Forum Moderators: phranque
I'm not sure if this is the right place to post this, if not, please excuse me.
I got a copy of Norton Internet Security 2004 with a new Dell computer (love the computer, hate Norton-- and I used to be a BIG Norton fan!)
The problem I describe here possibly goes beyond what Norton Anti Virus (NAV) part of Internet Security 2004, is doing.
Please read on, this isn't about NAV or Symantec, I use them as an example because they seem to be the worst offenders. I know how to manage NAV, but most end users do NOT, and this is where the problem is coming from.
I have a growing concern with what Ad Blockers are doing to legitimate Web sites that unsuspecting users do not know. I use NAV as the example because I have it and can track its activities. Please understand and read on, it may be information you need to know (if you don't know it already.)
The Problem:
I discovered that when Norton AntiVirus has Ad Blocking turned ON, it very aggressively blocks some images, and even entire sections of perfectly legitimate Web sites. Worse, it makes decisions about some images created in Photoshop and blocks them as well-- for no discernable reason.
It also does this to search engines and ruins placements for some listings because it just "decides" to block them. In one case, a site appeared in number one placement on AltaVista with NAV OFF, and disappeared entirely when NAV was ON. If those folks had paid for top placement, NAV was wasting their money!
I dug around in NAV and found a list of targeted keywords that it looks for. It does NOT tell the user that it is blocking something, but rather simply prevents that part of the site from showing, leaving the unsuspecting visitor to wonder who the idiot was who designed a site that does not work properly. It writes a special javascript code into the browser on the user's machine (this also slows down surfing) that I think MAY link into the Symantec site.
An example of their blocking is the common word: "Banner". If an image is named Banner, it will be blocked, but worse, if a folder is named Banner, the entire folder and everything it contains is blocked. In one framed Web site I saw, this completely eliminated all navigation for the site, images, links, everything. All that appeared was the text in the next framed page and a lock up of the browser (I tested this in MSIE, Netscape and Firefox-- same result-- it was NAV!)
I have seen this negatively impact Macromedia's Web site, and the City of Boston Web site, Renderosity, the Artist community, to name just three.
Of course, I know to go into NAV and either turn off Ad blocking or allow a site, but most users of this program don't have a clue what to do with it other than let it run at its default settings. Some don't even know they have the program on their machines! Worse, they TRUST Symantec that it is providing security. But it is actually creating uncontrolled censorship.
I tried to contact Symantec, makers of NAV, but they wrote back and said to turn off NAV if I didn't like it.
That's NOT the point! Many of us work very hard to create good Web sites. Who is Symantec to arbitrarily decide what we can show on them and what not? And WHO is going to tell most users to turn off Ad Blocking, or how to do it? So our hard work is being marred and even ruined on some cases by this thrid party program-- and possibly others of similar contruction. One Webmaster I spoke to said "I give up, I can't keep chasing down all their blocks-- pretty soon, NOTHING will be allowed".
Have any of you run into this problem? I expect that other blocker programs are equally bad (I can't go testing them all, of course) and if so, these programs are having a negative impact on the Internet. Yet the companies are touting these features to get more sales. But who is paying the bill? Yes, they do block, but WHAT are they blocking?
I'm all for safety, but this is absurd!
What do you all think? Is there anything that we, as Webmasters can do to protect our hard work!
Thanks!
I came across this problem the day before your post. I was asking a friend to have a look at a site I'm working on. The masthead of the site was called banner.jpg, so NIS blocked it (turning it into a comment in the source before delivery to the browser).
There are many older threads [google.com] here about the problem, in particular this long one [webmasterworld.com]. It's a big problem for affiliates.
Why was my image called "banner". The site is for a festival. I asked a friend to design a banner for me - you know, a big flappy thing that you hang outside. I made a jpeg of the artwork he sent to use on the site.
Doh! You wouldn't want to be in the large format print industry and specialising in banners. :)
And, I've got a CMS that i resell. In the control panel is a link for 'banner graphic', where they can choose the main header graphic from a library. Some of this software completely disables this link. I've since changed the link to a different name.
Solution? recommend the combination of avg virus software and firefox. Protection just as good if not better, and none of the problems. And for home use, all free.
I'm going to uninstall Norton (If I can!), write to them telling them why (assuming they care), warn as many people as possible about how Norton blocks these things (maybe publicly on my web sites if that's not a sue-able offence?). Very amateur stuff on Norton's part. I used to be a big fan too when they knew how to program properly.
"I'm the guy who was trying to read EBear's site BTW! I hate the kind of arrogance shown by companies who think they're above listening to people in the industry when they discover a problem like this."
They are after the bottom line, make money by selling what they think the public wants. I'm all for making money, but not at someone else's expense. The rules that Norton applies are akin to saying "Everyone is a criminal until they prove otherwise" No legal system could survive with that attitude, the population would be in jail!
Here's an example of this insane attitude by Norton: They have a hidden set of heuristics that check for image sizes and if the size of your image fits the rule, it is blocked. The User can't turn this feature off. The only solution is to turn off ad blocking, empty the page cache, then reload the page!
Basically, Norton writes a Javascript virus into the browser that takes control. Pretty bad solution.
"I'm going to uninstall Norton (If I can!), write to them telling them why (assuming they care), warn as many people as possible about how Norton blocks these things (maybe publicly on my web sites if that's not a sue-able offence?). Very amateur stuff on Norton's part. I used to be a big fan too when they knew how to program properly."
Norton will not care that you complain. They'll just say don't use the product. They have your money, so they have what they wanted.
You CAN put up a warning (without naming Norton specifically-- make it VERY generic and gentle and you should be safe) to tell people to be careful when using the protection schemes. You can advise them to temporarily turn off SOME features (i.e. not the entire firewall!) like ad blocking or privacy blocking if they are having problems reading a site that they know is SAFE. As long as your notice is generic (no naming names) and offers something constructive that helps people, doesn't lie to them or make unsubstantiated claims, you should be legally fine.
Norton is the leader in this offense, but others will follow.
It might help, although most people still won't know what to do to turn off the features that are causing the problem.
I do a lot of work with clients who are "not technical". These are the folks who have caused so much of the "smart software" (that is really annoying to those of us who know what we are doing) to be developed to solve problems for them. Their attitude is that anything the computer wants to do is okay because the people who made the software know what they are doing. Yeah, that's a good one!
Asking a computer to do anything intelligent is idiotic.
Take any paragraph from a best selling book, or more so, a 19th century classic (i.e. Jane Eyre) and give it to a spell and grammar checker. Watch what happens then!
Software can only follow rules, not context, and that's where the problem lies, whether it is protection software, spell checkers or even installers.
"For those of us with adsense content sites a user who can't see the ads is a complete waste of resources.
Would it be technically possible to detect whether NAV is blocking ads? - if so, we could prevent the user from viewing our sites until they adjust the nav settings. It would be bad press for Norton to be seen getting in the way of their users browsing, but it the only way to get corp's to act. "
Well, this is the problem, isn't it?
NORTON is writing the "virus" code into the user's browser as javascript. It might be possible to detect it, as the code is a call to a script. You could look at the page source for any page that you have that your Norton is blocking. Then you might be able to write some script to detect this, and if it comes up, a notice is posted (similar to what happens when you don't have cookies turned on) that tells the user that they need to shut off Ad blocking.
Another trick might be to put navigation controls in a folder and deliberately call it "banner". Then anyone who is running the ad blocker will get no navigation, so they can't see the site "for free". You could put a plain text notice on the page that tells users they can have navigation if the turn off their ad blocker.
Years ago, the idea of carrying ads was good for people. For the site owners, it brought revenue, for surfers, it told them of things they "might" want to buy. But the practice got so abused (much like telemarketing) that there was enough public complaint that these companies (Norton is not the only offender) developed ways of blocking ads.
There is SERIOUS question if this is a legit practice. Imagine a newspaper where ads could be blocked out. Who would advertise in that paper?
There are TV schemes to block out ads, but since TV occurs in real time, I think these only work when recording (which technically is illegal becasue of copyright-- but there is some loophole).
I don't like ad abuse any more than anyone else. It is VERY interesting that by default, Norton has pre-determined certain sites where ad blocking is turned off. Not surprisingly, these sites review Norton products. CNET is a perfect example. Norton won't block anything there-- they wouldn't dare!
That might be construed as some kind of collusion. Who knew what Norton was doing, and how did their "safe" sites get listed anyway? Seems very fishy to me! Yes, you CAN add a safe site if you have the Program, but what user understands enough to do it?
In an earlier thread about this topic, some people mentioned reporting the problem to the FTC. But the problem is that Norton has a lot of money and can lobby, whereas the "little" people cannot.
This thing is killing sales on the Net and making other income systems obsolete. For example, Pay-per-click, which can be quite expensive, posts "ads" in search engines. How long before these get blocked?
It hit me on my site big time. I have a link into a store that sells my products. In this case, the "Privacy control" in Norton is the culprit. It is turned on by default (and if you turn it off you are warned that you are now vulnerable to attack-- not necessarily true.) Well, the store needs to get user information for the shopping cart system, so when it sees that it is blocked, it displays a blank page instead of the store.
That makes me, as the provider of the merchandise on my site look stupid because I provide a link into the store!
I have no idea how much business I have lost because of this, but one customer did alert me to the problem.
I now have a notice on my page that tells the visitor they can't shop if they use a Privacy Control (I can't cite Norton, they would sue, but a generic claim is safe.)
But this stinks to have to tell people this. Most will believe Norton before they will believe me, hence I lose my business and there's not much I can do about it! Of course, the store could re-write their code (it costs them money too) but so far, when I wrote to them about it, they didn't care.
What, are people actually getting stupid?
The "one size fits all" concept is what really irks me. For example, if you have an image of a size that is common to banner ads (I think 468 x 60 is one of the targets) Norton just assumes it IS an ad, and bans it. Gosh, what if it was an image for the site itself, a company logo (these aren't cheap to buy) or somthing important to alert the user?
And I am sure that designers are upset too, because this thing is ruining their work.
Norton also goes after Flash files, so be careful of that as a solution.
I think the best solution is what Whittner is thinking of doing, posting a notice on the site that some of it may be missing because of ad blocking or privacy controls. Maybe people will wake up if they can't get into enough Web sites. We need a grass roots public outcry to stop the offenders. Not purchasing is a possibility, but now AOL and Earthlink are on the bandwagon, and getting them to back off will be a nightmare.
Good job, Norton, you managed to do what terrorists have been trying for years. Given enough time, you'll shut down the Internet because you'll block it all.
Of course, then we won't need you!
It's a total lose-lose game.
AAARRRRGGHHH!
The thing I really dislike about Norton though is the way it blocks images, I had it block all except one image of a gallery script I use, it decided that too many image tags with essentially the same format must be spam. That html was actually stripped out of the page by the way, the browser never even saw it, I thought the server had been hacked the first time I observed the source code.
Tell your friends, tell your aquaintances, tell you family, stop using Norton products, it worked with IE and firefox, and it can work with norton, which just plain sucks anyway, it's a resource hog, it slows your box down, and it doesn't do a great job of virus detection. Three strikes and Norton is off all boxes I work on now, there are decent free AV apps out there, I think AVG was mentioned, that's pretty good. As good or better than Norton anyway.
Norton hasn't done anything well for a few years, they just aren't paying for quality programmers anymore, it's been a long time since they did.
But for ads, the more people learn how to use tools like adblock the fewer people will see your ads, adapt, text ads work well, locally hosted ads work fine, there's lots of ways to do it.
I run adblock on Firefox, and aggressively add to the list it blocks. I run AdAware on IE, and add to it's list too. Also paid for Norton, didn't realize they were doing this, but frankly, I'm thrilled.
What a great idea, Norton is doing something for those of us who do pay them. The number two problem on the web? Obnoxious, out-of-control ads. Especially those ones that blink, flash, or annoy. Anything that reduces this clutter is a bonus. If your site depends on this type of stuff, I'll be really glad not to see it.
Sometimes a website is rearranged due to the missing images, looks a little funny. I smile when I see this, knowing my browsing experience is being enhanced. Really, I enjoy sites more this way.
If you want to put up a notice that I can't view your site on account of not liking viruses, that's fine. I appreciate the advance notice that your visitors aren't your top priority. Some webmasters have so abused the whole ad idea that this type of response is needed.
Take off your sunglasses for a minute and think about what people exploring the internet really want. Cater to this and you'll do well. Try and force them down your path of most convenience, and earn responses like Norton's.
If you want to put up a notice that I can't view your site on account of not liking viruses, that's fine.
You can turn off ad-blocking without affecting your anti-virus protection.
