Norton patches firewall holes

Symantec Corp. has quietly modified its Norton Personal Firewall and Norton Internet Security 2000 products to block advertising programs that are sometimes dubbed “spyware.”

The programs, called adbots, fetch banner ads over the Internet, but they also transmit encrypted data about the user back to the advertising companies. This function has earned them the “spyware” label among privacy and security advocates.

Firewalls are designed, in part, to give you control and choice over what goes into and out of your system while connected to the Internet. However, Symantec did not notify customers that its software was allowing the adbot programs to get through the firewall, and many Norton customers complained.

More than 400 free software products have adbots incorporated into them for a fee, say adbot distribution companies. TSAdbot from Conducent Technologies Inc. can be found in PKZip and other programs. Ad technology from Radiate (formerly Aureate Media), is used in such popular products as Go!Zilla.

Adbot companies say they compile data only to track the effectiveness of ads and to deliver targeted solicitations. Although they claim not to collect personal information, the firms do not specify exactly what is gathered.

Conducent’s Web site describes its practices in a section called “Information Collected in Content Delivery.” There, it reports the company “collects non-personally identifiable information including your operating system type and IP address.” Radiate notes in its section on “Use of Unique Identifiers” that it “may use information such as browser type, operating system, and ISP, to both target advertisements as well as compile site demographics.”

Those actions alone are a concern for many people, and critics such as security guru Steve Gibson of Gibson Research wonder what else the programs may report.

“The adbots transmit encrypted data, so we have no way of knowing what more they may be doing, if anything,” Gibson said.

A number of Symantec customers complained about the company’s policy of allowing adbots through the firewall products, so Symantec decided to revise the software, according to Symantec representatives.

“Because there is customer concern about it, we wouldn’t be doing our customers any service by not alerting them,” said Brendon Woirhaye, quality assurance manager at Symantec.

Some Norton critics allege the company had a business relationship with Radiate and Conducent, but Symantec has never had any formal contact with either company, said Tom Powledge, a senior product manager for Symantec’s consumer products. He insists it is “absolutely not the case whatsoever” that Symantec had deals with the adbot makers.