What are E-mail and the
Web “like”?
Postal mail
Cable TV
Library
Telephone
Newspaper
Video game
They’re found in an office
They’re found in a room at home
July 8, 2004
2
Overarching Goal
Help align user privacy expectations
with reality
The obvious tactics:
Teach the users what it’s really like out
there, or
 Transform the wilderness into what it
should be

July 8, 2004
3
Web tracking summary
ual.com
Request & receive main HTML page
dm.cs.uml.edu
July 8, 2004
Request & receive embedded element
(such as an image)
while reporting referrer information
doubleclick.net
(3rd party)
4
Cookie sharing
threat
berklee.edu buy.com ual.com
A 3rd party content provider could
track a user across all sites served
by it (usually via an identifying
cookie)



Some indications of interest in doing
this from Internet advertising folks
Threat led to fierce opt-in/opt-out
debates and lots of cookiemanagement software
And P3P, naturally
July 8, 2004
5
Web bugs
A bug is a hidden eavesdropping device
Vague definition: A Web bug is an HTML
element that is
present for surveillance purposes,
 and is intended to go unnoticed by users

July 8, 2004
6
Our definition
A Bugnosis Web bug:





is an image
is too small to see (<= 7 square pixels)
is third party to the main page (approx. RFC2965)
has a third party cookie
only appears once on page
Some other characteristics are used for
secondary sorting purposes
July 8, 2004
7
Getting the word out
We knew there were a lot of Web bugs out
there (from direct HTML inspection, and a
later quantitative study)
Web bugs vs cookie sharing threat:



Web bugs harder to thoroughly explain
But have an easier take-home message: “This is
evidence that someone is intentionally noting your
visit”
Still very hard to identify purpose of tracking
July 8, 2004
8
Bugnosis: the tool
Most important user interface decision: the audience
would be journalists
So we needed:





easy install/uninstall
reasonable default behavior
zero configuration
attention-grabbing runtime
a bit of gobbledygook is OK
Didn’t need:


web bug blocking behavior
browser support other than Internet Explorer
July 8, 2004
9
Bugnosis demo
Altace for cardiovascular risks
MSNBC Cybercrime article

use of JavaScript; latitude & longitude
Google search:
“best music portsmouth NH”

referrer
Mycomputer.com's privacy policy

full probe, old junk in cookie, https
NY Times Movies pages

thrilling cookie
July 8, 2004
10
Bugnosis details
Proxy model
(not used in Bugnosis)
www.ual.com
<h1>United</h1> <img
src=“…” width=1
height=1> …
July 8, 2004
Local
Proxy
<h1>United</h1> <img
src=“…” width=1
height=1> …
11
Bugnosis details
Document Object Model /
Browser Helper Object
<h1>United</h1> <img
src=“…”> …
DocumentComplete…
www.ual.com
BHO
July 8, 2004
width = document.imgs[0].width
…
document.imgs[0].src = “bug.gif”
…
12
Bugnosis details
Advantages of BHO over proxy:
accuracy– no need to reparse HTML
 image attributes– healthology
 sensing in spite of SSL encryption

Disadvantages:
tightly coded to browser
 interactive

July 8, 2004
13
Successes and Failures
Success: graphic identity gave it a legitimacy
that’s otherwise unobtainable
Success: sufficiently in-your-face
Success: ability to remotely white-list sites
Failure before Success: original “drive-by”
ActiveX installation
Failure: no P3P integration
Failure: insufficient tech support structure
Failure: no HTML email support
July 8, 2004
14
Bugnosis for Email
Web bugs in email – they know who you are!

Thoroughly breaks expectations
Trend is clearly away from 3rd party image
support in HTML email readers

Yet in past 12 months we’ve seen Web bugs in
emails from Pfizer, Proctor & Gamble, Roche,
Orthobiotech, RJ Reynolds, GlaxoSmithKline,
Experian (for Pernod Ricard)
July 8, 2004
15
Conclusion
Designing for journalists meant
designing for the masses
Get Bugnosis from www.bugnosis.org
(Windows IE only)
BTW, 3 spots in my car
July 8, 2004
16
Quantifying the amount
of tracking
The FTC samples: from 2000 report
“Privacy Online”
Of 91 “popular” sites, 84 remained in 2001
 Of 335 “random” (consumer-oriented)
sites, 298 remained

Searched 100 pages on each site for
Web bugs <= 4 clicks from home
July 8, 2004
17
Results
Popular sample:

84 sites: 58% contained >= 1 bug


29% of sites with bugs did not disclose them
7,507 pages: 10% contained >=1 bug
Random sample:
298 sites: 36% contained >=1 bug
 25,263 pages: 10% contained >=1 bug

July 8, 2004
18