Hack 33 Stop Pop Ups, Spyware, and Web Bugs

Hack 33 Stop Pop Ups, Spyware, and Web Bugs

You don't have to be victimized by obnoxious applications and behavior on the Internet. Fight back with these tips and tools .

Surfing the Web used to be such as simple, enjoyable experience. Go to the web site of your choice, enjoy the page, and head somewhere else.

No longer. At times, it now seems like a sleazy carnival midway, complete with flashing lights and loud music, barkers pleading at you to venture into the sideshows, scamsters promising you big payoffs if you try three-card monte, and no-goodniks lurking in the shadows.

For that, we have pop ups, spyware, and web bugs to thank. Pop ups are ads that, as the name implies, pop up over your browser, usually in a smaller window, and frequently contain flashing messages and other kinds of obnoxious come-ons. The infamous X.10 surveillance camera pioneered this insufferable form of advertising, and now it's everywhere.

Web bugs are invisible bits of data, frequently a single pixel in size (sometimes called "clear GIFs"), that can track all your activities on a web site and report them back to a server. Spyware is software that piggybacks onto your hard disk on the backs of other pieces of software, reports on your activities to ad servers, and then delivers ads to you based on what sites you visit. There's typically no way to know offhand that spyware has been installed on your system, because it lurks invisiblyhence the name. Even after you uninstall the program upon which it piggybacked, it could remain on your PC, reporting on your activities.

You don't have to be victimized, though. As you'll see in the rest of this hack, there are things you can do to keep your PC from resembling a virtual midway.

4.2.1 IE: Download Software to Stop Pop Ups

Internet Explorer has no built-in way to stop pop ups, but you can still kill them with downloadable software. There are many for-pay pop-up killers, but if you don't want to spend the cash, you can get an excellent one for free: EMS Free Surfer mk II, shown in Figure 4-1. It lets you set several levels of pop-up protectionyou can block all pop ups or only those that appear to be unwantedand you can turn it on and off with a click. It has other helpful tools as well, such as letting you shut every open instance of Internet Explorer with a single click, and it includes an add-in that will clean out your system cache and list of recently visited sites. Get it at http://www.kolumbus.fi/eero.muhonen/FS/fs.htm. (Don't confuse it with a related product, EMS Free Surfer Companion, which offers more features than the free versions and costs $20.)

Figure 4-1. EMS Free Surver mk II

4.2.2 Ditch IE: Use Opera or Mozilla to Stop Pop Ups

Here's one way to get rid of pop-up annoyances: skip Internet Explorer altogether! IE can't kill pop ups, but other browsers can. Both Opera and Mozilla include a built-in pop-up killer as a menu option.

Download Opera from http://www.opera.com. To enable its pop-up killer, choose File Preferences "Refuse pop-up windows ". You can also have the program open pop-up windows in the background instead of on top of your browser.

Download Mozilla from http://www.mozilla.org. To enable its pop-up killer, choose Edit Preferences Privacy & Security Pop-ups and check "Reject pop-up windows."

4.2.3 Stop Messenger Service Popups

In recent months, the most obnoxious pop ups of all have started to appear on computer users' screenspopups that aren't connected to a browser, appear even when you're not surfing the Web, and show up in a text-message window for no apparent reason. You've taken no conceivable action that could have caused them to appear, such as visiting a web site. And yet there they are.

These text pop ups use XP's Messenger service, which was designed for sending notifications over internal local area networksfor example, when a network administrator wants to notify network users that a server is about to go down, or when you're notified that a printer has completed a job of yours.

The Messenger service is not related to Windows Messenger, Microsoft's instant-messaging program.

But spammers took hold of the technology, and now blast out text pop ups to IP addresses across the Internet. How ubiquitous are these pop ups becoming? I recently bought a new laptop, and within 10 minutes of turning it on for the first time I had received my first Messenger service pop up.

To kill these pop ups, disable the Messenger service. Run the Services Microsoft Management Console by typing services.msc at a command prompt or the Run box and pressing Enter. Double-click on the entry for Messenger, choose Disabled as the Startup type from the screen that appears, and click OK. Pop ups will no longer get through. Unfortunately, neither will any network messages from administrators if you're on a LAN.

If you're running a router at home that allows you to block ports, you can kill these messages by disabling port 135. How you do this varies according to your router. To do it on a Linksys router, go to the router administrator screen and choose Advanced Filters. In Filtered Private Port Range, choose Both, and for the range, type 135 twice. Click Apply. The pop ups should now be disabled.

4.2.4 Watch Out for Web Bugs

Web bugs are one of the more pernicious ways your online activities can be tracked, no matter which browser you're using. Sometimes, the web site the bugs send information to isn't the one that contains the web bug; for example, they may send information back to an online advertising network.

Web bugs are surprisingly common. The Cyveillance technology and analysis company found that their use grew nearly 500% between 1998 and 2001. Web bugs can send the following information back to a server:

• The IP address of your computer

• The URL of the page on which the web bug is located, so they know that you visited the page

• The time the web bug was viewed , so they know exactly when you visited the page

• The URL of the web bug image

• The type of browser that you have

• Your cookie values

A free piece of software called Bugnosis (http://www.bugnosis.org) will alert you whenever it comes across web bugs on pages you visit. It reports on the URL that the bug reports to, and, for some bugs, it will let you click on a link it creates so that you can send an email of complaint to the web site that runs the bug. It runs inside Internet Explorer.

The last time I visited the site, it no longer had Bugnosis available, but promised it would be back soon. Be prepared that it might not be there when you visit.

The software can't actually protect you against web bugs, but it can alert you when you visit pages that use them. If you want your privacy protected when you surf the Web, your best bet is to surf anonymously [Hack #39].

4.2.5 Protect Yourself Against Spyware

Spyware has become increasingly controversial and increasingly popular, as developers of free software struggle to find a way to support themselves . Of late, spyware has been getting increasingly intrusive ; some people call these more aggressive programs scumware . Scumware may change your default home page without telling you, or may even intervene when you're making a purchase online and redirect you to a different site.

There are several ways to protect yourself against spyware:

• Be vigilant about what you download. Ad-supported programs may include spyware, though not all do. Check out the " Index of Known Spyware" page run by Gibson Research at http://grc.com/oo/spyware.htm for a list of spyware programs. The only problem with that site is that it lists only the spyware components , and it's difficult to find out their names . A better bet is http://www.spychecker.com, which lets you type in the name of a program you downloaded and then tells you whether spyware piggybacks onto it.

• Use a personal firewall like ZoneAlarm [Hack #48]. A personal firewall will let you block any program on your system from contacting the Internet without your approval, so you can use it to block spyware. XP's Internet Connection Firewall doesn't have this capability, so you can't use it to block spyware.

• Get a spyware detector and eradicator. My favorite and the most popular is Ad-Aware, available for free from http://www.lavasoft.de. It does a thorough check of your system for spyware, finding not only program files, but also Registry entries and cookies, as shown in Figure 4-2. After it does a check, you can choose which of the spyware problems you want the program to fix, and it'll go about its work, deleting files, folders, and cookies, and fixing Registry entries. If you use file-sharing software, I highly recommend running Ad-Aware; many of these applications include spyware.

Figure 4-2. Finding and deleting spyware on your system with Ad-Aware

Keep in mind that when you delete spyware, you may disable software as well, so it's a good idea to always create a Restore point before deleting spyware. Choose Control Panel Performance and Maintenance System Restore and follow the instructions. For example, if you remove the Cydoor spyware program, the Kazaa file-sharing program will no longer work. Alternatives to Kazaa include Shareaza (http://www.shareaza.com), a front-end to the popular Gnutella file-sharing network that also can hook into other file-sharing networks, such as the one that Kazaa uses.

4.2.6 See Also

• [Hack #85]

• [Hack #89]