Skip Links

Network World

  • Social Web 
  • Email 
  • Close

ISPs meddled with their customers' Web traffic, study finds

By Robert McMillan , IDG News Service , 04/16/2008
Newsletter Signup
  • Share/Email
  • Tweet This
  • Comment
  • Print

About one percent of the Web pages being delivered on the Internet are being changed in transit, sometimes in a harmful way, according to researchers at the University of Washington.

In a paper, set to be delivered Wednesday, the researchers document some troubling practices. In July and August they tested data sent to about 50,000 computers and discovered that a small number of ISPs were injecting ads into Web pages on their networks. They also found that some Web browsing and ad-blocking software was actually making Web surfing more dangerous by introducing security vulnerabilities into pages.

"The Web is a lot more wild than we originally expected," said Charles Reis , a PhD student at the University of Washington who co-authored the paper.

The paper, which was co-written by a researcher at the International Computer Science Institute, will be delivered at the Usenix Symposium on Networked Systems Design and Implementation in San Francisco.

To get their data, the team wrote software that would test whether or not someone visiting a test page on the University of Washington's Web site was viewing HTML that had been altered in transit.

In 16 instances ads were injected into the Web page by the visitor's Internet Service provider. "We're confirming some rumors that had been in the news last summer, that ISPs had been injecting these ads."

The service providers named by the researchers are generally small ISPs such as RedMoon, Mesa Networks and MetroFi, but the paper also named one of the largest ISPs in the U.S., XO Communications, as an ad injector. An XO spokesman said that the company does not engage in this practice and that any ad-injection linked to its network is probably being done by a "downstream" service provider that is purchasing network capacity from XO.

In June 2007 the TechCrunch blog reported RedMoon, a small Texas wireless provider, was using a system built by a Redwood City, Calif., company called NebuAd to insert advertising into the HTML code of Web pages.

Critics blasted the ISP for meddling with its customers' traffic and worried that this kind of ad injection undermined the integrity of Web sites, which had no control over the ads being displayed.

NebuAd has now discontinued its ad-injection product line and now delivers only the standard type of advertising that it buys from Web publishers, a company spokesman said Tuesday.

  • Share/Email
  • Tweet This
  • Comment
  • Print
Partner Content

Explore the Ultrium Edge

The powerful tape technology can address data security with tape encryption as well as long term data protection.

Find Out More

Disk and Tape Square Off

Discover what disk and tape really cost and which solution provides lower total cost of ownership and optimizes energy use for your organization

Download this White Paper

Don't Fall for the Myths

The Clipper Group explores the truth behind the myths of tape, digging into the misconceptions in the disk vs. tape debate.

Review this information

information examination

An examination of information security issues, methods and securing data with LTO-4 tape drive encryption

Read this analysis

Comments (4)
Login
Forgot your account info?

Same old general clause. Uh,By Alliance-Datacom on April 17, 2008, 4:50 pmSame old general clause. Uh, we didnt do it. Good luck trying to find them accountable for this either. Tech companies are way ahead when it comes to covering up...

Reply | Read entire comment

Yeah right...By Anonymous on April 16, 2008, 7:12 pmFelony in what country? And who is breaking the law? As was discussed in this article, when XO was confronted, they claim that the add was probably being injected...

Reply | Read entire comment

Yeah right...By Anonymous on April 16, 2008, 7:11 pmFelony in what country? And who is breaking the law? As was discussed in this article, when XO was confronted, they claim that the add was probably being injected...

Reply | Read entire comment

Isn't this a felony?By Anonymous on April 16, 2008, 11:51 amI mean, if *I* were to change someone's electronic transmissions without their permission, I'm pretty sure I'd go to jail for it. I'm sure nobody working for an...

Reply | Read entire comment

View all comments

Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Videos

rssRss Feed