Search /
Docfinder:
Advanced search  |  Help  |  Site map
RESEARCH CENTERS
SITE RESOURCES
Click for Layer 8! No, really, click NOW!
Networking for Small Business
TODAY'S NEWS
FBI warns of holiday cyber scams
U.S. Open used Web filtering to prevent online gambling
Google Earth used by terrorists in India attacks
Verizon trounces competition in wireless quality survey
Mumbai terrorist attacks don't deter technology companies
Google layoffs: 10,000 jobs being cut, report claims
Experts to Feds: Sign the DNS root ASAP
Cisco shutting down between holidays
Sprint completes Clearwire WiMAX deal
Mobile sales to beat economic gloom, forecasts Ovum
Start-ups starting to feel economic pain
Spam levels fluctuate as crooks try to revive botnets
Mozilla eyes extra beta for Firefox 3.1
Grim forecast for holiday e-commerce sales
Talking Web, memory assistants and solar-powered cell phones headed mainstream, IBM says
Security /

Scumbody's changing my Web page

Related linksToday's breaking news
Send to a friendFeedback

Sign up to receive this and other networking newsletters in your inbox.

By M. E. Kabay
Network World Security Newsletter, 05/08/02

In this short series of articles, we're looking at how some kinds of software make unauthorized changes to the appearance of Web pages.

Surf+ is an example of a product that adds unauthorized embellishments to Web pages. Using this product, ordinary words become hyperlinks; the scumware adds underlines and highlights keywords in green. It is thought that about 500,000 users have installed this product.

The company makes money by selling links to competing sites; some Webmasters have reported noticeable declines in Web advertising as a result of the modification of the users' view of their Web pages. To the horror of some Webmasters, some of the added links send visitors to porn sites who have paid for the, uh, exposure.

TopText (also known as ContextPro) from eZula is bundled with other software (e.g., the KaZaa peer-to-peer file sharing software). Estimates of the installed base run as high as 2 million users. This tool kit is a browser plug-in that gives Internet Explorer the ability to show additional links underlined in yellow lines. The makers defend their product by pointing out that surfers know what they're getting into if they read the end-user license agreements; that their service successfully provides a legal method for increasing business to their clients; and that their system helps to pay for free services for which users would otherwise have to pay.

Greg Searle reported in RISKS 21.47 on yet another way of annoying Web users. A company called Fastclick provides code that hides pop-up windows behind the windows already on screen. These pop-ups remain in place and are revealed only after one minimizes or closes the other windows on screen - by which time it is difficult to determine where the pop-ups came from. The solution, such as it is, is to disable JavaScript; alternatively, if one can locate the offending sites, one can put them on a firewall's or browser's exclusion list.

Some products such as Gator deliberately overlay banner ads. They insert their own choice of advertisement using exactly the same dimensions as the original banner ad and fix their substitute to the same place on the Web page, thus obliterating the original entirely.

Some firewalls also allow the user to reject ads. For example, ZoneAlarm Pro v3.0 has three settings for ad blocking: HIGH blocks all ads, MEDIUM blocks pop-up ads and ads that don't load within a user-stipulated time, and OFF lets all ads through.

Ad-blocking software can perform the same function without firewall capabilities. Type " ad blocker " into Google or another search engine and you'll find dozens of such tools.

So here's the essential problem: A Webmaster creates a Web page and includes links and advertisements. Some other company or person provides software to a user that alters the functions and appearance of the Web page before the user can see the intended Web page.

Many vendors and users say that it's the user's own business what they do to the Web page once it reaches the user's own computer. However, many Webmasters and other content providers argue that their work is being modified without their permission.

RELATED LINKS

Fastclick

TopText

Surf+

Wireless security, MPLS and iSCSI on tap at iLabs
Network World, 05/06/02

Air Force goes on net security offensive
Network World, 05/06/02

NEW! 18-month online Master of Science in Information Assurance offered by Norwich University.

Look for the “Computer Security Handbook, 4th Edition” edited by Seymour Bosworth and Michel E. Kabay; Wiley (New York), ISBN 0-4714-1258-9. Available now at your technical bookstore or from Amazon.

M. E. Kabay, Ph.D., CISSP, is Associate Professor in the Department of Computer Information Systems at Norwich University in Northfield, Vt. Mich can be reached by e-mail and his Web site.


NWFusion offers more than 40 FREE technology-specific email newsletters in key network technology areas such as NSM, VPNs, Convergence, Security and more.
Click here to sign up!
New Event - WANs: Optimizing Your Network Now.
Hear from the experts about the innovations that are already starting to shake up the WAN world. Free Network World Technology Tour and Expo in Dallas, San Francisco, Washington DC, and New York.
Attend FREE
Your FREE Network World subscription will also include breaking news and information on wireless, storage, infrastructure, carriers and SPs, enterprise applications, videoconferencing, plus product reviews, technology insiders, management surveys and technology updates - GET IT NOW.
* HOME    * RESEARCH CENTERS     * NEWS     * EVENTS

Contact us | Terms of Service/Privacy | How to Advertise
Reprints and links | Partnerships | Subscribe to NW
About Network World, Inc.

Copyright, 1994-2006 Network World, Inc. All rights reserved.