How to navigate away from quicksand domains which hold your browser captive until you install their software?

[Me Here]

Beauregard T. Shagnasty wrote:
> Me Here wrote:
>
>> If you have other tabs open that you want to keep viewing, then yes,
>> it's a good immediate, albeit 'temporary' solution to the problem. I
>> say temporary because using a Hosts file isn't a good solution. Many
>> malware sites scan and remove their listings from hosts files (and even
>> locking it via the read-only attribute won't protect you).
>
> What? You are gonna have to find reliable cites for that nonsense.
>
>> They do it by making you log into a benign site first (one that isn't
>> blocked) and using that to remove their entry from your Hosts file
>> before redirecting you and trapping your browser. Even running free
>> FireFox addons such as NoScript won't protect you unless you've been
>> caught before and know not to allow the site access to Java or JS.
>
> More bollox.
>

Ahh ****it, I wasn't going to do your homework but I just couldn't help
Googling to see how many links popped up - so many I just shook my head
and laughed. Of course, wikipedia was among the top 3...

Here's two to start you off explaining why hosts files by themselves
aren't secure and how easily they get hijacked:

http://en.wikipedia.org/wiki/Hosts_file

and just in case you have doubts about the authenticity of information
in wikipedia:

http://www.virusbtn.com/resources/gl...hosts_file.xml


Once you've grasped that, then you may begin to realise why, if you use
a hosts file to block stuff, you need to run a hosts file manager (all
good hosts file managers monitor the hosts file for unauthorised
attempts at changing it) or else you're just pissing in the wind.

Next time, please Google and get your facts right before slighting
someone else's post.


--
Me Here


The speed is a pain, but better than a 1/2 hour drive across Munich. --
Bernhard Schneck, Re: disk NFS-mounted via PPP (1993)

[Michael Fesser]

..oO(Me Here)

>If you have other tabs open that you want to keep viewing, then yes,
>it's a good immediate, albeit 'temporary' solution to the problem. I
>say temporary because using a Hosts file isn't a good solution. Many
>malware sites scan and remove their listings from hosts files (and even
>locking it via the read-only attribute won't protect you). They do it
>by making you log into a benign site first (one that isn't blocked) and
>using that to remove their entry from your Hosts file before redirecting
>you and trapping your browser.

Indeed. I do the same on my own websites. I always scan the machines of
my visitors for nude pics and contact info of their girlfriends.

>Even running free FireFox addons such as
>NoScript won't protect you unless you've been caught before and know not
>to allow the site access to Java or JS. You should really be running
>an IP blocking program like PeerGuardian or if that is too much hassle,
>do what I do and use OpenDNS. I'm sure there are other solutions, those
>two just spring to mind. My advice, if you don't want this happening
>again and you're the type that's likely to run across sites like these
>often, is to do a bit of research into blocking methods and choose the
>one that best suits your need.

I don't block anything, I don't even have anti-spyware or virus scanners
on my workstation, still my box is clean. What am I doing wrong? Help!!1

Mi'amused'cha

[hummingbird]

On Mon, 14 Jul 2008 14:23:03 +1000 'Me Here'
wrote this on alt.comp.freeware:

>Tom wrote:
>> On Sun, 13 Jul 2008 13:45:20 -0400, C A Upsdell wrote:
>>
>>> If Windows, Ctrl Alt Delete to call up the task manager; select the
>>> browser; kill it.
>>
>> Very inelegant.
>>
>> When you have a dozen tabs open, killing the browser, kills all the tabs.
>>
>> When you restart Firefox, it asks if you want to open all the old tabs,
>> but, of course, that will just open the quicksand site all over again.
>>
>> So, without editing the hosts file and shift reloading, you're forced to
>> say NO to reloading your old tabs ... and you lose them all.
>>
>> That's why you don't kill the browser session.
>>
>> Luckily we found a single-click way to solve the problem (type "start ->
>> run -> hosts, add the offending domain, and shift reload the browser). This
>> turns the quicksand URL into cement. Voila! Thanks to hummingbird!


>If you have other tabs open that you want to keep viewing, then yes,
>it's a good immediate, albeit 'temporary' solution to the problem. I
>say temporary because using a Hosts file isn't a good solution. Many
>malware sites scan and remove their listings from hosts files (and even
>locking it via the read-only attribute won't protect you). They do it
>by making you log into a benign site first (one that isn't blocked) and
>using that to remove their entry from your Hosts file before redirecting
>you and trapping your browser.

Good point MH. I've never experienced that trick, especially since
I started safe hexing, but I am aware it can happen.

These days, I seem to be safe with a hosts file to block unwanted
sites, plus a supplementary program or two (SpyWareBlaster etc).


>Even running free FireFox addons such as
>NoScript won't protect you unless you've been caught before and know not
>to allow the site access to Java or JS. You should really be running
>an IP blocking program like PeerGuardian or if that is too much hassle,
>do what I do and use OpenDNS. I'm sure there are other solutions, those
>two just spring to mind. My advice, if you don't want this happening
>again and you're the type that's likely to run across sites like these
>often, is to do a bit of research into blocking methods and choose the
>one that best suits your need.


--
"All truth passes through three stages.
First, it is ridiculed, second it is violently opposed,
and third, it is accepted as self-evident"
(Arthur Schopenhauer)

[Me Here]

hummingbird wrote:
> On Mon, 14 Jul 2008 14:23:03 +1000 'Me Here'
> wrote this on alt.comp.freeware:
>
>> Tom wrote:
>>> On Sun, 13 Jul 2008 13:45:20 -0400, C A Upsdell wrote:
>>>
>>>> If Windows, Ctrl Alt Delete to call up the task manager; select the
>>>> browser; kill it.
>>> Very inelegant.
>>>
>>> When you have a dozen tabs open, killing the browser, kills all the tabs.
>>>
>>> When you restart Firefox, it asks if you want to open all the old tabs,
>>> but, of course, that will just open the quicksand site all over again.
>>>
>>> So, without editing the hosts file and shift reloading, you're forced to
>>> say NO to reloading your old tabs ... and you lose them all.
>>>
>>> That's why you don't kill the browser session.
>>>
>>> Luckily we found a single-click way to solve the problem (type "start ->
>>> run -> hosts, add the offending domain, and shift reload the browser). This
>>> turns the quicksand URL into cement. Voila! Thanks to hummingbird!
>
>
>> If you have other tabs open that you want to keep viewing, then yes,
>> it's a good immediate, albeit 'temporary' solution to the problem. I
>> say temporary because using a Hosts file isn't a good solution. Many
>> malware sites scan and remove their listings from hosts files (and even
>> locking it via the read-only attribute won't protect you). They do it
>> by making you log into a benign site first (one that isn't blocked) and
>> using that to remove their entry from your Hosts file before redirecting
>> you and trapping your browser.
>
> Good point MH. I've never experienced that trick, especially since
> I started safe hexing, but I am aware it can happen.
>
> These days, I seem to be safe with a hosts file to block unwanted
> sites, plus a supplementary program or two (SpyWareBlaster etc).
>
>
>> Even running free FireFox addons such as
>> NoScript won't protect you unless you've been caught before and know not
>> to allow the site access to Java or JS. You should really be running
>> an IP blocking program like PeerGuardian or if that is too much hassle,
>> do what I do and use OpenDNS. I'm sure there are other solutions, those
>> two just spring to mind. My advice, if you don't want this happening
>> again and you're the type that's likely to run across sites like these
>> often, is to do a bit of research into blocking methods and choose the
>> one that best suits your need.
>
>

As I said, a hosts file is great, so long as you protect it otherwise it
becomes pointless. Many programs out there now protect things like Home
pages and hosts files simply because security companies are aware that
they are easily hijacked with things like WSH or ActiveX (or even a
crappy FF addon).


--
Me Here


Don't let your education interfere with your intelligence. -- unknown

[John Corliss]

Tom wrote:
> How do we get out of the browser infinite loop quicksand when we navigate
> to web pages designed to lock us in and force us to hit the "pay me" button
> (whatever they want to force you to do)?
>
> These are just a sample of nasty quicksand web pages I've run into which
> lock your browser into a loop and won't let you get out until you hit the
> "install" or "run" or "OK" button... (whatever it is they want you to do).
>
> http://www.spywareiso.com
> http://antivirus-scanner.com
> http://findyourlink.net
> http://www.findyourlink.net
> http://spywareiso2008.com
> http://www.spywareiso2008.com
> http://www.immenseclips.com
> http://antivirus2009-scanner.com
> http://thecatalogfree.net
> etc.
>
> When you navigate to these quicksand links, you can not get out of their
> infinite loop with your browser no matter what you do. I'm forced to
> control alt delete and kill the browser from the task manager ... but I ask
> ...
>
> Is there a more graceful way, after the fact, to navigate away from
> quicksand domains which have a hold on your browser, other than control alt
> deleting the browser process?

Tom, what browser are you using? That makes a big difference in how to
get around the problem.

Maybe you've answered this question already in this thread, but there
are too many replies to it for me to read the whole thread.

TIA.

--
John Corliss BS206. I use nFilter to block all crossposts and all Google
Groups posts because of Googlespam. No ad, cd, commercial, cripple,
demo, dotnet, nag, share, spy, time-limited, trial or web wares OR warez
for me, please.

[Ari]

On Sun, 13 Jul 2008 06:04:02 -0700, Tom wrote:

> How do we get out of the browser infinite loop

Oh, we could kick the ever-loving **** out of you, how about that,
SPAM*******.
--
An Explanation Of The Need To Be "Anonymous"
http://www.penny-arcade.com/comic/2004/03/19