GOODIES TO GO! ™
October 1, 1999 — Newsletter #48
************************************************************
Please visit http://www.htmlgoodies.com
************************************************************
Greetings, Weekend Silicon Warriors,
**You’re right, you’re right, I know it’s Friday, but there’s
no mistake, this is the next issue of Goodies to Go! Look for
#49 on it’s regular Monday, October 11, schedule!**
Did you hear…
>Earthlink and Mindspring, two huge Internet service
providers, have decided to merge. The new company will keep
the name Earthlink and if you have stock, it looks like you’ve
made out. $!$!
>The earthquake in Taiwan disrupted Web traffic coming from
and going to many Asian countries. It couldn’t have come at a
worse time as Singapore telephone companies have just signed
a one billion dollar pact to lay a second underwater fiber
line. I would think that is going to be put on hold for awhile.
>In a related story, Motorola Inc. took a big hit in the stock
market due to the quake in Taiwan. Apparently the quake
knocked out most of the country’s biggest chip manufacturers.
>On an unrelated note, Friday the 24th was my eleventh wedding
anniversary. I gave my wife the present of staying off of the
computer for one whole day… except at work.
Now, on to today’s topic…
You have no doubt heard of car-jacking. If not, it’s a rather
bold method of stealing someone’s car. The basic premise is a
no-brainer: You go up to a stopped, but running auto, stick a
gun in the driver’s face, and tell them to get out or you’ll
shoot. Most people will smartly get out, the thief gets in,
and away goes the car. It’s a rather nasty method.
Well, the practice has now come to the Web in something termed
“cyberjacking” and it’s just angering.
The U.S. Federal Trade Commission (FTC) warned Internet users
of the practice last Wednesday September 23, 1999, after
leveling charges against Carlos Pereira (probably living in
Portugal), Australian national Guiseppe Nirta, and the company
WTFRC Ltd. for cyberjacking.
Allen Asher, deputy chairman of the Australian Competition and
Consumer Commission, reported that federal police served search
warrants to Nirta and WTFRC that Wednesday morning.
So, what is it?
Cyberjacking is a method of redirecting people from one Web
site to another, in this case pornography. The U.S. government
demonstrated the practice by attempting to log into a site for
the movie “Saving Private Ryan.” Upon entering, they were
immediately redirected to a pornography site. Furthermore,
once in the site, code was used to disable back and forward
buttons and any attempt to close the browser window simply
spawned new windows.
So, how is it done?
Through a crack and then simple JavaScript code. Here’s the
basic process. First, you go to a site and collect the Web
pages and images so you can reproduce the page perfectly. It’s
actually pretty easy now with MSIE’s Save function that
collects the images along with the page.
After getting an equal representation of the page, you alter
the meta tags to include a meta refresh, set to zero, that
redirects the user somewhere else.
Now the rough part. You have to crack into the system and
repost the pages you’ve altered. Now, when someone logs in,
they will be sent to the site you set in the meta tags.
Persons whose computers don’t understand meta tags, get the
page as it normally would appear.
Once at the new page, onUnload JavaScript Event Handlers are
used to spawn new windows every time you attempt to shut down
the parent window. The new windows do not have the back and
forward buttons available. Often, the right-click is disabled
through simple code so you cannot get to page functions. You
are truly in a vicious circle. The only option is to shut
off the computer or perform a CTRL-ALT-Delete and try to End
Task.
Heck, if I can think of ways to stop you from leaving the
page, then you know the pros have really given the topic some
time.
Cyberjacking doesn’t always have to occur through the use of
meta tags either. Another method of redirecting the user is
what is being termed Mousetrapping, and it’s also done with
JavaScript Event Handlers.
Once again, I get a page from a popular site, alter some of
the links, crack it back in, and when someone clicks on the
link, he or she is sent to the site of choice. My guess is
the Mousetrapping is done through a SPAN flag set with an
onClick=location.href format and set to blue text so that it
appears to be a link. Maybe that’s even thinking it too far
through. You could just set the link to fire to a new URL.
The problem with that is people could see the link in the
status bar unless the cracker set up onMouseOver Event
Handlers to hide the link’s destination.
Now, please, don’t send me e-mail telling me I am giving
away the secrets or that I am telling bad people how it’s
done. Believe me, this is such rudimentary JavaScript that
anyone who’s read even the first five tutorials in my
JavaScript Primers series could do it. The really hard part
is the crack to get the altered page up and running. My
explanation above is akin to telling you, you need flour to
make bread.
I guess the only upside of the scam is that it certainly
cannot run forever, or even for a long time. I would assume
that once cracked, it would only be a matter of time before
e-mail flowed into the site giving them heck for setting up
links to porn. That kind of e-mail would certainly raise a
few eyebrows around here. The page would be taken down, the
cracked hole would be closed, and the process stopped.
Besides, how many hits could you really get doing this? I
would think the cracker would post the pages later in the
evening so that it would be the longest length of time before
it could be caught. But let’s say it runs all night, nine
hours. Is that really worth all the hassle of cracking and
altering a page?
You know there’s money in this, bad money, but money
nonetheless. My guess is that the site that receives the hits
pays a few cents per visitor, but is it profitable? I don’t
know how it could be. The time span just isn’t that long.
The people who are coming are not there of their own free will
so the banner ad views cannot be counted as true impressions.
I’m still trying to find the upside to doing this.
Plus, do porn sites really need visitors that badly?
No matter what your thinking is about the porn industry on
the Net, you have to admit it is unbelievably profitable.
The reason is content, obviously. Loads and loads of people
will basically crawl through garbage dumps to get at this
material. Does a porn site really need to do this kind of
attack on unsuspecting people? Plus, wouldn’t you think the
site that received the hits is pretty much putting itself in
the blast zone? It would be taken down faster than you could
blink an eye… hopefully.
So, again I ask, why would you go through all this trouble
where the law will come down hard when you can do it legally?
There’s a reason why gambling is fully legit in Las Vegas:
Doing it by the rules is too profitable. Why would you take
the risk of cheating?
Maybe it’s not for profit. Maybe it’s another form of “just
wanted to see if I could do it.” If so, then I still think
it’s goofy.
Either way, this is just the latest in the many pitfalls to
be aware of on the Web. However, I don’t think this one will
be around long. It’s just too much work for not a lot of
return.
>>>>>>>>>>>>>>>>>>>
And that’s that for another week. We’re just about to top
40,000 subscribers. Cool.
Joe Burns, Ph.D.
And Remember: Ever drink Hawaiian Punch? If so, then you’ve
seen the little characters. One always asks the other if he
would like a nice Hawaiian Punch. He says “Sure” and the
little guy with the straw hat punches him in an explosion of
fruit. Did you know those characters have names? The little
guy is named “Punchy” and the one who always gets hit is
called “Oaf.”
Also, just in case you’re wondering, the full names of the
characters from the Rocky and Bullwinkle show are Rocket J.
Squirrel, Bullwinkle J. Moose, Boris Badenov, and Natasha
Fatale. Bullwinkle graduated from Watsamatter U.
