Thursday, June 19, 2008

Groups: Ad firm used by ISPs spies on users

A targeted advertising vendor being used by several U.S. broadband providers hijacks browsers, spies on users and employs man-in-the-middle attacks, according to a report released Wednesday by two advocacy groups. NebuAd, a behavioral advertising vendor being used by Charter Communications, WideOpenWest and other Internet service providers, uses also packet forgery, modifies the content of TCP/IP packets and loads subscribers' computers with unwanted cookies, according to the report, released by Public Knowledge and Free Press, two Washington, D.C., groups focused on digital rights. "NebuAd exploits several forms of 'attack' on users' and applications' security," wrote report author Robert Topolski, chief technology consultant for the two groups. "These practices -- committed upon users with the paid-for cooperation of ISPs -- violate several fundamental expectations of Internet privacy, security and standards-based interoperability." (PCWorld 06/18/08)

No comments: