AOL, Dell, Yahoo, & Priceline... among others:
http://www.informationweek.com/story/showArticle.jhtml;jsessionid=3HEGVBH3YCRWMQSNDBCSK HSCJUMEKJVN?articleID=171200442

It is all about the money.

The only thing I am surprised about is Yahoo. Although cleaning up after an install of their IM is just as bad as AOL's IM. So I guess I shouldn't be surprised.

It's no wonder it is so hard to keep control of the ads these companies pay for. All the affiliates four steps above and below are to hard to keep track of. But sure some of them don't want to know what's going on with their ad dollar, unless they start getting bad press. ;)

I was just reading about this a couple of nights ago when a hurricane blew through here and disrupted everything, and was intending to post something along the same lines, but with a link to the site used as the primary reference for this article, Ben Edelman (http://www.benedelman.org/).

I've only scratched te surface of the Edelman site, but it has some really good in-depth information about what some of the bottom feeders of the Internet are doing and who is paying them for ads. I found the Edelman site while digging for information on one of the spyware programs he has tested. It was so interesting I spent the rest of the night reading and got absolutely nothing done on the problem computer till the next day...

On a similar note I also found another problem that is an eye opener. Many of you already know I'm running Linux on my main machine, [Mandrake] and now am using Firefox as the primary browser. I was very surprised to find Firefox being redirected to a 1dial-search "page not found" page. Windows spyware/browser hijackers don't run on Linux, what gives? I wondered...

A bit of digging turned up yet another exploit that is currently in use, (this has been happening just in the past few days) related to a weakness in DNS. I don't understand it all just yet, but the basic rundown is when a URL times out or is mistyped, through exploiting a weak spot in DNS 1dial can redirect your browser (apparently no matter what the OS) to their own "search" page, using no software actually installed on the computer at all, just a DNS "wildcard" if I understand all this correctly. According to another article I looked up VeriSign was doing the same thing not long ago.

The fix is to get the DNS server IP addresses from your ISP and put them into the internet configuration so the browser always goes to their DNS servers first when a URL is not available, gone bye bye or mistyped. Morein this thread at NoNags (http://www.nonagsplus.com/forum/forum_posts.asp?TID=884&PN=1)

I've configured my DNS server as my ISP's, and have disabled DNS caching on my machine. Its definitely a little slower, but its not terribly frustrating.

After doing some research, I also decided to modify my HOSTS file to redirect well known junk destinations. Avast and ZoneAlarm route stuff through various ports on 127.0.0.1 too though. Does anyone think using that IP in my HOSTS file is problematic? I changed them to 0.0.0.0 assuming those would go nowhere as well.

Should this have been in it's own thread?

*quasi-newb*

FireFox has an update that addresses that vulnerability....

Pete,
I posted the 1.07 update for Firefox here:
http://www.pcguide.com/vb/showthread.php?t=40641
Note the Linux fix explained here:
http://www.mozillazine.org/talkback.html?article=7388

Avast and ZoneAlarm route stuff through various ports on 127.0.0.1 too though. Does anyone think using that IP in my HOSTS file is problematic?

Probably not. I've used the hosts file (Under Linux too) for a good while to eliminate a lot of the ad servers, and in the case of machines with public access a lot of porn sites too. It basically tells your browser if a certain URL points to 127.0.0.1 therefore your machine is that website, so it never goes looking for it on the Internet, it thinks it's "already there". That means it never reads the actual HTML, PHP [or whatever] file stored on the server at that specific URL.

I doubt if it can create problems with your machine, the browser simply never looks any further for the page than that line in the hosts file. A much better and more detailed description is HEre (http://accs-net.com/hosts/what_is_hosts.html) and a sample hosts file that should work well. Others are available too.

Thanks I'll check out the Firefox links.