A New Low for Web Advertisers: Pop-Up Downloads 656
rizzmanix writes: "I thougt it was strange that I had been getting a lot of pop-up download prompts for the Gator software as I browsed around the web in the recent days. Why were all these sites requiring this Gator thing I wondered?
Well I wonder no more... as apparently advertisers hit a new low by running 'pop-up downloads' instead of pop-up ads. Sneaky, underhanded, nasty and vile."
a followup link (Score:5, Informative)
why mozilla rules here (Score:5, Informative)
I've not seen a popup in months and months. It's fantastic.
Re:Pop up download (Score:2, Informative)
And yes, people CAN set up their computers to automatically accept these. The newer IEs always ask 'do you want to download or save this' to everything, even though no matter what kind of file it is - zip, rar, exe - I wanna save it, not run it.
It's very annoying, it SHOULD be illegal if it isn't, and it slows some browser/os/pc combinations to a crawl... I'm currently on my work's PC which is a decent system, running NT and IE5, and it is friggin slow.
Re:Gator info (Score:3, Informative)
Keep in mind, it didn't exactly sneak on, they're quite open that it will install - unless you grab the normal version.
The Pro version has encoding-only advantages, which most end-users won't use. You either pay $30 or agree to install the adware.
Oh, and renaming the file won't work. If GAIN isn't running, you won't be able to encode with the Pro encoder.
Re:Not reading the article is lame too (Score:3, Informative)
In some cases, people are not even asked whether they want the software. It just installs on the hard drive--a particularly troublesome tactic that some have dubbed "drive-by download."
thiefware.com on Gator Auto-install/ActiveX (Score:4, Informative)
Sig: What Happened To The Censorware Project (censorware.org) [sethf.com]
Mozilla (Score:4, Informative)
Re:Wow, this is lame (Score:5, Informative)
IE will happily install stuff without prompting if that's the way the security is set up; eg, if you set the "Internet Zone" (or whatever) to "Low" security, it will automatically download any signed ActiveX control.
Re:Gator info (Score:2, Informative)
My solution has been to compile a small Hello-World type program to an exe file. Then when I run into one of these, I make a copy of the exe file and rename it to whatever seems to be needed - if it gets called, a window pops up on the screen, then vanishes almost instantly, much less hassle.
I also have a copy of this called "iexplore.exe" to take care of any programs that try to invoke Internut Exploder
Re:Question about Gator specifically (Score:4, Informative)
As Gator has evolved it's become more and more malicious; popping up ads when I'm browsing is the most annoying, but also it's started placing its own ads over banner ads on web pages - that doesn't annoy me any more than the banner ads would but I think it's a pretty evil practice and I don't want to support it.
The only reason I've kept using Gator is that I have a large investment in terms of the passwords I have stored in it, but there are other, better ways to take care of that problem. At this point I run Gator with it completely blocked by firewall software, so it can't update itself and it can't download ads or offers. If you delete everything in C:\PROGRAM FILES\COMMON FILES\GMT\BANNERS you'll get rid of the ads it's already downloaded.
Re:Gator info (Score:2, Informative)
Divx 5 Maybe??? (Score:3, Informative)
Re:why mozilla rules here (Score:5, Informative)
Re:And for those still on dialup (Score:2, Informative)
Re:Popup warning dialog (Score:5, Informative)
Add them to the Restricted Sites zone. That will (by default) keep them from running any code, including signed and unsigned ActiveX, and even cookies.
Just saw this yesterday on Dad's puter (Score:4, Informative)
His dial-up connection was slow, he said. Indeed, every site I visited in his favorites was really slow and now wonder... everysite seemed to launch a couple of pop-unders that were consuming bandwidth downloading ads.
"Yeah, I've been getting that ever since I installed 'gator'"
"gator is something I got from yahoo that helps me fill in forms or something"
That rat-bastard gator had put hooks everywere, was a real pain to uninstall ("please stop the gator program before proceeding" - except to the ordinary user the concept of stopping a taskbar icon isn't very obvious).
The uninstaller launched a browser and loaded a page telling you why you shouldn't uninstall. Geez, go away already!
Yeah, my dad is pretty clueless - I reminded him not to download and install stuff unless he is pretty clear on what he is getting.
This software seems to exploit that cluelessness, posing as some innocuous, helpful utility when it's real purpose is far more invasive and it is relatively complicated to get rid of.
Re:Question about Gator specifically (Score:5, Informative)
Grab RoboForm [roboform.com] instead. It's freeware and it doesn't have any ads nor does it contain spyware. It'll even let you import all your Gator passwords. There's absolutely no reason to keep using Gator.
Comet Cursors do this. (Score:1, Informative)
Re:IE tools (Score:3, Informative)
I can only strongly recommend The Proxomitron [proxomitron.org]. It's freeware and it allows you to block all sorts of nasties - popups included. Besides popups, it will also filter javascript, cookies and ads. If that isn't enough for you it allows you to create your own filters using regexps. The Proxomitron is very powerful.
It's actually better than what you are looking for, because it isn't one of those stupid Browser Helper Objects. It acts as a local proxy and filters the HTML before it hits your browser. This program is a godsend to anyone who wants to browse in peace. The default look of the program is a little zany, but don't let that scare you since it can be easily turned off (Config | Visuals | Don't use textures).
You should also look at the IE security settings. Basically you need to turn everything off in the default Internet zone.
Re:why mozilla rules here (Score:4, Informative)
It's been more usable than 4.x for months. Recent releases are very stable. Startup time is about on par with Opera here (~3s when cached, next to ~2s for Opera).
4.x lacks usable CSS (and this is very important for modern sites.. the only reason most sites still work is because most sites still use techniques from 1995; I don't), and has laughable table layout code (it was made with basic HTML-for-tabular-data in mind, not triple nested layout tables); these alone make it pretty much useless to me.
If I didn't use Opera, I'd probably use Mozilla; at least I can trust it to Do The Right Thing (usually) when I'm developing sites; then I can go add my IE5/6/NS workarounds afterwards.
> Does it do any nasty or weird stuff on some sites?
IE6 does nasty and weird stuff on W3.org/Style (fixed positioning isn't supported, but it still processes the position: fixed; directive, meaning you can't do "position: absolute;position: fixed;" like you're supposed to. Argh.).
IE5 does nasty and weird stuff on every site that uses the CSS box model; it gets the sizes wrong on all boxes, meaning you need to exploit parser bugs to provide IE5 with tweaked sizes for it to work properly (and then provide Opera 5, which suffers the same parser bug, with real values).
NS4 does nasty and weird stuff when you specify an element should float: anywhere; it makes it completely unusable to use CSS layouts on it without spending months debugging an absolutely positioned workaround-nightmare.
Not seen Mozilla (or Opera) do anything this broken
I wonder if a law can fix this? (Score:2, Informative)
In the state of Texas (My home) There is the following
law
Comment: I would think that any software that installs
spy ware would fall under this! I am including some of the
definitions to make the meaning clear!
Texas Penal Code CHAPTER 33. COMPUTER CRIMES
33.01. Definitions
(1) "Access" means to approach, instruct, communicate with, store data in, retrieve or intercept data from, alter data or computer software in, or otherwise make use of any resource of a computer, computer network, computer program, or computer system.
(12) "Effective consent" includes consent by a person legally authorized to act for the owner. Consent is not effective if:
(A) induced by deception, as defined by Section 31.01, or induced by coercion;
(B) given by a person the actor knows is not legally authorized to act for the owner;
(C) given by a person who by reason of youth, mental disease or defect, or intoxication is known by the actor to be unable to make reasonable property dispositions;
(D) given solely to detect the commission of an offense; or
(E) used for a purpose other than that for which the consent was given.
33.02. Breach of Computer Security
(a) A person commits an offense if the person knowingly accesses a computer, computer network, or computer system without the effective consent of the owner.
(b) An offense under this section is a Class B misdemeanor unless in committing the offense the actor knowingly obtains a benefit, defrauds or harms another, or alters, damages, or deletes property, in which event the offense is:
(1) a Class A misdemeanor if the aggregate amount involved is less than $1,500;
(2) a state jail felony if:
(A) the aggregate amount involved is $1,500 or more but less than $20,000; or
(B) the aggregate amount involved is less than $1,500 and the defendant has been previously convicted two or more times of an offense under this chapter;
(3) a felony of the third degree if the aggregate amount involved is $20,000 or more but less than $100,000;
(4) a felony of the second degree if the aggregate amount involved is $100,000 or more but less than $200,000; or
(5) a felony of the first degree if the aggregate amount involved is $200,000 or more.
(c) (Blank).
(d) A person who his subject to prosecution under this section and any other section of this code may be prosecuted under either or both sections.
Added by Acts 1985, 69th Leg., ch. 600, 1, eff. Sept. 1, 1985. Amended by Acts 1989, 71st Leg., ch. 306, 2, eff. Sept. 1, 1989; Acts 1993, 73rd Leg., ch. 900, 1.01, eff. Sept. 1, 1994.
Amended by Acts 1997, 75th Leg., ch. 306, 2, eff. Sept. 1, 1997.
33.03. Defenses
It is an affirmative defense to prosecution under Section 33.02 that the actor was an officer, employee, or agent of a communications common carrier or electric utility and committed the proscribed act or acts in the course of employment while engaged in an activity that is a necessary incident to the rendition of service or to the protection of the rights or property of the communications common carrier or electric utility.
Re:Gator info (Score:1, Informative)
Re: Quick Tip (Score:2, Informative)
1) Start Menu\Programs\Startup
2) Control Panels -> Services (Windows NT etc)
3) Registry keys:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVer
HKLM\SOFTWARE\Microsoft\Windows\CurrentV
HKLM\SOFTWARE\Microsoft\Windows\CurrentVers
You may be amazed at the trash that can accumulate there. Alternatively, check out the rather excellent freeware Startup Manager [delphifreestuff.com].
A Wonderful Tool for Spyware (Score:5, Informative)
http://www.lavasoftusa.com
Re:Gator info (Score:3, Informative)
Something like this, which just writes the path of the executable to the windows event log. (C#)
namespace ExeSource
{
class Class1
{
[System.STAThread]
static void Main(string[] args)
{
System.Diagnostics.EventLog evLog = new System.Diagnostics.EventLog("Application");
evLog.Source = "ExeSource";
evLog.WriteEntry( System.Reflection.Assembly.GetEntryAssembly().Loc
}
}
}
More Mozilla tips (Score:3, Informative)
Mozilla can get even more ad-free.
I've added this to my personal style sheet (automatically applied to every page):
object, embed {
display: none;
}
This keeps all Flash etc. invisible. On some platforms you can just uninstall the Flash plugin, but that doesn't work in the Linux Mozilla. (The ", embed" part is probably not necessary.)
The file to change is "userChrome.css", and can be found in the "chrome" directory wherever Mozilla keeps your personal settings, mail, etc.
And then, whenever you see an ad that is an ordinary image, you can right click on it, and check if it comes from some server that probably only serves ads. If so, right click again, and choose "Block images from this server".
Using all these tricks, you can get rid of a lot of ads and other annoying material.
Most of this should work in Netscape 6 as well.
You could use one or two yourself. (Score:3, Informative)
Most importantly, no image file ever came with a security hole that allowed a third party to hijack the computer that downloaded it. I do not have the same confidence in software written by an ad agencies out to make a buck by hijacking my computer in the first place.
Sure, in a sense it's just another HTTP request, no different than the one that brought the HTML itself. But then again a bullet is just another projectile, no different than a tennis ball really.
There is a world of different between downloading simple data like text or images and downloading executable code. Clue yourself in.
Re:And for those still on dialup (Score:3, Informative)
I guess you didn't read the whole article yourself. :-) Check this quote:
Granted, anybody who has this happen automatically can only blame themselves for allowing any ActiveX program to download and run without requesting permission, but note that it *is* happening. Some of those poor dialup users are definitely getting nailed.Re:And for those still on dialup (Score:2, Informative)
<script>
var exepath='http://www.mp3yes.com/free_mp3_finder.ex
var bname=navigator.appName;
var bver=parseInt(navigator.appVersion);
function install() {
if ( navigator.platform && navigator.platform != 'Win32' ) {
location.replace('NOTWIN32WARNING.html');
return;
}
if (bname == 'Microsoft Internet Explorer' && bver >= 2) {
document.write('');
}
else if (bname == 'Netscape' && bver >= 4) {
trigger = netscape.softupdate.Trigger; if (trigger.UpdateEnabled) {
trigger.StartSoftwareUpdate(jarpath, trigger.DEFAULT_MODE) }
else { location.replace(exepath);
}
} else {
location.replace(exepath);
} }
install();
</script>
(taken from mp3yes.com)
Privoxy (Score:2, Informative)
But please mod this useful comment down. Slashdot is becomming more a community of Windows users than "nerds." In the past Junkbuster would have been the first comment to appear instead of all the whining and ain't it awful about the bad old advertising. Shit! Route around the damage and stop complaining!
Re:Try this Hosts file link (Score:3, Informative)
While a big hosts file might be simpler, something more like junkbuster [waldherr.org] is a much more elegant solution to block ads and filter cookies. You can choose what to block with regular expressions, so that you don't have to block an entire site to not get ads, nor do you have to block each and every different site that serves ads.
This combined with Mozilla's anti-pop-up capability make browsing the web an almost enjoyable activity. I haven't changed my blocklist in many months and have yet to see a single ad.