Welcome to WebmasterWorld Guest from 50.19.190.144

Forum Moderators: Ocean10000 & incrediBILL

Message Too Old, No Replies

bsalsa for beginners

     
5:02 am on Sep 14, 2008 (gmt 0)

Senior Member

WebmasterWorld Senior Member 5+ Year Member Top Contributors Of The Month

joined:Aug 29, 2006
posts:1312
votes: 0


Can anyone shed some light on the bsalsa Embedded Web Browser?

I looked at their website but being technically challenged I am still in the dark as to what it is for.

Their forum only served to reinforce my opinion that, whatever else it may be, it is buggy as hell.

My current best guess is that it is a free component that may be included in "cottage industry" software to aid with things like automatic updates, and that it often corrupts the Internet Explorer user-agent string in the Windows registry by accident because it is not very good.

Googling brings up a lot of people who don't recall installing it and can't get rid of it.

Any enlightenment in plain English would be appreciated.

...

9:11 am on Sept 14, 2008 (gmt 0)

Senior Member

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 31, 2002
posts:25430
votes: 0


It's a library of functions that a programmer can use to add Web access to their program. So, it could be used to make a browser or a robot or to allow malware to "phone home" or download additional programs to a computer.

I also did a bit of searching and saw one report that associated it with malware, but again, it's like Indy Library or libwww-PERL or LWP:Trivial -- It's just a library of functions and in and of itself is neither good nor evil.

Jim

3:08 pm on Sept 14, 2008 (gmt 0)

Senior Member

WebmasterWorld Senior Member 5+ Year Member Top Contributors Of The Month

joined:Aug 29, 2006
posts:1312
votes: 0


Thank you Jim.

My concern is to allow all human visitors. I get the feeling that people are installing bsalsa unwittingly as a component of some other freeware utility, with unintended consequences.

It seems that in some cases they end up with preposterous corrupted user-agents that can be very long, might contain the word "Mozilla" more than once, might start with the prefix "User-Agent", and almost always contain an "http:" link to the bsalsa homepage.

Several of the posts I found via Google (and some on bsalsa's own forum) complain of being denied access to websites because of the corrupted UA, which can trigger several traps on my own sites.

I don't want to block innocent users, and was considering adding exceptions to various conditions in my .htaccess file. But after scouring my logs I found instances where bsalsa users were requesting only the images on a page (no HTML) which suggests to me that they are not all innocent.

My current thinking is to rewrite any bsalsa HTML requests to an informationial page, but I don't get enough of them to be seriously concerned about and for the moment they just get a 403.

I would be interested to hear how others deal with the bsalsa question.

...

3:16 pm on Sept 14, 2008 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member pageoneresults is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Apr 27, 2001
posts: 12166
votes: 51


I've been watching that bsalsa UA. I do believe a new proxy service called Tynt utilizes bsalsa. I've seen the name used quite a bit when referencing proxy services. I've been reading more lately on the whole proxy thing and that space is ugly, lot's of abuse going on.
3:37 pm on Sept 14, 2008 (gmt 0)

Senior Member

WebmasterWorld Senior Member jdmorgan is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Mar 31, 2002
posts:25430
votes: 0


> My current thinking is to rewrite any bsalsa HTML requests to an informational page, but I don't get enough of them to be seriously concerned about and for the moment they just get a 403.

Probably a good idea... Keep it short, with no images or links, tell visitors how to uninstall it (may require some registry work, unfortunately) and that should take care of everybody from innocent visitors to scrapers.

> I've been reading more lately on the whole proxy thing and that space is ugly, lots of abuse going on.

... WebmasterWorld's Understatement of the Year award! :)

Jim

3:50 pm on Sept 14, 2008 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member pageoneresults is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Apr 27, 2001
posts: 12166
votes: 51


WebmasterWorld's Understatement of the Year award!

Hey, it is relevant to the title of this topic!

bsalsa for beginners

:)

9:10 pm on Sept 14, 2008 (gmt 0)

Administrator from US 

WebmasterWorld Administrator incredibill is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Jan 25, 2005
posts:14621
votes: 85


Bsalsa was always blocked for me because of my "http:" filtering in browser addresses and all I'll say is I've seen some rather heated discussions on their forum after installing their software and getting instantly blocked.
12:22 am on Sept 15, 2008 (gmt 0)

Senior Member

WebmasterWorld Senior Member 5+ Year Member Top Contributors Of The Month

joined:Aug 29, 2006
posts:1312
votes: 0


I am not suggesting you go soft on it, but I have implemented an intercept to see what happens.

Here is a recent example (unlinked) that looked to me like an innocent human searching:

Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Sky Broadband; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; TuneUp HTML Client Embedded Web Browser from: http*//bsalsa.com/; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.0.04506; .NET CLR 1.1.4322)

I suppose I should be proud of blocking IE6 and IE7 simultaneously.

This is a similar one (unlinked) that came from a Google IP (66.249.84.nn):

Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; Embedded Web Browser from: http*//bsalsa.com/; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)

When a request from the 'plex gets a 403 from me I feel it is worth investigating.

On the other hand, this recent example (unlinked) requested images only:

Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; User-agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; http*//bsalsa.com) ; Zango 10.3.74.0)

And this is the referrer that came with it (unlinked and query-obfuscated):

http*//127.0.0.1:4664/preview?event_id=157138&schema_id=2&q=*obfuscated*&s=000000000000000000000000000

My conclusion is that any innocent human who has this thing installed probably needs help.

But I am not going to lose sleep over it.

--

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

Featured Threads

Free SEO Tools

Hire Expert Members