Feeds

German freemail firms defend AdBlock-nobbling campaign

You're running 'content manipulating browser add-ons', citizen

Build a business case: developing custom apps

German freemail sites deny attempting to "trick" Firefox and Chrome users into disabling AdBlock, the popular ad blocking browser add-on.

Last week security blogger Michael Büker accused web.de and gmx.net of using what he claimed were "deceptive techniques" in order to hoodwink Firefox and Chrome users into removing AdBlock and its variants.

Users of the ad-blocking technology were apparently confronted with a "scary" message at the top of their page that said the security of their computers was compromised by a Firefox add-on. Surfers are invited to restore security by ridding their system of "content manipulating browser add-ons“.

Users are nudged towards this choice by an associated information-providing site called browsersicherheit.info (browser security dot info). Büker criticises the site for focusing on the supposed dangers of ad-blocking technologies while having little to say about browser ad-ons which antivirus vendors and browser developers characterise as malign or at least potentially unwanted.

Its Contacts page shows the site is actually run by a unit (specifically 1&1 Mail & Media) of German firm United Internet, which in turn owns web.de and gmx.net.

Büker charges that web.de and gmx.net were using FUD (fear, uncertainty and doubt) to get users to ditch a privacy-protecting technology purely because it interfered with the business's ability to make money.

We put this criticism to media representatives of web.de, who defended the security alerts. They conceded that they ought to be more up front about the source of these warning messages, but they defended the supposed neutrality of browsersicherheit.info.

We see the warning as a contribution towards more security on the internet, because especially software on users’ devices can be a gate[way] for attackers. Not all users are aware of the kind of add-ons they have installed and of the risks in changing a website’s content.

There are examples of add-ons being used to pass out content from the US. What scared us was how easy it is to manipulate add-ons; and especially [when malware-manipulated add-ons] were not [detected] by virus scanners in a lab test, which was confirmed by manufacturers of anti-virus software. The result: with just a few lines of code, an add-on can turn into spyware. More on that here. This was the reason [we wanted to] warn our users and make them aware of the installation in their browsers.

It may be true that the sender of the message was missing at first. We have revised the info box and it now clearly mentions WEB.DE and GMX as senders of the warning message.

The website www.browsersicherheit.info, however, has deliberately been chosen to be neutral because it is a comprehensive action, which other partners can link to. A browser, aside from transmission paths and data storage location, is the most important element of Internet security. As a provider, we take care of secure transmission and storage locations, but we need a user’s help to ensure the security of the browsers on their devices.

Web.de and gmx.net boast a combined total of several millions users.

United Internet has teamed up with Deutsche Telekom to roll out always-on connections between users’ computers and the companies' mail servers as part of the “Email made in Germany” campaign. As part of the same plan, Deutsche Telekom's email service T-Online together with United Internet's GMX and Web.de services will also try to avoid routing customers’ email traffic through US-hosted infrastructure - and thus avoid surveillance by Uncle Sam's spooks.

The whole idea only covers encrypting data in transit, not storing email securely, a factor that has allowed German hackers to dismiss the initiative as little better than a marketing gimmick.

This anti-NSA down-with-PRISM stance sits awkwardly with attempts to "persuade" surfers to ditch privacy-protecting technologies when it comes to bombarding webmail users with commercial ads based on their surfing habits.

We invited AdBlock Plus to comment on United Internet's GMX and Web.de warnings about ad-blocking technology but have yet to hear back from the US-based developer. ®

The essential guide to IT transformation

More from The Register

next story
Rupert Murdoch says Google is worse than the NSA
Mr Burns vs. The Chocolate Factory, round three!
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
Germany 'accidentally' snooped on John Kerry and Hillary Clinton
Dragnet surveillance picks up EVERYTHING, USA, m'kay?
Snowden on NSA's MonsterMind TERROR: It may trigger cyberwar
Plus: Syria's internet going down? That was a US cock-up
Who needs hackers? 'Password1' opens a third of all biz doors
GPU-powered pen test yields more bad news about defences and passwords
Think crypto hides you from spooks on Facebook? THINK AGAIN
Traffic fingerprints reveal all, say boffins
Microsoft cries UNINSTALL in the wake of Blue Screens of Death™
Cache crash causes contained choloric calamity
prev story

Whitepapers

Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.