Description:
Smasher is produced by popupstop.com.
It requires Internet Explorer 5.0 or newer version, and can be used
for Windows 95/98/ME NT/2000/XP. It is a shareware, with a 10-day
trial period, and costs $19 after that.
It has five major functions:
1. Smash Pop-ups. By check in front of Smash PopUps, it will automatically
kill all popups. However the user can select which popups, or popups
from which site are allowed by go to PopUp Control, as shown below.
2. Crunch Cookies: By check in front of Crunch Cookies, it will automatically
delete all cookies. However the user can select cookies from which
site are allowed, and who are allowed to change cookies information,
and how long cookies are allowed to stay in the computer etc. by go
to Cookies Control, as shown below.
There are two features this software seems to boast about. One is
Stealth Mode and the other is Freeze Mode. The former makes cookies
invisible until the user visits the site that created the cookies.
No other sites are allowed to read the personal information stored
in those cookies. The latter prevents websites from adding more cookies
or changing cookies you have allowed.
3. Squash Web Bugs is designed to block and expose small programs
that send info when a user views a web page or webmail. It claims
that if a user is using hotmail or yahoo mail, read some of those
spam emails and he/she'll see email address in the web bugs. This
tells them when the emails are read.
4. Password Protects Internet and Window Explorers to prevent unauthorized
access to the Internet under your user name. Download Protect stops
others from downloading programs and malicious scripts onto the user's
PC.
5. Automatic Cleaning. Cleans PC Automatically when last Internet
Explorer window is closed.
Testing Criteria:
I think all the five functions are important for the general web
surfers, so I am going to test whether all the functions can be carried
out as they say.
1. Smash Pop-ups.
It claims that " [it] stops ads automatically before you see
them", but it can't work for all websites. I basically checked
two websites: www.bbsland.com, and www.nytimes.com. It does the job
successfully with the first one, but not so successfully with the
second, since I actually see the frame of the popup of the latter
before it gets smashed. I am not sure of the internal working of this
software, but I believe that there exists a backdoor. Why? Since I
am using the trial version, whenever I close all the windows, a popup
(ironically) produced by Popup Smasher will always appear, reminding
me to buy the license. I feel this is a horrible design, which makes
me feel tricky and doubtful.
One virtue though of this software is that unlike some software that
doesn't allow any new window to show up even by clicking on IE icon,
it can successfully distinguish between new windows and popups.
2. Crunch Cookies
It does a pretty good job in dealing with cookies. After I allow
cookies from nytimes.com, I don't have to type to login information
next time it is opened. I did a search on cookies on my computer,
and I can see that cookies that are not allowed are crunched. Only
one thing confuses me a little is that I assume that when I allow
cookies from certain website, it will always be there even though
I set to clear all cookies after the last open window is closed. However
"Clear All" does mean itself, and next time I am finding
myself typing in New York Times login information again. I cost me
some time to figure out why New York Times cookie is not there while
I have already allowed it.
3. Squash Web Bugs
I once read about something about using script programming language
such as JavaScript to collect information from users to form a picture
of surfing habits, which can be later used for targeted marketing.
But it is something I never have a physical experience with. This
option gives me a surprise. When I check my email at mail.yahoo.com
as usually, I see a line a smasher eyes. That is something that really
makes me uneasy. I then tried on amazon.com, there is no eyes at all.
I believe this is a very promising feature, but the kinds of web bugs
Smasher can capture are limited.
4. Password Protection
I am not very successful with this option while I am testing it on
the computers in SILS lab. I deliberately choose the lab computers
because Smasher claims that it is best used for office environment
where malicious people might do nasty things with the user's computer.
The reason I am not successful is that administrative privilege is
required to create a local user profile that Smasher can capture.
As a matter of fact, I feel very uneasy at the fact the Smasher is
capable of getting my windows login name and password. Once it captures,
it is technically very easy to send them back to the company. Therefore
it is good thing that it is not working in SILS lab. This is an area
that definitely needs change.
5. Automatic Cleaning
This is one of the features that I like most. Cookies, Temporary
Internet files, Address Bar links and history links are better to
be cleared in an office environment after a user finishes using the
computer. Although IE does provide functions to clear all of them,
those options are scattered among all other IE options, and some of
them can not be automatically done. It requires some time to search
them out. Now Smasher can do them all at once under a single interface,
which is very convenient.
Suggestions:
Overall, Smasher does the jobs it claims to do. In term of popup
killing, it has better performance than those I have experienced before.
It is also pretty good at cookies crunching and automatic cleaning.
But still, there are two areas it needs improvement. One is password
protection and the other deals with web bugs. I just don't quite understand
why it uses windows login name and password as the password to protect
IE, explorer or Smasher itself. The fact that it is able to capture
login password is itself frightening. If it can leave backdoors for
itself to produce popups, there is no reason that those backdoors
can't be discovered by hackers. If hacker gets the list of windows
login name and password, the result could be devastating for the network.
As I indicated in previous evaluation, web bugs that Smasher is capable
of discovering is limited. If this function can be enhanced to capture
a lot more types of web bugs, give information of what is being gathered,
and stop/allow them sending information back to the bug owner, I believe
many users will be interested.