Please report all spam threads, posts and suspicious members. We receive spam notifications and will take immediate action!

Poll: Yes or No to pop-under advertising

Be advised that this is a public poll: other users can see the choice(s) you selected.

Page 5 of 8 FirstFirst ... 34567 ... LastLast
Results 41 to 50 of 76

Thread: Yes or No to pop-under advertising (cookie security discussi




  1. #41
    Join Date
    Nov 2001
    Posts
    4,723

    Default

    Quote Originally Posted by Wiggo
    Just untick that box JM. :thumb:
    That should do the trick - just disable the secure server verification check-box under the list of sites.

    negomike - you don't have to type http:// as just the domain will be sufficient, good use of the wildcard though, that really does save time when a domain has multiple forms of addresses such as this site.:thumb:
    The reason a diamond shines so brightly is because it has many facets which reflect light.

  2. #42
    Join Date
    Nov 2001
    Posts
    4,723

    Default

    Quote Originally Posted by negomike
    Actually Mr. C I would really aperciate either a text file or just posted of trusted and restricted sites.

    Also, I never had cookies disabled. Was excepting all of them. Was getting multiple pop ups. I only had one window opened pointed at TT, a pop up opened then I clicked a link and a second one opened. I now have 2 pops open.

    They are:
    Cheep Tickets
    Access You PC from Anywhere!
    is it possible that adding the http:// is confusing the security tools in IE:?:

    You remove that by editing the entry and see if that does the trick.
    The reason a diamond shines so brightly is because it has many facets which reflect light.

  3. #43
    Join Date
    Nov 2001
    Posts
    4,723

    Default

    OK folks, if you really want to pick out the nasties, here is my domains residing in my registry from usage of the security tools in IE.

    ""*"=dword:00000002" = a trusted site
    ""*"=dword:00000004" = a restricted site

    Most of the domains can be quickly spotted with no problem
    some are a bit trickier, as they appear as;

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Internet Settings\ZoneMap\Domains\cnet.com\ads]
    "*"=dword:00000004

    in this instance, the actual site being restricted is ads.cnet.com

    Someone with some basic skills in Office could probably clean this up quickly, leaving only the domains behind.

    But, I've been doing the work for 2 years already:laugh:

    and no, I'm not done yet:shoot3:

    some of these might actually be benign, but were on my local drive and considered suspect as they served no purpose I could think of that would be useful to me.

    And don't even hassle me about some of the domain names in this file --- you'd be amazed at the garbage you can pick up doing everyday surfing.:no:
    The reason a diamond shines so brightly is because it has many facets which reflect light.

  4. #44
    Join Date
    Nov 2001
    Posts
    2,464

    Default

    Quote Originally Posted by Mr. C
    Someone with some basic skills in Office could probably clean this up quickly, leaving only the domains behind.
    why clean it up when you can just import it straight to the registery?
    then if you want to have access to some of the sites on hte restricted list, go and delete them from the lsit

  5. #45
    Join Date
    Jul 2002
    Location
    Canberra, Australia
    Posts
    1,158

    Default

    I have my Privacy level set to MEDIUM in IE6. Never had any problems with accepting cookies and I'm not stopping now. In my opinion trying to block cookies and restricting sites only causes problems because they won't operate the way they were designed to.

    Use of spyware killers and regular maintenance/cleaning of registry etc. (as per my XP Guide ;)) makes sure that I've never had any foul play or problems on my machine.

  6. #46
    Join Date
    Nov 2001
    Posts
    4,723

    Default

    Quote Originally Posted by PersianImmortal
    ....trying to block cookies and restricting sites only causes problems because they won't operate the way they were designed to.
    That, kind sir, is exactly my intention - to prevent these sites from operating the way they were designed to do.

    Admittedly, some of those sites listed are benign. Others indeed actively pursue courses of action which, given the choice, I would just as soon they were not enabled with the ability to carry out those activities.

    As I stated previously, cookies were designed to be useful tools for users and operators of websites. This has been *******ized by some to the point where unfortunately, some folks don't like to accept any cookies from anywhere.

    Sad isn't it, when the number of bad apples ruins the whole concept of the good things a cookie is supposed to be.
    The reason a diamond shines so brightly is because it has many facets which reflect light.

  7. #47
    Join Date
    Nov 2001
    Posts
    4,723

    Default

    OMFG

    I just closed all my browser windows, getting ready to shut down the PC and depart for work.

    Upon closing all the Windows --- there lay in wait a small pop-under.
    As I was moving to close it, ZoneAlarm notified me that RPCSS.EXE was trying to utilize the internet connection.

    http://www.cexx.org/rpc.htm

    Does anyone consider this to be "acceptable behaviour" -- because I sure as hell do not.
    Yes, I restrict websitess -- exactly because of heinious misuse (or attempted misuse) of my machine. I monitor my system and am quite careful as to what is taking place there.

    If I had the opportunity, I would most certainly put a pop-knot on the head of the individuals who attempted this unwarranted intrusion upon my PC.

    This is the type of thing that really gets my goat!:shoot2:

    amazing, we were just talking about this crap -- and there you go, classic example.

    Surely you don't expect me to give these goons access to my ActiveX and other avenues of ingress, now do you:?:
    The reason a diamond shines so brightly is because it has many facets which reflect light.

  8. #48
    Join Date
    Nov 2001
    Location
    Taipei, Taiwan
    Posts
    4,308

    Default

    Quote Originally Posted by Mr. C
    Another good find Mr.C - Gee, I seem to be learning a whole bunch of new security methods over the past few days... :)
    Cameron "Mr.Tweak" Wilmot
    Managing Director
    Tweak Town Pty Ltd

  9. #49
    Join Date
    Nov 2001
    Location
    New England Highlands, Australia
    Posts
    21,907

    Default

    This checklist is from the Open Web Application Security Project (OWASP). ;)

    OWASP's top risks list<br><br><ol><li>Invalidated parameters: Failure to validate information from a Web requests before these are used by a Web application. Attackers can use these flaws to attack backend systems through a Web application.<br><li>Broken access control: Restrictions on what authenticated users are allowed to do are often not properly enforced. Attacks use this to access other users' accounts, view sensitive files or run unauthorised functions.<br><li>Broken account and session management: Account credentials and session tokens left without proper protection, leading to the risk that crackers could assume victims' identities.<br><li>Cross-site scripting flaws: A modern classic - mistakes here mean Web applications can be used as a mechanism to steal session tokens, attack a local machine or spoof content.<br><li>Buffer overflows: Arguable the most common type of security risk (so why isn't it number one? Ed). Sloppy programming means applications fail to properly validate inputs - so maliciously constructed, malformed requests can crash a process and be used to inject hostile code into target machines.<br><li>Command injection flaws: If an attacker can embed malicious commands in parameters passed to external systems these may be executed on behalf of a web application, to unpleasant effect.<br><li>Error handling problems: If an attacker can cause errors which are improperly handled, all manner of mischief (information disclosure, system crashes etc.) might be possible.<br><li>Insecure use of cryptography: Web apps frequently use cryptography. If that's not coded properly, sensitive information won't be adequately protected.<br><li>Remote administration flaws: If remote Web admin tools are insecure then an attacker stands a chance of gaining full access to all aspects of a site.<br><li>Web and application server misconfiguration: Don't trust out of the box security </ol>
    <center>:cheers:</center>

  10. #50
    Join Date
    Jan 2003
    Posts
    1

    Default

    Howsabout allowing that under-advertising, while *encouraging* certain "useful" s/ware that deletes such invasiveness, which is partly wot u do anyway? Just a thot.
    Business as usual...
    Robbie the brusque

Page 5 of 8 FirstFirst ... 34567 ... LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •