Google wants to eject ad injectors

A study conducted in partnership with University of California Berkeley, reveals that one in 20 PCs accessing a Google-owned website is running potentially risky ad-injecting software.

The analysis of over 100 million page views found that ad injectors were installed on both Windows PCs and Macs and that they had infiltrated the Chrome, Firefox and Internet Explorer web browsers. What's more, of those computers running an ad injector, 50% were running two, and nearly one-third had four or more.

An ad injector is an extension that comes to life when a PC is logged on to the web. It replaces the advertising that would usually be displayed on a webpage in the browser with different ads that the ad injector's creator wants you to see instead. Depending on what that ad is, the extension can be benign or malicious.

Their use has received a healthy dose of attention in recent weeks thanks to the outcry surrounding Superfish, an ad injector that Lenovo preinstalled on a number of its PCs.

As Google software engineer Nav Jagpal, puts it: 'Injectors are yet another symptom of 'unwanted software' -- programs that are deceptive, difficult to remove, secretly bundled with other downloads, and have other bad qualities.'

For instance, rather than serving up ads, they could serve up malware. Over one third of the ad injectors running on the Chrome browser examined as part of the study were identified as outright malware.

'In broader terms, the question of just who ultimately controls the information presented to users is of great and increasing importance -- it's one of the most vital issues the digital world faces,' UC Berkeley EECS professor Vern Paxson said in a statement about the research. 'Ad injection undermines the integrity of user interactions and surreptitiously inserts control separate from either of the communicating parties.'

Google and UC Berkeley will present the full findings of their research in May but have chosen to publish some headline facts this week to raise awareness and to motivate other companies to act on the issue.

For instance, as a direct result of the study, Google has disabled 192 extensions for the Chrome browser which it estimates affected over 14 million users. However, it doesn't have the same levels of absolute control over other companies' web browsers or bundled software.