Skip to main content

NebuAd hits the news - for all the wrong reasons

It looks like a new online advertising firm - NebuAd - has upset the industry with its new ad format.

According to newswire reports, the company pays ISPs to monitor traffic generated in response to its ads.

But, say the newswires, the ad code doesn't just record data traffic, but actually injects fake packets into responses from other Web sites in order to deliver cookies to users.

Two US advocacy groups - Free Press and Public Knowledge - have released a technical report on the adverts this week.

NebuAd hit the headlines recently when Charter Communications, apparently the fourth largest ISP in the US (huh? -Ed), agreed to test the technology, which it says will give users more closely targeted ads.

In the ensuing furore, NebuAd has admitted that its system boxes - installed on ISP's servers - deep search user's IP packets as they flow across the Internet and extract URLs plus search terms in order

to work out what the user is interested in.

Free Press and Public Knowledge found out, however, that when a user visits Yahoo or Google, NebuAd occasionally fakes an additional packet of data that appears to be the last part of the downloaded Google Web page.

The extra packet apparently includes NebuAd-written JavaScript that directs users' browsers to a NebuAd-owned domain named, where the company drops tracking cookies from other domains and companies on the user's computer.

These can then be used later to deliver customised ads based on an analysis of where people have gone on the Web or what search terms they have used.

This is, as you might imagine, complex stuff, but some people are saying that NebuAd may have overstepped the mark with its pro-active advertising. You can read more on the Wired Web portal here...