Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Security

Snopes Pushing Zango Adware 256

DaMan writes "Here's something that isn't an urban legend — Snopes, the popular urban legends reference site, has been pushing adware, for at least 6 months, to users via ads displayed on its Web site. No one seems to have called them on it until recently."
This discussion has been archived. No new comments can be posted.

Snopes Pushing Zango Adware

Comments Filter:
  • I hear... (Score:5, Funny)

    by Landshark17 ( 807664 ) on Monday January 28, 2008 @07:56PM (#22216102)
    They also run spam servers... http://xkcd.com/250/ [xkcd.com]
    • by kentrel ( 526003 ) on Monday January 28, 2008 @08:22PM (#22216384) Journal
      I read that comic too a few weeks ago, and did some research to try and verify it, but couldn't find any significant evidence.

      Anyone find any?
      • Re: (Score:3, Informative)

        I read that comic too a few weeks ago, and did some research to try and verify it, but couldn't find any significant evidence.

        I think humor is not your forte.

        The joke is about Symantec and all of the other anti-virus/mal-ware companies. The urban legend is that they are in cahoots with the virus writers in order to keep their anti-virus business in business.

        I think it is at least as true as the FBI looking the other way when their informants commit 'petty' crimes because they think that getting the big fish is worth it.

        • by kentrel ( 526003 )
          Oh now I get it..

          Humour is my forté. However, humour about the inner workings of anti-virus and mal-ware companies is still on my to-do list. Know any good stand up albums I should listen to? I hear Symantec Kinison is really good. :D







          I'm sorry I'm sorry I'm sorry I'm sorry I'm sorry. I'm sorry I'm sorry I'm sorry I'm sorry I'm sorry
          • Re: (Score:3, Funny)

            by argiedot ( 1035754 )
            Humour about the inner workings of anti-virus companies may not be your forte, but placing accents on random letters certainly is ;)
    • Re: (Score:3, Funny)

      by _KiTA_ ( 241027 )

      They also run spam servers... http://xkcd.com/250/ [xkcd.com]


      Meh, I read somewhere that that was debunked.
  • by Anonymous Coward on Monday January 28, 2008 @07:57PM (#22216108)
    Maybe I should go check an urban myth site to see if it's real...
  • Turncoat! (Score:4, Funny)

    by Misanthrope ( 49269 ) on Monday January 28, 2008 @08:00PM (#22216146)
    Stay good Snopes! Stay good!
  • by Anonymous Coward on Monday January 28, 2008 @08:03PM (#22216188)
    "Pushing Zango" is Dominican slang for having sex with an elderly woman. It's true.
  • by bjmoneyxxx ( 1227784 ) on Monday January 28, 2008 @08:04PM (#22216208)
    Snopes isn't something built for the common good of people, it's their to generate money, and they just happen to choose one of the darker ways to do it. "Do you want to block junk sites?"
    • by Anonymous Coward on Monday January 28, 2008 @08:37PM (#22216522)
      I just tried to fill out their Contact Us page to ask them about their use of the Zango malware. My form submission threw an error on their server side ASP code. The really scary thing, look at the error message:

      Error Type:
      Microsoft VBScript runtime (0x800A01A
      Object required: 'zango' /cgi-bin/comments/webmail.asp, line 132

      We'll see if any spam starts coming in to the (unique) address that I submitted to that form.

      What this says to me though is that not only are they including JavaScript for an ad banner network, but their server side code is making references to 'zango' by name, implying a deeper relationship.

      I think it's safe to assume for the time being that Snopes probably doesn't have your best interests at heart, and to not use an e-mail address that you care about if you choose to communicate with them.
      • I get the same result. I thought I had sent my complaint (reference this post [slashdot.org] via their web form, but upon clicking back over to that tab I noticed the same error you got. So, to contact them about Zango's abusive business practices, I have to install Zango's abusive software to interact with their server, or it generates an error? Wow. Somebody's smoking some good stuff at Snopes. WHIOS has the following registry data for snopes.com:

        Administrative Contact , Technical Contact :
        Mikkelson, David
        snopes@best.com
        P.O. Box 684
        Agoura Hills, CA 91376
        US
        Phone: (702) 988-4047
        Fax: (818) 261-3054

        The phone number appears to ring to offices at "best.com", who says their offices are presently closed and offer to take a message. Keying "best.com" into your browser will redirect to Verio [verio.com]. And round and round we go. I think I'll send a fax to the number listed in WHOIS.

        • Re: (Score:2, Interesting)

          by Web Goddess ( 133348 ) *
          Please let's not jump to conclusions.
          Snopes has been a *good* site since way back.

          Sure they don't have telephone access to their personal phone via whois. Do you? I sure the heck don't; I conceal my personal data. And poor snopes.com ... running on Microsoft ... my heart goes out to them. They don't know Linux, they're not power users like us. I am sure there is an explanation!!!

          Benefit of a Doubt to Barbara -- voice of Reason

          Wendy

    • by patio11 ( 857072 ) on Monday January 28, 2008 @09:02PM (#22216734)
      A quick primer in online advertising, for those of you who block it:

      At one end of the chain, we have Content Provider A. At the other end of the chain, we have Service Provider Z. Z wants to place advertising on A's site but, importantly, doesn't know how to do it, doesn't generally know specifically who A is, and needs this to scale to potentially thousands of As. This is where participants B, C, D, E, F, Google, H... etc come in. There are advertising aggregators, affiliate networks, affiliates, affiliates of affiliates, affiliates of affilates of networks of affiliates who subdivide the advertising market into smaller and smaller slices before it finally gets on A's site.

      Now, somewhere in the chain, let us inject one person who is less than scrupulous. He doesn't work at Snopes -- this would tarnish a brand for a week's worth of income, not a smart play. He probably has a steady stream of relationships with each of the numerous advertising concerns on the Internet, picking up and moving from one after he has collected a check or three and then had the banstick for TOS violations catch up with him. He is the one working for, most probably, affiliate of an affiliate of an affiliate of Zango.

      This is the way most malware makes its way onto ad networks and, from there, onto high-trust sites. Volokh Conspiracy, one of my favorite blogs, had a nasty browser hijacker which affected non-US users for months before their advertising network caught wind of it. A few popular MMORPG sites have ended up hosting keyloggers in the same fashion. It is an unintended consequence of a system without central control -- much like the Internet itself, actually. (The system being split up this way does have its advantages, for both endpoints of the chain and for everybody between. Google's business model is based on snapping the chain and replacing it with a big cloud labeled Gooooooogle, but they're not yet the only game in town.)
    • You're right, they have every right to be creepy, and you and I have every right to bitch about it, and put pressure on them to quit being creepy.
  • by driftingwalrus ( 203255 ) on Monday January 28, 2008 @08:09PM (#22216258) Homepage
    Snopes has long had obnoxious levels of advertising. The site really isn't usable without AdBlock.
    • by caseih ( 160668 )
      That explains it! I was like, "snopes has ads?" Actually I'm mildly surprised to see ads on a lot of sites when I have to use a browser that doesn't have adblock or privoxy handy.
      • Re: (Score:3, Interesting)

        by STrinity ( 723872 )
        A few days ago I posted a joking comment along the lines of, "What, Slashdot has ads? One of these days I need to browse without Adblock," and some jerk flamed me for being a freeloader. Well this is exactly why I go overkill with anti-adware programs.
      • Re: (Score:2, Insightful)

        by Blakey Rat ( 99501 )
        The only thing more obnoxious than ads on websites is the 45 people who crop up in every Slashdot discussing with their smug "I don't see ads, I use AdBlock!" bullshit we've already read 50,000 times.

        Give it a fucking rest.
  • Misleading Summary (Score:5, Informative)

    by setirw ( 854029 ) on Monday January 28, 2008 @08:14PM (#22216298) Homepage
    This summary is somewhat misleading, since the user actually has to click the banner to install the software. Contrary to what the summary implies, Snopes does not perform drive-by downloads on its users. By the logic of this summary, tons of online publishers "push adware," since those "Free Virus Scan" ads are pretty ubiquitous...
    • Re: (Score:3, Funny)

      by Anonymous Coward

      This summary is somewhat misleading, since the user actually has to click the banner to install the software.
      I know, and I had a hell of a time trying to get it to work under Wine! they really should fix that
    • But he does say that since people trust Snopes that the software appears to be enorsed by Snopes. Which would lead people to go ahead and install it.
      • Re: (Score:2, Interesting)

        But he does say that since people trust Snopes that the software appears to be enorsed by Snopes. Which would lead people to go ahead and install it.

        So.. Snopes readers... Who are generally somewhat cautious, skeptical or suspicious sorts, if only because they're most likely there to debunk some urban legend that's been going around... Are going to blindly install a shady virus scanner from a pop-up window ad.

        I'm sure there's an exception to prove the rule, but I just don't see it happening. The fact th
        • by yotto ( 590067 ) on Monday January 28, 2008 @09:40PM (#22217026) Homepage
          [i]Snopes readers... Who are generally somewhat cautious, skeptical or suspicious sorts, if only because they're most likely there to debunk some urban legend that's been going around... Are going to blindly install a shady virus scanner from a pop-up window ad.[/i]

          Um, I don't send people to Snopes because they were cautious, skeptical, or suspicious. I send them to Snopes because they forwarded me an email about how a little girl in Indiana went missing and if you just forward it to your friends some company will donate $1 to the save the little girl fund or some garbage like that.

          These are EXACTLY the type of people who will click on the flashy icon that says "Click here"
        • So.. Snopes readers... Who are generally somewhat cautious, skeptical or suspicious sorts, if only because they're most likely there to debunk some urban legend that's been going around... Are going to blindly install a shady virus scanner from a pop-up window ad.

          I suspect that Snopes has two very distinct types of readers

          1. The reasonably informed people who visit because its a well written site
          2. The completely uninformed people who are there because the world is a scary place

          The first group (which one presumes anyone here who visits Snopes falls into), are horrible people to make ad revenue off of. Our eyeballs are worth pratically nothing, so any marketing strategy they have might just as well not include us.

          The second group however, is total gold. As TFA s

      • by 1u3hr ( 530656 )
        But he does say that since people trust Snopes that the software appears to be enorsed by Snopes. Which would lead people to go ahead and install it

        So have you noticed the Microsoft ads on Slashdot?

        Really, who does not know the difference between an advertisement and an endorsement? You're not that dumb, why assume everyone else is.

        • Really, who does not know the difference between an advertisement and an endorsement? You're not that dumb, why assume everyone else is.

          When a publication accepts an ad, that ad reflects on that publication. I have chosen to do business with companies specifically because of the reputation of the publications they advertise in. I trust those publications to filter acceptable ads for me, and only sell them to vendors who are worthy of the publication I'm reading.

          I used to trust snopes. Based on this, meh, not so much any more. If they're willing to let their readers be duped for their profit, the veracity of the entire site is called i

          • by 1u3hr ( 530656 )
            Would you trust a site that pretends to have scientific information on, say, nuclear power, if it also contained ads for greenpeace and a tinfoil-hat vendor?

            That's reversed the statement. I was replying to a post saying they would trust the ads because of the site they were on. You're stating you should judge a site by their ads.

            My point is that most people understand that ads are just selling in-between space, they're not editorial. While you hope that a site or publication will vet the ads they run, a

  • Who does what how? (Score:4, Insightful)

    by mcmonkey ( 96054 ) on Monday January 28, 2008 @08:14PM (#22216300) Homepage
    A little on topic/a little bit just an excuse to blather about something in my mind since the Cloverfield [slashdot.org] story:

    Folks in the ad game are in trouble. And I mean the folks using ads to sell another product and the folks selling the ads.

    Apparently there was some sort of 'buzz' about Cloverfield for the past few months. I missed it. That may not be interesting, except I watch 2 to 3 hours of TV a day, spend more time than that on the web, subscribe to several popular (non-technical) magazines, and read a daily newspaper. I don't claim to have my finger on the pulse of pop culture, but I'm not quite ammish.

    I vaguely remember a teaser-trailer (perhaps before Transformers?), but other than usual pre-release media push in the last few weeks, I know nothing of this buzz. If that's the state of advertising, then those folks are in trouble.

    How does this tie in to the current topic? Well...Snopes has ads? I would guess it would since there's no subscription fee and would make a very strange charitable effort otherwise. But if Snopes has ads, I can't say I recall ever actually seeing one.

    Seriously, for TV I have TiVo. For the web, there's ad buster and other tricks. For magazines, those ads are usually full page and very easy to recognize and skip without reading. For radio, there's NPR. Pretty much the only traditional advertising that gets my attention are bra ads in the daily paper. And those aren't even selling anything I might buy! (Unless the models are for sale.)
    • by Otter ( 3800 )
      Apparently there was some sort of 'buzz' about Cloverfield for the past few months. I missed it. That may not be interesting, except I watch 2 to 3 hours of TV a day, spend more time than that on the web, subscribe to several popular (non-technical) magazines, and read a daily newspaper. I don't claim to have my finger on the pulse of pop culture, but I'm not quite ammish.

      Mmmm, I don't watch nearly as much television as you do, and I've certainly seen numerous Cloverfield commercials. It's the only recent

      • by MrWa ( 144753 )
        Mmmm, I don't watch nearly as much television as you do, and I've certainly seen numerous Cloverfield commercials. It's the only recent movie I could have named.

        The other poster was correct - there have been a few articles stating how Cloverfield was successful partly because of "buzz" created due to non-standard method of publicity since release of the teaser trailer...commercials on TV are the norm and that is all I know about as well. In fact, I would say that Cloverfield was advertised more than any

    • Re: (Score:2, Insightful)

      by gandhi_2 ( 1108023 )
      NPR doesn't carry advertising?

      The fact that the personalities do the pitches, and they aren't screeming about hotdogs at the monstertruck show, doesn't mean NPR doesn't cary ads.

    • Seriously, for TV I have TiVo.

      For Tivo, TV has pop-up ads.

      For the web, there's ad buster and other tricks.

      For adblock, the web has text ads.

      For magazines, those ads are usually full page and very easy to recognize and skip without reading.

      For ad skipping readers, magazines make paid ads look like just another product-review article, that just happens to turn into a glowing endorsement. See "Popular Mechanics"

      For radio, there's NPR.

      Do I even need to bother with this one?

    • Apparently there was some sort of 'buzz' about Cloverfield for the past few months. I missed it. That may not be interesting, except I watch 2 to 3 hours of TV a day, spend more time than that on the web, subscribe to several popular (non-technical) magazines, and read a daily newspaper. I don't claim to have my finger on the pulse of pop culture, but I'm not quite ammish.

      This is a bit off-topic, I know, but anyway: I have a Virgin Mobile phone. I paid very little for the phone and very little for the serv
    • Wow. Now all you need to do is make 200 million people think and act exactly like you do, and you'll have the advertising industry quaking in its boots!
    • by WK2 ( 1072560 )
      I started reading your comment, and asked myself, "What's Cloverfield?" Apparently, it's a movie.
      • by nuzak ( 959558 )
        I thought it was one of Intel's chipsets.

        Today's Sluggy Freelance [sluggy.com] references the movie too. I'd never heard of it. The poster is cut off in the frame, and just reads "rfield", and I was wondering if there was a new Garfield movie. With a shaky-cam. And I figured that would make me pretty ill too, but I was still pretty puzzled at the whole idea. Now I know.

        (whaddya know, sluggy's down, so this post won't have a proper permalink, but that was pretty much the whole joke in the post above)
  • by Animaether ( 411575 ) on Monday January 28, 2008 @08:15PM (#22216322) Journal
    "These two popups are there practically every time you visit Snopes (see for yourself)."

    Well, I did. And I didn't get any popups. I'm on refresh #30 or so.

    No, I don't run adblock.
    No, firefox isn't telling me it blocked a popup either.

    I also tried with IE6. Still nothing.

    Is the author quite sure they're not just targeting -him-? Be it my some manner of IP -> location lookup, or via an old cookie he's got laying around, or whatever?
    Either that, or Snopes already changed things. Woo conspiracy theorists rejoice.
    • Re: (Score:3, Interesting)

      by greg1104 ( 461138 )
      I get some sort of pop-up (which Firefox initally blocked) within a few refreshes of every time I clear the cookies on the browser. All the ones I've been getting are for Netflix and similarly decent companies, haven't seen the adware one yet.
    • by Spy Hunter ( 317220 ) on Monday January 28, 2008 @11:08PM (#22217696) Journal
      Snopes, like most other sites using popups, sets a cookie the first time you visit, so you only get the popup once per some amount of time (however long until the cookie expires). Also, these days sites get around popup blockers these days by raising the popups on a mouse click event, instead of when you first visit the page. Try clicking on an empty area of the page to generate the popup (after you have cleared your cookies).

      I can confirm that they do use popups as I got one from them just yesterday. Actually what I got was a pop-under, masquerading as a Windows dialog box, which is even worse. Snopes' advertising has become quite obnoxious, but their content is still good so I grudgingly put up with it. Incidentally, if you hate popunders as much as I do, please vote for https://bugzilla.mozilla.org/show_bug.cgi?id=369306 [mozilla.org] to kill them forever. (Don't add comments to the bug though, that's bad bugzilla etiquette)
  • So Block Fastclick (Score:2, Informative)

    by nachoboy ( 107025 )
    If you don't like the ads a particular ad-server gives you, make sure they're unwelcome on your network, regardless of the site hosting the ads. I make sure fastclick.net (and about 150 other unsavory domains) resolve only to 0.0.0.0 at my DNS server. If you don't run your own DNS, OpenDNS [opendns.com] allows you to block specific domains as well.
  • by ChangeOnInstall ( 589099 ) on Monday January 28, 2008 @08:22PM (#22216380)
    I've been running adblockplus for quite a while now and have effectively forgotten about issues like this. So have most others who would get upset by it. Of course then I'll unknowingly send friends/family to sites such as snopes without a second thought about malware concerns. To me it looked like a nice wholesome/clean site.
  • bad provider? (Score:2, Insightful)

    by dnwq ( 910646 )
    Probably just a bad advertising provider than anything else. ... I get the whole "check who provides your advertisements" thing, it's a duty of the webmaster and all - but wasn't there a case where a provider only showed malicious ads outside the country of origin? Or something? Is checking even reliable? Ethical policy here would probably just be to poke Snopes.com via their forums first...
  • by ThatsNotFunny ( 775189 ) on Monday January 28, 2008 @08:45PM (#22216604)
    Talk about a user-unfriendly feature! They use some very annoying javascript to disable the ability to select a portion of text. No idea why...
  • by macdaddy ( 38372 ) on Monday January 28, 2008 @08:46PM (#22216608) Homepage Journal
    I'm sure I'm not the only one that would like to block Zango at the network level. Does anyone have the repository of information needed to create an effective block? I'm talking about RIR assignments, ASNs, SWIPed allocations, domain names, etc. Does anyone know of such a source? With this information I can ensure that none of my users ever have to put up with this Zango horse shit again.
    • by ShaunC ( 203807 )
      You can start by blocking all of these 180solutions.com domains [robtex.com] with the method of your choice. Make sure to scroll down to get the list of related domains which ns1.180solutions.com answers authoritatively for. From a cursory glance, you're accomplishing a great deal just by dropping traffic to/from 64.94.137.0/25 and 66.150.14.0/25.
  • by foxtrot ( 14140 ) on Monday January 28, 2008 @08:46PM (#22216610)
    Snopes claims it's an urban legend.
  • would be snope's credibility circling the drain...
  • Several months ago. But my Wikipedia edits [wikipedia.org] (complete with verifiable references) were quickly undone by Snopes fanboys.
    • I am really sorry. someone should start a spyware/computer bug wiki. I tried to report on the itunes directcd bug.. and some editors liked it, some didn't. I didn't have the stamina to keep it in.
  • Claim: Snopes are in bed with Fastclick, which serve ads via Snopes.

    Status: Irrelevant

    Examples:

    [Collected via Sunbelt Blog 2008]

    [F]or a long time now (probably at least a year), I've noticed that they are in bed with Fastclick, which in turn constantly serves one annoying ad on Snopes.

    Origins: All joking aside, despite Sunbelt Software passing themselves off as vendors of anti-spamware, they have a sordid spammy past themselves. Go to http://groups.google.com/ [google.com] enter the newsgroup `news.admin.net-abuse.ema
  • Could it be everyone smart enough not to fall for urban legend forwards is also smart enough to block adware?
    • by micpp ( 818596 )
      Surely people who are smart enough not to fall for urban legend forwards wouldn't need Snopes at all.
  • Rot From The Top (Score:3, Interesting)

    by hyades1 ( 1149581 ) <hyades1@hotmail.com> on Tuesday January 29, 2008 @09:39AM (#22221202)
    Given the earlier statement that a Wikipedia entry had been altered to hide the Snopes/Malware connection, it seems to me that it's unlikely the people running the site are unaware of the predatory advertising practice occurring under their aegis.

Like punning, programming is a play on words.

Working...