, Newsbytes 2002-03-08
AOL Time Warner's [NTSE:AOL] Netscape unit is snooping on searches performed by users of its latest Navigator browser at Google and other search sites.According to a network traffic analysis performed by Newsbytes, Netscape is capturing Navigator 6 users' search terms, along with their Internet protocol (IP) address, the date Navigator was installed and a unique identification number.
Anytime a Navigator user performs a search by typing terms into the browser's URL bar and pressing the adjacent Search button, or by using the Search tab on the browser's My Sidebar feature, the user data is sent to a server at info.netscape.com using a uniform resource locator (URL) forwarding system.
While search sites such as Google log data about visitors, Netscape is in a unique position to compile a meta-database of search information, according to Marc Maiffret, "chief hacking officer" for Eeye Digital Security.
"Why should Netscape know about what I searched for at Google? This is way more information than they need," said Maiffret.
Derick Mains, a spokesman for Netscape, said the company developed the URL forwarding system in order to bill participating search sites for sending them traffic.
"We just keep track of aggregate numbers and don't monitor any terms or anything. We just need to know how many people are searching via our browser to our search partners, and that's all the information we receive," he said.
By default, Navigator's Search function uses Netscape's own search service. But browser users can configure Navigator instead to use search services from Google, Lycos or Overture (formerly Goto).
Netscape's interception of Web searches was first noted by Sim IJskes, a Netherlands-based software engineer, on the RISKS mailing list this week. IJskes observed that Navigator installs several scripts that are invoked during searches and forward requests through Netscape's server to the intended search engine.
Using Navigator's Search button to perform an inquiry at Google, for example, invokes the URL http://info.netscape.com/fwd/lksidus_gg/http://www.google.com/search.
A test of Microsoft's Internet Explorer 6 browser showed that data on searches conducted from IE's search page is sent directly to the designated search site and is not intercepted by Microsoft.
Navigator users can avoid having Netscape log their searches by directly accessing a third-party search engine by typing its address into the browser rather than using the Search button or Sidebar.
"This is yet another example of a product phoning home. It's a sleazy practice," said Smith.
Netscape is at http://www.netscape.com .
Reported by Newsbytes, http://www.newsbytes.com .