Slashdot Mirror

← Back to Stories (view on slashdot.org)

Netscape 6 is Spyware?

Posted by michael on from the green-dinosaur-now-more-threatening dept.

spoon00 writes: "AOL is collecting information on what Netscape 6 users are searching for on sites like google.com. IP address, the date Netscape was installed and a unique ID number are other bits of information AOL is also collecting."

5 of 647 comments (clear)

  1. Easy Solution by BurritoWarrior · · Score: 5, Informative

    Don't use it. Uninstall NS6 and use Mozilla instead. Same browser - without the unnecessary extra crud AOL bundles into it anyhow.

    1. Re:Easy Solution by DeadMeat+(TM) · · Score: 5, Informative
      That's a good idea for most /. readers, but Mozilla isn't really an end-user product; it lacks some of the polish of commerical browsers. Also Netscape 6.x has the advantage that, after branching, the Netscape team beats some of the bugs out of it. I personally use Mozilla, but when I "evangelize" a Windows browser, it's Netscape 6.2.1.

      That said, the "spyware" here is really annoying, but it's disabled easily enough. Open prefs.js and change pref("browser.tracking.enabled", true); to false, and you're done.

      A better way to go if you do this a lot is to use the Netscape CCK to make your own CD without all the AOL crap included. The CCK won't let you edit this pref directly, but unzip browser.xpi and look for this line in all-ns.js. You can also make some interesting changes in the .js files in bin/defaults/pref -- like turning off all those AOL "partner" buttons by default and disabling the activation procedure.

    2. Re:Easy Solution by Keith+Russell · · Score: 5, Informative

      Preferences only allows you to ban domains from What's Related. To remove the tab entirely, open your sidebar, click the Tabs dropdown, then select Customize Sidebar.... If What's Related is in the Tabs in Sidebar list, remove it.

      --
      This sig intentionally left blank.
  2. Re:Doesn't XP/IE 6 Do The SameThing? by Krelnik · · Score: 5, Informative
    Yes, the article got this wrong. IE does the exact same thing if you use what they call "Auto Search".

    In IE 5.5 or 6.0, if you click the SEARCH button, then click CUSTOMIZE in the panel that appears, you can choose which engine that IE uses to search for you. If you then click AUTOSEARCH SETTINGS you can set a default search engine.

    Once this is done, you can type search terms in the URL box, and if they can't be somehow interpreted as a hostname or domain name, they get routed to your favorite search engine.

    But not directly! They go through the host auto.search.msn.com. You can see this quite easily even if you don't have a sniffer. Simply edit your HOSTS file under Windows to redirect the name auto.search.msn.com to some other address, like the loopback address (127.0.0.1). Once you do this, your auto-searches will start failing with 404's, and you will see the URL they use to do the redirection.

    I've wondered for a long time what Microsoft does with this data. Fortunately, if you are willing to do a little registry hacking and a tiny bit of extra typing, you CAN avoid this in IE. You can create keywords like "google" that you type first in the URL box, before your search term, and these are redirected from your chosen registry setting to the search engine. These do NOT redirect through MSN so Microsoft can't spy on you. Instead of typing just the "my search term" in the URL box, you type "g my search term" and it goes right to google (or whatever).

    This latter ability has existed since IE 3.0, but in current versions of IE it has NOTHING configured in it by default. However, if you download this free tool from Microsoft, it adds a way to configure them. Why is this hidden off as a free download instead of included with IE? Dunno, but feel free to insert your favorite conspiracy theory here.

  3. What's in that query bar packet? by jscribner · · Score: 5, Informative

    So i was curious about what was actually being sent to AOL when one did a google search from the netscape bar. Here's the HTTP request:
    GET /fwd/lksidus_gg/http://www.google.com/search?q=tes tpriv9&sourceid=mozilla-search HTTP/1.1
    Host: info.netscape.com
    User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:0.9.2) Gecko/20010726 Netscape6/6.1
    Accept: text/xml, application/xml, application/xhtml+xml, text/html;q=0.9, image/png, image/jpeg, image/gif;q=0.2, text/plain;q=0.8, text/css, */*;q=0.1
    Accept-Language: en-us
    Accept-Encoding: gzip,deflate,compress,identity
    Accept-Charset: ISO-8859-1, utf-8;q=0.66, *;q=0.66
    Keep-Alive: 300
    Connection: keep-alive

    There's also the usual data stuffed in the TCPIP header, such as IP address. There are some additional g'day requests to info.netscape.com which might contain unique ID information and would also be matched to TCPIP header info, but if there are any explicit UIDs in this packet i must be missing em.

    The developers probably had a good reason for setting things up this way: If the URL for a search engine changed, they could always update their fwd script and prevent users from going to a broken page. Unfortunately, this means data gets sent to a site other than that intended by the user. A much better way of doing this would be for the client to check for updates to the search URLs and store them locally.

    Just some thoughts.

    --
    JS - IBM Metaverse devteam
    The opinions expressed here are mine & not necessarily representative of IBM