AOL Using Netscape to Spy? 28
Keepiru writes "AOL is the target of a class action lawsuit that accuses it of violating federal privacy laws." Basically it says that the SmartDownload feature in communicator is dumping back user download information to big brother, and this violates the Electronic Communications Privacy Act and the Computer Fraud and Abuse Act.
They are spying, it has been proven (Score:1)
RealNetworks RealDownload, Netscape/AOL Smart Download, and NetZip Download Demon utilities all report back to their respective owners, reporting the URL of what you are downloading, a unique ID tagging your machine, and your IP number - the IP number is sent along in the package so proxies etc won't help.
Have a look
http://grc.com/downloaders.htm [grc.com]
--
Where the heck did this story come from? (Score:3)
Where the heck did this story come from?
I found it on my "Older Stuff" slashbox on my main page with 0 comments listed. Whats the deal? Bug in slashcode?
I never saw it posted to begin with.
The Glories of Legitimate News (Score:4)
This story (on Yahoo! news for those who don't want to read it) gives absolutely no technical details. I have no way to verify to my own satisfaction whether the claims are accurate. I don't even have a starting point from which to determine if I, too, have been violated.
If some "underground hacker site" had reported this, it would be loaded with information that is actually useful.
Damned hackers, always educating the public...
My mom is not a Karma whore!
Re:Where the heck did this story come from? (Score:1)
Nothing wrong with that, except that all the other adjacent stories seem to be up in the several hundreds as far as posts are concerned.
I don't know if I'd run out and call this a bug in Slashcode though. I'd call it a feature! I look at this way. No hot grits. No Natalie Portman naked, petrified, shaken nor stirred. No races for first post bragging rights. No ASCII art of beer, sheep, or beer with sheep. No flamebait. No bitching about karma and moderation. No trolls.
My, oh my! This just might be the next logical step in the evolution of Slashdot!
Of course... having publically professed all of this just opens the floodgates for all of the above. Ya just can't win, can ya?
Re:Where the heck did this story come from? (Score:1)
Wasn't happy about it. (Score:4)
If you're worried about web bugs or cookies, here's a big one that people should be turning OFF.
The Privacy Market (Score:4)
A commitment to target this niche must come from the top levels of an organization. The corporate leaders must make it very clear that backdoors, bugs, data capture etc. are not permitted in their software. Without this leadership from the top, there is too much temptation (in the middle) to participate in this type of shenanigans.
The folks at AOL/Netscape have a great opportunity to differentiate themselves in how they handle privacy issues. From a PR standpoint, it seems like a no-brainer for AOL/Netscape management to proclaim that this type of backdoor is unacceptable, and that they will immediately investigate and close it. If it turns out that the alleged backdoor exists, and AOL/Netscape does not immediately and proactively work to correct it, their credibility in this market will be irreparably damaged.
Ouch. (Score:2)
You saw this coming eventually. AOL, of course everyone's favorite company for so many reasons buys Netscape. Everyone at Netscape jumps ship. AOL continues ahead and sees and sees this great way to gather information on a very large segment of the 'Net; forget doubleclick, AOL gets you first. (Of course, assuming this isn't just sensationalism . . . very little in the article beyond "Netscape/AOL is being sued")
As web browsers become the worlds cross platform solution [slashdot.org] for programs (not to mention microsoft.net), this has a possibility to spiral out of control unless users become informed and there are laws--especially in the U.S. where many of these companies in question are based and where we have very weak privacy laws--to protect the end user.
Did anyone see this in the EULA? Is this on every platform? Is the smart download part of Communicator in Mozilla somewhere, or is it just a closed part? I think I'm going to have to look at some source soon. . .
Re:Ouch. (Score:2)
SmartDownload (Score:1)
Crime? (Score:2)
They go after people who write viruses, they go after Mitnik?
Why don't they go after corporations that do the same sort of thing?
Remember Bait & Switch? (Score:2)
Remember Bait and Switch [peacefire.org]?
Companies have money, they have lots of highly paid lawyers. They have massive PR machines churning out propaganda ("We need to be allowed to inovate . . .")
Individuals are worthless. Heck, once you're in jail you can't even vote anymore in the US, so politicians don't have to worry about one, already insignificant vote, going to 'the other guy'.
Individual privacy is, unfortunately, not expressly guaranteed in the US (except in some state constitutions). Only relatively recently has any privacy been afforded by (weak) laws against corporations.
Then again, back when we were a bunch of agrarian farmers, nobody really had the ability to amass large databases of your daily actions. Good thing the Constitution is a living document . . . too bad government is stuck playing catch-up.
--
Keep-alive (Score:2)
Last post.
my trip to dictionary.com... (Score:2)
http://www.kuro5hin.org/?op=comments&sid=2000/7
This was a download that started spontaneously while I was looking up a word at dictionary.com
my system: (If you'll indulge a luser for a sec
Windows 98
Netscape Communicator 4.72
MSIE 5.00.2014.0216 40-bit cipher
Norton Antivirus 5.0.0.26
NPNZDAD.EXE (in windows\system) 2, 0, 0, 12
(N.B.: does not appear in taskbar, system tray, or CTL+ALT+DEL CloseProgram dialog)
excerpted from C:\Program Files\Norton AntiVirus\Activity.log:
allowed.a M The file
C:\WINDOWS\SYSTEM\NPNZDAD.EXE
tried to write to
C:\My Download Files\tracker.exe.$ P C:\My Download Files\tracker.exe
u Windows S Windows Auto-Protect
Ü V Ó Ú p v a ( t A The action was allowed.a M The file
C:\WINDOWS\SYSTEM\NPNZDAD.EXE
tried to write to
C:\My Download Files\tracker.exe.$ P C:\My Download Files\tracker.exe
u Windows S Windows Auto-Protect z
Ê V Ó Ú p v a ( t A The action was allowed.a M The file
C:\WINDOWS\SYSTEM\NPNZDAD.EXE
tried to write to
C:\My Download Files\tracker.exe.$ P C:\My Download Files\tracker.exe
u Windows S Windows Auto-Protect OE
V Ó p v a ( t a - A The action was not allowed.a M The file
C:\WINDOWS\SYSTEM\NPNZDAD.EXE
tried to write to
C:\My Download Files\tracker.exe.$ P C:\My Download Files\tracker.exe
u Windows S Windows Auto-Protect z z
V Ó p v a ( t c - A The action was not allowed.a M The file
C:\WINDOWS\SYSTEM\NPNZDAD.EXE
tried to write to
C:\My Download Files\tracker.exe.$ P C:\My Download Files\tracker.exe
u Windows S Windows Auto-Protect ÿÿÿÿOE
Only 49b made it down; strings tracker.exe yielded only GIF89a
Digging in C:\Windows\Temporary Internet Files\
Excerpted from JavaScript in the htnl in the cache:
function ahwyaudiobooks() {
hitsWindow=window.open('http://ads.admonitor.net/
}
Then:
<SCRIPT LANGUAGE="JavaScript" SRC="http://ads.admonitor.net/adengine.cgi?F262|1
</SCRIPT>
Then looked for a
document.write("<A HREF=\"http:\/\/ads.admonitor.net\/clicktrack.cgi
Whither www.avenuea.com? This is straight from their site:
<slime>
Avenue A currently serves over 90 clients, including Eddie Bauer, Expedia.com, Gateway, Gear.com, Microsoft Corporation (MSN), MTV Networks, Onvia.com, RealNetworks, TicketmasterOnline-CitySearch and Toysrus.com. The company is based in Seattle with offices in Chicago and New York.
</slime>
WTF? Somebody puts something called tracker.exe on _my_ machine without telling me?
This went thru smartdownload&tm;
I don't know what exactly was going on and was unable to replicate the process, but if you want details to chew over, I HTH.
And yes, before you open your mouth, I know this wouldn't have happened if I weren't running windows.
AOL-Netscape follows your browsing (Score:1)
Re:Keep-alive (Score:1)
Re:Wasn't happy about it. (Score:1)
Re:Keep-alive (Score:1)
Re:The Privacy Market (Score:1)
The corporation will feel more secure knowing everywhere you go, everyone you talk to, but they aren't volunteering to make your life easier. They won't tie this valued marketing information to you as a person or an IP address. They will not send targeted ad's to you based on the demographics you generate. So they steal my demographics, then they don't make my life easier by giving me almost relevent junk noise. Go figure.
Leadership from the top will come in the form of the Big Person watching over you. That's the kind of leadership we keep letting the companies move towards. What ever happened to the customer is always right? That wasn't as profitable as gouging the customer. MS didn't make $500B last year by listening to the consumers. Why should they change?
Without backdoors how will the FBI access your computer through the ISP they have a wiretap through?
AOL had credibility? Yeah I know AOL/Netscape, but still...
Re:Ouch. (Score:1)
Re:Keep-alive (Score:1)
Secret anti-troll story (Score:1)
Slashdot Develop Time Travel (Score:3)
I'm presuming that when posting it CmdrTaco tried to give it the same date/time as the Yahoo article. However he translated 01:16 PM EDT into 01:16 UDT (24 hour clock). The correct value would have been 18:16 UDT (+12 +5). There is however the question of why do this at all and not just use the actual posting time (any conspiracy nuts out there?).
Of course I could be wrong and the title of this article could be accurate. Maybe Yahoo failed to credit the Slashdot article (Chronal Recursion - the bane of all time travelling civilisations).
AOL / Netscape spies on surfers (Score:2)
hey (Score:2)
The Register runs the story (Score:1)
UK IT industry on-line mag The Register [theregister.co.uk] has just run the SmartDownload story.
I'm glad the guys at Vulture Central ran it, because I certainly didn't get to read this story on the main /. page. Looking at the tiny number of comments so far, I wasn't the only one to miss it.
Bad Slashdot. No VC cash.
Re:Why doesn't anyone remember it? (Score:1)
Re:The Privacy Market (Score:1)