Web browser security: ad-jacking

I decided to try the AAO with Linux after frustration with the increasing slowness and overheads of my old Windows laptop with Norton 360. However, I never had any worries about security. I'm starting to see, on very respectable websites I've been visiting with my AAOL, some dubious display ads that those sites would never carry; e.g. you are the 1000000 visitor, please click to claim your prize;, and those love compatibility ads. I've checked the same sites using my old laptop and they're not carrying those ads, so something must have infiltrated my AAOL system. If they can do that, I'm now worried about Linux security generally, eg. key tracking when I do my mobile banking, etc. Any ideas or suggestions?

 

Broadly speaking there are two schools of thought when it comes to security... Either, don't let anyone know how your stuff works, or tell everyone how your stuff works. Proprietary systems like Windows use the former, and often rely on hiding things to keep things safe - this works OK until someone finds what you've hidden, at which point everyone with that system installed is exposed to the same flaw. Linux relies on the latter because of it's requirement that all source code be made publicly available - so if there were nasties hidden away in the system, someone would notice it and the community would produce a fix. So it's up to you who you trust, large companies like Apple and Microsoft, or tens of thousands of Joes all working together to keep each other honest for the good of the community...
Personally, I think it's unlikely your Linux security is compromised, how could it have happened?
(have you installed any proprietary software for example?) - but you could always do a fresh install if you are very worried.
Finally, I run the "adblock plus" plugin for Firefox, and I find this hides most of the more irritating adverts.
p.s. It is possible the sites in question notice which browser/system you are using and tailor their adverts accordingly - which is why you might not see the same adverts on different setups. What sites are you looking at, I can take a look and see if I see them too.

 

Absolutely standard apart from Skype, Firefox 3 and kgames. The site this happened last was http://license.icopyright.net/user/...cks-deliver-another-stark-lesson-1022713.html

 

well, I didn't see any adds *exactly* like you describe, but there were *shed* loads, and some offering prize coffee and steer the car down the road type puzzles, BerlinTourism and sending love messages, 100% cola drink from RedBull... so I guess the topic of some of the adverts was perhaps not what one might expect - but then again, it is the Independant
You could check in your Tools->Addons folder, to make sure you haven't inadvertently installed a Firefox plugin, but I think it's possible the ads are just as they should be.
(Also, just out if interest, who is your ISP? I know it's not impossible for ISPs themselves to do the adjacking...)

 

telecom http://www.xtra.co.nz/products/

 

There are a few things to mention here. First, advertisers don't behave nicely. They try to track the users, store as much info as possible on them and use it to tailor ads. So what do they know about you? Basically, anything your browser tells them: your IP address, which sites you came from (Referer-header), which sites with ads you already visited, languages you prefer (Accept-language header) and the brand of browser and OS you are running.

Web sites that run tracking ads (such as from Google) are by definition not respectable. My guess is that your new computer has no "ad history" yet, and you get just random ads, until your profile becomes clearer. I think that if you were using the Windows machine to search for porn, "get rich fast", lotteries, or that kind of things, you would just be overwhelmed by those ads. I just think that the advertisers know your Windows machine better than your new netbook.

As others already told, there are a few ways to fight back. Sorry, the internet has lost its innocence, and it is for you to decide how bad you think it is. If you use Firefox (I assume you do), there are a few good plug-ins that give you back control over what you visit. The most important of these are AdBlock Plus and NoScript. Also, see if there is a way to block third-party cookies (I hope they are disabled in any new version of Firefox). If not, find a plug-in that does that.

If you want to see the headers being sent, a plug-in called Http-Headers shows them (among a few other plug-ins, such as HttpFox, Web Developer, etc.). It doesn't hurt to be curious. You will see that for any resource asked, the info is sent - even for images and style sheets. This is why images are traditionally used for ads. For browsers that already try to understand HTML5 (Firefox alas), disable the use of "<a ping>" (you need NoScript for this). HTML5 will give the ad trackers even more ways to track the users.

About security: as long as you don't click on the ads and do not install anything dubious, I think you should be OK. Even "respectable" advertisers are not that bad that they hijack your computer. Off course, the really bad advertisers do try this, but usually through downloads (possibly offered through spam e-mails). I have see several machines go mad, firing up Internet Explorer to just click on ads automatically (probably to sell the hits). These machines all ran Windows XP, but really the brand of PC user is more important than the OS. Don't click on funnies in your mail.

If you want to know more on website security, I can recommend a book "Innocent Code" by Sverre Huseby (see http://innocentcode.thathost.com/ ).