APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

Browser Hijacking

Web Site: http://m3ipinc.com

The ongoing security shuffle for anybody using Microsoft keeps getting worse. Browser hijacking is as bad as it gets. Like MSBlaster, this form of deceit can take over your software silently and invisibly. Typically, users discover what has happened only after the actual hijacking has taken place. Their Internet Explorer home page and web searches have been switched to strange sites, pop-up windows follows them around, their lists of favorite sites have become a library of *redacted* and none of these changes can be undone without registry tweaks.

These attacks differ from spyware invasions, which can have similar effects, in that victims never downloaded a program and then ran the installer. In some cases, the only mistake a user made was to allow what they thought was a change in home-page settings or an addition of a Web toolbar, not knowing that the site would do much more than that. Most often the problem can be attributed to going online with an unpatched version of Windows, allowing a hijacker's site to exploit an old vulnerability.

None of this has to happen. Beyond the usual benefits of running an up-to-date antivirus software and firewall program and regularly downloading Microsoft's critical updates, two of the biggest security flaws behind browser hijacking can be fixed with a pair of quick downloads and a third can be remedied by installing a better browser.

1. Stop sites from producing pop-ups - Not only will this make the Web vastly more pleasant, it will eliminate the ability of hijackers to badger you until you accept a software download or home-page switch. The easiest pop-up blocker to adopt is the free Google Toolbar. You can find it at http://toolbar.google.com. You need to run Internet Explorer 5.5 or newer to get this feature. Or install any other browser, since IE is the only one around that still lets in pop-ups.

2. Update the Java software on your machine - Java lets you run entire programs in a browser window. It is designed with tight limits on what a Web-based application can and can't do. But these limits must be enforced by a virtual machine program that runs on your own computer, and the one Microsoft developed contained a couple of bugs that hijackers abuse. If you've been keeping your computer's software current, you should have a fixed version of this Microsoft virtual machine. But the better option is to download and install Sun's own free Java virtual machine at http://www.java.com, which is safer and more current than Microsoft's software.

3. Kill ActiveX on your desktop - Developed by Microsoft to compete with Java, it allows a similar sort of Web interaction, but without any of Java's fail-safe limits. An ActiveX program in a web page can do anything that a regular Windows program could do on your desktop. For instance, windows update uses ActiveX to scan for unpatched components in your copy of Windows, and an ActiveX installer makes it easier to add Sun's Java software to Internet Explorer. But ActiveX is dangerous overall, since it depends on users to make the right call when they are presented with a "trusted" alert from IE. Once you click on the "yes" tab, the ActiveX program can anything.

Updates to IE have limited ActiveX's exposure, and an upcoming Windows XP service pack 2 update, will add still more restrictions. But it's wiser to use an ActiveX-free browser for everyday Web activity, using Internet Explorer for Windows Update and the occasional site that works only in IE.

For most people, the best IE replacement is a free copy of Mozilla, Mozilla Firefox, Chrome or Opera.

If your computer has already been infected, your antivirus program or spyware software should clean it out.

Whatever software you take with you on your tour through cyberspace, you also need to pack away some common-sense. Pushy cyber-salesmanship from a strange site deserves the same reception that a telemarketer at dinner time would get: "No thanks."

To respond to this or previous newsletters or to inquire about an on-site presentation, please feel free to call us at 508-995-4933 or email us at [email protected]


Got something to add? Send me email.



3 comments



Increase ad revenue 50-250% with Ezoic


More Articles by © Michael Desrosiers





"For most people, the best IE replacement is a free copy of Mozilla, Mozilla Firefox or Opera."

I recommend mozilla.

Now, if we could only get that message in front of the average, non-technical user who thinks that Bill Gates invented the computer.

Bill Gates is no computer genious, he's a businessman who steals someone else's ideas and deploys them, and then suddenly everybody says "Oh, Bill Gates invented the windows GUI (or was it Macintosh?)", "he invented MS-DOS! (or he baught QDOS for some bucks?)", and so on! soon they'll come and say he invented internet!
-------------------
"soon they'll come and say he invented internet!"

Oh! I thought Al Gore was the inventor of the Internet.

--BigDumbDinosaur





Tue Apr 26 02:30:11 2005: 376   anonymous


I don't know if this is of any interest to anyone but since my recent hijacking, I decided to switch browsers to Mozilla Firefox, but then I decided to try a different tactic you might like...

We can easily view the source of the page we get hijacked too, and check the copywrite in the meta tags,and see who owns the content we are hijacked to. Mine was a place in Montreal Canada called MediaPlazza who makes ringtones. I called their toll free number ans sent snotty email to the PR guy, who did backflips denying any corporate responsibility, despite the fact that they stood to profit from the hijacking.

Maybe if everyone who got hijacked called the guys who own the content we get sent to, clogged their toll-free numbers and told them to piss off, then told 10 of their friends the company name and have them call and do the same, it won't stop em', but it might one or two think..

Any thoughts....MB






Tue Nov 22 13:08:19 2005: 1374   TonyLawrence

gravatar
I think if you have the time, why not? It might accomplish nothing, but who knows?

------------------------
Kerio Connect Mailserver

Kerio Samepage

Kerio Control Firewall

Have you tried Searching this site?

Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us





A Netscape engineer who shan't be named once passed a pointer to JavaScript, stored it as a string and later passed it back to C, killing 30. (Blake Ross)

I am not out to destroy Microsoft, that would be a completely unintended side effect. (Linus Torvalds)












This post tagged: