Report slams US advert server for "wiretapping, forgery and browser hijacking"
US personalised advert server NebuAd has been accused by lobbying group Free Press of tampering with web traffic and third party page content and illicit redirection of users' requests.
NebuAd is a US-based ad serving system offering ISPs a service similar to that of Phorm, which has attracted so much recent controversy in the UK. However, it seems that NebuAd has taken intrusiveness to a whole new level. A technical report by Robert M. Topolski describes how NebuAd forges IP packets to inject its own JavaScript into requested pages. This script, which executes in the context of the user-called page, downloads further JavaScript from faireagle.com – a NebuAd-owned domain. The script from faireagle.com then injects several cookies containing a unique user identifier into the user's browser. Apparently, none of this activity is visible to the user.
Topolski points out that to accomplish the injection, NebuAd must necessarily deep packet inspect the traffic between the user and their ISP, impersonate the target IP address, and tamper with the protocol by forging control data. He likens NebuAd's activities to malicious intrusion, identifying similarities with cross site scripting, man in the middle attacks and browser hijacking. The matter has already been put before the US Congress.
(mba)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
