FTC Shuts Down 'Pop-Up Trapping' Sites

Masem writes: "The FTC today ordered the shutdown of 5,500 sites owned by John Zuccarini, all of them the so-called 'typo' sites that common mis-entered URLs for popular sites (such as Annakurnikova.com); when the user visits these sites, their back button behavior in most popular browsers is modified as to open multiple pop-ups featuring ads for adult entertainment and gambling sites when pressed, and uses other technology to basically 'trap' the browser until the entire application has to be closed. While some sites are still operating, the FTC is going to take this matter to court, which may decide exactly how much control a web site can take over the end browser using JavaScript and ActiveX. CNet has the full story." Le Marteau contributes a link to the same story at the Washington Post.

Uh huh...

[Anonymous Coward]

What gets me is not that someone registered those names and cybersquatted (I'm all for that), but that this kind of annoyance (popup Spam) is actually clicked through and these Casinos, fake/genuine Viagra, etc. sites make any money at all.

Are you the one clicking on them?

Blah blah blah... "IE sucks cuz I can turn off popups in Moz..."

another step towards the ruin of the web.

[Cheetahfeathers]

As much as I hate popups like that, government regulation of such is even worse. Also, what can they do about overseas sites? Are they going to try and put it under the same controls as overseas TV broadcasts?

The proper way to fix this is to fix the browsers so they don't allow this to happen.

FCC, stay the hell out of the net.

but sites still exist

[nilstar]

what about all the non-typo sites that exist? Well, how about using the no-popup feature of mozilla/netscape 6.x and dump the ie browser!

good! I've always hated Zuccinni

[Telek]

er, I mean Zuccarini.

But seriously. There's a fine line between .. no scratch that, there's a night and day difference between registering typo sites and displaying a pile of non-porn ads, and registering those sites and trapping the user in a net where they can't get out and displaying pornography to them for the sole intent of making a buck. especially when said users could be children or people who find pornography offensive.

I've seen a few sites who grab a typo site and just use it to promote their own (not indecent) site, but also provide a link on their site to the site that "you might have wanted" instead. I think that's fair enough, no big harm there, but to intentionally trap people. Wow. I never thought I'd be praising government intervention on the internet...

Fix this At Browser

[Rashkae]

Even though I'm sure we all had good intentions (if not complete thoughlessness) when all these cool features were added to JavaScript. But really, isn't it time that this gets fixed at the Browser end? I cannot think of *any* good reason for browsers to allow JavaScript to modify how buttons like Back and Close opperate without confirmation by the user. (it would also be trivial to apply a reasonable limit, like say 3, to pop-up windows). Microsoft and Netscape should both be *really* embarrassed that this issue is being addressed by the governent and potential legislation before they've even had a chance to suggest ways of fixing the situation.

Re:another step towards the ruin of the web.

[Anonymous Coward]

I agree. Believe me, I would love to see the end of all this control that web sites can have, but I don't think the government should be the ones who have the say. Software does a good job at being able to stop this. Don't like all those pop-up ads? Disable JavaScript (on a per-site basis for example). It should be up to the user what can and can't be done on thier machine, not the government.

I'm happy, but...

[DaSyonic]

I can't say this is good. Noone likes those popup ads that lock you in, and do other unethical things. However, I dont think it's good for the government, or anyone, to say it's illegal/disallowed.

Namely, You are connecting to THEIR machine.
Mail server administrators block spam because they are using their resources, why can't these people claim the same? After all, you're using THEIR resources, shouldnt they have the right to send any data on a connection that YOU initiated? (Though I realize you might not have intentionally made that connection; they can be sneaky, but the point remains.)

I just don't like regulation, If it's bad and wrong, it's the clients job to work with the received data. But noone's blaming Microsoft, Netscape, Mozilla, or Konq (and you really can't blame the last 2, they're implementing things to take care of this junk).

Target a solution, rather than the cause and punishment.
That's just my view.

Re:Wow!

[edhall]

The guy was only exploiting a system that pays money based on "impressions" or "exposures." He set up traps that generated as many ad exposures as possible, but it made no difference to him whether the ads made a possitive impression on anyone.

This is why most of the ads were for porn, since he needed advertisers who didn't check what the presentation of their ads would look like or the nature of the site itself. Outside of porn, few advertisers are that lax any more. I'm sure that, given a choice, even porn advertisers would want a "friendlier" presentation than this guy gave them. But they don't care enough to even check. In the mean time, this guy was raking in a hundred or more ad exposures per victim.

-Ed

Re:Fix this At Browser

[JoeShmoe]

I think it is especially embarassing that Microsoft/Netscape cannot grandularize the ActiveX or JavaScript functionality. Your choices are "Run All" or "Run None". There needs to be a way to differetiate between normal redirection (which is often used by legit sites)or pop ups (which is of course used in advertising) and those malicious elements such as "On Back" or "On Close" or "Maximize Full Screen with no buttons anywhere". I cannot stand it when I have a button in my taskbar that refuses to respond to a right-click Close command. That kind of control interferes with my GUI and should not be tolerated.

- JoeShmoe

Re:Neverending popup...

[Anonymous Coward]

.net, not .com. Actually, the site's been down for a while, so we just have to link to the goatse guy, via geeknotes if we're bored.

Re:Wow!

[dragons_flight]

According to this US News report [usnews.com], X10.com had the 14th highest traffic of any domain in the month of august. Pretty impressive for a site that sells something almost no one wants.

Has anyone else noticed that their special deals are always about to expire in the next day or two, and yet the offer itself doesn't change for weeks on end. Maybe someone should get them on deceptive advertising?

Omniweb baby!

[SimJockey]

Don't think it's available for anything other than OS X, but Omniweb has great javascript control. There is actually a setting to not execute a pop-up window unless it is from within the domain of the website you are at. Very slick, haven't seen an X-10 ad in a long time. Plus it has some sweet cookie handling options, like accept but don't save. (This may be old news on other browsers, but I've been stuck with IE for a long time.)
Only downside is I can't do my banking with it, but other than that it's the perfect browser for me.

Interesting

[zpengo]

The real question is, is this a violation of the owner's civil liberties, or a victory against spammers?

This topic should clarify a lot of the hypocrisy among the /. crowd; What's *your* opinion on this issue? And how does that opinion compare to, say, what you would feel about the court shutting down your anti-Microsoft site?

No.

[dsanfte]

Namely, You are connecting to THEIR machine.
Mail server administrators block spam because they are using their resources, why can't these people claim the same? After all, you're using THEIR resources, shouldnt they have the right to send any data on a connection that YOU initiated?

No.

If I open cnn.com, I know what to expect when I get there, news. If my little sister tries to open up Britney Spears' webpage for info on Britney Spears, and lands in this guy's javascript porn-ad trap, not only is it a federal crime (she's 8 years old), but my little sister did not initiate the connection expecting the deluge of porn advertisements.

By the same token, Microsoft doesn't have the right to wipe my linux partition every time I visit their update site to patch winME.

How is this different from e-mail spam?

[jesser]

A spam message wastes some of my bandwidth and a few seconds of my time. A "hydra" pop-up ad wastes some of my bandwidth and more than a few seconds of my time. The fact that I posted my e-mail address on my web site does not give you permission to use my resources to market to me. Clicking a link at a TGP (list of porn galleries) must imply a little more consent, because I obviously put up with banner ads, but I don't see why it should imply any more consent than "you may display things in this browser window". Not "you may open new browser windows or otherwise make it difficult for me to leave your site".

We deal with spam by first by black-holing rogue networks, then through government regulation, and perhaps occasionally through international pressure. Why are we skipping straight to government regulation for pop-up ads, rather than trying the black-hole approach first?

Be careful of the precedent this sets

[consumer]

While on the surface this sounds entirely good, it leaves some things open to interpretation. What's the feature that makes these sites illegal? Is it the fact that their URLs were close to the URLs of popular sites that young people might visit? That was true for etoy.com. Is it that the sites in question had offensive material on them? The etoy.com site had a picture of the bombed Oklahoma building with the caption "Such work requires careful training" and pictures of women in S&M garb.

It's difficult to draw the distinction without getting into questions of intent, and that's dangerous territory. In short, be careful what you ask for when talking about typo sites.

Re:This might slow the push for filtering?

[alexjohns]

Sorry, but there is no way that filtering software is evil when used by a 6 year old. No way. I have a 3 year old. He'll have filtering software on his machine until he's at least thirteen or until he figures out how to disable it. If he's savvy enough to outgeek his dad who's been geeking for over 20 years more than him, then he deserves his porn.

People who are rabidly anti-filtering forget that for some purposes it is useful. Alcohol, cigarettes, guns, porn - all things that an age-filter is useful for. I can't watch my son every moment he's online. This prevents inadvertent finger presses more than deliberate ones, at least until they get to a certain age. When my son gets to that age, he and I'll talk.

Re:Interesting

[benedict]

Bah.

Fraud and criticism are different types of activities and they receive correspondingly different levels of First Amendment protection.

That's not hypocrisy, it's common sense.

Re:This might slow the push for filtering?

[rabidcow]

Filtering software is good.
Mandatory filtering software is bad.

If you (as an adult, fully capable of making your own choices in life) are not allowed to access something, be it filterred or shut down by law, then it is a restriction of your freedom. (If that's important to you.)

If you (as an adult/parent) choose for you and your dependants to not access something, that is a use of your freedom. (If that's important to you.)

Re:Wow! 1st amendment rights...

[chromatic]

Nothing in the Constitution compels us to listen to or to view any unwanted communication, whatever its merit. . . We therefore categorically reject the argument that a vendor has the right under the Constitution or otherwise to send unwanted material into the home of another. . . We repeat, the right of a mailer stops at the outer boundary of every person's domain.

-- United States Supreme Court, Rowan vs. U.S. Post Office, 1970

Re:This might slow the push for filtering?

[Anonymous Coward]

There is only one problem with your idea. Filtering software doesn't work well. This can be demonstrated. Anyone with a background in pattern recognition etc. will tell you that it isn't likely to work well any time soon.

So what you are saying is 'sign me up for a service that won't block a lot of porn/whatever, and will block a lot of 'good' sites. Oh, and as an added bonus, some questionable organization is making those decisions for me with *no transparancy* since they claim (bullshit) that they need to keep their lists private for 'security' reasons.

So hook your kids up. Let some company decide what sort of spin to put on their web experience, one that you won't be able to check (easily).

Just like DeCSS

[ikekrull]

They don't like what a piece of code does, so they ban it.

I can't believe people are supporting moves to dictate what you are or are not allowed to express in a piece of code.

This functionality is, i'm sure, in the W3C standard for Javascript, so criminilizing this is pretty stupid.

Now, if your browser is engineered so poorly that it allows you no control over this behaviour - i.e. a site author is free to mess up your web browsing experience, shouldn't you ask the manufacturer of that browser to do something about it?

Don't restrict this guy from publishing anything he wants to on the web. The control over whether to view that content should be in the user's hands.

I know that M$ etc. would love to turn the web into a heavily regulated, TV-like environment where most content is approved and published by a few mega-corps, with government regulations on what is or is not acceptable, but that idea makes me sick to the stomach.

i mean, how hard would it be to have a preference setting for 'ask me before allowing javascript to open a new window'? Give the user a choice, don't make it a crime to write this type of application (for which there are many perfectly legitimate uses)

Making rules for what types of applications you may or may not publish on the web is surely a free speech issue.

'Sorry, window.open() is now a federal crime.' doesn't cut it with me.

The problem is with the tools that web browsers expose to site developers. The site developers should be free to put any tags they like up on the web.

This is why web browsers are free to ignore markup they do not support.

W00t!

[veddermatic]

Me likee.

Registering typos is a smart, good thing (regradless of what you think =) but "trapping" is just plain WRONG.

I am pleassed to see this type of thing, assuming it actually gets implemented with some knowledge and thought.

Imagine surfing pr0n without holding your fingers poised over Alt-F4!

Oh, and to they guy who (anon) responded to my sig about being dyslexic as "we used to call you idiots who couldn't spell", I think we used to call folks like your mom "Dumb bitches who couldn't afford abortions"