Harvard study wrestles with Gator

[InfoSec News <isn () c4i org>]

Forwarded from: "eric wolbrom, CISSP" <eric () shtech net>

http://news.com.com/2100-1032_3-1008954.html

By Declan McCullagh
Staff Writer, 
CNET News.com
May 22, 2003

A Harvard University researcher has completed an investigation of the
Gator advertising utility, offering a glimpse into the workings of one
of the Web's most controversial pop-up networks.

Gator is a utility, sometimes derided as " spyware ," that monitors a
user's Web browsing activity and displays relevant advertisements.  
Until this week, the service promised advertisers that it could slap
promotions onto a computer screen when a reader visited a competitor's
Web site.

According to the Harvard report , pop-up advertisements for Sun
Microsystems' powerful V880 server, boasting "See how Sun beats IBM,"  
are aimed at Gator users who visit IBM.com. In the cutthroat travel
business, Orbitz, Travelocity.com, Priceline.com, and Cheap Tickets
have purchased pop-ups that Gator users visiting arch rival Expedia
will see, the study found. Expedia, in turn, uses Gator to aim its own
"bargain fares" ads at all four of its competitors' sites.

The report "provides some data as to how much advertising Gator is
showing and to whom it is targeted," said author Ben Edelman , who has
testified as an expert witness against Gator in at least one legal
challenge to its service. "For Web site operators, and to be sure,
their legal staff, it's important to know whether Gator is targeting
them or not, and if so, how much."

Scott Eagle , Gator's senior vice president for marketing, said the
company was examining the report for possible errors, but he did not
contest specific findings as of late Wednesday. Nevertheless, Eagle
raised general doubts about the study's methodology, observing that
the report relied on information gleaned from Gator's client software
without taking into account actions performed on Gator's servers.

"Eighty percent of the magic is what he'll never see," Eagle said of
Edelman and his findings in a phone interview. "He's only touching a
part of the elephant."

Gator's advertisers are no secret to millions of Web surfers who have
installed its software. Still, the company has been guarded about its
customers and practices due in part to the stigma of pop-up ads and to
ongoing litigation.

Gator is one of the most aggressive companies peddling pop-ups--an
Internet marketing technique that opens a browser window loaded with
advertising over the top of, or underneath, an ordinary Web page.  
Early versions of Gator's service placed pop-ups directly over the top
of advertisements embedded in Web pages, but the company has since
ceased the practice. More recently, it has incorporated delays so that
ads may be triggered only after visitors leave a Web site.

Pop-ups have been credited with higher-than-average customer response
rates, making them popular among advertisers. But consumers have
rebelled against them, and countermeasures that block the ads from
appearing have gained in popularity.

Popping up in court

Gator has run afoul not only of Web surfers, who generally dislike
pop-ups, but also of publishers who rely on advertising revenues.

The privately held company, which says it charges advertisers fees
starting at $25,000, has attracted a slew of lawsuits challenging its
business practices and the legality of luring advertisers away from
Web sites that must pay to produce content. The company in February
settled a case brought by The Washington Post, The New York Times, Dow
Jones and other media companies. Other lawsuits brought against Gator
by catalog retailer L.L. Bean, hotel chain Extended Stay America, and
online loan marketplace LendingTree.com are pending.

Gator says its practices are legal because consumers agree to receive
the ads when they download and install its software: an e-wallet and
authentication application that makes it easier for people to register
with Web sites and make online purchases. Gator is included with
popular ad-supported software such as Divx and NetSonic , which help
Redwood City, Ca.-based Gator distribute its product to a claimed 35
million current users.

Edelman, who is a student fellow at Harvard law school's Berkman
Center for Internet and Society --which sponsored the report--has
authored many similar studies in the past about topics such as
Google's Web filtering, false Whois data, and registration of domain
names with typographical errors.

Although it would be possible for someone to install the Gator client
and record its behavior, this approach is problematic. For instance,
Gator delays serving ads from minutes to hours after a visitor leaves
a Web site, making it difficult to trace what triggered the pop-ups.

Edelman automated the process by using a packet sniffer to ask Gator
for its ad lists for thousands of different sites. He found that Gator
targets specific host names, such as support.microsoft.com, and
sometimes targets identical ads at dozens or hundreds of Web sites.  
The University of Phoenix, for instance, pays for ads aimed at scores
of other university sites, such as the University of California at
Berkeley, Carnegie Mellon University and Stanford University.

Wednesday's report shows that Gator is very specific in monitoring Web
browsing. For example, it carefully watches what people type into the
Google search engine, hunting for phrases like "preventing pregnancy,"
"high cholesterol" and "Toro lawn mower part," the study says.

Edelman's research shows that even federal government Web sites are
fair game. Gator users looking for information from the Centers for
Disease Control and Prevention may see an ad for "thinner thighs in
four weeks," and Gator watches for users visiting areas of the Food
and Drug Administration's site relating to Viagra, breast implants and
weight loss, the study found.

Advertisers identified as Gator customers in Edelman's study,
including Sun, did not immediately respond to requests for comment.

How Gator works

According to Edelman, a Gator server sends a list of ads to the Gator
client, based on the domain name of the site visited. In his research,
the lists consisted of a series of hyperlinks to Zip files, such as
http://bg.gator.com/Banners/13811.1/13811.gbd2zip . The Gator client
downloads and displays only the ads that jibe with the user's prior
actions, Edelman found, which might mean not showing the same ad twice
in a row. Gator's ad server appears to ignore other variables sent by
the client utility, including locale, ZIP code, user ID and machine
ID, and frequently displays ads after users leave a targeted Web site
instead of while they're still viewing it.

Gator's Eagle would not discuss details, calling it a "proprietary"  
algorithm. "Why am I going to put my intelligence where people like
Ben or my competitors may be drilling down?" he said.

Eagle contends that advertisers are only permitted to target groups of
sites, not individual Web sites. But on Tuesday, after being alerted
to the existence of the Berkman study, Gator deleted marketing
materials from its Web site that suggested otherwise. The deleted Web
page, which had existed since at least February 2002, had promised :
"Gator can pop up your advertising or promotional message
anywhere--even at a competitor's site."

Gator said on Wednesday that the deletion was part of a new marketing
campaign that had been planned for months.

Even faced with the daunting threats of fierce legal battles and the
dubious honor of marketing the most complained-about piece of
"spyware," Gator says it's unbowed.

"Companies like Google, Overture and Gator are shining examples of
success," Eagle said. "Our consumers save billions of dollars per year
on software that they'd have to spend $20 to $30 on if they weren't ad
supported. Yes, I am sorry that many Web sites don't have a valid
business model, but don't blame Gator on their failure. They crashed
and burned long before we came on the scene."

 
_______________________________________________________________________
eric wolbrom, CISSP                     Safe Harbor Technologies
President & CIO                         190 Goldens Bridge Ct.
Voice 914.767.9090 ext. 6000            Katonah, NY 10536
Fax   914.767.3911                              http://www.shtech.net
_______________________________________________________________________



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.