Results 1 to 16 of 16
  1. #1
    ABW Founder Haiko de Poel, Jr.'s Avatar
    Join Date
    January 18th, 2005
    Location
    New York
    Posts
    21,609
    Exclamation ActiveX prompt
    Responsible marketing and distrubution this isn't!
    Attached Images Attached Images
    Last edited by Haiko de Poel, Jr.; February 8th, 2005 at 06:28 PM. Reason: Edited Title per - http://forum.abestweb.com/showpost.php?p=408180&postcount=11
    Continued Success,

    Haiko
    The secret of success is constancy of purpose ~ Disraeli

  2. #2
    Full Member
    Join Date
    January 18th, 2005
    Posts
    469
    Good find. Lots more where this came from, of course. Look especially closely at sites targeting children -- who are perhaps more likely to be tricked into pressing YES.

    It's also troubling to see VeriSign standing by and letting this happen -- issuing (and failing to revoke) certs used for these misleading installations. I'm working on an article about this aspect of the ActiveX/drive-by problem.

  3. #3
    Internet Cowboy
    Join Date
    January 18th, 2005
    Posts
    4,662
    I have gotten this before as well. If your browser takes more than a few seconds to get to any given address, it redirects to their web site. Was fairly easy to get rid of though, had to delete it from the registry.


  4. #4
    Resident Genius and Staunch Capitalist Leader's Avatar
    Join Date
    January 18th, 2005
    Location
    Florida
    Posts
    12,817
    Quote Originally Posted by scohaz
    Was fairly easy to get rid of though, had to delete it from the registry.
    Messing with the registry doesn't sound like something most people would find "easy..."
    There is no knowledge that is not power. ~Hemingway

  5. #5
    2005 Linkshare Golden Link Award Winner  ecomcity's Avatar
    Join Date
    January 18th, 2005
    Location
    St Clair Shores MI.
    Posts
    17,328
    Does this count as an example of an Adult Adwhore (SAHS) paying some freebee pervert to sucker punch a 6 year old.
    Webmaster's... Mike and Charlie

    "What have you done today to put real value into a referral click...from a shoppers viewpoint!"

  6. #6
    Full Member
    Join Date
    January 18th, 2005
    Posts
    469
    I just posted a new article specifically on the subject of this deceptive method of installation. I've provided some particularly outrageous examples -- for example, an ActiveX signed by a company purportedly called "Click yes to continue." Also notable, and in fact the subject of my new article, is the fact that VeriSign allows and profits from these scams -- failing to enforce VeriSign's own rules as to accuracy in company names and as to prohibition against deceptive, malicious, or harmful installations.

    How VeriSign Could Stop Drive-By Downloads

  7. #7
    2005 Linkshare Golden Link Award Winner  ecomcity's Avatar
    Join Date
    January 18th, 2005
    Location
    St Clair Shores MI.
    Posts
    17,328
    I say some quotes online from that article. Good sleuth work there Ben. The Feds are dying to make some of big networks and datamining perps like Comscore fork over huge fines in exchange for jailtime.
    Webmaster's... Mike and Charlie

    "What have you done today to put real value into a referral click...from a shoppers viewpoint!"

  8. #8
    Internet Cowboy
    Join Date
    January 18th, 2005
    Posts
    4,662
    I am on someone's spam list selling software at ridiculously cheap prices.
    One day, I clicked on their link just to look and see what kind of site it is. This is where I got it.

    Ben,
    If you don't mind I will forward you the next e-mail I get like this. Of course they are all from different people, but it is very easy to pick them out.
    The time I clicked on it, I got the bug and never saw a popup window or anything. It is obviously very easily and very secretively installed.


  9. #9
    Full Member
    Join Date
    January 18th, 2005
    Location
    UK
    Posts
    273
    Can someone enlighten me on what exactly a drive-by-install actually is.

    I assume it is catching some sort of spyware without any action by merely viewing a web page, but what is the mechanism in broad terms?

    Is it to do with Activex X which I have always disliked as a way of distributing program code over the net as it is too dangerous,

    I have got all the Activex options set to either be Disable or Prompt.

    I have Javascript and Java enabled as I have always assumed the latter is OK and the former makes the web much easier to use.

    Les

  10. #10
    Full Member
    Join Date
    January 18th, 2005
    Posts
    469
    Websmith: A drive-by, to my mind, is any software installation that begins merely as a result of viewing a web page (other than a web page actually needing such software, or any web page specifically for the purpose of installing such software). An ActiveX installer fits this method, because the code (CAB file) is downloaded to a user's PC before the user is even told what's happening. Installation through security holes certainly also fits this definition.

    Some folks think an installation is only a drive-by if user consent is not required at any stage of the process -- so security hole installations would meet the definition, but ActiveX installations would not, in general. Based on the harms users face from ActiveX installs, like what Haiko posted at the start of this thread, I think the better definition of drive-by is the more inclusive definition that includes the misleading ActiveX installations. But draw your own conclusions.

  11. #11
    ABW Founder Haiko de Poel, Jr.'s Avatar
    Join Date
    January 18th, 2005
    Location
    New York
    Posts
    21,609
    I spoke with Marc Braunstein (CEO of SaHS) today and after clarifying what actually transpired, we both agreed that this was NOT a drive by *install* but, notwithstanding, this advertising medium ... as is, was flawed in "ethical" downloadable app marketing.

    More on this on our next Affiliate Marketing Today Radio Show 2/15/05
    Continued Success,

    Haiko
    The secret of success is constancy of purpose ~ Disraeli

  12. #12
    Full Member
    Join Date
    January 18th, 2005
    Posts
    469
    It all depends on what "drive-by" means. Does a "drive-by" only occur when software is installed on a user's computer with absolutely no consent whatsoever? Or can we use that term to describe a misleading installation that begins randomly, as users perform some unrelated task, but admittedly still requires some user "consent" (e.g. pressing YES in a popup)? I think the term is still appropriate in the latter circumstance -- especially when the installation prompt was triggered by a totally unrelated site (particularly outrageous: a site targeted at minors or other unsophisticated users), and especially when the installation disclosures are deficient in any material respect. So I still think the term drive-by is appropriate for the screen-shot shown above.

  13. #13
    I like traffic lights
    Join Date
    January 18th, 2005
    Location
    Southern hemisphere - away from Fukushima
    Posts
    2,936
    Hey Ben,

    How's your site holding up to being slashdotted for the http://www.benedelman.org/news/020305-1.html article? :^)

  14. #14
    2005 Linkshare Golden Link Award Winner  ecomcity's Avatar
    Join Date
    January 18th, 2005
    Location
    St Clair Shores MI.
    Posts
    17,328
    Take it too Verisign Ben as they have a simple cure to deceptive drive-by installs if the BHO perps and the IAB/DMA haven't paid in some hush monies.
    Webmaster's... Mike and Charlie

    "What have you done today to put real value into a referral click...from a shoppers viewpoint!"

  15. #15
    Full Member
    Join Date
    January 18th, 2005
    Posts
    469
    No problem with today's Slashdot'ing. DDoS has stopped, which makes things that much easier.

    I think VeriSign is on shaky ground in issuing certs to facially invalid company names like "Click Yes to Continue." We'll see what happens...

  16. #16
    I like traffic lights
    Join Date
    January 18th, 2005
    Location
    Southern hemisphere - away from Fukushima
    Posts
    2,936
    The power of trust, yadda yadda.

    Blerkkkkk.

  17. Newsletter Signup

+ Reply to Thread

Similar Threads

  1. Pay Per Install
    By BillionNamesofGod in forum Midnight Cafe'
    Replies: 4
    Last Post: April 27th, 2007, 08:54 PM
  2. Gator Install
    By Chris - AMWSO in forum Suspicious Activity!
    Replies: 2
    Last Post: December 29th, 2002, 09:19 AM
  3. AWSTATS install help
    By ken in forum Programming / Datafeeds / Tools
    Replies: 2
    Last Post: September 16th, 2002, 09:31 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •