Since the launch of version 4.7x, the Netscape Browser has been equipped with the "SmartDownload" feature as an option which is either automatically installed during the download of the Browser or as a plugin. If installed, SmartDownload is started every time the user downloads a file from the web. It opens a new dialog box in which the download is carried out and also displays a banner ad.
SmartDownload offers the advantage of not having to initiate a complete retransfer of files after the connection has been terminated abnormally. The routine continues the download, starting at the last valid data packet.
Behind the scenes, however, the routine transmits a series of data to the Netscape server without informing the user on this process.
The editors of tecChannel.de used the analysis tool "Sniffer" by Network Associates in order to monitor such a "SmartDownload" operation. Sniffer is capable of storing the individual data packets sent via an Internet connection on the local drive, thus recording exactly what data is transmitted.
Shortly after the download has started, SmartDownload sends a packet to the "cgi.netscape.com" server. This packet includes a reference to the server from which the file is downloaded, the file name and the user's IP address. If the user had logged on to the "Netcenter" Netscape page before, his e-mail address is also transferred. A large number of Netscape users are registered with Netcenter since this registration renders it particularly easy to install new versions of the Netscape software. In addition, information on the computer name used in the local network and the operating system used is transmitted to AOL/Netscape.
Search queries are transmitted
Not only does Netscape log who downloads what files from the Internet, the search feature of the Netscape Browser even takes the whole story one step further. So here Netscape even records how surfers have searched for interesting offers - and what they were looking for in the web.
The "Search" button of the Netscape Browser hides a mechanism that is similar to the one employed by "SmartDownload". As soon as the user clicks this button, a Netscape web page with a search screen is displayed. Anything users enter in this search screen is automatically fed by Netscape not only to several search engines but also to Netscape's own operations.
The same mechanism we already know from SmartDownload is used to send a data packet to "cgi.netscape.com" in conjunction with the search request. As the Sniffer has shown here, too, this data packet does not only include the search words but also the user's e-mail address.
The combination of logging the downloads and spying on users' search requests turns users into transparent surfers under the eye of the Netscape Browser for good: whatever users are looking for in the web, whatever files users ultimately download to their own computers - it is all eagerly recorded by Netscape.
The fact that the "Smart Browsing" feature, which is also allocated a button of its own in the "What's related" Netscape dialog box, produces the same side effects merely rounds off the picture. However, users can at least switch off this feature via the "Edit/Preferences" menu.
Invitation for spam
Netscape's snooping activities turn into a particularly sensitive issue when downloads and search queries can be allocated to e-mail addresses. In many corporate networks, one only needs to use the "finger" command to identify a person's real name in no time at all. But even the combination of e-mail address and knowledge of what a specific surfer is interested in alone will suffice to turn this data into material that greatly appeals to advertising companies. The latter might then start their mass mailshots (what is generally referred to as spam), thus spoiling a surfer's day. And surfers will not even know how these companies managed to get hold of their data. Read up on how to protect yourselves against spam in general in a report provided by tecChannel. The feature is currently only available in German - please bear with us.
But at least the transmission of your e-mail address is something the Netscape Browser can be cured of. According to what we've learnt so far, the Netscape Browser will only transmit this piece of information if the user has logged on to Netscape's Netcenter.
In the process, the Netcenter stores a so-called "cookie" in the form of a text file on the user's local drive. For years, this procedure has sparked controversial discussions but there's hardly been any avoiding it so far. Web sites may for example make it easier for surfers to log on to a protected section if the browser in question sends the cookie that has already been stored on the surfer's disk to the corresponding site during a later visit to this very web site.
Netscape's Netcenter, however, uses the cookie improperly. The data stored in the cookie, among other things the user's e-mail address, are sent to Netscape with every SmartDownload and every search query initiated via the "Search" button in conjunction with information on the actions taken by the surfer in question.
Frankly, this is unnecessary. Information as to what file has been transferred and where it was downloaded may be easily filed away on the local disk. There is no need to store it on the Netscape server without even informing the user about it. After all, the Netscape Browser also stores other browser data, such as what sites the user visited last, on the user's local disk in the files named "prefs.js" and "liprefs.js" among others. And this is where the download logs belong, too.
Solutions: delete the cookie, uninstall SmartDownload
Since this combined information on downloads, search queries and e-mail address works on the basis of the Netcenter cookie, this cookie should be deleted. Switching off cookies altogether will only result in complaints from a large number of web pages since they use cookies in a sensible manner.
The Netscape Browser stores all cookies in a file called "cookies.txt", which can be modified with any text editor. One cookie always takes up at least one entire line.
If you delete the lines that include "netscape.com" in this file, the nosy Netscape cookie crumbles - and it remains switched off at least until you log on to Netcenter again. Then you will have to delete the cookie once more.
However, this will not switch off the transmission of file names and search queries to Netscape altogether. We recommend to start downloads by right-clicking on the file and clicking on "Save Link as" to those of you who would like to continue using the Netscape Browser. This will prevent the SmartDownload feature from starting. Initiate any search queries directly with the search engines and avoid using the "Search" button provided by the Browser.
If you want to get rid of SmartDownload completely, you may uninstall it through the Windows control panel using the button "Software". The browser, however, has no menu options for that feature as to turn it off temporarily. One should keep in mind that once SmartDownload is uninstalled, the "Search" button still transfers data to Netscape without asking. To date, we have found no way to prevent the browser from doing so.
Anonymizers do not help here
As our tests have shown, even the use of an anonymizing service will not protect you against Netscape nosing around. The most important information comes from the Netcenter cookie. So when you use one of the anonymizers, Netscape will also receive information on whether or not you use such services.
Read up in a tecChannel report on details about how anonymizing services work and how you can use them in a sensible manner. This feature is currently only available in German - please bear with us.
Conclusion
The functions we discovered in the Netscape Browser constitute a severe intrusion upon a surfer's privacy, which is scarce anyhow. But this is even worse since users are not warned against this intrusion when starting the aforementioned features.
One may only guess what Netscape uses the transferred data for. However, the information collected, i.e. "user A is interested in B and downloads the corresponding files from server C", in conjunction with the e-mail and IP addresses provides an almost complete profile of the surfer in question. In addition to the notorious spammers, any marketing company should be interested in having access to this data - not to mention government agencies. Incidentally, in November 1998 Netscape was acquired by AOL, the largest on-line service and Internet service provider in the world. Even record labels may want to lay their hands on the data Netscape collects, as downloading illegal MP3 files from the Web is getting more and more popular.
The day we discovered the aforementioned functions, we were not able to have the company comment on them since Netscape is no longer represented in Germany. We can only hope that such snooping activities will come to an end with the Netscape Browser's open source version 6.0, which is still being developed. (jlu/nie)
(Translation by Isolde Gassner. This story is (c) 2000 by IDG Interactive GmbH. All rights reserved.)