Brain Candy #23 - Dynamic Advertising, Threat or Menace?

To summarize the articles, some Web advertisers are now putting files onto your computer that run Java programs on your machine, without asking your permission, or even telling you about it. This enables them to do a lot of attention-getting tricks that they can't do in any other way. At first glance, you might think this isn't much different than writing an animated gif to your machine. In a perfect world, it wouldn't be a big deal. The advertiser would take care to keep file sizes small. The programs would be well-behaved and always work perfectly and thus not interfere with your web browsing (or anything else). They would go away eventually, after they had done their tasks. Of course, we don't live in a perfect world. There are reports on the Web of huge files being surreptitously loaded onto users' machines. If you have a slow modem connection, this requires long downloads. Some of the programs apparently aren't particularly well debugged, and have caused browsers to misbehave and systems to lock up. There appears to be potential for malicious variants of these files to appear. There is at least one company, TimeSink, which installs a program, TsadBot, on your machine that some users have claimed is inserted permanently into your Startup file. If so, it can run all the time, whether you use the web or not. Although the commercial anti-virus programs ignore it, some private virus lists have included it. It is an example of something that can be called a commercial virus (if you don't approve of it) or dynamic advertising (if you do).

These files aren't from fly-by-night web sites advertising shady companies. We're talking about sites like MSNBC, www.pcmag.com and www.langa.com (hence the title "Biting the Hand...") and companies like Dell, Disney, American Express and Sharper Image. TsadBot is apparently part of the distribution file for pkzip, a very common shareware utility. I haven't heard of any of these files (TsadBot excepted) being written outside of temporary directories and so they do disappear every time you clean your cache and Temporary Internet Files areas (if you do), but I don't believe there is anything that stops these files from being placed elsewhere. Most of these files are being stored as compressed .cab files, but the potential for them to be stored as standard .zip files, or even other types exists.

All of my stories are second-hand. I've looked carefully at our systems and haven't found any of these files. I don't know the exact reason, but one idea that I have is that it might be because we exclusively use Netscape Navigator. I have read numerous notes from Microsoft Internet Explorer users who have been extensively affected, but I haven't seen anyone who identified themselves as a Netscape user who claimed to have these problems. I suspect that TsadBot is an equal opportunity invader, however.

So, what should you do? Mostly, I would suggest that you be aware and wait to see what develops. You can use the Windows 95/98 "Find" utility to watch for .cab files that appear on your system after you surf the web. Windows 98 users supposedly have a file viewer for .cab files, although I haven't found it yet. WinZip can also read some (but not all) .cab files. Don't just delete all the .cab files on your system; they are valid .cab files that Microsoft and other companies use to store compressed information on your hard disk. They can be critical to your machine's functions.

I suspect that there will soon be a media scare concerning this subject. There really are some serious issues involved, but I think that Internet users need to carefully consider what to do about this. For better or worse, advertisers are paying for a lot of neat things on the Web. Like commercial TV, if you want the programming, advertisers expect you to put up with the ads. But when an ad can chew up your connect time, grab chunks of your hard disk, mess up your system and perhaps do worse once the malicious start to alter them, we need to draw some lines. If nothing else, maybe we'll learn to just avoid the sites and advertisers that play these games with their visitors. Advertisers really don't like boycotts. In the meantime, I would advise you to keep your eyes open. Regularly clean up your cache and Temporary Internet Files areas with Disk Cleanup and don't get too concerned if you find yourself a target of dynamic advertising.