privacy

Executives from major Internet players — Microsoft Corp., Google Inc. and Facebook Inc. — are due for a grilling about online privacy in a Senate committee Wednesday, but the company likely to get the most scrutiny is a small Silicon Valley startup called NebuAd Inc.

NebuAd has drawn fierce criticism from privacy advocates in recent weeks for working with Internet service providers to track the online behavior of their customers and then serve up targeted banner ads based on that behavior.

[…]

“This is analogous to AT&T listening to your phone calls all day in order to figure out what to sell you in the middle of dinner,” said Robert Topolski, a technology consultant to Public Knowledge and Free Press, two other public interest groups that have raised concerns about NebuAd.

[…]

Besides NebuAd, Wednesday’s hearing in the Senate Commerce Committee may also examine Facebook’s “Beacon” monitoring tool, which tracked online purchases made by Facebook members and sent alerts to their friends on the site.

Computer industry heavyweights are hustling to fix a flaw in the foundation of the Internet that would let hackers control traffic on the World Wide Web.

Major software and hardware makers worked in secret for months to create a software “patch” released on Tuesday to repair the problem, which is in the way computers are routed to web page addresses.

“It’s a very fundamental issue with how the entire addressing scheme of the Internet works,” Securosis analyst Rich Mogul said in a media conference call.

“You’d have the Internet, but it wouldn’t be the Internet you expect. (Hackers) would control everything.”

The flaw would be a boon for “phishing” cons that involve leading people to imitation web pages of businesses such as bank or credit card companies to trick them into disclosing account numbers, passwords and other information.

Attackers could use the vulnerability to route Internet users wherever they wanted no matter what website address is typed into a web browser.

[…]

On Tuesday the US Computer Emergency Readiness Team (CERT), a joint government-private sector security partnership, issued a warning to underscore the serious of so-called DNS “cache poisoning attacks” the vulnerability could allow.

[…]

“Consequently, web traffic, email, and other important network data can be redirected to systems under the attacker’s control.”

[…]

Automated updating should protect most personal computers. Microsoft released the fix in a software update package Tuesday.

[…]

Hackers using the vulnerability to attack company computer networks would also be able to capture email and other business data.

…Google Inc. hopes to orchestrate more fantasizing on the Web.

[…]

Google thinks Lively will encourage even more people to dive into alternate realities….

The Lively application already works on Facebook, one of the Web’s hottest hangouts, and Google is working on a version suitable for an even larger online social network, News Corp.’s MySpace.

[…]

Lively’s users will be able to sculpt an avatar that can be male, female or even a different species. An avatar can assume a new identity, change clothes or convey emotions with a few clicks of the mouse.

The service also enables users to create different digital dimensions to roam, from a coffeehouse to an exotic island. The settings can be decorated with a wide variety of furniture, including large-screen televisions that can be set up to play different clips from YouTube.com, Google’s video-sharing service.

Lively users can then invite their friends and family into their virtual realities, where they can chat, hug, cry, laugh and interact as if they were characters in a video game.

As a precaution, Google is requiring Lively’s users to be at least 13 years old — a constraint that hasn’t been enough to prevent young children from running into trouble on other social spots on the Web.