×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Window Pain

timothy posted more than 4 years ago | from the shut-the-windows dept.

Advertising 223

Frequent Slashdot contributor Bennett Haselton contributes the following piece on trying to get some measure of satisfaction in the struggle against pop-up ads, writing "The most annoying thing about some pop-up ads, is that you have no way of knowing which ad-serving network served them or who the responsible parties are. Could we reduce the incidence of illegal or deceptive pop-up ads, by giving users an easier way to trace their origin and figure out where to send complaints? Here's one way to do it with a simple right-click." Read on for the rest.

Occasionally while I'm surfing the web and a pop-up ad opens, my Norton Anti-Virus will alert me that it blocked an "attack" on my computer, and then in Norton's logs of recently blocked attacks, it gives the URL of the content inside the pop-up ad that was blocked. Sometimes it indicates whether the "threat" was blocked under the category "scareware" (an ad that mimics a program scanning your PC for viruses and then claiming to find "infections," which you have to remove by purchasing the advertiser's software) or "malware" (an advertiser's page that tries to infect your computer directly by using JavaScript tricks to get around the browser's security features). I'm glad that Norton blocks the malware attacks, since even though I always have all the latest security patches installed for Internet Explorer, it's always possible that an attacker could be using an exploit that hasn't been patched yet. I don't really care about blocking the "scareware" ads, because I'm not going to fall for an ad that claims to be scanning my PC for viruses, but most Norton customers probably appreciate blocking those ads as well.

The problem in both cases is that it's hard even for an experienced user, and almost impossible for a novice user, to know where to send a complaint about the content in a pop-up window. You can usually figure out the URL of the content in the pop-up window (just right-click the window content and pick "Properties" in Internet Explorer or "View Page Info" in Firefox), but often the content itself is being served from an IP address in a jurisdiction like China or Cyprus where malicious operators are hard to shut down. What you really want is for them to stop serving their dangerous ads on reputable websites through the ad network. You could complain to the owner of the website that you're browsing, and say that a pop-up ad window from their site got blocked by Norton as a "virus," but if their site rotates ads from different providers, the site owner would have no way of knowing which advertising network served the ad. Even if you know the URL of the malicious content that was in the pop-up window, that's not enough to tell which advertising network it was served from (because ad networks typically don't serve the ads from their own domain; they just serve a redirect, which causes the browser to load the pop-up ad's contents from the advertiser's domain).

And even if you know which advertiser network served the ad, and the URL that the malicious pop-up content was served from (say, http://www.evilsite.cn/popup.html), so you can take your complaint directly to the advertising network, that may still not be enough information for them to figure out which of their advertisers served the malicious content and needs to be booted out of the network. Because all the advertiser network has is a list of ad pages for their different advertisers (http://www.advertiser-1.com/ad.html, http://www.adveritser-2.com/ad.html, etc.) — the advertiser buys the right to show ads, and the ad network displays ads that load content from those ad content pages. If one of those pages — say, http://www.adveritser-2.com/ad.html — redirects the user's browser to http://www.evilsite.cn/popup.html, the advertiser network has no way of knowing which advertiser is doing that. They would have to go through and check the ad-serving pages (http://www.advertiser-1.com/ad.html, http://www.adveritser-2.com/ad.html, and so one one at a time) for each of their advertisers, to see which of those pages redirect to http://www.evilsite.cn/popup.html — and by the time they do that, the advertiser might have altered the page so that it no longer redirects to the malicious content. While it's pretty straightforward to figure out what URL the malicious content is being loaded from, it's very difficult to figure out the chain of events that redirected you there, and who the responsible parties are.

So here's an idea for a simple browser feature that would make it a lot easier to hold malicious advertisers accountable, and get them kicked out of honest ad-serving networks. Simply give the user a way to right-click on the top of a browser window, and pick "View window origin" or something similar. This would display the sequence of redirects that opened the window, something like this:

Browser was visiting http://www.cnn.com/
http://www.cnn.com/ loaded JavaScript from http://www.advertiser-network.com/ads.js
http://www.advertiser-network.com/ads.js redirected browser to http://www.advertiser-2.com/ad.html
http://www.advertiser-2.com/ad.html redirected browser to http://www.evilsite.cn/popup.html

Then, if the user views an ad that is obviously scareware (or if Norton blocks the contents from loading and gives that as a reason), then the user can just right-click on the window and see the list of redirects. The user could then e-mail that to the website owner with a suggestion to do something about it ("The ad network on your page, has been infiltrated by an advertiser who is using the ad network to serve malicious content"), or the user could take the complaint to the advertiser network. The advertiser network would be able to see from the log, exactly which of their advertisers' ad.html pages served the malicious content.

(Yes, this comes on the heels of my article arguing that we should allow more intrusive ads as a way to help pay for services that can't finance themselves with normal pop-up ads. This may strike some people as "ironic" who haven't thought about it very carefully. Getting users to give larger amounts of their attention in exchange for premium service, is an honest and mutually beneficial transaction; scaring users with deceptive ads, or using ad space to try to infect their computer, is not. I think that Starbucks has the right to charge whatever they want for coffee; that doesn't mean they have the right to pee in your coffee.)

In order for this window-history-tracing feature to make a difference, at least the following two conditions also have to be true:

  • The advertiser network has to be honest (honest enough to kick out advertisers who they know are serving malicious content), or at least, be located in a jurisdiction where they have to worry about being sued or prosecuted if they don't kick bad apples out of their network.
  • When the malicious ads are served, enough users have to complain about them that the advertiser network takes notice. You wouldn't want the advertiser network to take action just based on a single complaint, since then anyone with a grudge could file a phony complaint against an advertiser in order to get them shut down, but if complaints start coming in from several sources, then they should investigate.

Fortunately, these would be likely to be true in many if not most cases where malicious pop-up windows are being served. With regard to the first condition, I've dealt with several advertising networks to find ads to serve on the proxy sites that I run, and they were all based out of law-and-order countries (the U.S., Canada, Israel, i.e. not China or Kazahkstan). As for the second condition, the advertiser would probably have to serve the ad to many different users in order to achieve their goal -- whether their goal is to infect users' machines, or to get them to buy the advertiser's fake anti-virus software, or whatever -- and as long as a fixed percentage of users viewing the malicious ads are inclined to file complaints about them, then the more the ads are served, the more complaints will come in until the ads are taken out of rotation.

Of course, if the URL that's actually serving the malicious content, is located in a law-and-order country, you could always just complain to the admins of the network where the content is being hosted. But that's likely to be less effective, since (a) the actual URLs that I've seen serving the malicious content, usually are located in cybercrime-infested nations like China, and (b) even if you get one of those sites shut down, the advertiser can instantly rotate in other sites with the same content, and make that the new URL that users are redirected to.

It is also of course true that some pop-up ads are spawned not by websites, but by malicious programs that actually infect your machine and force your browser to display pop-up windows. If some browser maker adopted the feature I'm suggesting, and stored a user-viewable "history" associated with each pop-up window, then a malicious program running on your machine might even be able to spoof the history associated with a pop-up window, so that the user would right-click on it and think it came from http://www.cnn.com/ instead of being spawned by malware. Once the user has their machine infected by a rogue program, nothing that any other application tells them can really be trusted after that point. So an advertiser network would have to be careful not to take action against an innocent third party, just based on a flood of complaints that were sent in by people whose machines were infected by malware that spoofs the origin of the pop-up windows. Fortunately, if the allegedly malicious ad is still in rotation, it would be easy for the advertiser network to check the validity of the complaint, by simply going to the advertiser's ad-content page, and seeing if it redirects to the malicious content. If it does, then you have grounds to boot the advertiser out of the network.

(You'd want to check the page's content from some anonymous IP address not affiliated with the advertiser network though. Otherwise, the advertiser might try to fool the ad network people, by showing "innocent" content when the page is loaded from the IP addresses associated with the ad network's office, and serving the scareware content to everybody else. Just trying to think of everything here.)

I'm sure there are other counter-strategies and counter-counter-strategies that would have to be taken into account, and kinks to be worked out, but probably not fatal to the whole idea. If a pop-up window opens on the user's computer that is possibly illegal, it is probably a good thing to give the user the tools to figure out where the ad came from, and which advertiser network to complain to. Right now, the ad window just floats there, and it's maddening not to have any way of knowing which ad-serving network put it there, or even if you can identify the ad-serving network, which of their advertisers created the content.

The main obstacle standing in the way of a major browser maker implementing this, may be that it doesn't bring any particular benefit to the users of that browser. When Microsoft adds SmartScreen to Internet Explorer, they can now claim that IE users are better-protected than users of other browsers. On the other hand, if the Mozilla Foundation adds the pop-up window right-click-history feature to their browser, they can't legitimately claim that Firefox users are better protected, since this feature wouldn't actually block anything. Firefox users would simply be better equipped to complain about malicious pop-up windows, and increase the chances of those rogue advertisements being taken down, or at least kicked out of ad networks where they would do the most damage. However, the benefits of that increased policing, would accrue to all Internet users, not just Firefox users.

Still, abuse desks get so many complaints about spam and spammers, that there are apparently plenty of people out there who get enough satisfaction from complaining about net abuse, that they would make use of the pop-up window-tracing feature if they had it. I know that when I see a stupid ad pretending to "scan" my computer for viruses, I get unreasonably disgusted, not from seeing the ad itself (which I can easily ignore), but from knowing that the advertiser has probably fleeced people of thousands of dollars with that ad. It would be nice to be able to help stop them before they cheat the next person.

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

223 comments

First (0, Interesting)

Anonymous Coward | more than 4 years ago | (#31361230)

who the F&ck cares

Re:First (0)

Anonymous Coward | more than 4 years ago | (#31361530)


Who cares?

Bennett "Windbag" Haselton (and his mom) care, that's who!

-

Re:First (0, Troll)

vintagepc (1388833) | more than 4 years ago | (#31361962)

Also, tl;dr.

This is slashdot and not a magazine. So unless you have something VERY interesting to say, keep the word count low. I don't give a sh!t for long-winded novels. Those of us that do will *GASP* RTFA.

(cue the "insensitive clod" replies below...)

Re:First (5, Insightful)

Captain Splendid (673276) | more than 4 years ago | (#31361648)

Parent is not a troll. There's two huge red flags that popped up right at the beginning of TFS:

One, he's using Norton, which anybody knows is ripe for ridicule in this particular forum.

Two, as has and will be mentioned numerous times, Noscript, adblock, etc. make all this very academic (which, I know, is the point of Bennet's writings here, to explore concepts in theory).

So while I'm sure his opinion is interesting to whatever eggheads here like to digest his cromulent but otherwise semantic ramblings, the rest of us will do pretty much what parent has done and say "who gives a fuck?"

Re:First (1)

greyline (1052440) | more than 4 years ago | (#31361690)

Three, timothy posted it.

Re:First (1)

Antidamage (1506489) | more than 4 years ago | (#31361738)

Four, check the definition of illegal, assbags. Just because it annoys you doesn't mean that it's illegal.

Re:First (2, Funny)

Anonymous Coward | more than 4 years ago | (#31361988)

Four, check the definition of illegal, assbags. Just because it annoys you doesn't mean that it's illegal.

As an assbag I find your post both annoying and illegal (hate crime).

Re:First (1)

Coren22 (1625475) | more than 4 years ago | (#31362090)

Computer crimes and abuse act?

From what the article was saying, these ads tried to compromise his computer and Norton (Oh god, what idiot still uses Norton?) blocked the attack. An attempted compromise would fall under the umbrella of the previously mentioned act and be criminally punishable in the USA. If the ad was served from some other country, probably the best that could be done would be to get the ad pulled from the ad network, which would stop future attacks from that particular ad.

Firefox + NoScript + Adblock Plus + FlashBlocker (5, Informative)

Peter Simpson (112887) | more than 4 years ago | (#31361246)

I can't recall the last time I have seen a pop-up ad with the above configuration. They literally aren't a problem for me. Oh, and I run Linux, so it doesn't matter anyway...the code won't execute.

Re:Firefox + NoScript + Adblock Plus + FlashBlocke (2, Informative)

meow27 (1526173) | more than 4 years ago | (#31361286)

no-script alone should solve most of the problems

Re:Firefox + NoScript + Adblock Plus + FlashBlocke (0)

Anonymous Coward | more than 4 years ago | (#31361394)

Simply having the "Block pop-up windows" option activated in Firefox is really quite sufficient most of the time.

Re:Firefox + NoScript + Adblock Plus + FlashBlocke (2, Informative)

jbezorg (1263978) | more than 4 years ago | (#31361526)

"Block pop-up windows" won't get rid of those stupid smiley face flash ads that shout "Oh No!".

Firefox + NoScript (1, Informative)

Anonymous Coward | more than 4 years ago | (#31361572)

Agreed, I have NoScript in my FireFox, I haven't gotten any unexpected pop-ups.

My main problem is getting expected pop-ups, sometimes I forget to look at that little bar that appears at the top of the window.

Re:Firefox + NoScript + Adblock Plus + FlashBlocke (1)

b0bby (201198) | more than 4 years ago | (#31361402)

Or, on a small business network, IPCop + URL Filter with transparent proxy on & the Ads category checked... That works well for IE & Firefox.

Re:Firefox + NoScript + Adblock Plus + FlashBlocke (5, Insightful)

spatley (191233) | more than 4 years ago | (#31361440)

Yeah, but this article is discussing the state if the industry, not how an expert user can avoid popups and other scareware/malware.
There are loads of machines out there being infected today by doing normal browsing on reputable sites. With the current industry practice of n-number of redirects through n-number of networks for 3rd party ad serving it makes it near impossible to track down those of nefarious intent on an incident level.

Once again it is not the .01% of us slashdotters that are the problem with malware infections, it is the millions of joe sixpacks that care not to go through the trouble that it takes to install and then browse with these specialized browsers and plugins.

I for one agree, something must be done; and "open letters" like this are often how the conversation starts.

Re:Firefox + NoScript + Adblock Plus + FlashBlocke (1, Insightful)

jedidiah (1196) | more than 4 years ago | (#31361646)

It doesn't take an "expert" to install the portable version of Firefox.

Really. The dumbing down of the user base has gone a little too far here...

Re:Firefox + NoScript + Adblock Plus + FlashBlocke (3, Insightful)

ottothecow (600101) | more than 4 years ago | (#31361742)

And expert users are the only people who can really browse with the GP's combo. If we stuck everyone on that combo, they would be dead in the water when something breaks.

I skip noscript, only use adblock plus on slower systems (I'd like to let the sites get ad impressions, but my netbook browses so much smoother when the ads are getting blocked) and use flashblock somewhat randomly across systems. Even with flashblock alone, some sites simply can not be made to function properly without whitelisting it and reloading the page. I don't know if there are funny overlays or scripts that trigger eachother or what but sometimes the little play button just isn't enough.

The average user is not going to go around whitelisting, reloading, and otherwise troubleshooting pages.

Re:Firefox + NoScript + Adblock Plus + FlashBlocke (5, Informative)

jbezorg (1263978) | more than 4 years ago | (#31361460)

Firefox + NoScript + Adblock Plus alone does alright for me. NoScript has options to block embedded content under options so adding FlashBlocker is a little redundant for my taste.

Re:Firefox + NoScript + Adblock Plus + FlashBlocke (2, Informative)

Anonymous Coward | more than 4 years ago | (#31361838)

Not at all. NoScript is too indiscriminate. If you allow a domain, it loads everything from it. If you prohibit Flash for trusted sites, you also block other things.

FlashBlock adds a bit more control.

Re:Firefox + NoScript + Adblock Plus + FlashBlocke (2, Informative)

clang_jangle (975789) | more than 4 years ago | (#31361482)

That or privoxy with the browser of your choice.

But back to TFA, I can't believe it didn't occur to Haselton that sending email to a site that has these ads is a bad idea that will probably get you on more spam lists. People who have these ads are part of the problem for a reason, and the reason is usually greed.

Re:Firefox + NoScript + Adblock Plus + FlashBlocke (1)

Zerth (26112) | more than 4 years ago | (#31362110)

But back to TFA, I can't believe it didn't occur to Haselton that sending email to a site that has these ads is a bad idea that will probably get you on more spam lists.

Why on earth would you assume that he doesn't generate a single-use email address for such correspondence?

Re:Firefox + NoScript + Adblock Plus + FlashBlocke (2, Interesting)

Dracos (107777) | more than 4 years ago | (#31361760)

Your equation is missing a critical element: map known ad hostnames to your hosts file and map them to 0.0.0.0. DNS gets short circuited within localhost and immediately returns nothing. Much less work for Firefox and the aforementioned plugins.

I have ~11,000 of these in my hosts file. I don't see ads. If some new ones sneak through, I add that host. Google seems to be tricky with their analytics stuff (Urchin), have to keep an eye on it.

RequestPolicy (1)

avicarmi (582269) | more than 4 years ago | (#31361864)

http://www.requestpolicy.com/ [requestpolicy.com]

RequestPolicy is an extension for Mozilla browsers that improves the privacy and security of your browsing by giving you control over when cross-site requests are allowed by webpages you visit. It is the first comprehensive client-side protection against CSRF attacks and the first tool to enable the use of modern browsers without cross-site information leakage.

not just displays, as the original post was suggesting, but also allows to you block (or unblock) cross site requests.

Re:Firefox + NoScript + Adblock Plus + FlashBlocke (1)

ukemike (956477) | more than 4 years ago | (#31362206)

Actually I think Firefox + NoScript + Adblock Plus + FlashBlocker is over kill. I use Firefox with NoScript. I don't get popups, or the most annoying ads, and flash does not work unless the script is allowed.

Many people wouldn't want to deal with enabling particular scripts to view video or other bits of websites on a regular basis. I don't mind. Truth is when I saw this story I thought, "People still get popups?!?" Then I remembered a recent foray online on another PC with IE and it was nothing but popups and popunders.

TL;DR (-1, Flamebait)

Anonymous Coward | more than 4 years ago | (#31361254)

Can i get a reader's digest version?

Re:TL;DR (5, Funny)

spun (1352) | more than 4 years ago | (#31361410)

No, you fucking plebeian. Bennet Hasselton has two last names, and both of them are extra snooty, therefore you will read all of Bennet Hasselton's exquisitely crafted prose and you will like it. A genius like this is doing us all a service by sharing his wisdom, so get out a spoon and eat that shit up.

Re:TL;DR (1)

zepo1a (958353) | more than 4 years ago | (#31361668)


1. Create Pseudonym of Harrington Carnegie Bartholomew & pimp newly created blog to /.
2. ???
3 Profit!

Re:TL;DR (0)

Anonymous Coward | more than 4 years ago | (#31362060)

"Derp derp derp, I run Norton Antivirus. Derp derp de derrrrrrrp"

LONG!!! (3, Informative)

kai_hiwatari (1642285) | more than 4 years ago | (#31361262)

wow .... i wonder if i should read this ....

Re:LONG!!! (0)

Anonymous Coward | more than 4 years ago | (#31361380)

That's a lot of text for "a simple right-click"

Re:LONG!!! (3, Insightful)

Anonymous Coward | more than 4 years ago | (#31361438)

It's by Bennett Haselton, so it's safe to say no, don't read it,

Jon Katz, is that you? (1, Offtopic)

Hadlock (143607) | more than 4 years ago | (#31361272)

Whatever happened to that guy? He posted a bunch of worthless articles, wrote (and promoted) a book here on slashdot, got laughed out of the community and nobody's ever heard from him since.

Re:Jon Katz, is that you? (2, Informative)

sunking2 (521698) | more than 4 years ago | (#31361356)

Oddly enough he actually had a book made into an HBO movie recently. It even had Jeff Bridges in it. So I guess he's still alive, although only seems to write about dogs because they'll tolerate anyone who has bacon bits.

Re:Jon Katz, is that you? (2, Interesting)

abigor (540274) | more than 4 years ago | (#31361366)

He got into dogs and started writing books about them instead. Unfortunately, knowledgeable people in the "dog community" or whatever you call it have criticised him for killing his dogs at the first signs of illness, and for generally being a bad trainer. It's a familiar pattern - gain passing familiarity with something, pretend to be some deeply insightful authority and write about it, then retreat when things go pear-shaped (ie the Commodore 64 in Afghanistan, remember that?)

The anti-Katz flaming was hilarious though. That was also the era of page-widening, Slashdot editor fan fiction, etc.

Re:Jon Katz, is that you? (1)

smooth wombat (796938) | more than 4 years ago | (#31361570)

killing his dogs at the first signs of illness

So when he gets the sniffles, we can do the same to him?

Re:Jon Katz, is that you? (0)

ThePlague (30616) | more than 4 years ago | (#31361778)

He pulled that stunt even before slashdot. He started out on hotwire, until he got laid off there as a prelude to the dotcom bubble burst back in '99. He was at newstrolls for a while gratis, since that's where most of the regulars at hotwire went once they shut down their (primitive but popular at the time) message board. He was generally disliked there as well. He really hit his stride of unpopularity on slashdot, though, and was pretty much single-handedly responsible for the clamors for an "ignore stories by" feature.

Oh, God, I Hope So!! (0, Offtopic)

RobotRunAmok (595286) | more than 4 years ago | (#31361568)

If not Katz, then maybe someone who will stand in here in all the meaningfully Katz-like ways. We desperately need a Katz-figure here now to allow for some steam blowing off. I will say that, writing an article about pop-ups and IE, he's off to a fabulous start if he wants to pick up Katz's Post-Columbine Banner.

C'mon!! Go for it, D00D!

Ad-Block Perhaps? (5, Insightful)

xquark (649804) | more than 4 years ago | (#31361280)

I mean did you really need to write this long-winded meaningless rant? just download firefox and ad-block pro.

Re:Ad-Block Perhaps? (0)

Anonymous Coward | more than 4 years ago | (#31361400)

Totally correct. Firefox + ad-block (+ Ubuntu) is a perfect solution without any disadvantages. if you are on a website where you actually want to see the pop-up, just click the pop-up warning toolbar, and the pop-up is shown then. I think Timothy's pain is self-inflicted.

Re:Ad-Block Perhaps? (0)

Anonymous Coward | more than 4 years ago | (#31361412)

I mean did you really need to write this long-winded meaningless rant? just download firefox and ad-block pro.

Correct, sir! I don't even remember what ads or pop-ups look like anymore.

Re:Ad-Block Perhaps? (2, Insightful)

KharmaWidow (1504025) | more than 4 years ago | (#31361594)

Shoot: Safari, IE, and FF block nearly all the ads I encounter in their default configurations. Kinda a non-issue these days.

Re:Ad-Block Perhaps? (2, Insightful)

Anonymous Coward | more than 4 years ago | (#31361688)

I think we've found Rolland Piquepaille's successor.

Re:Ad-Block Perhaps? (1, Informative)

Sir_Lewk (967686) | more than 4 years ago | (#31361780)

This guy wouldn't use adblock though. You see, he not only supports popups in general, he actually proposes even worse ads as a good thing. This guy is a certified idiot and slashdot needs to stop giving him attention.

Re:Ad-Block Perhaps? (0)

Anonymous Coward | more than 4 years ago | (#31362214)

No, he proposed more intrusive ads. The way I see it, he wants to get rid of malicious pop-ups so that advertisements are considered more legitimate. You can't deny that if half the ads you see are really stupid, you won't respect the other ones that are pushing actual product.

In fact, the system of intrusive advertisements which he proposed would be susceptible to this kind of malicious adverts, and in order for a site behind such an adwall to work properly, there would have to be some mechanism in place to ensure that users that are blocked by the adverts are seeing legitimate commercial content, and not something which will harm them, because if they get a virus from the advertisements on your website they are not likely to come back.

Out Come the Wolves (5, Funny)

eldavojohn (898314) | more than 4 years ago | (#31361290)

Occasionally while I'm surfing the web and a pop-up ad opens, my Norton Anti-Virus ...

Huh, I fail to identify with your underlying scenario. I have the latest vanilla Firefox here (not even adblock or noscript) and it does a mighty fine job of blocking popups and letting me know if it did with a tiny bar that comes down. Now, if I didn't do something that would cause a popup on the site, I just ignore it. This works 99% of the time. The other 1% is some less than reputable video site using my "click to play" action in a Flash video to launch a popup that Firefox doesn't catch. Oh well, I make due just fine.

I'm glad that Norton blocks the malware attacks, since even though I always have all the latest security patches installed for Internet Explorer ...

This would be the point in your investigative security piece (which you are delivering to a pack of highly caffenated, know-it-all, technology sector employed nerds) that you point out that you are only using this to mimic the average user's experience or you're doing this to criticize Microsoft or just that you normally use a more secure solution than this. Otherwise at best your credibility may suffer and at worse a frothing melee of insults will ensue ... some possibly in Klingon delivered from a goeteed man pushing three bills. I find these to be most unpleasant experiences ... both as the victim and the bystander so I wish you the best of luck and remind the audience to please be gentle.

Re:Out Come the Wolves (2, Insightful)

Qzukk (229616) | more than 4 years ago | (#31361492)

remind the audience to please be gentle.

Maybe we need a new section for speculative fiction here. We could call it soundingboard [merriam-webster.com].slashdot.org, and everyone can go there and post their "Wouldn't it be cool if..." rants.

We can even simplify the comment section by just having one big "NO!" button.

What in the who again? (5, Funny)

oodaloop (1229816) | more than 4 years ago | (#31361302)

Pop-ups in Internet Explorer? How quaint. I've forgotten what browsing in the late '90s was like since I've been using FIrefox for so long. Haven't seen a pop-up in ages. Thanks for the blast from the past.

What? (0)

Anonymous Coward | more than 4 years ago | (#31361312)

Sounds like Micro$oft needs to implement a "remotely shock this user" feature.

pop-up ads? (1)

wiredog (43288) | more than 4 years ago | (#31361332)

Those are one of the annoyances blocked by AdBlock on FireFox, right? I can't recall seeing one for awhile.

Re:pop-up ads? (2, Informative)

krischik (781389) | more than 4 years ago | (#31361606)

You don't even need AdBlock - every self respecting browser won't open even pop-ups windows any more.

File a feature request with Mozilla (3, Insightful)

Qualin74 (1491297) | more than 4 years ago | (#31361342)

File a feature request with the Mozilla Team. I'm sure they'd be happy to include this feature into their browser.

Cat and mouse (2, Interesting)

jgreco (1542031) | more than 4 years ago | (#31361354)

Generally speaking, bad actors will counter any move you make. Talking about miscreants who might respond with innocent content for requests from the ad network's IP space is naive; this has been happening for years already. It is quite common to see a lot of different defenses deployed to protect the bad actors, and accurately tracking them is rarely simple. It's part of the power and part of the problem that is HTML.

Re:Cat and mouse (0)

Anonymous Coward | more than 4 years ago | (#31361416)

All advertising is spam, there is no such thing as a "good" ad network therefore it should all be blocked.

Re:Cat and mouse (1)

tepples (727027) | more than 4 years ago | (#31361930)

All advertising is spam

Most advertising is not for computer programs that actively try to prevent an administrator from removing them without removing the operating system.

ads not adds (0)

Anonymous Coward | more than 4 years ago | (#31361358)

Frequent Slashdot contributor Bennett Haselton contributes the following piece on trying to get some measure of satisfaction in the struggle against pop-up adds, writing

"The most annoying thing about some pop-up ads

Jeez, how hard is this? All the editor had to do was ^c^v what the contributor wrote. (Yes, I know I'm misspelling "Jesus"; I'm trying to avoid going to hell. Fuck you.)

If you complain... (1)

Enuratique (993250) | more than 4 years ago | (#31361428)

It only reinforces that you saw the ad... This approach may backfire and incentivize this type of behavior.

A change (3, Insightful)

Pojut (1027544) | more than 4 years ago | (#31361444)

I've noticed recently that many websites I visit are starting to use those huge overlay ads OR, even worse, those fuckers that appear right over a link just as you are about to click on it.

I WILL NOT buy products advertised in this fasion.

Even local monopolies? (1)

tepples (727027) | more than 4 years ago | (#31361950)

I WILL NOT buy products advertised in this fasion.

When your electric power company and the only broadband ISP serving your area start advertising in this fashion, then what do you do?

Adds (0)

Anonymous Coward | more than 4 years ago | (#31361474)

Timothy - ads are not the same thing as adds.

Norton Anti-virus (5, Funny)

Dancindan84 (1056246) | more than 4 years ago | (#31361484)

Occasionally while I'm surfing the web and a pop-up ad opens, my Norton Anti-Virus will alert me that it blocked an "attack" on my computer

Wait a second... he has a computer powerful enough to get pop-up ads while running Norton Anti-Virus?

Re:Norton Anti-virus (0)

Anonymous Coward | more than 4 years ago | (#31361728)

The fact that he's RUNNING NAV was enough to save me from reading his 12+ paragraph ramble. Thank goodness it was mentioned right toward the top of the post.

Re:Norton Anti-virus (2, Funny)

mcgrew (92797) | more than 4 years ago | (#31361824)

he has a computer powerful enough to get pop-up ads while running Norton Anti-Virus?

Yes, but unfortunately it has terrible pains running down the diodes in its left leg.

Right details (5, Informative)

KevMar (471257) | more than 4 years ago | (#31361550)

I have helped a few sites track down and remove scareware. give them as many details as you can.

My host name and IP from http://www.displaymyhostname.com/ [displaymyhostname.com]
The time I was on the page. What page you were on.

One thing I do is leave the site alone for a day so when I report it, I can tell them it was the last visit to the site. A detail like that helps when looking at logs. The hostname gives them where your located so if the add network uses locations to send adds, this will help.

part of the problem is that these sites will take real adds for real services and have them link to the real site. This helps them pass, then they push out a redirect script later or built in with a trigger to cause the redirection.

Its not often they can or take the time to track it down. But it sure feels good when they tell you they tracked it down because of your help.

Don't use IE? (1)

hotcorrado169 (1662993) | more than 4 years ago | (#31361556)

I use firefox for everything except active directory related stuff at work. I have flashblock, adblock plus, ghostery, and a few other add-ons that make firefox fast as F@#$. I get virtually no pop-ups (only things i click that are supposed to open new windows). All the known malicious sites are blocked by adblock because it automatically updates based on your subscription.

Chrome's solution (1)

crow (16139) | more than 4 years ago | (#31361584)

I haven't seen a pop-up ad in years, but my understanding is that Google's Chrome browser handles this by keeping the pop-up inside the tab that created it. Not the full history of the page with redirects as was overly-verbosely proposed, but certainly a step in the right direction.

What's a Pop-Up Ad? (1)

Wingsy (761354) | more than 4 years ago | (#31361618)

I had almost forgotten what a pop-up ad was. Like many of you, I have my own hosts file and I haven't even seen a pop-up in I-don't-know-when. Why doesn't the OP use one also? (No, I didn't read all TFA. Too many words.)

This explains a lot. (1)

rnturn (11092) | more than 4 years ago | (#31361630)

"I think that Starbucks has the right to charge whatever they want for coffee; that doesn't mean they have the right to pee in your coffee."

I haven't been able to stomach the excuse for coffee that Starbuck's sells for many years. Now I know why.

Re:This explains a lot. (1)

jedidiah (1196) | more than 4 years ago | (#31361706)

Something like urine simply isn't going to be noticable in the typical American over extracted coffee.

Even piss can't overcome how truely and genuinely BAD American coffee is.

Re:This explains a lot. (1)

spun (1352) | more than 4 years ago | (#31361768)

Totally off topic, Starbuck's CEO has flat out stated they aren't in the coffee business, they are in the dairy business. They make their coffee taste like such crap, the only way you can drink it is as a caramel frapamochachino loaded with milk. "Coffee" being just one of the many flavors you can buy with Starbuck's milk products.

Brilliant! (1)

d34dluk3 (1659991) | more than 4 years ago | (#31361654)

Let's combat annoying pop-ups that require the user to stop what they are doing with...complaints for the user to fill out, thus stopping what they are doing! Wait, what?

Do It Yourself (1)

BJ_Covert_Action (1499847) | more than 4 years ago | (#31361678)

Well Bennett, it's not something I would be interested in but, sure, it seems like it's a decent idea. However, I do wonder why you think it should be wrapped in 3rd party anti-virus software like Norton when it seems like it would be easier to just wrap it in the browser itself. In fact, you could write a little script/program that interfaces with the browser and mods it to do what you want. In fact, you could call this program an, "add-on," as it would add on functionality to the browser. Maybe you could even register it with the owners of the browser itself to get it approved so that users know its trust worthy....Do you see what I am getting at here?

It seems like you have the technical chops regarding how the internet routes traffic to design a piece of software like this. So why not write a Firefox or Chrome (or even both) add on for the browsers that do just what you are asking for? I understand its a good idea and, I suppose, maybe you want some input regarding the best way to implement this function. However, as per usual Bennet, your long winded rants/ideas that you post to slashdot just come off as a male peacock flashing his tail feathers amongst other male peacocks. That is to say, it seems like you're just whoring for attention saying, "Look at me, look at me, look how clever I can be!"

So stop typing about it and demonstrate it. Crack out the old Camel book (or whatever O'reilly pet you prefer) and get to coding. Otherwise, please spare your fellow 'dotters the long winded theatrics.

What? (1)

Jaysyn (203771) | more than 4 years ago | (#31361686)

There are still ads, let alone pop-up on the Internet? I had no idea seeing as I use a real web browser that puts me in control of my net surfing experience.

Patronization (4, Insightful)

Archangel Michael (180766) | more than 4 years ago | (#31361702)

Here's a solution, don't patronize any site that uses those types of advertisements. There is NOTHING on the site you can't get elsewhere with less crap. NOTHING.

I don't go to sites that have crap splashing all over my screen. I'll do without thank you very much. If a site expects me to use IE, I won't go. If a site wants to bombard me with flash for no reason other than to look ...well flashy, then I won't go. If a site wants to use javascript to do all sorts of stupid stuff to "look pretty", then it isn't getting me to visit again.

If you go away, and don't return, and you find sites that give you what you want without all the crapware pieces then they will learn. As for idiots who don't understand, stupid should hurt.

Oh, another thing. (1)

Jaysyn (203771) | more than 4 years ago | (#31361722)

Get rid of Norton kid. You aren't doing yourself any favors by using or paying for that crap-fest.

Norton? (2, Insightful)

HerculesMO (693085) | more than 4 years ago | (#31361746)

If you're using Norton I would wonder what kind of advice you are really qualified to give out.

No one seems to get it except the article writer (0)

Anonymous Coward | more than 4 years ago | (#31361796)

Reading the first 100 or so replies makes me sick. Its just like spam. Out of sight, out of mind attitude. When you finally get someone who wants to stand up and try and CORRECT the problem rather than just fucking masking it, they get blasted into oblivion. Disgusting.

Enjoy pop-up blocking while you can (4, Interesting)

Animats (122034) | more than 4 years ago | (#31361798)

It's convenient that you can block ads in web browsers. That may be on the way out.

You can't block ads on the iPad. One of the "advantages" being touted to advertisers [clickz.com] for the closed ecosystems of the various "ereaders" and "pads" is that they can have unblockable, unskippable ads. There hasn't been much about this in the popular press yet, but it's being of great interest in the advertising community, where more "control over the user experience", and less control by the user, is desired.

You can already see a trend in this direction, with Flash-based video players which insert unskippable ads.

Here are some choices for you (0)

Anonymous Coward | more than 4 years ago | (#31361802)

1) Install live headers firefox plugin, keep a window open so you can scroll back once a popup arrives

2) Install squid on your local PC and set your web server to go through that. When you get a popup check where you went in access.log

What magic does Symantec have? (1)

evilviper (135110) | more than 4 years ago | (#31361862)

I'm glad that Norton blocks the malware attacks, since even though I always have all the latest security patches installed for Internet Explorer, it's always possible that an attacker could be using an exploit that hasn't been patched yet.

Does this make sense to anyone who's really thought this through?

What magic does Symantec use that blocks unknown exploits? Or are you saying you update Norton AV hourly, and Internet Explorer only bi-annually?

I don't really care about blocking the "scareware" ads, because I'm not going to fall for an ad that claims to be scanning my PC for viruses, but most Norton customers probably appreciate blocking those ads as well.

Per the above, I expect, instead, that Norton is protecting it's marks from OTHER scareware, much as a worm that uninstalls other worms, to ensure it has sole and exclusive access to the resources of the host... I mean, hey, if you get fooled into buying some other program that removed non-existent infections, you don't have as much money now, and might opt to make up the difference by not paying for Norton in the future. After all, the new scareware found one more nonexistent virus than the old Norton scareware could...

Stupid? (1)

swanzilla (1458281) | more than 4 years ago | (#31361870)

I know that when I see a stupid ad pretending to "scan" my computer for viruses, I get unreasonably disgusted, not from seeing the ad itself (which I can easily ignore), but from knowing that the advertiser has probably fleeced people of thousands of dollars with that ad.

Ethics aside, those "scanning" ads are really quite ingenious for their ability to elicit a true "what the fuck" reaction when first encountered.

I am far more offended by that "lose belly fat" ad that AdSense drops seemingly everywhere...knowing that someone sat down and actually produced that uninspired elementary school-looking advertisement blows my mind. Moreover, it has been running for ages, so you know it is generating all sorts of clicks.

Pop Ups (1)

kenp2002 (545495) | more than 4 years ago | (#31361944)

I See a time when pop-up ads
or Help files are no longer needed
on wEb sites and we can just think
to Control our web browsers.
I Am a firm beliver that this will happen
aNd look forward to it.
IrRational advetisers are the source of pop ups.
To Educate people on how to browse is essential.
My bAit and switch idea for spammers should be effective.
Is buDding technology out there going to solve this
Or sYstems of control needed in meat space versus cyberspace?
As COntrols advance into HTML-5 how can we combat the Pop-Up?
I TUrn to the wisdom of my elders for advice on
a Realistic approach to pop up ads.
I Personally use a pop up block and it works but
on Other platforms this may not be an option.
One Such solution is adware and is well liked.
But sTandards for advertising are loose at best.
I was Submitting RFCs for advertising standards but gave up.

Given Los Angles Drag On Social servies it is clear they SERIOUS HELP!

Bennett Articles (0)

Anonymous Coward | more than 4 years ago | (#31361956)

For all of the TL;DR and "Oh god, not him again" crowd.. why don't you skip reading and skip commenting on any article that is from Bennett?
It just seems like it would be simpler.

Why not put this feature into the AV program? (0)

Anonymous Coward | more than 4 years ago | (#31361960)

Anti Virus programs already insert themselves in between your browser session and the web. I'm guessing that because this is the case, they can also easily generate the popup window origin redirect "strack trace" which you are asking for. This data could then be automatically sent back to the AV vendor, where they can aggregate it, and report malicious adds themselves. No user interaction required.

Why should the advertisers help? (2, Insightful)

Sir Realist (1391555) | more than 4 years ago | (#31362144)

Which would imply that the advertisers have a motivation to help you remove the offending ads. They don't. They get paid for them just as much as for anything else.

Most annoying thing (1)

DragonWriter (970822) | more than 4 years ago | (#31362182)

The most annoying thing about some pop-up ads, is that you have no way of knowing which ad-serving network served them or who the responsible parties are.

No, the most annoying thing about all pop-up ads is that they are ads that pop-up. All other annoyances are secondary.

Fortunately, pop-ups are usually easily blocked, which deals with that annoyance and any other secondary annoyances they might have.

Too Complex. (0)

Anonymous Coward | more than 4 years ago | (#31362222)

Anyone who would manage to do that on their own could also just go customize their security settings and all pop-ups will disappear. (Actually... it's been a little while since I used IE, but I seem to recall that I would have had to go change the security settings in order to get the pop-ups to show in the first place. I could be misremembering that, though.)

Anyway. Right click + report and the computer can auto-send the file to the appropriate place. That's less complicated. If you're teaching the browser to associate a subset of history with an ad, you can teach it to associate a provider.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...