Research Into NebuAd Finds Controversial And Potentially Illegal Tactics

from the not-looking-good dept

NebuAd is a company we've discussed before, that basically works with ISPs to use your clickstream data to send targeted ads. It's quite similar to Phorm, which has received plenty of attention for its questionable behavior over in the UK. Now, some researchers have looked into the details of what NebuAd really does... and it's not pretty:
NebuAd exploits normal browser and platform security behaviors by forging IP packets, allowing their own JavaScript code to be written into source code trusted by the Web browser. NebuAd and ISPs together cooperate in this attack against the intentions of the consumers, the designers of their software and the owners of the servers that they visit.... NebuAd breaks the rules of acceptable behavior on the Internet. It monitors what you do and see on the Internet, it breaks in and changes the contents of your private communications, it keeps track of what you've done, and if you even know that it's happening, it is impossible to opt-out of it."
Perhaps Charter Communications and other ISPs that have signed up for NebuAd should have researched things a little more thoroughly. Congress is already investigating the legality of something like NebuAd, and one assumes that a report like this may find its way to many of those politicians pretty quickly.

Reader Comments

Subscribe: RSS

View by: Time | Thread

  • identicon
    dorpus, 19 Jun 2008 @ 12:11am

    It's better that way.

    People like Mike are afraid of the eeeeeeeeeeeeeevil government, so it's better to let companies like NebuAd unleash the private sector's self-destructive energy and make everything fail.

    reply to this | link to this | view in chronology ]

    • identicon
      Anonymous Coward, 19 Jun 2008 @ 5:36am

      Re: It's better that way.

      It is not that people like Mike are afraid of "the eeeeeeeeeeeeeevil government" as much as afraid of "the eeeeeeeeeeeeeevil government" it may become.

      People like Mike are part of a growing number of individuals concerned that America has lost its way. They have no holding with a particular government party but they tend to all think that America should have a specific intent behind each of its laws, and recognize when that intent is not what will really happen when some laws are enacted.

      More people would share these views. All it takes is the reading of a powerful document. Once you understand this document, and the intent of its creators, you will easily see how over the last three decades America has been rotting from within.

      What is this document? The Constitution. The fact one would have to ask is unnerving. The fact that it is getting ignored when inconvient is incendiary.

      Currently, war is coming. Not necessarily the one some would think. Be sure you are on the right side. The consequences of the wrong side winning will be more costly than you seem to know.

      reply to this | link to this | view in chronology ]

  • identicon
    Janos, 19 Jun 2008 @ 2:30am

    Privacy protections

    Two FF extensions generate fake queries on search engines to pollute the collected data (at search engine level, but it also pollute ISP data): SquiggleSR and TrackMeNot. Notice that the former also clicks on non-sponsored results that may include javascript and so it could deceive NebuAd.

    reply to this | link to this | view in chronology ]

  • identicon
    Tom Truth, 19 Jun 2008 @ 3:11am

    Wiretapping + NebuAd = Prison Time

    I want to see every NebuAd employee in prison, learning the nuances of prison life, at the hands of their new cellmate/husband.

    reply to this | link to this | view in chronology ]

  • identicon
    SpyBot, 19 Jun 2008 @ 3:52am

    Freedom of Information

    Seems these members of congress haven't been briefed.

    The reason the government likes private sector data collection is that the private sector doesn't receive FOI requests.

    This is a very handy solution for them.

    reply to this | link to this | view in chronology ]

  • identicon
    Ajax 4Hire, 19 Jun 2008 @ 4:34am

    A real use would be to look for

    traffic to a required trusted site like the Microsoft update site.
    Once you are trusted, then force install your own PC control system along with the usual security updates. You can even disable the MS Windows security that prevents your operation.

    Once you are in, you no longer need the ISP to inject, just force all user traffic thru your own DNS, oh the fun you could have.

    reply to this | link to this | view in chronology ]

    • identicon
      Lawrence D'Oliveiro, 19 Jun 2008 @ 5:07am

      Re: Man-in-the-middle attack

      Once you are trusted, then force install your own PC control system along with the usual security updates.

      Just a note that SSL is resistant to man-in-the-middle attacks. That is, provided that users check the security certificate for the site they're looking at. If they don't do that, then it makes it easier to spoof them.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 19 Jun 2008 @ 5:05am

    Would the noscript plugin to Firefox help to prevent the code injection?

    reply to this | link to this | view in chronology ]

  • identicon
    Cassius Seeley, 19 Jun 2008 @ 5:36am


    I wonder if I could sue them for changing my content streat ( as a publisher). The idea that someone would change my content, or insert ads other than the ads which I choose to display really ticks me off. What about the fact, that their ads may make my ads or content less valuable?

    This is stoooooooooopid!

    reply to this | link to this | view in chronology ]

  • identicon
    Andrew D. Todd, 19 Jun 2008 @ 11:22am

    What Is To Be Done

    Of course you can switch off Java/JavaScript/Cookies/Flash, and only turn them on when you really do need them. Then turn them back off again. Nine times out of ten, when a website gets the "noscript" code in the HTTP header, it will decide to do things your way.

    Obviously, webhosting companies don't often pull the same kind of stuff that Charter and NebuAd do, because there are lots of webhosting companies, the barriers to entry are minimal, and in case of malfeasance, THEY ARE EASILY REPLACED. The game just isn't worth the candle. The same would apply for a proxy client service with a Virtual Private Network connection across the ISP's network. Apart from speed limitations, the old dial-up ISP system was a good idea. It separated the ownership of the wires from the management of traffic, and allowed the latter to be bona fide free enterprise. The CLEC system for DSL was a reasonable, if imperfect, evolution of this, until the FCC effectively abolished it. The moral is that one has to have a clear separation between things which are publicly owned and operated for the public good, versus private enterprise. There should not be intermediate cases, because they will tend to have people abusing their government-granted authority for their own private profit.

    At the other end of the scale from small business, a postal carrier has about the best job one can get with a high-school diploma. Not only is the pay good, but there's a good health plan, job security, a pension, etc. The mailman is not going to risk all that for some short-term stunt. The postal service is not the cheapest possible service, but it is a highly trustworthy one. Even in the case of government surveillance, the mailmen will probably be more intransigent than the major telecommunications providers. They will want to be assured that the next administration of the opposite party will not consider their actions as grounds for dismissal. They might very well regard it as a lesser ill to be unlawfully fired by George W. Bush, and eventually reinstated with back pay by Barrack Obama. By contrast, the typical midlevel Verizon or AT&T employee is liable to dismissal for "business considerations." If the telephone lineman worked for Uncle Sam, he would have much the same mentality as a postal worker.

    The monopolistic telecommunications companies seem to combine the worst of both worlds. They are neither accountable to the market, nor to the democratic process. Maybe it is time to nationalized the monopolistic telephone and cable television systems, and establish an open-access system, similar to what exists for parcel delivery. A private parcel carrier uses public roads, and is thus able to go everywhere without being a monopolist or near-monopolist. But there is also a public service, the Post Office. A private carrier can "split the difference" by carrying something across the country, then mailing it at a post office close to the destination, the typical system for delivery of magazines and mail-order catalogs. There is no great difficulty about applying the same system to telecommunications. The system might not be perfectly efficient from a manpower standpoint, but it would be efficient enough, bearing in mind the ongoing improvement in electronics.

    reply to this | link to this | view in chronology ]

  • identicon
    another mike, 19 Jun 2008 @ 12:27pm

    wired has a write-up too

    In their article, NebuAd responded that your profile is so anonymous that even they can't link it to you, but if you do manage to opt-out they'll be happy to delete your profile. Wha?! I thought they said they couldn't link it to you.
    Noscript and AddBlockPlus need to be updated for 3, and right quick.
    So anyway, what do you do if you find your ISP is in bed with these crooks? My town gave Cox the cable monopoly, DSL isn't really an option, and dial-up would just be too painful. They keep comparing the internet to a superhighway, it's time to nationalize it and have the government deploy the infrastructure. ISPs can spring up like gas stations along the interstate.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous, 21 Jun 2008 @ 3:38pm


    Bresnan Communications is also utilizing NebuAd as evident by their own website. www.BRESNAN.COM/CUSTOMIZE

    Also check out this discussion on dslreports;,20258823?hilite=

    reply to this | link to this | view in chronology ]

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: Copying Is Not Theft
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.