Varying strengths of venom
Through its research, the company has identified about five different types of Web bugs, Wang said. The simplest, most discussed bug is a small, clear GIF that works with cookies to send information to third parties about a visitor's online travels.
Other more malicious forms of Web bugs are "executable bugs," which can install a file onto people's hard drives to collect information whenever they are online. For example, one such bug can scan a person's machine to send information on every document that contains the word "financial."
Perhaps the most nefarious bugs are "script-based executable bugs that can go out and take any document from your computer" without notice, said Wang, who warned of programs that can track live, private recordings through Webcams or voice recorders hooked up to computers.
Other script-based bugs also execute files, but they're not installed on a person's PC. They can simply try to control the person's computer from its server, as well as track the consumer's travels on the Web from behind the scenes. An example of this can be found on a popular entertainment site, PassThisOn.com, which launches multiple browser windows when a person tries to exit the site.
While the Web Bug Report shines a light on the tags, most consumers "won't care" about it, said Thomas Reinke, director of technology for Security Space, which plans to publish the report monthly. But "it's important to understand how much information one or two organisations can get about Web traffic and user preferences as a whole," he said.
Security Space, a 5-year-old security and Internet tracking company, scans more than 100,000 active Web sites, or nearly 4 percent of total Web sites, to find the bugs. A so-called crawler automatically visits home pages and all links one level down.
It measures a site based on its "authoritativeness on the Web" or by how many sites are linked to it. For example, if Yahoo has 100,000 links to its site, it is weighted heavier than a site with only a hundred links to it.
DoubleClick registers as the top site that uses Web bugs with the highest-trafficked sites. The ad network uses roughly 535 Web bugs on third-party sites, compared with 326 from Weather.com and 306 from Netscape.com, according to another report that tracks the pure number of bugs issued by a company.
DoubleClick representatives could not be reached for comment.
"If you start collecting that information and correlate that information back to users...then you start being able to potentially abuse that information," said Reinke, who added that his company will start to sell such reports in the future.
"What if, as an ad company, you knew that a household was going to Web sites about firearms and bomb-making? What's the responsibility of that advertiser holding that information? Should they have to turn that over to law enforcement?" Reinke pondered.
Correct me if i'm wrong but upon loading the story, a small pop-up window appeared and disappeared. I think it was one of yours.
I find it amusing considering the context of the story. I didn't ask for that window, so why pump it at me?