BEEFREE's Homepage

 

There is a software called "Bad Behaviour", that ironically has a real bad behaviour.

You could read something about this software on its website: http://www.bad-behavior.ioerror.us/. But there isn't much to read.

Theoretically, it's a software made with the good purpose to fight against SPAM bots. However, it's very a bugged application, resulting in a non-working application, and the only solution is to uninstall it!!!

If you've been blocked from that software while you were surfing on the Net, you won't be able to access to your desired target website.

You need to write to the owners of websites using bad behaviour and then asking them to uninstall “Bad Behaviour” from their systems. You could link this page in your email, i wrote a technical explanation paragraph to explain you what's wrong with bad behaviour.

Otherwise you could email me (and i'll do the job for you!!!) or you could post a link to any website using “ Bad Behaviour” at the forum of the HONEY BEE NET (no registration is required to post!!) and i'll attempt to contact the owners of those websites to explain them the reason why “Bad Behaviour” is useless and it should be removed.

  • Technical explanation

This is the screenshot of the usual error page of "Bad Behaviour", when blocking a proper, valid request.

Bad Behaviour is trying to recognize your web-browser, looking at the HTTP headers sent out from your web-browser!

This is a very bad idea, because Bad Behaviour has been made without any knowledge of the Hypertext Transfer Protocol (HTTP).

Bee Free (what is it?) removes some useless HTTP-headers when you're surfing on the Net. This is useful to avoid to some personal information (such as the language of your web-browsing preferences) to leak; and it's useful to strip out of your HTTP requests some useless HTTP-headers!

Bad Behaviour will see new HTTP-requests coming form your web-browser but it'll deny you to access to your target pages, because your requests are lacking of those HTTP headers, removed by BeeFree!!

Unlike Bad Behaviour, BeeFREE is a software made respecting the W3 Hypertext Transfer Protocol 1.1 / standard External link

On the other hand, Bad Behaviour is made without respecting any web standard!

The main reason why it'll block you, is because Bad Behaviour is unable to read the “Accept” header from your HTTP-requests (this is normal, as it has been removed by Beefree!).

We could look at the RFC 2616 about the web protocol: HTTP/1.1 External link.

And, we'll read there:

The Accept request-header field can be used to specify 
certain media types which are acceptable for the response

Of course, the word “can” is not the same of “must”. Therefore, the “Accept” header is not mandatory!!!

Continuing to read on the same page we could also read that, written in much better words:

If no Accept header field is present, then it is assumed
that the client accepts all media types.

HTTP-requests made without the Accept (and the Accept-* family of headers) are legitimate/valid/lawful, requests!!! Thus they mustn't be blocked!

Bad Behaviour, has been made with the bad idea to use these HTTP-headers as they were fingerprints! This is a very bad idea because Bad Behaviour is including non-mandatory, but optional-extra, HTTP-headers in its controls!!

  • Bad Behaviour has to be uninstalled, because it breaks the Hypertext Transfer Protocol standards

The number of false-positives of that software are for sure very high, as it's usual to block legitimate requests!

What i'm saying is not related only to beefree! You could avoid to send out of Firefox its “Accept” header, even without using beefree (though beefree is much more configurable on this point).

To disallow Firefox to send out its “Accept” header you can easily tweak the settings of Firefox, changing this variable: "network.http.accept.default" to another (arbitrary) string. You could learn more about this option on the website of Mozilla: http://kb.mozillazine.org/Network.http.accept.default External link. If that field is left blank, then its header is removed altogether!

To edit different headers, there are also others variables, like "network.http.accept-encoding".... and so on...

  • Bad Behaviour is also ineffective and useless for its purposes

There is one more point you should know about Bad Behaviour: it's a very useless application!

Its author claims that his application can protect your website from SPAM-BOTs. This is of course true, but only in his dreams!

All, or almost all, spam BOTs are perfectly cloning the HTTP-requests sent out from web-browsers like Internet Explorer and Firefox (with their respective “default” configurations). This is why, spammers, are able to make inoffensive applications like Bad Behaviour without even worry about them!

It's very easy to make an application able to deceive Bad Behaviour all you need is to expand this code, adding the correct HTTP headers to send:

<?php 
$fp = fsockopen("www.example.com", 80, $errno, $errstr, 30); 
if (!$fp) { 
    echo "$errstr ($errno)\n"; 
} else { 
    $out = "GET / HTTP/1.1\r\n"; 
    $out .= "Host: www.example.com\r\n"; 
    $out .= "Connection: Close\r\n\r\n"; 
    fwrite($fp, $out); 
    while (!feof($fp)) { 
        echo fgets($fp, 128); 
    } 
    fclose($fp); 
} 
?> 

It isn't a secret source code, i copied it from PHP.NET: http://php.net/manual/en/function.fsockopen.php External link.

You've to figure out, if programmers of SPAM-BOTs (people able to write software of ten thousands of code-lines, and with advanced OCR External link techniques made to read and solve CAPTCHAs External link) could be ever stopped using a toy like Bad Behaviour!!!

  • My discussion with Bad Behaviour author

I asked to the author of Bad Behaviour, to fix his application; but he refused.

He told me, to change beefree instead!!!! YEAH!! This is funny, he wanted me, to change my application, when it's his software in the wrong!!

Why not to change the whole Hypertext Transfer Protocol standards to make his software work?!!!

He suggested me to send an Accept header like: Accept: */* to avoid any problem. As we can read from the RFC, sending Accept: */* or nothing at all, is the same thing!!!

I would like to know, why he's unable to write a software respecting the HTTP standards!! My request wasn't difficult to comply with: after all, i only asked him to accept, and to follow, some world-wide accepted standards!

He told me that doing that is a security risk!

I can't tell you what security risks you are going to face if you avoid to send out this Accept header. I could only think about a less bloated HTTP-request... (and, indeed, it isn't a security risk!).

I can't know what he was thinking about those security risks; because he (after turning nasty and then butthurt) has refused to answer back to me!

  • A four-points table

In short, here, i've made a little list of four reasons why to uninstall Bad Behaviour:

  • It's a software breaking the standard Hypertext Transfer Protocol (This is funny: Bad Behaviour's programmer is keep thinking about this, like a good point for his scoretable!!)

  • It's a software causing incompatibilities.

  • It's a software that will block users that have (lawfully) configured their web-browsers to block some extra headers (even without using BeeFree... this just proves that the problem is not on my side!!).

  • For no real and valid reasons, thousands of users using beefree (and many others) won't be able to access to your website.

  • Could Bad Behaviour detect users surfing with beefree?

Absolutely no!!!

Bad Behaviour blocks the access to users using beefree, because Bad Behaviour blocks plenty of HTTP-requests even if they're respecting the standard Hypertext Transfer Protocol! Yes, this is a very weird, and a bad, behavior... Anyway, it cannot detect if you're using BeeFREE. It can't know if you edited the preferences of Firefox, or whatsoever browser, manually or if you did something else...(like using a web proxy or whatever...)

  • Epilogue

Bad Behaviour is software that is breaking the standard Hypertext Transfer Protocol (and it is giving you NO real advantages against spammers), it isn't much powerful as a security tool.... in the meantime, it's quite powerful to break the Net!! It's quite useless and counterproductive!

The best thing to do, is to uninstall/remove Bad Behaviour. Removing it from your website is useful for you too! it isn't advantageous to live with a security delusion given by an application like that; especially when you're blocking normal users without reasons!!

  • Temporary workaround for users using beefree

It's very easy to deceive Bad Behaviour.

You need to create this key:

extensions.beefree.website.generic.header.accept.action

using as type: integer and setting its value to: 2

This will allow the Generic filter to send out that Accept header!

Remember to set back that value to `-1' when the owner of a website using this Bad Behaviour nonsense has uninstalled it! (or else.... restore the value and find another website to browse!!!)

You may also toggle (to disable) beefree, clicking on its status-icon, and then reaload the webpage, to open it! Clicking again on the status-icon will re-enable beefree!

 

BEEFREE is released under the terms of the GPLv2+ license.