the browser code. you don't shove the problem out to the end user such as with noscript, because, in a way, your exemplary but tedious micromanaging web browsing style is a WORSE burden than the occasional pop up and annoying flash ads
i repeat: your micromanaging web browsing style, to me, and i would confidently say according the majority of web users, is more of a burden than the javascript and flash cruft we encounter on the web
intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
I haven't seen one. Nevertheless, if there's (D)HTML involved, I'll wager that even the venerable old Proxomitron and Privoxy can deal with them (if they are capable of virtually rewriting pages to spec, then hell yeah). Perhaps the reason I haven't seen one is because the AdBlock Plus Firefox extension deals with them, too.
No features, either. Oh well... the web was perfected in 1993. We should ignore any changes since then, as they're simply useless.
My blog. Good stuff (when I remember to update it). Read it.
I'm using Firefox with adblock and noscript and I wasn't even aware this was an issue since I never get pop-ups.
I guess either adblock or noscript is killing them.
My total set of plugins is
Adblock
Adblock Filterset.G Updater (I think something may have replaced this so I'm behind there)
Flashblock
Image Zoom
McAfee SiteAdvisor (Not sure where this came from to be honest)
No Squint (LOVE THIS)
NoScript
And WhoIsThisPerson (which I use so infrequently, I should probably drop).
At home, add DownloadHelper.
Any suggestions for plugins that I might love?
She was like chocolate when she drank... semi-sweet at first and then increasingly bitter.
Advertisers do their best to be visible(read: annoying) and users have a means to stop them.
And people wonder why online Ad revenue is going down.
That would mean I'd have to subscribe to a dozen dead-tree newspapers instead of using the web. I haven't seen a single newspaper site that isn't annoying as hell with its damned ads and popups and popunders.
Free Martian Whores!
Why worry about pop-ups, i get just about all my news from /.
I dont need to click on the articles, i read the synopsis and then read the comments for the people who qoute "TFA" and I get everything I needed to know :)
The solution is to edit the computer's hosts file to block anything you don't like. It works, it's free, and there's no way around it for these companies.
Rich And Stupid is not so bad as Working For Rich And Stupid.
As many have said before, use Firefox + No Scripts + Ad Block Plus and 'allow' only the originating site in No Script.
I have NOT seen pop-ups on my PC in many YEARS.
but you might have noticed that the internet has evolved since 1994, and technologies, such as AJAX, are transforming the web browsing experience in GOOD ways, such as google maps.
Yup. That's why AdBlock Plus is your friend. It only blocks the ad content, and leaves the rest of the page alone.
They don't grade fathers, but if your daughter's a stripper, you fucked up. --Chris Rock
Your browser has to call your OS to open a god damn Window, how hard is it to intercept such a call based on the URL of the content to be loaded into the Window really?
It's not like there's even any need to parse the markup or script or is this article talking about CSS style popups that just popup as part of the page rather than in a new window? There didn't seem to be any real information on that. If it's just popups on page rather than on your desktop in the form of a new Window I could honestly care less anyway, I just wont bother with that page if it's too annoying to use, it's not like I have to close a thousand external Windows, I just drop the tab in the browser.
I know this is Slashdot, but there is really a much easier solution... When you a find a site that does this, stop going to the site - simple. When their traffic tanks maybe they'll remember its actually the visitors that bring life to the site, not advertisers. Advertisers that use this technique, don't buy their products. Why make this more complicated than it needs to be - stop taking their crap.
Sounds like someone is in need of a few extra visitors.
Perhaps in the form of a distributed set of requests - that really shouldn't be denied - for service, but we surely shouldn't attack them.
Question everything
Unfortunately, as good an idea as that is, a lot of sites legitimately put their scripts on other domains. I know a few big ones that serve their static content from services like Akamai, that are on Akamai's domains instead of remapping it to a subdomain. Also it would impact services like Google's AJAX provider (they host the APIs of scripts like jQuery to save you bandwidth), or even site-integrated Google Maps for that matter, which are both hosted on Google's servers.
No features? ehehe.. thats funny... ever run it?
"His name was James Damore."
I think the dynamic part of DHTML would get in the way of converting it to static content.
Does every single feature in our web browsers have to have a social component now?
Only where social components make sense. NoScript is a tool that is useful for savvy people like ourselves. Its current model of whitelisting will never become widely accepted unless it becomes easier to use; namely, through whitelist suggestions. Social whitelisting becomes the next logical step, because people would generally not want one source dictating which sites are safe and which are not.
How is NoScript instrusive? You set it to block by default, and if you hit a site that doesn't work correctly, test it with the "Temporarily allow..." option for all the relevant parts of the site, then you can whitelist it permanently if you wish.
Come on, how is that not intrusive. For every site you visit you have to take extra actions...
Furthermore, it doesn't even help. There are a number of sites I go to that have these damn click to pop ads, I'd still like to visit the site but without the ads. If I have to turn off NoScript anyway, it's gained me nothing.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Why can't a solution like Greasemonkey work?
Don't go to websites that annoy you.
Problem solved.
http://www.unfocus.com/
Netflix Ajax Remover
This script removes the ajax handlers from all of the netflix add to queue links.
http://userscripts.org/scripts/show/4055
We have the best government that money can buy.
I can live with limited content. FF goes on, closely followed by FlashBlock and ABPlus. I have a handful of sites I trust. The rest? Tough luck!
When I want one of your stupid products I will come looking for you. I am not going to buy some shite, overpriced product just because I saw a stupid little advert pop-up!
Please if you are in marketing, just do humanity a favour and FOAD!
Windows guys please stop pissing on everyone and the Linux guys stop pissing in the wind, hoping to hit Windows guys!
I don't know about any of you, but I have very few popups. My trick is to run my own dns server and cacher. I just write myself in as the authoritative name server for folks like doubleclick and every other annoying ad service. Every time I find a new one, I just replace it. On top of that, I set up opendns on my servers and it filters out anything I missed. In addition, I point all the ad servers to a web server which does a few checks on the url and responds with a blank image or html page to fill in any gaps in the web site that the ad may have left. The strange park about it all is that the popups dont come up with my customized ad-block image/page. They don't come up hardly at all. Moral of the story: block it at its roots, block the dns.
Funny thing about ad-replacing web servers. I set up my web server to respond to any website and assume it was an ad request. The result was some script kidiots thought they found an open proxy and requested themselves over 9 million pages containing a "This ad was blocked" message instead of the expected yahoo account hacking and so forth. I got myself a list of commonly used yahoo password guesses (and I righteously blocked millions of crack attempts) and they got themselves a waste of their freaking time.
Press F12
Uncheck Enable JavaScript.
(you can then enable it on a per-site basis.)
No plugins required.
We are Turing O-Machines. The Oracle is out there.
Instead, it is about using DHTML to create a floating object within the same window. Have a look here.
now we need to go OSS in diesel cars
I've yet to visit a web page that could get a pop-up past iceweasel's blocker, AdblockPlus or NoScript. What bugs me are important sites, such as my medical provider, requiring pop-ups to make full use of their information.
I've thought similarly as well. While Netflix is the most legit business who have obtrusive ads, several others do as well. The thing is though that Netflix isn't necessarily doing this themselves. Odds are they have a graphic designer create an ad, and then give it to another firm whose job it is to serve those ads. That middleman firm is the one who is responsible for getting the ad in banners, popups, and adware titles all over the internet. It's not necessarily Netflix's fault, though I would hope that they would choose a more respectable firm who uses less dubious means to serve the ads.
Go back to earlier and more sane HTML standards.
---- Booth was a patriot ----
got the street address for their servers? give 'em a little Vitamin D-14. Caterpillar construction equipment, sanitizing the net
if this is supposed to be a new economy, how come they still want my old fashioned money?
The site http://www.adimpact.com/ tells me "did you see the popup? refresh to see it again". Well, I don't see it. There is no popup. And Adblock marks nothing in red on that site, so the popup just doesn't work. This in SeaMonkey browser.
It's not the content of popups that is the problem. It's the popups themselves.
And in any case... it doesn't seem to be working for Firefox 3.0.6.
I use Opera on my phone all the time. It's a great browser. But I don't disable Javascript on it.
My blog. Good stuff (when I remember to update it). Read it.
Javascript / Ajax and whatever scripting language is more akin to a french kiss : you don't mingle corporal fluids with any women/men you meet in the street, or if you do, you don't complain when you get ill/herpes or whatever. What you are telling us is in essence is "you are missing out on French kissing/new web functionality" what we are telling you is in essence "sorry but I kiss/enable script on only trusted women/men-web site I trust a bit ad not random stranger/web site".
C. Sagan : A demon haunted world:
http://www.amazon.com/gp/product/0345409469/
visit randi.org
you can just turn off popups completely, just go to about:config and change dom.popup_allowed_events
Why not just have a simple white list requiring you to approve every website (temp/perm/block) that attempts to open? Yeah its annoying but its less annoying than pop up spam.
And I just installed greasemonkey.
will start coding something to clean up the mess.
basicaly, the hide their shit in a self.document.write() function. since this function is actually usefull, I won't clean all instances of it, only instances that try to write:
- A style sheet
- More javascript
a page that uses self.document.write() for legitimate purposes only don't have to re-write the style sheet nor add more javascript using this method. they can put it in the clear instead of using self.document.write() to obfuscate the code.
What ? Me, worry ?
but thanks for the heads up?
"Appendix of history"? --Are you kidding me?
Man, that's one dead scarecrow!
Everybody on Slashdot uses some form of proxy software to prevent annoying ads, yet amazingly I think you'd be hard pressed to find a single one of them who hasn't figured out how to watch an internet video when they feel like it. You're yelling at nothing. Why?
when you announce that you don't use these technologies, all you show us is that you are indulging in some sort of odd attention-seeking disorder with a strange misplaced pride
Ah. I See.
Translation: "I feel threatened by people with strong opinions and decisive behavior."
If you want to watch TV or surf the web in whatever manner best suits you, then go right ahead. Nobody cares. --However, feeling the need to have popular consensus on your side while you do so is garden variety cowardice.
-FL
Hostfiles are a point solution, a DHTML pop-in block script works even if the source domain is different, without any further analysis.
I find Flashblock works pretty well for me. I agree about NoScript, but Flashblock is a must have for me.
Spyder
Use Proxomitron and Sidki filter set from Jan 2009 here http://prxbx.com/forums/index.php
..if they are simply spawning windows that are opening new URLs. CasaleMedia and YieldManager are notorious for this. But all you need do is run a URL blocking program or extension (we love LeechBlock extension for Firefox) and plug in their domains. Here are two articles on how we do this: http://www.theinternetpatrol.com/companies-that-end-run-pop-up-blocking-to-shove-their-advertising-down-your-throat-and-how-to-stop-them http://www.theinternetpatrol.com/new-free-pop-up-blocker-for-a-new-breed-of-pop-ups
> blocks ALL Flash content until explicitly allowed (which can either be once or always for a particular site
Don't you wish as I do that the Flashblock guys would steal the "temporarily allow example.com" from noscript?
Otherwise, undoing flashblock pass quick is a longass process!!!
> the new blink tag
about:config
browser.blink_allowed;false
I can just as well use my web browser with javascript turned off. Sure I won't be able to log into most sites or do much with Google Apps or anything else in the cloud, but, I'll still be able to get basic information.
I love running around with no-flash, it's like free-balling except I can click and the flash runs when I want it to!
So you are comparing the mobile version of opera with the desktop version of firefox then?
"His name was James Damore."
Yes there is. Blacklist the sites that are infested with this type of advertising. Stop visiting them. Find alternatives.
My peace of mind does not depend on
Regarding ads in general, my personal approach is that I'm never, ever going to buy anything off the internet as the result of an ad, so there's no good reason to clog my limited bandwidth with them.
Anyone demanding I read their ads is going to be ignored. Anyone attempting to use various tech to force me to read their ads will either have it quietly subverted or else I simply won't be reading or recommending anything at all from that site. Maybe they can build a business when they're deliberately turning people away, maybe they can't. Either way, not my problem - I'm already off reading what their competitors' sites have to say instead.
The basic expectation of the internet is that publically accessible data will be free, easy to access, and not buried in crap. This is because billions of sites have already learned that if they don't conform to this expectation, they're automatically cutting their own throats unless they have something that no other site on the web can offer and that no other site will ever spring up to supply.
That's a VERY limited set of possibilities.
Personally, I'm all for the existence of DHTML ads, in the same way that I have no problem with stores selling seven-foot spoilers to n00b street racers. Sometimes, people just have to make their own dumb, costly decisions for a while before they cotton on to the whole "basic logic" thing.
#img(src*=adimpact)
Yawn...
No. I'm saying completely disabling Javascript is stupid on the current web, it doesn't matter WHAT browser you use.
Fanboy much?
My blog. Good stuff (when I remember to update it). Read it.
Any time a site throws a popup at you, send them an email explaining that you are boycotting their site until they fix it?
Just silently boycotting is not enough--they will never know the difference.
"The biggest problem with communication is the illusion that it has taken place."
Honestly, I avoid all ads in general. None of them really interest me and all of my friends find the ads that might, remotely, interest me. Why sift through all the junk when you can have your friends who actually read the stuff do it for you.
Will there be a problem when the hosts file gets large? Each time a connection is established the system will have to see if the name is in the list or not.
The network stack (or whatever it is that tries o find the match) is not a DBMS, how does it deal with a list that keeps growing all the time?
The saddest poem