Home   
 Bookmarklets
       WinClean  
    Alexa    
    Google    Google-Cookie
    KaZaA    
    Tools    
    Links    
        
Is Alexa spyware?
www.iMilly.com
 

Well, no ... probably not.  At least not if you haven't deliberately installed some of their software.

But Lavasoft's Ad-Aware  identifies a standard registry key included with Internet Explorer as "Data Miner" spyware, with little or no further explanation, and offers to delete it. I hope this page offers a better explanation, and other alternatives to deletion. Spybot identifies it too, with more explanation, and they have a smarter strategy to deal with it (more below).

The issue is the 'Related Links' feature of IE (pre-XP SP2) which appears as the 'Tools'/'Show Related Links' menu item (and a corresponding toolbar button if you added it from the 'Customize...' link on the toolbar). If you use that feature, IE will contact the Alexa servers, via MSN, to obtain information about other web pages which seem to be related, open an Explorer Bar, and display those (plus adverts and whatnot).  Go check the Alexa web site to see if you think that is a good idea (and, just to be clear, I think it's a very sucky idea), or just to double-check that you haven't deliberately or unintentionally or absent-mindedly installed some of their software.

And due to a bug in IE (versions prior to IE6 on XP SP2), you might even transmit (potentially sensitive) URL information if you reload pages long after you close the Explorer Bar, about (even secure HTTPS/SSL) pages for which you didn't request Related Links. More details at Note 5.

But if you don't use that menu or button, Alexa will not hear from you and no spying will take place.

Just to be clear, this feature is 'spyware', if you use it. If you do so, you will be sending information to MSN and Alexa obtained by spying, because there is nowhere that Microsoft adequately discloses and documents that privacy 'leak'. Sure, Alexa have some information on it, and a pretty clear privacy policy, but you don't get to know of Alexa's involvement until after you use the feature, and even then you have to hunt for it, and even then no mention is made of MSN's interstitial involvement. Don't blame Alexa though - it's Microsoft's responsibility to provide their users with complete and truthful disclosure - and they haven't.

But if you don't use it, it won't be spying on you behind your back, and you may sleep soundly. Here are some options :-

 - You can let Ad-Aware delete it, with no harm done (though if you later repair, or patch or upgrade IE, it may get re-established).
 
 - You can ignore the alert and leave it be, with no harm done.
 
 - You can fiddle with it so that it just doesn't work (so that even if you, or someone else using your PC, accidentally tries it, it won't contact Alexa).
 
 - Or you can fiddle with it so that it uses Google to find related links, instead of Alexa.  See the instructions and security warning below
 Here's the skinny . . .
The existing Alexa/Show Related Links gubbins is just a registry key [#1], creating a menu item [#2], pointing to a local web page [#3], pointing to an MSN search page [#4], which redirects to the Alexa web site[#5]. All that is 'installed' on your PC is that HTML page [#3], which uses MSN and Alexa, but only if you use it.
 
[#1]  HKLM\Software\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}

[#2]  Within IE, see Tools / 'Show Related Links'

[#3]  C:\Windows\Web\related.htm   (for Win9X and XP it's there. Other O/S's may be slightly different).

[#4]  http://related.msn.com/related.asp?url=

[#5] http://xslt.alexa.com/data?cli=16&url=

Open 'Related.htm' in Notepad to see what it does, if you like.  Or try, say, this link . . .
http://related.msn.com/related.asp?url=imilly.com
If you don't use the 'Show Related Links' menu links, and if you haven't installed any extra Alexa stuff [#6] then you are NOT in danger of it spying on you.
[#6]  Maybe from Microsoft Internet Explorer Web Accessories)
So, what to do about it?

You can download my Related.zip and follow the easy instructions to either subvert, block or restore the feature.

Or to do it manually ...

If you don't want 'Related Links', and/or don't want anyone else using your PC from inadvertently contacting MSN/Alexa, you could just let Ad-aware delete it for you. Or you could fiddle with it so that it doesn't work, by just editing the line in your own copy of 'Related.htm' (by opening it in Notepad) to one of these :-

from . . .

RelatedServiceURL="http://related.msn.com/related.asp?url=";

to . . .
RelatedServiceURL="http://no_way_no_how.org/=";

or simply . . .

RelatedServiceURL="http://127.0.0.1";
Or if you do want 'Related Links' (but see Note re security implications), you could . . .
 - Install the  Google toolbar  which has that option (if you're happy to interact with Google ).
 
 - Or just do 'related' searches in this format . . . http://www.google.com/search?q=related:www.imilly.com
 
 - Or hit the "Similar pages" link shown on all Google search results.
 
 - Or you could just edit the line in your own copy of 'Related.htm' . . .

from . . .

RelatedServiceURL="http://related.msn.com/related.asp?url=";

to . . .

RelatedServiceURL="http://www.google.com/search?q=related:";
 
Notes
  1. If you later repair, or patch, or upgrade IE, it may get overwritten by a new 'Related.htm'. Apart from XP SP2, I think Service Patches and version upgrades tend to overwrite it, whilst normal or cumulative patches don't - but it's anyone's guess next time. If so you'll need to do this tweak again (or just save a tweaked copy, then put your version back after the upgrade).
     
  2. XP SP2 Update: But the whole feature was removed in the IE6 version in XP SP2 (did they fall out with Alexa, or decide that the security bug was more trouble than it's worth? Who knows). If you liked the feature, using either Google or Alexa, you can restore it (and gain a right-click menu item) by using this Related.zip (instructions included: just copy the included related.htm to your C:\Windows\Web\ folder, pick Google or Alexa, and double-click the included reg file). But note that the security flaw detailed here still exists, even in XP SP2 (in SP2, MS just removed the 'Related Links' menu item: if you put it back, the same 'page refresh' bug still happens). Only you can decide if that's important to you.
     
  3. You can choose any search engine or search function you like, of course. You might get some ideas from here (and you'll find appropriate URLs by looking within the Bookmarklets with Notepad.
     
  4. Spybot users. At the time of writing (check in case they've updated their procedure), if you select their "Alexa Related: What's related link (Replace file)" option from scan results window, Spybot will effectively overwrite the same line within 'Related.htm' with RelatedServiceURL="http://www.google.de/search?q="; Well, that's okay. But it asks Google only to search on the current URL, not for pages related to the current URL. You can manually change it as above if you prefer to keep the 'what's related' functionality, and of course you can change it from the German Google page to the main one, or indeed any localisation of your choosing.
     
  5. Secunia discovered a bug in IE which means that if you use the "Related Items" menu/button, then any time in the same IE session you happen to press Ctrl+R (only Ctrl+R, not F5 or right-click/refresh) to refresh a page (including 'secure' SSL-enabled pages), even if you've already closed the Explorer Bar, the current page's URL will be transmitted (in plain text, even for SSL pages) to MSN and Alexa (or to any replacement you've made yourself, e.g. to Google)!

    As Secunia point out: "The data transmitted to "msn.com" and "alexa.com" is the complete URL. In some cases this could contain sensitive information such as username, password, session id, search string, "secret paths", and more."

    Secunia's workaround (to block MSN and Alexa at your firewall or Hosts file etc) is good, if you don't normally need access to those sites. But changing Related.htm (instead or as well) is even better, because it still covers you if MS/MSN/Alexa quietly change servers in the future.  So you may wish to subvert Related.htm to use an invalid or loopback address, rather than even Google, as described here.
Milly

... the right to privacy and anonymity in the information age

    Home   
 Bookmarklets
       WinClean  
    Alexa    
    Google    Google-Cookie
    KaZaA    
    Tools    
    Links