Doubleclick profiling is a bit disconcerting. There is a company that
allows you to surf the web anonymously so your actions on the Internet
cannot be traced back to you. Check out www.privada.net.
Mandy
At 08:10 PM 2/9/00 -0500, Chris Brenton wrote:
>Greetings all,
>
>Back on 12/19/99 I posted a rather verbose message to the Firewalls list
>on how a number of search engines are taking the search criteria you are
>entering and submitting it back to DoubleClick. Basically what you see
>is just after submitting your parameters to a search engine, your
>browser connects to ad.doubleclick.net in order to send something
>similar to the following:
>
>http://ad.doubleclick.net/adl/site_you_searched.com/result_front;kw=Tell+me
+about+rashes;cat=stext;ord=119996981
>
>Where the "kw" string is your list of search parameters (key words?) and
>"ord" (based on research by Adrian Colley) is a hex conversion of your
>cookie ID. In other words, your ID and what you've been looking for gets
>sent back to DoubleClick.
>
>Based on this article:
>http://news.cnet.com/news/0-1005-200-1531929.html?tag=st.ne.1002.tgif
>
>this info may eventually get correlated with the rest of your personal
>info. Kind of a "personality profile" if you will, similar to the modern
>day credit report. Do a search on "evil hacker sites" and this gets
>associated with your profile. Of course the problem is that if your five
>year old searches for "pictures of naked monkeys" they may associate
>these key words with your ID as well.
>
>This has organizational security implication as well. For example how
>much would your competitors pay to know what info you are searching for?
>IMHO given the number of sites involved in this "info sharing" the
>practice has become a few steps shy of placing a sniffer outside your
>firewall.
>
>As mentioned in that original post, I've setup a "DoubleClick honeypot"
>to ID the sites that are submitting this info back to DoubleClick. The
>list I have so far is:
>
>aj.com
>ajkids.com
>altavista.digital.com
>anywho.com
>av.com
>babycenter.com
>boston.com
>buy.com
>corptech.com
>drcoop.com
>greatdomains.com
>hoovers.com
>imdb.com
>infoseek.com
>foodtv.com
>redhat.com
>remarq.com
>rocketlinks.com
>rtq.net
>yellowpages.com
>
>The two that really bug me are RedHat (happens from their search page,
>not the main page) as you would expect them to be more sensitive to
>these kinds of issues and drcoop.com as the site is for searching
>medical info (I now know *way* too much about what ails my users ;).
>Note that these are *not* just ad partners, these sites forward your
>search info back to DoubleClick.
>
>Since this is all outbound TCP/80 traffic, it burns right though most
>firewalls. If you try and block all HTTP to DoubleClick, many browsers
>choke and kick an error back to the user. The only real effective means
>of killing this traffic is to proxy through JunkBusters or a honeypot
>similar to my setup (detailed in my 12/19 post).
>
>Just curious if there is anyone out there that can add/delete from the
>above list. I'm also wondering _why_ they do it. Do this sites receive
>some form of financial return for submitting this info? Why don't they
>state what they are doing in their privacy statement?
>
>I'm also wondering if people feel an ORBS kind of setup is in order.
>It's really starting to trouble me just how much information is getting
>reported back to a single agency under the guise of "target
>advertising". If the government was doing this people would be freaked.
>
>Thoughts?
>
>All input appreciated,
>Chris
>--
>**************************************
>[EMAIL PROTECTED]
>
>* Multiprotocol Network Design & Troubleshooting
>http://www.amazon.com/exec/obidos/ASIN/0782120822/geekspeaknet
>* Mastering Network Security
>http://www.amazon.com/exec/obidos/ASIN/0782123430/geekspeaknet
>-
>[To unsubscribe, send mail to [EMAIL PROTECTED] with
>"unsubscribe firewalls" in the body of the message.]
>
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
