LISTSERV - HP3000-L Archives

HP3000-L Archives

January 1997, Week 4

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L January 1997, Week 4

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Security alert: AltaVista and ad.doubleclick.net
From:	[log in to unmask]
Reply To:	[log in to unmask]
Date:	Wed, 22 Jan 1997 17:43:54 -0800
Content-Type:	text/plain
Parts/Attachments:	Security (79 lines)

This is completely non-3000 related, but I thought others here would
appreciate this.

I've just finished blocking all *outgoing* network traffic from our
Intranet to the site known to the DNS as AD.DOUBLECLICK.NET.

You know all those annoying little advertisements that show up at the
top and bottom of web pages?  Well, there is a potentially much darker
side to them than just the annoyance of having to look at them.

Next time you visit a web page with an ad on it, use your browser's
"View Document Source" or equivalent function to look at the HTML
source for the page.  It used to be that these ads were GIF files
that came off of the same server as the rest of the page you asked
for, and were links to the advertiser's page.  In this scenario, the
advertiser is simply paying to put a link onto the page.  Unless you
clicked on the link, you were never going to visit that site.

The problem with this (from the point of view of the people selling
advertising space) is that there's no easy way for the advertiser to
know how many people have viewed their ad.  Sure they know how many
people have clicked on the ad and come to their site, but they have
to take the word of the site containing the ad as to how many times
the ad has been viewed.

Enter the modern age of web advertising and ad.doubleclick.net...

Many of the big popular web sites with ads now sell advertising via
a company called DoubleClick.  Now what you find on such a web page
is an indirect link to the actual advertiser that goes through a
system called AD.DOUBLECLICK.NET (which actually turns out to be a
15 different computers according to nslookup).  When you click on an
ad, you go first to DoubleClick's system where it logs the access and
then sends you to the actual advertiser's web page.

The problem is that not only is the ad image a link to the DoubleClick
site, but the ad's actual GIF image is downloaded from there as well.
This means that every time you view a web page with a DoubleClick ad
on it, your web browser is thoughtfully going to connect to their web
site and tell them what advertisement you are seeing, who you are
(your IP address, or at best your web proxy server's IP address), and
what web page you are looking at.  This means that DoubleClick is in a
position to collect information about you and/or your organization.
They can correlate the information they get as they learn about all
the web pages you visit that have ad on them, regardless of what site
or how many different sites contain the ads.  They are free to do
whatever they like with this information, such as selling it to your
competitors or any other enemies you may happen to collect.

Ok, that's pretty annoying, but wait til you see what happens with
Digital's incredibly popular AltaVista web search service!

AltaVista finally started carrying advertisements a couple weeks ago,
and they use DoubleClick.  THEY HAVE SET THE SYSTEM UP SO THAT EVERY
TIME YOU DO A SEARCH, ALL YOUR SEARCH KEYWORDS WILL BE TRANSMITTED
TO AD.DOUBLECLICK.NET WITHOUT YOUR KNOWLEDGE.  Do a search on AltaVista
and then do a "View Document Source" on the result screen.  You will
find that not only have your search keywords been inserted into the
HREF= part of the advertisement link, but that the URL that was used
to retrieve that cute little advertisement GIF image has also been
modified to contain all your search keywords!!  So even without clicking
on the ad, or taking any other action, simply the act of displaying
the search results page has transmitted all the information about your
search request to DoubleClick, where they are free to build up a
database of all the things you are interested in, and sell it to the
highest bidder (or every bidder for that matter).

So, I've just told our firewall to block all *outgoing* traffic to
the networks 199.95.207.* and 199.95.208.* which appears to cover all
the systems that respond to AD.DOUBLECLICK.NET.  I suggest you do the
same.

This has the pleasant side benefit of eliminating most of the ads on
the web, since the ad GIF can't be downloaded from doubleclick anymore.
I haven't seen an ad yet since I did this.  It's amazing how much of
the web advertising is going through doubleclick.

G.

ATOM RSS1 RSS2

RAVEN.UTC.EDU