In association with heise online

06 December 2010, 10:33

History stealing for ad networks

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Espionage Teaser It has been known for several years, that web sites can snoop around in visitors' browser history. This summer, two developers found a way of refining and simultaneously speeding up the method. History stealing is based on the marking of links clicked on in a browser. Clicked on links are indicated by a different colour than those not yet clicked on. While the web sites visited cannot be read out via JavaScript, a list of sites can be investigated to see whether visitors have already been there. The optimised JavaScript presented in May reportedly allows up to 30,000 URLs to be queried per second.

According to a report in Forbes, these approaches are now in active use. The most prominent example is YouPorn, which checks what other pornographic web sites its visitors have already been to. Overall, the research group from the University of California at San Diego, found an additional 46 sites employing this method in the fields of news, financial reports, sports and games. The university's research reportPDF not only describes the method, but also lists web sites using it.

Forbes says there is a tremendous difference between sites like YouPorn and the photo service PixMac, on the one hand, and the other services investigated. The first two included the scripts on their web sites themselves, while advertising service providers had added the script to the other web sites.

Advertising sellers are probably the ones most interested in surfer histories. If surfers come across a web site, they may not be interested in a particular topic; they may have only landed there from a search engine query. However, if their browser history contains other web sites of the same kind, it pays for advertisers to present the right ads.

Some web site operators were apparently surprised when the report found this code in their web sites. Interclick, which markets advertising, told Forbes it had used such a script for a limited time between March and October as an experimental method of checking some data sets it had purchased. Interclick stated that the results from this method proved not to be useful so they stopped using it. Such tests are quite common, though not usually as hidden. YouPorn also told Forbes it has since stopped snooping around in its surfers' histories.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit