WHAT’S NEWEST?

The Problem With Pop-Up Stoppers

---

PREVIOUS ISSUES

SUBSCRIBE to
The E-List

---

NEWS & VIEWS
The Problem With Pop-Up Stoppers

---

THE	E	LIST	N	EWS
by Mr. E

SPECIAL BULLETIN

FRONT PAGE LOS ANGELES TIMES COVERAGE
of the present spyware/adware epidemic, with special coverage of AumHa Forums on the Windows Support Center site

(New content 26 Nov 04; updated 28 Nov 04)

Today’s Los Angeles Times features a front page (Column One) article by verteran investigative reporter Terry McDermott titled “Breaking, Entering Your PC.” It gives a “no holds barred” discussion of the present spyware/adware epidemic — which most or all of you have experienced. The author’s report of his own agonizing experience with an infested computer will ring painfully true for many of you.

Additionally, in discussing solutions, Mr. McDermott gives considerable coverage of and exposure to Aumha Forums, the free support forums I host on the Windows Support Center site. Though the site has been blessed with generous attention by the technical press over its last five years, this front page LA Times piece is surely a high point of recognition that we shall remember for many a year.

Though the article will be available permanently from theLA Times web site, it will move into their fee-based archive section after one week. If you would like to read it, you should do so within the next few days. The link for the article is: http://www.latimes.com/news/printedition/front/la-na-spyware26nov26,1,4531545.story?coll=la-headlines-frontpage. It can also currently be found on Yahoo and Sun-Sentinel.com.

My thanks go forth to Mr. McDermott for his interest and labors on behalf of this important issue, and his kind recognition of this site.

Here are some links for those interested in examining my site’s resources on this issue:
Aumha Forums - http://forum.aumha.org/
Security issues forums - http://forum.aumha.org/index.php?c=12
Parasites, Virus & Other Security Issues - http://winsupportcenter.com/secure.htm
The Parasite Fight - http://winsupportcenter.com/a/parasite.htm
QuickFix Protocol (cleaning out parasites) - http://winsupportcenter.com/a/quickfix.htm

PS - A new general issue of The E-List News is in preparation. I had outlined one with recent site news, but felt I should not delay the above announcement until the rest of the newsletter was finished.

Feedback ¤ Top of Page

NEWS & VIEWS

THE PROBLEM WITH POP-UP STOPPERS

(New content 1 Feb 04; revised 4 Feb 2004)

Let’s talk a bit about pop-ups. As some of you might expect, my views on this subject don’t necessarily run with the herd.

You know what pop-ups are, right? Those extra boxes and windows that jump up in your face while you’re browsing the web. Sometimes they serve a valid purpose compatible with what you sought from the site. But, way too often, numerous pop-ups are a serious invasion and a serious bother.

In response to this we have seen a flood of pop-up blocking software. It’s a new small industry. Some are free, some charge a fee, some are tossed into other products to increase their value. Visitors to my Windows Support Center site have recommended such programs as Panicware’s free Popup Stopper. Personally, I don’t use any such programs except, occasionally, to turn on the pop-up stopping feature on MyIE, the IE overlay that is my regular browser of choice. I use and love the Google Bar, but pointedly disable its pop-up blocking.

Today I’m writing to suggest that the popular view of pop-ups, and of pop-up stoppers, needs to be reexamined. Blocking pop-ups may be putting your computer at risk for the simple reason that it deprives you of important information about parasitic invaders. Pop-ups are like pain — by existing at all, they provide information about your computer’s health and well-being. Effectively blocking them is like living on narcotics — it may feel serene, but it has its drawbacks.

Sometimes we really need the information that pain gives us. If I hadn’t already known this, I would have learned lesson a few years ago when I fractured my right heel. I had been helping a friend reposition an air conditioner, having first crawled out her window. When finished, rather than disturb the landlady to unlock the security gate, I climbed the 12-foot fence and, having training and experience in landing, decided to drop to the concrete driveway on the other side. Well, training and experience didn’t win the day that time! (And I was a bit older than the last time I had tried.) The right foot didn’t land right. I knew it the moment I landed as pain shot through me. I thought I had simply badly twisted, or possibly sprained, the ankle. What I didn’t know yet was that I had broken the very porous heel in two places, clear through to the ankle joint.

I could have blocked the pain on the spot. I’d long practiced yoga techniques of rerouting pain through the nervous system and dissolving it (even having a root canal drilled once with no anesthetic to confirm that I could do it — one has to be very relaxed to succeed at that!). But as I started, on this occasion, to absorb and neutralize the pain sensations, every cell of my body screamed a loud inner “No!” No, not this time! If I’d gotten up and walked the length of the driveway with my foot in that condition, I could have permanently deranged the broken, porous bone, causing myself much more serious injury. So, instead, I began crawling to the front of the building where my friend helped me to her car and the local emergency room.

What has this to do with pop-ups, you may ask? Well, surprisingly, almost everything. Sure, we can now block them out, keep them from appearing, and filter them from our awareness. But this doesn’t address why they popped up in the first place. Ignoring the information their presence provides can seriously derange the functioning of our computer and the overall health of our Windows installation.

Since the eleventh day of September in 2001, an emotional need for increased security has flooded through our culture and persists in touching many areas of our lives. In our computer use, we have become increasingly concerned about viruses and other malicious software, including privacy-invading adware, spyware, and other parasites. We are flooded with spam, and pretty sick and tired of it. So, when one more kind of invader — pop-ups — pushes itself in our face, I think we tend to lump this right in with spam and want to “moider da bum” along with all of the others. My argument, though, is that there is a right way and a wrong way — and pop-up blockers are usually the wrong way, because they don’t get at the underlying cause, and therefore leave us less secure, not knowing of the invasion still going on under the surface.

Four Kinds of Pop-ups

I group pop-ups into four categories. Only three of these are affected by pop-up stoppers, and there is only one of these three types — usually the least invasive — that you really want to block. Here they are:

1. Pop-ups launched by the Messenger Service in Windows. If you have pop-ups even when you don’t have a Web browser open, these are being launched by the vermiform appendix of Windows, a generally useless vestige called the Messenger Service. This has nothing to do with Instant Messenger programs, and almost nobody on the planet uses it anymore, but it still comes enabled by default on Windows NT-based installations and can be easily exploited. All you have to do is turn it off. Click Start, click Run (or just press Win+R) and type SERVICES.MSC. Find “Messenger,” right-click and take Properties, and set “Startup type” to “Disabled.” IMPORTANT NOTE: These Messenger Service pop-ups only exist if the NetBIOS port (Port 138) is open. This is a potentially serious security issue. The pop-ups are an alert that you need to Block 138 with your firewall. (Thanks to Alex Nichol for this tip!)
2. Browser pop-ups that you want. Some web sites use pop-up boxes to give you additional information. For example, some multimedia sites open a small streaming media window in a pop-up — if you interfere with that, you can’t see the video you just asked to see. In the business world, the Web Access version of Microsoft Outlook uses pop-up windows to open and display emails or to open Reply windows just as in the desktop version of Outlook. You want to permit this behavior. By definition, you don’t want to block the pop-up boxes that you really want!
3. Browser pop-ups appropriate to the site you are visiting. Here we get to the one category you might want to block, though usually it is the least bothersome. Every morning when I go to cnn.com to read the day’s news, every few articles will be accompanied by a pop-up CNN advertisement. Personally, I choose to live with these — they are closed with a click and serve the same purpose as TV commercials, helping justify a commercial site’s decision to provide me free services. Of course, some categories of Web sites are notorious for launching a larger number of pop-ups, and I see personal convenience of activating pop-up blocking when wandering into those sites. Mostly, though, sites that are this aggressive are sites that you shouldn’t feel terribly secure visiting in the first place. They bring to mind a mother’s advice to “wear your rubbers” when visiting, and wash your hands when leaving. Issues of your computer’s health and your personal enjoyment on such sites is far more complex than the current article is willing to address. My main point is, site-appropriate pop-ups, as a group, are not usually the ones that concern people very much. Block them or not as you will. The really bothersome ones are the fourth type discussed below — and we need to be sure not to block them!
4. Floods of browser pop-ups not appropriate to the site you are visiting. These are the worst. You open your browser and, soon, no matter where you browse, you start getting swarms of pop-ups. They aren’t like the nytimes.com ads asking you to subscribe for home delivery, or even ads that help support the page offering you free information and services. No, these are just flooding in no matter where you point your browser. These pop-up swarms indicate that you have a real problem! This kind of swarm has only one cause: adware and other parasites invading your computer, some of which may be spyware gathering information you haven’t volunteered to disclose.

Here is the core of my argument: These pop-up swarms, which are the extreme that drive most people to install pop-up blocking in the first place, shouldn’t be blocked. Why? Because blocking the pop-up doesn’t disable the parasite. The invasive and possibly malicious code is still on your computer and still operating. You’re just disabling blocking the alarm. Unfortunately, disabling the oil light on your dashboard doesn’t keep the oil pressure up!

The pop-up is the pain. You need to find what’s causing the pain and treat it.

How to treat it? I have a whole protocol on my page The Parasite Fight!. In fact, just a few days ago, I added a new section to that page called “Quick-Fix.” Though there is a lot of information about spyware, adware, hijackers, dialers, and other invaders on that page, much of the time when somebody first goes there they want to solve an immediate problem — so I isolated half a dozen “cut-to-the-chase” steps to make that easier.

Don’t block these pop-ups. Let them help you. If you have them so bad that they’re driving you crazy, then your computer is infected with a disease. Fortunately, we know how to efficiently cure the disease, and how to inoculate you against recurrence. That’s where your attention should rest.

P.S. — A leading ISP is about to release its own browser bar, similar to the Google Bar. It has some serious problems at the moment but, since it’s still in Beta testing, I won’t name it, and hope they fix the problem before release. The problem is that it blocks every single execution of an “open in a new browser window” link. This is far more zealous than any similar products! It does mean that you can’t open about two-thirds of the links on this present site, because most of them use an entirely legitimate and commonplace mechanism (the target="_blank" attribute, for you HTML coders) for opening a linked page in a new browser window. If you are having that problem with any of the links on my site and are running a new Beta browser bar, this is likely why. (Thanks to our good friend Skeletor for the tip!)

Feedback ¤ Top of Page

Happy computing, everyone!

Jim Eshelman

THE NECESSARY LEGAL STUFF
DISCLAIMER: Any information given in this newsletter, or on any other part of the Windows Support Center Web site, is researched by me and believed to be accurate. However, I cannot guarantee, and do not guarantee, that all the information provided will work on all computer systems, for all users, all the time. Also, I sometimes make mistakes (that’s life!), and it is possible I made one or more of them here. All information herein is offered as-is and without warranty of any kind. In other words, I rely on the best information sources I can, but you take your life in your own hands if you trust me on it. Neither James Eshelman, this site, outside contributors to this site, people quoted on this site, nor my cat is/are responsible for any loss, injury, or damage, direct or consequential, resulting from application of any information presented here.

The E-List News. Copyright © 2004 by James A. Eshelman. All Rights Reserved.