Cookies Are Only The Beginning
Posted on 21 May 2000
by Scott Kennedy (atdt1991)
Rated 3.89 (Ratings: 0)
- More articles in Commentary & Society
We've become acclimatized to the idea of cookies as privacy invasion. We, as a group, have come to understand that each time a website tags us with one of these persistent suckers, we may be allowing them to form an idea of our spending and viewing habits.
Some people, like myself, have taken the step of installing programs like IDcide, which prevent the kinds of cookies most often used by tracking networks like DoubleClick. I kicked back, secure in the knowledge that if I cruise around looking at "www.dccomics.com" I wasn't going to see Batman ads on every webpage and in my mailbox.
Unfortunately, it's not simply a matter of one form of privacy loss any more. A company that is now known as Radiate has taken away yet more of our rapidly receding privacy. They are the creators of an ad system that opens a hidden browser window and, without your knowledge or consent, steadily downloads a stream of ads that it stores for the 'adware' products it supports. This hidden window 'piggybacks' on your connection, which allows it to bypass your firewalls as you enter your password. There are over 400 adware programs that use Radiate (formerly Aureate). They have been blamed with everything from hacking your registry to find your real name to sending the company a list of all programs installed on your computer.
While both of those are not true, this is: When these adware applications are removed, the Radiate components continue on, hidden, stealing your bandwidth. If this was not bad enough, the ad software was created to allow them to update itself at any time. Without your knowledge, they can upload and run any executable. Even worse, with the proper spoofing mechanisms, anyone can do this as long as you have their program installed, and at least 22 million of their packages already have. In the midst of all this, they have the capability to collect very specific information about you. They deny using your IP address or any further information to target you currently, but their Privacy Statement makes no mention of what they may do in the future.
Radiate denies anything beyond basic voluntary information is being served to them.
"We do NOT alter the users' web browser. A component of our ad system isactivated when the anonymous user opens their browser. This component isactivated to deliver advertisements to a cache on the users' computer. Thesoftware applications in our network will pull ads from this cache when theyare running. The use of this cache allows us to deliver ads to applicationswhich may not be run while the user is online (such as a game that is playedoffline), but which the user can still receive for free or at a discountedrate because of the advertising support. Our license agreement specifiesthis and informs the user that our technology will connect to the Internetubiquitously in order to transfer advertising information and softwareupdates."
The key to this statement is the word ubiquitously. Meaning that theywill connect to their own servers from your computer on a steady, constantbasis.They do, however, admit to one charge :
"Advert.dll creates a process anytime your browser is open. This is true. This process delivers advertisements to a cache on the usersPC which are displayed while the software is being run. This works in asimilar way to how the browser works, with content and images (includingads) being delivered to a cache on the users PC and then are displayed inthe browser window."
This meaning that at all times your bandwidth may be reduced and, if claimsof crashing are true, your system may be less stable because of theirsystem, by their own admission.
Interestingly enough, there is the goofy "show me the money" statement lodged in the offending code. Radiate somehow thinks the've dodged this obvious flaw with a statement of how text strings work in a dll:
"Advert.dll contains the string "Show me the money! I want to be Mike!" This is true. It's a text string used by the DLL. DLLs containmany text strings which are used by the DLL itself. For example, ifa particular program displayed a window which contained the text "HelloWorld", then the "Hello World" text string would be present inside that DLL."
Network Assoc. - Mcafee denies, specifically, that it is a trojan horse:
"There is no basis to substantiate the claim or accusation and is thereforefalse."
Few articles mention that just because the most frightening details are falsedoes not mean that aureate isn't being unethical in their backchannel work. The Opt-out website, run by Steve Gibson, doesan admirably detailed job of explaining exactly why Aureate/Radiate is still aproblem.
"Aureate deserved - and continues to deserve today - the "Spyware" monikernot (apparently) because it is sending sensitive personal data out of theuser's computer, but because it deliberately slips into the user's systemsecretly, uses the user's Internet backchannel without the user's knowledgeor permission, takes pains to remain secretly installed (instructing itshosting software to leave it installed upon the host's removal), masks itspresence by deliberately suspending its use of the backchannel in theabsence of keyboard or mouse activity and fails to disclose any of this tothe typical user who is never fully informed about what's going on.
When you add to this the fact that the Aureate software has beenconclusively found to be directly responsible for significant Windows systemand Internet browser crashes, and that it is able to secretly download andcause Windows to execute any arbitrary program into the unsuspecting user'scomputer, it is indeed difficult to cut these people much slack."
Check out, specifically, the "Code of Backchannel Compliance" chart they'veshown.
"As if that weren't sufficient cause for alarm, this Trojan Horse spyware -for that's what it surely must be called - is trivial to "redirect" so thatinstead of phoning home to one of Aureate's servers, it connects to anyother arbitrary server on the Internet. It establishes a connection betweenthat unknown server and your computer, sliding right through whatevercorporate or personal firewalls you or your employer may have erected(because it functions as a browser parasite which hijacks your browser'sInternet usage permissions). Then it awaits further instructions . . . whichwe now know at least include "here's an executable file, download and run itplease.""
"...any malicious hacker who wishes can trivially duplicate the work I did. And, once done, they don't even need to scan the Internet looking for Aureate Trojans . . . since any redirected Aureate Trojans WILL CALL THEM! and await instructions the next time theunsuspecting user browses the Internet!"
Cheer up! Check out Simtel's policy, as listed on grc.com:
"Effective immediately Simtel Management Policy is that any Adware programthat continues to run when applications that use it are not running will bebanned from the collections. Authors who submit Adware must state that thiswill not occur.
The Adware servers have no right to use the user's bandwidth to download adswhile they are running programs that do not use the ads. In my opinion theyare stealing the user's bandwidth when this occurs."
With the news from privacy advocate channels that RealNetworks' subsidiary Netzip has created an aptly named program called Download Demon that sends the name and location of each file you download back to the company, it is obvious that we have allowed inspiration to strike those who wish to profit on our private thoughts. Who knows how many software packages are being used this very moment that intentionally hide some kind of snooping capability? When you find a roach on your floor, you can guarantee a dozen more behind the wall.
Companies like these are making their fortune creating what is essentially malicious code. It's obvious at this point that cookies are merely the naive precursor to a much more invasive version of data mining.
Visit IDcide to download the Doublclick Network cookie blocker.
Take an active role in the preservation of your own privacy.Be Ever Vigilant.