October 19, 2002

By ANICK JESDANUN The Associated Press

NEW YORK — As if junk e-mail and pop-up ads weren’t annoying enough on their own, now there’s pop-up junk e-mail.

A developer of bulk-mail software has figured out how to blast computers with pop-up spam over the Internet through a messaging function on many Windows operating systems.

The function was designed for use by computer network technicians, for instance, to warn people on their systems of a planned shutdown.

The pop-up messages appear on recipients’ computers in separate windows, similar to pop-up ads that appear when a user goes to a Web site.

But there’s a difference: Any-one can send the messages, and there’s no need for the user to have an Internet browser open.

Gary Flynn, a security engineer at James Madison Univer-sity, where several messages were received, calls the technique worse than e-mail spam.

“This pops up on the screen,” he said. “It’s almost like somebody barging in your office and interrupting you.”

Zoltan Kovacs, founder of the company that makes the new software, officially condemns spamming but acknowledges some customers buy it for that.

“If some people use it for bad things, they should take their own responsibility, but it’s their own problem,” Kovacs said.

He said his tool can help system administrators send alert notices to network users more efficiently.

However, his Web site touts the software’s advertising and marketing potential. He said he has sold more than 200 copies since his $700 product was released two months ago.

The new spam technique, first reported by Wired.com, represents the latest attempt to bypass the increasingly sophisticated e-mail spam filters employed by leading Internet service providers and individual users.

It also circumvents state and other laws designed to curb junk e-mail, Kovacs said.

Kovacs said his company is based in Romania. A demo copy of the software contains a Plantation, Fla., address, but he said that was old. Kovacs refused to discuss his location, other than saying he is in the United States.

In recent weeks, Internet users have reported receiving pop-up messages such as one touting university degrees without classes or books.

Security firm myNetWatchman.com, which monitors some 1,400 computer networks worldwide, also detected unsolicited connection attempts of the pattern used by Kovacs’ software, DirectAdvertiser.

Unlike e-mail, recipients can only receive messages if their computers are on while the messages are being sent. And the software can only send text — not images or clickable links as are found in pop-up ads and e-mail.

The software itself does not hack into computers. Rather, it uses the Messenger service that comes turned on by default with many Windows systems, including 2000 and XP, said Philip Sloss, an independent security consultant in San Diego.

Messenger, not to be confused with the MSN Messenger instant-messaging program, is meant for system administrators to broadcast service notices.

But if a system administrator can use Messenger, so can someone connecting through the Internet from the outside, said Lawrence Baldwin, president of myNetWatchman.com.

Flynn worries that hackers might one day use the technique to persuade users to change their passwords or otherwise compromise security.

Users can disable Messenger through their operating system’s control panel, although doing so could interfere with some anti-virus and other applications that send such messages. Kovacs even provides instructions on his Web site.

On the Net:

DirectAdvertiser, for opting out: http://www.directadvertiser.com/optout.html

http://mynetwatchman.com

-- Anonymous, October 19, 2002

Answers

Find Kovac and send him to jail where he can get all the 'pop-ups' he doesn't want.

Waht a class A number 1 jerk.

-- Anonymous, October 20, 2002