Incognito Buddy, GV and WV

Hey, Buddy here, incognito again because I figure some of you are going to want to throw rotten tomatoes at me before I finish this post.  But one of us had to volunteer and I drew the shortest whisker from the mug.  I'm speaking for all of us, including the other 6 cowards ... um, furries on the Funny Farm, hence the use of "we."


Today, we have a warning to share with all Google / Blogger bloggers.

We all like to add cute gadgets to our blogs, but we have to be very careful of what we post, not merely for our own safety but because we are responsible for the safety of our visitors.

For several years now, we have been coming across a number of blogs that have a popunder when we click to leave a comment.  Always before our anti virus has kept whatever site the popunder is to from loading.  The popunder will load but with a message from our antivirus the site is blocked because it's potentially dangerous.  

A couple of days ago, we came across the same problem but with a new twist.  What loaded was a popunder that was literally and visibly counting down the seconds to installing a downloading program that would not be flagged by our (or your) av because it is a legitimate program (although we'd never heard of it before) -- a downloading program that enables an easy, fast download of videos or multiple programs.  So why was it about to download and why was it "necessary" to download it at all, especially on the sly?  We can only think of one reason.

If you are wondering what's the problem if the program is harmless, remember this is done without visitors knowing it.  And just because the program itself is supposedly safe, doesn't mean anything downloaded with it would be. We have a good av, but not everyone does. And things can happen.

We try to remember to watch the bottom of our monitor screen to see what's loading and to count the new windows because of past experience, so we brought up the window, saw the counter and closed the window in time.  But most visitors would not notice the extra open window, especially since there might be a delay in opening..

We always notified the blog owner and when a particular globe widget (often two separate globes) were deleted from the sidebar, the popunders stopped.  The same thing happened last night.  The blog owner deleted the 2 globes from the blog and the problem was resolved  Any time the blog owner has refused to delete the globes, we have deleted their blog from our bookmarks.  Online safety is that important! 

Over the course of several years,  the comment popunders we've run into have all been associated with the same widget -  a spinning globe counter from Geovisite.  We hope this post will serve as a warning to those who are considering installing it or those who already have it posted on their site.  And also to remind you to be alert to what is happening as you surf the web. 


On another blog subject, as much as we'd like to do a tirade on the evil's of the Blogger word verification and why it is totally unnecessary to use it and chases off many visitors who would like to comment, we won't   But when Blogger made the mass switch to the new interface, word verification was turned on by default.  So we will admonish you to go to your own blog while NOT signed in to Google / Blogger and click on comments to check your own blog. You keep annoying your visitors and they will stop returning.

Go ahead, try to tell us you don't care your visitors are facing this kind of crap because you don't want to check out your spam options without it when they want to tell you they're sorry your Fluffercat or Roverdog died.  They not only have to love you, they have to have x-ray vision.

We just took the following off a blog comment form.  We didn't make them up. 


Or how about this one -


Okay, so we did a tirade anyway.  Sorry about that.  No, actually we're not. We're most annoyed with those who use full page comments because wv doesn't show up until after one has written a note of condolence or get well  or .... and clicked "publish comment."  And then we find we have just wasted our time.  

Oh, and Brandi reminded us of what we forgot to include.  We've checked this link several times already and our av sent a reminded this morning because if your computer is infected with the DNS Changer, your internet will be shut down on Monday..  You can find the link for various countries where you can check your computer, if you haven't already.   http://www.dcwg.org/detect/  Once you read the material, it only takes one click and a second to find out.

Just a reminder that the auction for Krasota Castle will be closing soon, so be sure to stop by Furriends of the CB and check out the items up for bids.

Pop Up Pop Unders

Okay, bloggers, we have an assignment for you today. We want you to be safe when you visit our blog and we know you want the same for your visitors. But we've been encountering blogs with a security problem the owners don't realize they have. So please read this and check your own blog before you forget.

The reason we are blogging about this today is because in recent weeks we have come across a few blogs with a pop under when we try to leave a comment. We always let the blogger know but we can't help them locate the source, other than tell them they have downloaded a widget with 3rd party code. We've blogged about that before. Before installing any widget, check the HTML. We're not experts, so the only thing we know to look for is a 2nd url inserted in the code. You know, it would start with http:// or www. You don't want any widget that is covertly giving a 3rd party permission to access your blog! And only get widgets from trusted sources. All fun widgets are not fun. They can bring along spyware or a virus.

And there's more. The recent pop unders we've been seeing are game related. They will display a game you have never heard of or downloaded, perhaps Gamevance. Now if you are a Facebook user, please pay attention! A pop under we've seen popping up quite a bit recently is FACEBOOK related. When you click to comment on a blog post, a Pet Society or Restaurant or ...... pop under will open wanting you to sign in to your Facebook account so they can have access to your FB information and friends list. We don't know whether they can access your username and password, but if you sign in using that page, you will have given them permission to post streams to your wall and contact your friends. Hopefully you won't fall for this, but .....

If you are already signed in to Facebook when you click to comment on an infected blog, they are in your Facebook account and set up as "your" application before you can blink. We saw this happen one day when we didn't realize Jan was signed in to her FB account when we stopped at a blog with this problem. But because we have been keeping an eye on our taskbar, we immediately saw the extra window opening and went right to FB and deleted the application!

As soon as we originally noticed the extra window opening in the task bar, we notified the blog owner and another blogger got right on it. But it took two or three very frustrating weeks to wade through all the code on the blog and finally locate the guilty widget. Since we're techno limited, our job was to check on it occasionally and just that momentary lapse of memory could have really cost us!

We strongly suggest if you are on FB that you go to your applications page and check to make certain that every single approved application listed there is one that you added. If you don't recognize it, delete it! You can always reinstall it if you find it was one you wanted. Because these pop unders are appearing on more blogs and many of you are unaware of them, you need to be alert and check your own blog and FB accounts periodically.

If you notice a pop up or pop under on anyone's blog, please let the blogger know in an email message. If you can't find an email address, leave a polite comment. But let them know! And if someone says they got one on your blog, check your sidebar widgets. These are security risks, not mere annoyances, so they need to be taken care of right away.

We're going to close with (we can hear the collective sigh of relief over this long post) one widget we are aware of that has been causing this problem. It's an international spinning globe counter widget.

We hope you won't be throwing rotten tomatoes or even snowballs at us, but since we found another blog with this problem today, we decided we need to speak out and warn new bloggers who aren't yet familiar with the potential problems with widgets and remind seasoned bloggers who might have momentarily forgotten this can happen to any of us.

Should you ever find anything strange on our blog, please let us know.

To check your own blog:

We don't know what browser you are using, but if you are using Firefox, go into Tools, Options, Privacy -- under Privacy click on "show cookies." Click on Remove All Cookies." That's right, clear them all out. (You'll have to sign in to your blog again after this, but trust us, this is important!)

Now open a new tab or window and GO TO YOUR OWN BLOG. Pick your last post or another one if you prefer. Click on "Post a Comment." Look down in your taskbar. Do you see an extra window opening -- one called a pop under because it opens behind your window so you don't generally notice it until you close or minimize your browser. And by then you won't have a clue where you picked it up.

If you are using IE, go to Tools, Internet Options, and under Browsing History, click Delete. This will clear your IE cache of everything including cookies. Then GO TO YOUR OWN BLOG and click on Post a Comment to check for any pop under.

Minimize your browser window and double check to be sure there's no pop under hiding back there.

Be safe! We love you.

PS -- We're sorry we're not getting to visit much lately. Jan is hogging the computer again and since it's to help us Funny Farmers, we have to support her efforts and not complain. We are doing our best to keep up even if we're not commenting.