US internet providers hijacking users' search queries

Editorial: "Hijacking web searches for cash threatens net success"

Update: Since the practice of redirecting users' searches was first exposed by New Scientist last week, we have learned that all the ISPs involved have now called a halt to the practice. They continue to intercept some queries – those from Bing and Yahoo – but are passing the searches on to the relevant search engine rather than redirecting them.

Original story posted on 4 August 2011

Searches made by millions of internet users are being hijacked and redirected by some internet service providers in the US. Patents filed by Paxfire, the company involved in the hijacking, suggest that it may be part of a larger plan to allow ISPs to generate revenue by tracking the sites their customers visit. It may also be illegal.

Reese Richman, a New York law firm that specialises in consumer protection lawsuits, today filed a class action against one of the ISPs and Paxfire, which researchers believe provided the equipment used to hijack and redirect the searches. The suit, filed together with Milberg, another New York firm, alleges that the process violated numerous statutes, including wiretapping laws.

The hijacking seems to target searches for certain well-known brand names only. Users entering the term "apple" into their browser's search bar, for example, would normally get a page of results from their search engine of choice. The ISPs involved in the scheme intercept such requests before they reach a search engine, however. They pass the search to an online marketing company, which directs the user straight to Apple's online retail website.

More than 10 ISPs in the US, which together have several million subscribers, are redirecting queries in this way (see below for a complete list). None of the companies would comment on the redirection scheme, but evidence collected by Christian Kreibich and Nicholas Weaver at the International Computer Science Institute in Berkeley, California, who discovered the redirection and have been monitoring it for several months, suggest that the process generates revenue for the ISPs.

The Berkeley team has identified 165 search terms, from "apple" and "dell" to "safeway" and "bloomingdales", that are passed to marketing companies and then redirected to the appropriate retail website. The marketing companies include organisations like Commission Junction, a Santa Barbara, California, a firm that retailers pay to supply traffic to their websites.

Organisations that provide Commission Junction with traffic, which may include Paxfire and the ISPs the Berkeley team monitored, receive a cut of any purchase their users make. The cut is typically around 3 per cent. Commission Junction said that it was investigating the behaviour identified by the Berkeley researchers.
Buy, buy, buy

The process is highly contentious. A user who searched for "apple" would easily have found the company's store via a search engine, so Apple may be needlessly sharing revenue with Commission Junction and the ISPs. Search engines are also being deprived of traffic intended for them. The ISPs are understood to have stopped redirecting Google search traffic after the company complained to them earlier this year. All the ISPs identified by the Berkeley team redirect some Bing and Yahoo searches.

The redirection can also produce unwanted results. A user wanting to read an article in The Wall Street Journal, for instance, might search for "wsj"; the redirection system would take them to a page offering subscription deals for the paper. Searches for "kindle" are sent to Amazon, the company that makes the e-book reader of that name. A normal search for the term provides links to Wikipedia, reviews of the device and links to Kindles for sale on eBay.

"This interception and alteration of search traffic is not just your average privacy problem," says Peter Eckersley at the Electronic Frontier Foundation, a San Francisco-based internet advocacy group that helped the Berkeley team investigate the ISPs. "This is a deep violation of users' trust and expectations about how the internet is supposed to function."

It is not the first time that the desire of ISPs to monitor and monetise the traffic they carry has led to controversy. In 2008, service providers in the UK suffered a backlash after it emerged that they were working with Phorm, a company that developed techniques for tracking the interests and activities of internet users. Advertisers and publishers already track users' browsing, but ISPs are in a particularly powerful position because they can observe almost everything we do online. Many users complained about Phorm's data collection, prompting several ISPs to sever links with the company.
Paxfire connection

In this case, examination of the redirected traffic has led the Berkeley team to believe that the service is provided by Paxfire. The firm, based in Sterling, Virginia, has provided advertising services to ISPs since it was founded in 2003. As well as using Paxfire to redirect specific queries, the ISPs pass many, or perhaps all, searches on Google, Bing and Yahoo through Paxfire servers – a process that places Paxfire in a similar position to Phorm.

Paxfire executives did not reply to New Scientist's multiple requests for comment, but the patents that Paxfire has been awarded, as well as others it has applied for, provide hints of its plans. In March, for example, company CEO Alan Sullivan applied for a patent for a system that would allow ISPs to create a "database of information about particular users" based on the searches and website visits observed by the service provider. The patent says that ISPs could use the information to display relevant advertising.

Paxfire is named in the lawsuit filed by Reese Richman and Milberg, alongside RCN, based in Herndon, Virginia, one of the ISPs identified by the Berkeley team. The suit, which was filed in the district court for the southern district of New York, claims that the two companies violated privacy safeguards enshrined in the Wiretap Act, a 1968 law that regulates electronic communications.

Want to check whether your ISP is monitoring your searches? Try running this tool developed by the Berkeley researchers.
Shielding searches from prying eyes

Feel uneasy about the possibility of your internet search provider keeping tabs on your searches? A simple fix is at hand. Last year, Google launched a service that encrypts its search traffic, including the search term itself. To turn this encryption on, just use "https" instead of "http" at the beginning of the address that you have bookmarked for Google.

If you're a Firefox user and want to use encrypted communication on other sites, including Wikipedia, Twitter and Facebook, consider installing the HTTPS Everywhere extension developed by the Electronic Frontier Foundation. The extension automatically turns on encryption for around 1000 sites that offer it.
List of ISPs that are redirecting some search queries

Cavalier
Cincinnati Bell
Cogent
Frontier
Hughes
IBBS
Insight Broadband
Megapath
Paetec
RCN
Wide Open West
XO Communication

Charter and Iowa Telecom were observed to be redirecting search terms, but have since ceased doing so. Iowa Telecom stopped its redirection between July and September 2010, and Charter stopped in March 2011.

Crowdsourced online learning gives robots human skills

TWO robots named Rosie and James are making pancakes. It's a tough task that requires coordination, planning and a fine touch with a spatula. Midway through the process, Rosie slides the spatula under the half-cooked cake, lifts the pancake from the heat and carefully flips it over. The crowd breaks into cheers.

Rosie and James aren't quite the accomplished cooks they appear to be, however. As far as robots go, they are as flexible as they come, but they move haltingly, and their complex routine is the result of painstakingly crafted software instructions. Give Rosie and James a different recipe, for example, and their performance would suffer.

It's an age-old problem in robotics, but one that might just have a solution. Roboticists traditionally go to great lengths to coax automatons to perform highly specialised tasks, like cooking crêpes. But now they are turning to the crowd for help in giving robots more general skills. By allowing people to pilot real or simulated robots over the internet in trial experiments, they hope to recreate the fast and flexible behaviour that comes effortlessly to humans. "Crowdsourcing is a really viable path toward getting robots to do things that are useful for people," says Chad Jenkins, a robotics researcher at Brown University in Providence, Rhode Island.

The idea is inspired by successes in other areas of artificial intelligence. For example, online translation systems are trained on pairs of documents that have been translated by humans. By comparing translations with originals, the software learns how to translate words and phrases between different languages.

A similar approach could lead to better human-robot interactions, says Sonia Chernova at Worcester Polytechnic Institute in Massachusetts. To collect information on teamwork, social interaction and communication, she and colleagues created Mars Escape, an online game in which two people each control an avatar, one human and one robot, and work together to rescue objects from a doomed Martian research lab. After Mars Escape went online last year, Chernova logged the dialogue and action from over 550 sessions of the game.

The researchers first had to throw out unusual records, like dialogue between players who traded obscenities rather than working together. Then they looked for common patterns in the data, such as methods that players frequently used to retrieve objects, and phrases they exchanged when doing so. By having software watch how people tackled the game, the software learned how to work with a human. The technique could also find a use in the games industry (see "Build a better baddie").

The real test came last January, when Chernova and colleagues mocked up a real-life version of the Martian lab at the Museum of Science in Boston. Visitors were paired with a robot powered by software based on the Mars Escape data. The results were encouraging, Chernova and colleagues say in a paper to be presented next week at the International Symposium on Robot and Human Interactive Communication in Atlanta, Georgia. Sixteen out of 18 visitors worked with the robot to complete the game and most said the robot behaved rationally and contributed to their success.

Jenkins had similar success with a proof-of-principle experiment. Last year, he wired up a wheeled robot for online access and invited people to guide it through a simple maze. Over 270 people took up the challenge. He used the data they generated to build a navigation algorithm that allowed the robot to complete a maze it had not seen before.

His next experiment is more ambitious. His lab has a state-of-the-art PR2 - the same class of robot as James - that it plans to make available online. The robot will be placed in a kitchen and users will be invited to help it perform common tasks, like fetching objects from cupboards. The data they generate could help create better domestic robots, says Jenkins. The online interface will be demonstrated to researchers this August and should be available to the public by the end of the year.

The initial experiments have also flagged up some potential problems. Players in the real-life Mars Escape complained that the robot had poor communication skills, for example. This may be because the real robot often prompted different behaviour to its virtual version. For example, some visitors issued commands to move a specific distance. No players in the online game issued similar instructions, so the robot had no appropriate data to draw upon.

If such problems can be tackled, the technique has potential, says Jenkins. Many researchers focus on domestic tasks, but people in the outside world might prioritise other uses once they get control of robots. He draws an analogy with the early days of the internet: researchers built a data-sharing system and did not anticipate the emergence of Wikipedia and social networking. As for what those other uses are, Jenkins says we will have to wait: "If I had a good sense of other great applications, I would be doing them already."
Build a better baddie

In Jeff Orkin's vision of the future, gamers doing battle in zombie-filled shoot 'em ups will be helping to build richer virtual characters. Orkin worked in the game industry before moving to the Massachusetts Institute of Technology. His system crafts artificial characters by observing how humans play.

The system makes recordings of dialogue and action from games, which are annotated so the software knows what is happening at each point. Then virtual characters in other games can tap into the annotated data to simulate human-like behaviour. Slain by a sarcastic swordsman or glib goblin? Next time, you might have to blame Orkin.

Home-made drone to help phone and Wi-Fi hackers

visible to radar, a drone flies over a city, while a hacker uses it to attack the cellphone network, spy on the ground and monitor Wi-Fi networks. But this is no stolen military vehicle. It is a home-made drone built for just a few thousand dollars using parts legally bought on the internet.

This is the future of network hacking, as envisioned by security consultants Mike Tassey and Richard Perkins. They have now built such a drone to prove how easy it is.

Using commercially available parts, they built a plane called WASP that can be a moving base station for cellphone networks, a flying camera and a Wi-Fi "packet sniffer" – all at the same time. Everything was bought legally and building it did not require much engineering know-how, they say.

The drone's frame was bought for less than $300 on the internet. A GSM radio turned it into a mobile version of a cellphone tower, a video camera monitored the ground, while internet connectivity came from a USB dongle that can be bought in any electronics shop. The total cost of their drone was about $3800, says Tassey. The pair presented their work at the Black Hat Conference in Las Vegas last week.
Flying fake

Using the drone to attack a cellphone network would be as easy as flying while broadcasting the same signal as an ordinary cell tower, the pair say. Most cellphones are designed to latch on to the strongest available signal. If the local 3G or 4G network has a weaker signal than the one broadcast by the drone then the handset will default to GSM and can be tricked into latching onto the drone's antenna, using it as a base station.

In tests, Tassey and Perkins showed that the drone could then listen in, record phone calls and transmit the data over the internet.

But it's not all bad news. The pair say that a drone could run search patterns for lost hikers at a fraction of the cost of using a helicopter, for example.

Sex on the brain: What turns women on, mapped out

It's what women have been telling men for decades: stimulating the vagina is not the same as stimulating the clitoris. Now brain scan data has added weight to their argument.

The precise locations that correspond to the vagina, cervix and female nipples on the brain's sensory cortex have been mapped for the first time, proving that vaginal stimulation activates different brain regions to stimulation of the clitoris. The study also found a direct link between the nipples and the genitals, which may explain why some women can orgasm through nipple stimulation alone. The discoveries could ultimately help women who have suffered nerve damage in childbirth or disease.

The sensory cortex is a strip of brain tissue positioned roughly under where the band between a pair of headphones sits. Across it, neurons linked to different body parts exchange information about the sensory information feeding into them. This is often depicted as the "sensory homunculus", a distorted image of a man stretched across the brain, with his genitals lying next to his feet (click here). The size of the body's parts show how much of the brain is dedicated to processing the sensory information from each body part.

The diagram was first published in 1951 after experiments conducted during brain surgery performed while the patients were conscious: the surgeon electrically stimulated different regions of the patients' brains and the patients reported the parts of their bodies in which they felt sensation as a result. But all the subjects were men. Until recently, the position of female genitalia on the homunculus had only been guessed at.

This changed last year when a team led by Lars Michels at University Children's Hospital in Zurich, Switzerland, used functional magnetic resonance imaging to confirm that the position of the clitoris on the homunculus was in approximately the same position as the penis in men. Barry Komisaruk at Rutgers University in Newark, New Jersey, and his colleagues have now used the same method to map the position of the clitoris, vagina and cervix on the sensory cortex as women stimulated themselves.
There, there and there

"This is hard proof that there is a big difference between stimulating those different regions," says Stuart Brody of the University of the West of Scotland in Paisley, UK, one of the researchers in the study.

Some have argued that women who derive pleasure from vaginal stimulation do so because their clitoris is being indirectly stimulated, but the current findings contradict this. "They support the reports of women that they experience orgasm from various forms of stimulation," says Beverly Whipple, also of Rutgers University, who was not involved in the current study.
It's the nipples, stupid

Komisaruk also checked what happened when women's nipples were stimulated, and was surprised to find that in addition to the chest area of the cortex lighting up, the genital area was also activated. "When I tell my male neuroscientist colleagues about this, they say: 'Wow, that's an exception to the classical homunculus,'" he says. "But when I tell the women they say: 'Well, yeah?'" It may help explain why a lot of women claim that nipple stimulation is erotic, he adds.

The next step is to map what other areas of the brain light up in response to clitoral and vaginal stimulation. Komisaruk would also like to see what happens when the area that supposedly contains the G-spot is stimulated, as women in the current study just stimulated the front wall of the vagina generally.

The findings could also help women who have suffered nerve damage in childbirth or because of diseases like diabetes. Michels has preliminary evidence that stimulating the clitoral nerve can improve symptoms of urinary incontinence, but says a proper understanding of how the nerve maps to the brain is needed to translate this into effective treatment.

Meanwhile, Komisaruk says that nipple stimulation could enhance genital sensation in women with nerve damage. "It could be a supplement for experiencing orgasm," he says.

Audi Urban Concept (photos)

Audi Urban Concept (side)

After not-so-secretly releasing a prototype of its electric microcar into the urban wilds for testing, Audi decided to let out sketches of its Audi Urban Concept.

Photo credit: Audi

Read more: http://www.cnet.com/2300-10863_1-10008967.html#ixzz1UizPRdmz


Audi Urban Concept (roof and windows open)

lthough its doors appear to slide open like a minivan's, Audi's write-up of the design insists that passengers enter through the tailgate, which could be a good thing depending on your parking space.

Photo credit: Audi

Read more: http://www.cnet.com/2300-10863_1-10008967-2.html?s=0&o=10008967&tag=mncol;page#ixzz1UizofwvT

Audi Urban Concept (side)

Its 21-inch wheels are freestanding yet covered by protective plates with LED lights.

Photo credit: Audi

Read more: http://www.cnet.com/2300-10863_1-10008967-3.html?s=0&o=10008967&tag=mncol;page#ixzz1Uj077jmN


Audi Urban Concept (interior)

The drawing reveals that it's a 1+1 that seats two passengers in a staggered formation rather than side by side.

Photo credit: Audi

Read more: http://www.cnet.com/2300-10863_1-10008967-4.html?s=0&o=10008967&tag=mncol;page#ixzz1Uj0UdDlf


udi Urban Concept (interior)

The car's body is constructed using ultralightweight carbon fiber-reinforced polymer.

Photo credit: Audi

Read more: http://www.cnet.com/2300-10863_1-10008967-5.html?s=0&o=10008967&tag=mncol;page#ixzz1Uj0eEQcv


Audi Urban Concept (interior)

The vehicle is powered by Audi's e-tron electric power train.

Photo credit: Audi

Read more: http://www.cnet.com/2300-10863_1-10008967-6.html?s=0&o=10008967&tag=mncol;page#ixzz1Uj0qLhEv

New Technology Spotted at IDF

An incredible new technology: IBM’s combination screw driver, level, and flashlight

Powermat Wireless Battery Charger

If you’re tired of carrying around one charger per electronic toy, you’re in luck. The Powermat lets you charge your iPhone, Blackberry, Nintendo DS, and most other gadgets on the same mat. One mat, one plug.