[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] A Popup! In Mozilla!

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: RE: [Full-Disclosure] A Popup! In Mozilla!
From: John Dowling <greyhatthe2nd@xxxxxxxxx>
Date: Wed, 21 Jul 2004 13:56:01 -0700 (PDT)

I disagree.

Initially, the image used in that popup actually comes
from a different server, but that's trivial.  What I
see as a bigger issue is that blocking the image from
the server leaves the user with an empty div block
covering the page, and blocking the site serving the
div content could essentially render the div
'uncloseable'.  Of course, this is more along the
lines of browseability, and does not seem to have any
very obvious security implications above and beyond
what can be served via a page without the annoying
<div>.

-----Original Message-----
From: full-disclosure-admin@xxxxxxxxxxxxxxxx
[mailto:full-disclosure-admin@xxxxxxxxxxxxxxxx] On
Behalf Of Charles Richmond
Sent: Wednesday, July 21, 2004 7:48 AM
To: Dave King
Cc: Full Disclosure; James Woodcock
Subject: Re: [Full-Disclosure] A Popup! In Mozilla!

Add the following to adblock

        http://2-spyware.com/images/*

On Jul 21, 2004, at 1:44 AM, Dave King wrote:

> This isn't a normal "popup" in that it doesn't open
a new browser 
> window.  All they're doing is placing this great
animated gif  over 
> the middle of the page using absolute positioning in
the DIV tag.  
> Notice that it looks like an IE window even in
Firefox.  Really this 
> is a sneaky trick that is pretty annoying.  I think
this type of ad 
> placement is going to be hard to block since most of
the time absolute 
> positioning images is just part of the normal page
and has nothing to 
> do with ads, even though I guess at one time pop-ups
were used 
> legitimately almost exclusively.  At least this page
seems to be 
> thoughtful enough to only display the ad the first
time you visit it.  
> Tricky little devils aren't they (and getting
trickier all the time).
>

Charles Richmond

       Implemented Integrated Systems Corporation 
http://www.iisc.com
     O/S, I18N, Systems Development, Process and
Integration Providers
     cmr@xxxxxxxx   cmr@xxxxxxx   YIM:cmriisc 
http://www.iisc.com/cmr
            7B West St., Somerville, Ma. USA 02144 
(781) 389 9777

_______________________________________________
Full-Disclosure - We believe in it.
Charter:
http://lists.netsys.com/full-disclosure-charter.html

__________________________________
Do you Yahoo!?
Yahoo! Mail - Helps protect you from nasty viruses.
http://promotions.yahoo.com/new_mail

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] A Popup! In Mozilla!
  - From: Charles Richmond

Prev by Date: Re: [Full-Disclosure] Hacking Challenge?
Next by Date: Re: [Full-Disclosure] Re: mi2g - fud, lies and libel
Previous by thread: Re: [Full-Disclosure] A Popup! In Mozilla!
Next by thread: Re: [Full-Disclosure] A Popup! In Mozilla!
Index(es):
- Date
- Thread