GNG News Guy
06-18-2008, 05:05 PM
http://i.dslr.net/urls/14/2314.gif (http://www.dslreports.com/shownews/Consumer-Groups-Dig-Inside-NebuAD-Technology-95385)
Consumer groups Free Press and Public Knowledge today issued a report (http://www.freepress.net/files/NebuAd_Report.pdf) (pdf) on NebuAD behavioral advertising technology. ISPs are paid to install a user tracking device that sits on the ISP network, and aids in the delivery of ads tailored to your browsing habits. Broadband Reports user Robb Topolski (http://www.thegng.org/useremail/u/340409), who first discovered Comcast's upstream BitTorrent throttling (http://www.thegng.org/shownews/87077), ran a series of tests and found the technology forges packets, violates IETF standards and more:NebuAd exploits normal browser and platform security behaviors by forging IP packets, allowing their own JavaScript code to be written into source code trusted by the Web browser. NebuAd and ISPs together cooperate in this attack against the intentions of the consumers, the designers of their software and the owners of the servers that they visit.
So far all we've had is NebuAD (http://www.thegng.org/shownews/91797) promises that the technology plays fair and protects user privacy, though few have actually dug into how the technology works. There's mounting Congressional pressure (http://markey.house.gov/docs/telecomm/letter_charter_comm_privacy.pdf) to investigate the technology before it's inevitably launched by more than just the handful of carriers I'm currently aware of (WOW, Knology, Charter, Embarq, Broadweave, Bresnan Communications, and CenturyTel).
http://www.thegng.org/quote_left_white.gif(NebuAD) monitors what you do and see on the Internet, it breaks in and changes the contents of your private communications, it keeps track of what you've done, and if you even know that it's happening, it is impossible to opt-out of it.http://www.thegng.org/quote_right_white.gif
Researcher Robb Topolski
Topolski suggests the technology takes a few pages out of the playbook of several controversial tactics, including browser hijacks, cross-site scripting (XSS) attacks, man in the middle attacks and more.
"NebuAd breaks the rules of acceptable behavior on the Internet," says Topolski. "It monitors what you do and see on the Internet, it breaks in and changes the contents of your private communications, it keeps track of what you've done, and if you even know that it's happening, it is impossible to opt-out of it."
"This report shows that NebuAd's Internet wiretapping is highly questionable," says Marvin Ammori, Free Press general counsel. "Phone and cable companies should press pause on NebuAd and any similar venture until consumers and members of Congress can address the serious concerns raised by this report."
"Once again, it shows that ISPs are putting themselves where they don't belong inserting themselves between consumers and Web sites," says Gigi B. Sohn, president and co-founder of Public Knowledge. "Inserting unwanted information and advertising under false pretenses violates every concept of an open and free Internet."
Consumer groups Free Press and Public Knowledge today issued a report (http://www.freepress.net/files/NebuAd_Report.pdf) (pdf) on NebuAD behavioral advertising technology. ISPs are paid to install a user tracking device that sits on the ISP network, and aids in the delivery of ads tailored to your browsing habits. Broadband Reports user Robb Topolski (http://www.thegng.org/useremail/u/340409), who first discovered Comcast's upstream BitTorrent throttling (http://www.thegng.org/shownews/87077), ran a series of tests and found the technology forges packets, violates IETF standards and more:NebuAd exploits normal browser and platform security behaviors by forging IP packets, allowing their own JavaScript code to be written into source code trusted by the Web browser. NebuAd and ISPs together cooperate in this attack against the intentions of the consumers, the designers of their software and the owners of the servers that they visit.
So far all we've had is NebuAD (http://www.thegng.org/shownews/91797) promises that the technology plays fair and protects user privacy, though few have actually dug into how the technology works. There's mounting Congressional pressure (http://markey.house.gov/docs/telecomm/letter_charter_comm_privacy.pdf) to investigate the technology before it's inevitably launched by more than just the handful of carriers I'm currently aware of (WOW, Knology, Charter, Embarq, Broadweave, Bresnan Communications, and CenturyTel).
http://www.thegng.org/quote_left_white.gif(NebuAD) monitors what you do and see on the Internet, it breaks in and changes the contents of your private communications, it keeps track of what you've done, and if you even know that it's happening, it is impossible to opt-out of it.http://www.thegng.org/quote_right_white.gif
Researcher Robb Topolski
Topolski suggests the technology takes a few pages out of the playbook of several controversial tactics, including browser hijacks, cross-site scripting (XSS) attacks, man in the middle attacks and more.
"NebuAd breaks the rules of acceptable behavior on the Internet," says Topolski. "It monitors what you do and see on the Internet, it breaks in and changes the contents of your private communications, it keeps track of what you've done, and if you even know that it's happening, it is impossible to opt-out of it."
"This report shows that NebuAd's Internet wiretapping is highly questionable," says Marvin Ammori, Free Press general counsel. "Phone and cable companies should press pause on NebuAd and any similar venture until consumers and members of Congress can address the serious concerns raised by this report."
"Once again, it shows that ISPs are putting themselves where they don't belong inserting themselves between consumers and Web sites," says Gigi B. Sohn, president and co-founder of Public Knowledge. "Inserting unwanted information and advertising under false pretenses violates every concept of an open and free Internet."