9 June 2007
Hello again!

I can't believe it's been November since my last update. My time between then and now involved studying for University and volunteering for the Mozilla Foundation on Firefox. I'm glad to see that nothing has changed, by that I mean every cheater is being caught and dealt with.

I am making the detector into donationware. No, it's still going to be free, but all I ask is for some donations so I can continue to work on the detector and other similar projects behind the scenes. It doesn't have to be much, and it'll make you feel good that you've contributed to the development of a project that has entrenched itself as a necessity for any Program Owner, or anyone who loves to catch anyone who is cheating the system. :-)

Please consider a donation:

Michael (mvent2 on GetPaidForum),
Sole detector developer and webmaster of this site

---

       
© 2006 Mvent2. All copyrighted works referred to on this site are copyright of their respective owners.

So, what is an Iframe? A brief description is available here, but I will also offer my own explanation. An Iframe is short for "inline frame". What is its purpose? In a nutshell, an Iframe allows website designers to embed a webpage within another webpage. There are many justified uses for Iframes, such as banner ads, navigation options, trackers and more.

However, some website owners have decided to misuse this ability. They've used Iframes to embed pages that pay them for genuine hits, such as PTP pages, Neoffic, Free20 and the like. Some forced-search sites have Iframes that lead to their search portal, so that their click-through ratio remains at a non-suspicious rate. The worst part is, webpage designers have the ability to control the size of an Iframe. Because of this, they set the Iframe so small that you can't possibly notice it.

What are the consequences? Your computer strains under the activity needed to load these sites in Iframes. Advertisers are out-of-pocket for hits that didn't even look at their ad, and the program owner is forced to pay this cheater for his ill-gotten hit. It seems the cheater is the only one that wins out. You pay for advertising so you can get hits, whereas he just makes the PTP hit as a side-effect for you visiting his page. Not very fair, is it?

The only way we can stop cheaters is with your help. Unfortunately, these cheaters never learn and the more we catch, the more try to cheat thinking they can get away with it. With this detector, just browse around and when it warns you about specific webpages that may be cheating, report them!

Unfortunately, learning the language of a webpage isn't something that happens overnight. So it's no surprise that this kind of job may seem daunting to you at first. Here I will tell you what you should do afterwards.

The scenario is: The Iframe detector has warned you of a suspicious site. You check the alert thoroughly for information regarding the Iframe(s) and come to the conclusion that this site is in fact sending hits illegally to a money-making program. What do you do? Well, you have two options. You can either view the code of the webpage directly, or you can use Jutaky's BadStuff Detector^TM to get the same information as the alert dialog, but in a form that can be copied and pasted into Get Paid Forum.

To view the source directly, click OK when the dialog asks if you want to view the source (Firefox only). Otherwise, close the detector's alert, and go to View > Source. You should now see a window with lots of gibberish in it. This is called HTML, and is what we have to use to develop webpages. No, you don't have to feel sorry for us, it's a living. :) Notice how there are names of items enclosed in angle brackets like <a>, <div> and <body>, with some options in between like href="http://www.polarptr.com".

The one that we're looking for is an Iframe, or <iframe>. Launch up the find window by pressing Ctrl-F, and in it, type "iframe" (without the quotation marks). You should get to a point where you have something which looks like this:

Notice how "width" and "height" are set to 0. The webpage developers want to make sure the Iframe is completely invisible to the naked eye, but since it points to Onebyone Search, it loads anyway. So they get a hit at that site, without you seeing or knowing.

However, sometimes the webpage developers use sneaky techniques like encoding the HTML to make it completely unreadable to a human. While the detector can still pick up the Iframes, how will you gather the evidence? Your second option, like I said earlier, is to use Jutaky's BadStuff Detector so you can at least get a readable, and copy-and-pasteable, flood of information that you can post to Get Paid Forum. The BadStuff Detector is located here. However, if you have a certain preference turned on, this detector can contact Jutaky's BadStuff Detector for you. More details on that later.

But example is the best teacher, which is why I have compiled a fun test for you located here. Have fun, and don't lose your head! It's also a useful test page to see whether the detector has been installed correctly.

Click on each screenshot to see an enlarged version.

The detector is capable of picking up many different kinds of notorious banner ads. Here, you can see that one person has decided to put DoBizWith on their site. In this situation, you should contact the owner of the site, educate them about that program and ask them to cancel their membership and remove the banner from their site.

Of course, the detector is most famous for its ability to pick up 0-Iframes easily. Better luck next time, cheater! Take a look at the alert. It lists the web addresses of where each Iframe is heading for. It also lists the physical dimensions of each Iframe in parentheses. You can then click OK to view the source code of the page and gather the evidence (or, if you have a certain preference turned on in the detector, it will gather the results from Jutaky's BadStuff Detector^TM).

Another flagship ability of the detector, and one that is really useful for professional cheat hunters, is the ability to literally force open all suspicious 0-Iframes found. Because of this, you can see exactly what is happening inside the Iframe. In this example above, an auto-click script is taking me from a search portal, through the results page and to an advertiser's page without me doing anything, thereby sapping the advertiser everytime I visit that site. The site is Avant-cash, by the way.

Another problem that cheat hunters were plagued with was how dozens of 0-Iframes, all loading at once, slowed down their machine to a crawl, as well as having to handle all the alert dialogs. Because of this, another hidden ability is that the detector can re-route suspicious Iframes to a harmless blank page. While it won't happen in time for the advertiser to not get credited (most of the time, anyway), you can stop the Iframes before they put exorbiant pressure on your system resources. Here I stopped 4 0-Iframes from loading their own 0-Iframes by turning on this feature. For obvious reasons, this feature is turned off by default, however it can be turned on at any time.

Please consider a donation to help fund work on this program!

So now you're eager to get started? That's the spirit! Here's a quick and dirty walkthrough to tell you how to install the script into your browser.

Firefox (recommended browser)
If you are thinking about using this script, I can't plead with you enough that you use Firefox. In Firefox, the detector can run at optimum functionality and power, because some parts of the detector (such as automatic updates) require some things that only Firefox has. If you haven't done so already, get Firefox now.

1. Unfortunately, Firefox and the detector can't interact without some help. That's where the strangely but suitably named Greasemonkey extension comes into play. You must download and install Greasemonkey before you can install the detector, but if you've ever installed an extension before you'll know it's a piece of cake.
2. If you have a previous version of the 0-Iframe detector, please uninstall it by going to Tools > Manage User Scripts, selecting the old detector in the list then clicking the Uninstall button.
3. The latest version of the script for Firefox is 2.5 and remains in active development where necessary. The script is available for download here. After installing Greasemonkey, right-click on that link and select "Install This User Script...". Greasemonkey will install the userscript, and voila! You're done.
4. If you have time, and think you can get your head around it, check out the CHANGELOG.

Internet Explorer
Internet Explorer requires its own GreasemonkIE extension, called Trixie. In this situation everyone depends on everyone else. Not only does the detector rely on Trixie, but Trixie relies on something from Microsoft called the .NET Framework. This is a big file so dial-up users should set it to download overnight.

1. Download the .NET Framework Setup. Once it's finished downloading, run the setup to install it.
2. Download Trixie. If you change the installation directory during setup, remember where you installed Trixie. Userscripts will need to be manually installed into Trixie's Scripts directory.
3. If you have a previous version of the 0-Iframe detector, please remove it.
4. The latest version of the script for Internet Explorer is 2.1 and is discontinued. The script is available for download here. You must download and save that script to the Trixie Scripts directory. If you didn't change the directory during installation of Trixie, this directory is located at C:\Program Files\Bhelpuri\Trixie\Scripts.
5. Restart Internet Explorer.
6. If you have time, and think you can get your head around it, check out the CHANGELOG.

Opera
You lucky possums! Opera has native support for userscripts so you can get stuck into it right away. One hitch though, Opera is the "Jack of all trades" in the browser world, so its userscript support pales in comparison to IE and especially Firefox. Fortunately, that doesn't mean you must go out there unarmed. In these steps I will assume you are using Opera 9.

1. Go to Tools > Options. Click the Advanced tab and on the right select Content. Click the Javascript Options button.
2. At the bottom of this dialog you will see a textbox labelled "User Javascript files". In here, you specify the directory where the userscripts, and the detector, are located. Click on Browse and select any directory which suits you. A new, empty directory is highly recommended.
3. If you have a previous version of the 0-Iframe detector, please remove it.
4. The latest version of the script for Opera is 2.0 and is discontinued. The script is available for download here. Several sites have reported that the detector does not work in Opera. This is incorrect. I have personally tested this version and it works exactly as expected in Opera 9. Be advised that in Opera, like in Internet Explorer, you must wait for the page to fully load before these browsers will initiate the detector. That includes images, the 0-Iframes, everything (Firefox doesn't do this, it initiates the detector straight away). Remember the directory you set in the previous step? You need to download the detector to that directory.
5. Restart Opera.
6. If you have time, and think you can get your head around it, check out the CHANGELOG.

Hidden features

The detector has more to it than meets the eye. Did you see on the Screenshots page how I could make the detector block the 0-Iframes from loading? I'm going to tell you how to enable that and more. In order to do so, you'll have to edit the detector code itself. However, you don't have to stray too far in to change what you need. In Firefox, go to Tools > Manage User Scripts. Select the detector and click Edit. If this is the first time you've edited a userscript, it will ask you for the location of your favourite text editor. I highly recommend one called Notepad++, which was specially designed to do the sort of thing you're about to do. Once you've installed Notepad++, go to the installation directory on the Edit dialog box and select Notepad++.exe. Greasemonkey will then launch Notepad++ with the detector code inside.

In order to edit the detector in other browsers, you must close your browser. Then, locate where the detector file is saved, and open it in Notepad++ or your favourite text editor.

Look at all the double-slashes next to the sentences! They tell Greasemonkey that they are for human eyes only and naughty monkeys like him should stay out. This is why you must keep the double slashes intact at all times, otherwise the detector WILL break. This is very dangerous territory, but you'll make it out alive if you're careful. To turn on 0-Iframe blocking, search for this option here:

You'll want to change that "no" to a "yes". It is paramount that the "yes" remains in quotation marks. Once you do, save it and return to Firefox. Now when you visit a page with 0-Iframes, the detector will stop them from loading. Pretty useful, no? What about that interaction with Jutaky's BadStuff Detector I promised you so many times before? IE and Opera uses get this dialog by default. On the other hand, Firefox users get an alert dialog asking them whether they want to view the HTML, by default. This can be changed by setting the option:

to "yes". Visit a site with any 0-Iframe in it and the detector will ask you if you want to go to the BadStuff Detector instead of the source code. There are many other tweaks available in the detector, open it up in Notepad++ and read what each of them do. You may find that the detector indeed has a capability you wished it had. Though one I want to bring to your attention is:

Note how there are no quotation marks around pure integers. By changing the number of this option, you can change the sensitivity of the detector. Currently, the detector can pick up Iframes with a width of 5 pixels or lower, or a height of 5 pixels or lower. Change this to 10, and the detector will alert on all Iframes 10 pixels x 10 pixels and smaller. Change it to 1, the detector will be limited to Iframes of size 1x1 and lower. Neat configuration option, is it?

Detector whitelist

Don't get mad at me, but this feature is only for Firefox users. Look at the screenshot on the left. In order to bring up the "Manage User Scripts" dialog, click on Tools > Manage User Scripts. Then, under excluded pages list (avoid the included pages list at all cost!!!), click on Add. You are then asked what site(s) you want to add. Please remember to use the asterisk as a wildcard!

If you only put in http://www.ebay.com, only that page will be whitelisted. No other page, not even on Ebay, will be excluded from scanning. But, if you add an asterisk on the end like in the screenshot, you will exclude all pages on Ebay, which is definitely what you want, correct? The asterisk is like the Joker in a game of poker, it can stand for anything.

Disabling it

Sadly, I've seen quite a few cases of "alert-induced insanity". This is preventable if you just remember to do one thing, disable the detector when you're not hunting for 0-Iframes! See the monkey head in your status bar? Right-click it and, if the menu item corresponding to the detector is ticked, click it to untick it. The detector is now disabled! Now you just need to remember to enable it again if circumstances arise.