That bloody annoying Tribal Fusion pop up on this site

gabbo · #16 12-23-2007, 05:11 PM

Quote:

Originally Posted by Disk_Contented

Try the "proxomitron". A web filtering proxy. With Sidki's config, it's unbeatable. That's the sort of thing that I consider a necessity these days.

Aye, but it doesn't do the trick I want, I want it to download the junk to a temp folder, extract a load of links and download them too, so that the sysop of the advertising site thinks there's been a real victim rather than realising there's been a popup blocker in the way. If my system does that then a) they're still paying for the bandwidth and b) their figures for what percentage of victims actually part with money will drop. Eventually (hopefully) to the point at which they decide it's not worth paying people to infest the machines of innocent visitors with the rubbish.. As I said, I'm sick of people who wouldn't bother putting up web pages if they couldn't get paid for spamming everyone's browser. We need to get back to 'the good old days' when people put stuff up for the love of the subject, not to get-rich-quick.

Disk_Contented · #17 12-23-2007, 10:43 PM

You want to write a program that will do exactly what's wanted by these people? Download the end product, that includes malicious programs?
Why?
I prefer to stop them point blank, thanks.

I know of nobody that will go for it.

All this spam mail is binned by any mail service. Add blockers are used even by the OS itself.

These people couldn't care less what you do with it. They know millions of these adds go nowhere, but they keep coming. Bandwidth isn't a consideration.

I think you're on a lost cause bud. Probably, your app will be compromised, or used as a bomb to aid these people.

gabbo · #18 12-24-2007, 11:28 AM

Quote:

Originally Posted by Disk_Contented

You want to write a program that will do exactly what's wanted by these people? Download the end product, that includes malicious programs?
Why?
I prefer to stop them point blank, thanks.

I know of nobody that will go for it.

You're probably right that I'll have trouble persuading people to use it, they will probably look at it in a similarly simplistic way..

The program downloads the data yes, but that's as far as it goes. I've plenty of idle bandwidth so it's not a problem in terms of throughput, but once I've got the data it doesn't get executed in any manner, all that happens is any HREF links are snagged out of it and they're also fetched. No one *sees* any of this, it's all invisible. The reason for bothering to fetch the data (and the part iI'll have trouble convincing people to go for) is that it appears to the hostmaster that his junk has been fetched, s/he won't think it's been adblocked. This means that when they're analysing their logs, they will think that their adverts are a complete failure. People are browsing the site (which costs the advert spewer money) but are not buying any of whatever ripoff product is being spammed. This would (if I could get people to use my toy) eventually convince them that it's a lost cause, as well as costing them money.

That's the thinking anyhow.

Quote:

Originally Posted by Disk_Contented

These people couldn't care less what you do with it. They know millions of these adds go nowhere, but they keep coming. Bandwidth isn't a consideration.

I think you're on a lost cause bud. Probably, your app will be compromised, or used as a bomb to aid these people.

Oh, bandwidth *is* a consideration, but I'd need to persuade a significant proportion of people to use it before it makes an impact. I'll probably just stick at using it myself and webspidering each and every spam site each and every time they try and plaster themselves over my screen.

It won't be hackable, you can't hack something that does no more than fetch files from port 80 without executing them. Watch out for the length of any given link (buffer overflow) and you're fine.

<shrug> nice thought, but most users aren't bright enough for sufficient would-be victims to adopt it. :-(

Disk_Contented · #19 12-24-2007, 08:28 PM

There's nothing simplistic about it.
Your programs actions will be on a servers logs somewhere. Along with the users IP and anything else that can be grabbed. Invisible it is not.

"Oh, bandwidth *is* a consideration".
Nope. mail bots cost nothing. I can spam all day long and It costs me no more than my usual subscription to my ISP. I can use other servers as spam relays. It would add nothing to my costs. Bear in mind that it is third parties that do the spamming.

"It won't be hackable, you can't hack something that does no more than fetch files from port 80 without executing them. Watch out for the length of any given link (buffer overflow) and you're fine."
Really? Don't be so sure of yourself.
Sounds like a challenge? Perhaps a handy trojan pops up to remove your app and take it's place?

"most users aren't bright enough for sufficient would-be victims to adopt it"
You alienate every average joe on the net with that comment.

Given the choice, most people would rather not go near the stuff in the first place.
Why download the stuff yourself and use your own bandwidth that you pay for and may be metered, when you can block it full stop. The net result is the same? Nobody gets a paid click through.

Good luck, but you haven't thought it through properly.

gabbo · #20 12-28-2007, 08:38 AM

I'm sorry to go on like this but I wonder if you've 'groked' what I'm thinking.

Quote:

Originally Posted by Disk_Contented

There's nothing simplistic about it.
Your programs actions will be on a servers logs somewhere. Along with the users IP and anything else that can be grabbed. Invisible it is not.
"Oh, bandwidth *is* a consideration".
Nope. mail bots cost nothing. I can spam all day long and It costs me no more than my usual subscription to my ISP. I can use other servers as spam relays. It would add nothing to my costs. Bear in mind that it is third parties that do the spamming.
"It won't be hackable, you can't hack something that does no more than fetch files from port 80 without executing them. Watch out for the length of any given link (buffer overflow) and you're fine."

Really? Don't be so sure of yourself.

The whole idea is that the advertiser's logs show an apparently normal browser, apparently browsing the site, but with no purchase or signup for the reason that there's no user viewing the site.

It's not the mail bots I'm after, I've perhaps been too blurry in what I've said. I'm after the pop-up web hosts that irritate the hell out of me when I'm browsing. Those horrible undelined green things that bring up adverts whenever your cursor goes near them for a start.

As for being invulnerable to hacking, I'm not that sure of myself, if I was writing something that provided any sort of complex response to input then I wouldn't trust my coding any further than I could spit into a force 10. However, for something that just fishes out any URL's from a file, and fetches the referenced files via http, there isn't room for vulnerabilities.

Keep an eye on the length of the links and the length of the files and you're safe.

Standard browser based malware is a threat regardless of what's already installed. My app being present or not wouldn't increase or decrease the vulnerability to 'drive by' installs.

Quote:

Originally Posted by Disk_Contented

"most users aren't bright enough for sufficient would-be victims to adopt it"
You alienate every average joe on the net with that comment.

I was in a rather bad mood at that point, for personal reasons. I shouldn't have been making posts of any sort if truth be known.

Quote:

Originally Posted by Disk_Contented

Given the choice, most people would rather not go near the stuff in the first place.
Why download the stuff yourself and use your own bandwidth that you pay for and may be metered, when you can block it full stop. The net result is the same? Nobody gets a paid click through.

I meant it when I said that *I* personally don't need to worry about a few KB here or there. Admittedly I'm not considering the minority who run so close to their limits that it does matter. My thinking is just that with standard popup blockers the advertisers can see what's going on, and they don't pay for any bandwidth. With a >> dev/nul diversion however, the hosts won't be able to see the difference and they will be forking out on the bandwidth. Their statistics will also show a much lower 'success' rate which would reduce their motivation to continue.

Sadly, it's not really something I could persuade enough people to use. It's true that most just want the popups blocked from their machine, they don't care about general social benefit, so I wouldn't really stand much chance of persuading a significant proportion to use my toy.

Pure daydream. Writing purely for own satisfaction really. :-(

I've now tried it out, it does sort of work, it spiders hell out of any site that appears as a popup without me seeing *any* cost beyond slight wasted bandwidth.

Disk_Contented · #21 03-23-2008, 12:50 AM

Hmmmm. Did the popup change?

The Tool · #22 03-23-2008, 01:08 PM

If you are referring to the one used in this website, nope.

Disk_Contented · #23 03-23-2008, 07:00 PM

It is a post that is causing it.