This Privacy
Stuff is Really Bugging Me!
by Mike Banks Valentine
There is a nasty little privacy parasite loose on
your computer. You get it by visiting web sites with
"bugs" on them. Typically served by ad tracking,
affiliate tracking and even email tracking companies
to measure the effectiveness of their ads, track their
visitors and find out when you open their email. Web
bugs are tiny, invisible 1 pixel by 1 pixel graphic
files that notify a third party web site when a page,
an ad or an email is viewed.
Now if you've joined an affiliate program through
any of the major affiliate tracking companies, you
have probably even put these bugs on your own pages
without knowing what you've done. They come in the
HTML code you are given to paste into your page by
Commission Junction or LinkShare or BeFree networks
and LinkExchange to track your visitors so you can be
paid your affiliate commissions.
You'll see on the link code something like this <img
src="http://service.bfast.com/bfast/serve?bfmid=
26375915&siteid=38461978&bfpage=ehi_home_page"
border="0" width="1" height="1"
NOSAVE >
This is actually the WebSite101 code for our affiliate
link to eHealthInsurance.com and is required by their
affiliate program. This is a "good" use of web
bugs to
track commission payments to affiliates. It allows the
host to track exactly what web page was visited by the
surfer and when so that affiliate links can be tracked
from their source.
The "bad" bugs are those used by ad servers to
track
which advertisements are viewed by surfers and combine
it with other information stored about that surfer at
other web sites. There are bugs included in HTML email
-- those messages that include graphics, fonts and page
color in the messages -- to see when the email was opened
and can even tell where on your hard drive that email
is stored, when it was viewed, how long it was open
and if the links are clicked on.
"Bad" bugs are used by nefarious sites to collect
information from your hard drive and pass it back to
their server without your knowledge. This is done in
combination with cookies to send information about your
surfing habits to third parties, also without your
knowledge. For more about cookies visit:
http://WebSite101.com/Privacy_issues.html#cookies
Some of these nasty little critters can even be used
from web pages or within your email to install
"executable bugs," which can install a file onto
your
hard drive to collect information whenever you are online.
For example, one such bug can scan a hard drive to send
information on every document that contains the word
"financial."
More on Web Bugs . . .
http://news.cnet.com/news/0-1005-200-5008849.html
http://www.ecommercetimes.com/perl/story/12405.html
Type 1
In this case, a third party gathers information about an
individual based on his activities on the Web. While he
surfs the site, an unseen information gatherer is creating
a personal profile by examining the pages he visits, how
long he stays, his geographic location -- and even his buying
patterns and credit card information. Many commonly used
Web sites, such as DoubleClick, use this type of bug to
profile users.
Type 2
This application is downloaded on a computer unknowingly,
like a Trojan horse, it then resides on a user's computer
-- even the hard drive.
"A Type Two can monitor anything. For example, if you
do your own taxes with financial software, it can monitor
that." This type of bug often is downloaded invisibly
because it has attached itself to a desired application
such as an MP3 file.
Type 3
A script-based Type Three bug enters a computer even when
the user doesn't download anything at all. Wang and his
colleagues used a script-based bug, for instance, during
a presentation to the Congressional Privacy Caucus in Washington,
D.C.
The bug, specially written for the presentation, entered
a committee member's personal computer and stole a copy
of his private address book and calendar. While an audience
watched, the bug then transferred all of the stolen addresses
to a colleague's computer.
Type 4
This bug enters a computer through a Web-based application
such as instant messaging or in a bulletin board. For instance,
Wang said, some devious Web users recently created a Type
4 bug that infiltrated the popular Internet auction site,
eBay.
The bug gathered information about how much money auction
participants were willing to spend for items that were up
for sale on the site -- and then the bug's authors used
that data to manipulate the auctions.
Type 5
This Web bug functions like an e-mail version of a wiretap.
For instance, if a lawyer were to receive a message from
an adversary in a lawsuit and then forward that message
along with her own comments to several colleagues -- who
then commented back and forth, too -- the original sender
of the message could actually track the whole e-mail conversation
as it progressed.
A company called Intelytics
offers a suite of privacy protection products that specifically
track, warn and prevent damage by these insidious little
creatures.
There is also a new free software available
for Windows users called
<a href="http://www.bugnosis.org/">Bugnosis</a>
which is provided as freeware by the
<a href="http://www.privacyfoundation.org/">
Privacy Foundation</a>.
The software is designed as a browser plug-in to notify
you when a page you visit is a security risk, or simply
if the page contains web
bugs. They are working on a
version that will notify you of bugs in your email.
Call the exterminator honey, we've got bugs in the PC!
--------------------------------------------------------
WebSite101 "Reading List" Weekly Netrepreneur Tip Sheet
Ezine emphasizing small business online http://website101.com/arch/
e-tutorial online at: http://website101.com/shortcourse.html
By week's end you're ready expand your business to the web!
--------------------------------------------------------
Index
to Privacy Resources at WebSite101