Friday, August 04, 2006

A Warning About Those "Mainstream" Sites

A Warning About Those "Mainstream" Sites
– by David Matthews 2

"But I practice safe surfing!"

Oh what a clever oxymoronic statement that is!

"Safe surfing!" There’s no such thing as "safe surfing" nowadays when it comes to the Internet! You have "UN-safe surfing", you have "SAFER surfing", and then you have "NO surfing". That’s really all of the ranges of surfing capability you have today. I don’t care how many firewalls you put up, or how many rights and privileges you put in on the computer for users, or how many anti-virus and anti-spyware programs you install, you will ALWAYS run the risk of being on the receiving end of a nasty virus or spyware program as long as you have a connection to the Internet.

And the virus or spyware program that will REALLY get you will come innocently enough from people who have no idea how it happened.

Here’s a scenario for all you computer users that might seem a little familiar… Your formerly ultra-fast computer is now running slower than molasses. Everything takes time to upload and run, even the simplest of programs on your computer. You’re getting hit with pop-up ads every few minutes. Your home page changes on a whim and you don’t really know why. Plus it constantly goes online for seemingly no reason whatsoever. (That is, of course, if you still use dial-up connections… all of you cable and DSL users are REALLY in trouble with your always-on connections!)

So you take your computer over to the local "expert" and he or she tells you that your computer is THOROUGHLY hosed with spyware and viruses. They can’t even BEGIN to tell you where they can start to salvage anything on that computer because it’s all so contaminated with spyware and adware and virus components.

And that’s when you start your list of denials.

But… but… but… you CAN’T have a virus! You have that extra-special "security program" that you paid $40 for and it’s programmed to automatically run every week. You never open strange emails! Well, except for that one from your mom that said "I Love You", but that was one time and it wasn’t even on THIS computer! You NEVER go to newsgroups, because you don’t even know how to do that. And you certainly don’t visit "THOSE" kinds of websites! (You know which ones I’m talking about.) You don’t file-share, because you don’t want to get sued, and you wouldn’t know where to start looking for "those files" anyway. All you do is just visit "mainstream sites". Big name websites. Popular websites. Places where you go get the news, the weather, the sports scores, and that’s it!

Well guess what? That’s where it happened.

You may not realize it, but so-called "mainstream websites" are the perfect place for malicious programs to be distributed. They’re visited by millions of users at various times of the day, unlike those "other websites" (i.e. porn sites, gambling sites, file-sharing sites) and they usually aren’t blocked out by network administrators… unless the admin is a liberal who hates Fox News or a conservative who hates CNN.

Now in all fairness I must point out that the groups behind the "mainstream websites" usually run a pretty tight ship. They wouldn’t want to be known as a haven for malicious programming, because it would really hurt their sites. So they’ll be quick to say that THEY don’t put any malicious programs on THEIR websites or on THEIR servers. And it’s probably true. THEY don’t allow it.

But that doesn’t mean that you can’t get malicious programs from visiting those sites.

You see, in order to pay for the online costs, mainstream websites will rent out virtual "space" to advertisers. Originally this used to be a simple banner ad that the webmaster would post on behalf of the advertiser. But the ad companies found an even better way to distribute more ads through Java and ActiveX programming. So now, instead of sending webmasters a prepared banner, they actually pay for the SPACE for advertising, which is simply a link to the advertising server.

A digital "cookie" is placed on your computer to identify you to the ad company. This "cookie" is a small text file that can have all sorts of basic information about you, your computer, how you’re connected, where in the world you’re connected in, and what sites you’ve visited. You don’t even know that it’s being done, and the file is so small that it happens in a nanosecond, even with dial-up connections. That information is fed into the ad company servers, which then uses that information to send you specific ads. You’re in New York? We’ll send you advertising for a local business. You’ve been searching for car dealerships? We’ll send you an ad for one of our dealerships. You’ve already seen the travel ads? Then here’s some stuff for an online university.

By the way, this is also where many of the pop-up ads come from nowadays. Little itty-bitty pieces of script that tells your computer to pop open a new window for their advertising server to give you ads. They can also execute invasive, intrusive, media-rich ads; the kind that will literally take over your browser to force-feed you advertising whether you want it or not. The webmaster of these mainstream sites usually have no idea whatsoever that the ad companies are doing this. They don’t know it because it’s really not happening off THEIR servers! And they will continue to be ignorant of these things until people start complaining, which they rarely do. Most users won’t complain about annoying ads. They will just surf elsewhere.

So it’s not hard to sneak something "extra" in with those ads. The ad companies are already intruding into your computer by installing the digital cookies. Why not add a few other "helpful tools"? And by "helpful" I mean helpful for THEM, not for the computer user. So they’ll throw in some adware and spyware programs into the rotation. Your browser gets the code to automatically install these programs, you get a little "Term of Agreement" message for a program that will "enhance your viewing experience", you click "yes", and it is done before your finger leaves the mouse.

Now some of these programs will do more than just "help" themselves under the pretext of "helping you". They will actually sabotage your security system. If the programmers are afraid that their programs might get "detected" by a certain anti-virus program, they will write code that will tell your operating system to disable the anti-virus program. Oh the program will sign in, but it won’t work. The scheduled security sweeps will never run, so they won’t detect the programs, nor will they detect or stop any other destructive program from being installed on your computer.

And it is all very legal. After all, YOU were the one who didn’t read the Terms of Agreement!

Now, picture this nightmare scenario: eight so-called "mainstream" websites suddenly become the source of a serious and malicious virus. Each website is run by separate sponsors, hosted on separate servers, and yet they ALL manage to be the source of this virus on the same day.

How do you think it was done? Some malicious "hacker nation" like the kind seen in the movie "Hackers" somehow broke into eight separate servers to plant their viruses and then escape sight unseen? Maybe a small team of computer experts looking to make a statement (i.e. "Sneakers")? Come on, get real.

The answer is simple… if you want to spread a virus out to as many people as possible, then you don’t HAVE to break into eight different servers to affect eight different "mainstream" websites. You just need to find your way into one… the ad server that they all link to… and put your program in their rotation as a "software enhancement". Again, the administrators of those "mainstream" web sites will never know because it’s really not on THEIR servers, so they have no control over it.

The point being made is this: just because you’re visiting "mainstream websites" doesn’t mean that you’re safe from malicious programming. In fact, your chances of getting one of those "helpful tools" actually go up when you do!

Don’t be lulled into a feeling of complicity when it comes to where you surf on the Internet. Remember that there is no such thing as "safe surfing" when it comes to the Internet. There’s a reason why it is called the World Wide WEB, and certain people are quick to use that to the fullest extent possible.

------

David Matthews 2 is a freelance writer living in the greater Atlanta area. He is a longtime computer user and has been involved with computers since the 1980’s.

This article can be distributed freely provided that it is unaltered and all proper credit is given to the author.

2006 – Get Brutal Productions