With the current rewriting of web pages to satisfy the tweets and twits, a particular BHO (Browser Helper Object) has been appearing with annoying frequency. In IE it appears as a popup saying something to the effect of "The website is requesting to install TODO .. company name TODO … Unidentified … Unknown."

In at least my IE, if you allow the "item" to attempt to install, it immediately crashes the link and locks up the computer. (Recovery is more graceful than with some other errors, with only the individual Tab affected being killed in most cases I've seen.)

There is considerable discussion on the web about this "BHO" with nobody apparently having figured out that it's basically a programming error.

HISTORY:

Programmers (including the term loosely enough to include web page designers) have used the marker TODO in programs to indicate "unfinished work." It's an abbreviation for "To (later) Do (when I figure out the details)." This usage has been fairly common for at least several decades.

Several web sites from which people can copy and paste programs and/or program snippets have separate "folders" named TODO where people can describe problems in the hope of getting comments/assistance from others. This is particularly common on open source, freeware, and shareware "help and discussion sites."

Code scripts that programmers/designers can copy and paste into their programs are full of TODO markers indicating where the individual must supply his/her own code to perform purposes appropriate to the specific use. Properly used, these markers are always "commented out" so that they're ignored when the program runs, but either the "comment" markers are being removed, or some contributors don't observe the rules. The rush to make everything "cloud compatible" and to incorporate the NONSTANDARD features people imagine are in "new releases" of HTML, XHTML, and Java (among others) has apparently brought out a large number of "careless" website "designers."

The most prevalent source appears to be one person named "Ucking Fidiot," although that web identity may be in use by more than one.

If you encounter a "TODO" request, it's primary meaning is "the idiot that posted this didn't finish it so you might as well go somewhere else." (But see WARNING below.)

So far as I've encountered it, this purported BHO most commonly occurs when the page target is a PDF, and may be an unfinished bit to offer Adobe Reader, although it may also be associated with Flash(?). In some cases for PDFs you can go back to the link that sent you there, right click the link and "Save Target As." If the error is not too severe, it will sometimes get you the PDF, although a really glorious muckup may still not work.

Sites where I've encountered this include General Motors (Chevrolet), four or five US Government agencies, MSNBC, and a half dozen "financial news" sites (Brookings et. al.) linked from MSNBC. One such from HP is well enough known that it's reported in some "help blogs" as being something that actually installs – but usually doesn't work.

WARNING: The appearance of accidental "TODO" calls has been sufficient that several malware examples, actually named TODO and disguised as BHOs, have been found. Giving permission to install for one of these actually will work to perfom it's intended functions, but AIN'T GONNA BE ANYTHING YOU WANT IT TO DO.

There usually will be no harm in clicking to allow an attempted installation on trusted sites, since most such errors will simply fail to install anything; but you should be aware that it's could be a malware entry attempt that's been documented and that appears to be increasing in distribution.

John