Slashdot Mirror

Actually this reminds me of those Direct Revenue assholes who hijacked Windows desktops to display ads: http://www.benedelman.org/spyw.... Bottom line is that regardless of copyright or DMCA issues, when ads are actively injected into anything people should always get pissed.

Ah yes, I remember Direct Revenue well. http://www.benedelman.org/news/040706-1.html

Joshua Abram, Daniel Kaufman, Alan Murray, and Rodney Hook. What a lovely set of turds.

what is the difference between what Bing did and what google does?

http://www.benedelman.org/news/012610-1.html

Run the Google Toolbar, and it’s strikingly easy to activate “Enhanced Features” -- transmitting to Google the full URL of every page-view, including searches at competing search engines.

http://www.pcworld.com/article/187670/Google_Toolbar_Tracks_You_Even_After_Being_Disabled.html

Let me rephrase what happened in reality: A google employee noticed that the bing toolbar reports search terms back to bing -- just like the google toolbar does.. and Google decided score some easy points, and make Bing look like a copycat.

• dodgy deals in Kenya
• search neutrality issues on several occasions (i.e. favouring own products)
• WiFi sniffing was first an unintentional mistake, then a single individual action, then the supervisors knew about it ...
• circumventing Safari privacy protection ...

So, while I do not like simple comparisons like "is Google the new Microsoft?", they have their share of morality issues like most large corporations...

First, a drive-by download is not a malware category. It's an attack type. Viruses, trojans, worms can all be spread by a drive-by download, though trojans are the most common these days; spywares were the first to use it heavily, however.

Second, from your own link, drive-by downloads can be "downloads which a person authorized but without understanding the consequences". I remeber the term first being used to describe ActiveX and elevation of Java applets, both which require user interaction. See this, from 2004, using the term in this way:
http://www.benedelman.org/news/112904-1.html

If you check the Wikipedia's page history, you will see it was created with this very definition, too.

In other words, if you call something a "drive-by download" it does not necessarily mean that the user played no part in the attack.

Do you even read your own links? Neither of those is talking about search quality whatsoever.

From Rhode Island U.S. Attorney Peter Neronha, as quoted in the Wall Street Journal "Google admitted wrongdoing in the high-profile settlement, although executives repeatedly testified before Congress that they had 'rigorous' controls to weed out the illegal ads from Canadian pharmacies aimed at U.S. consumers, the Journal reported. Neronha told the Journal those efforts were 'window dressing.'"

Yes, that's an ad quality issue. Since Google started putting ads above search results, in the same column, the distinction between the two is not that great. Especially when the ad results, the places results, and the in-house Google results combine to push the organic results below the fold and unlikely to be clicked. Prof. Eidelman's note "Remedies for Search Bias" has more to say on this.

This will be a big boost to "purchaseplusone.com", "googleplus1supply.com", "buyrealplusone.com" (a Google advertiser, no less) and "plusonehero.com", "buyplusoneservice.com", "buygoogleplus1.net", "buyplusonenow.com", and "plusonesbuilder.com". It will be even easier for them to acquire Google accounts and create "+1" value for their customers.

Social is bad for search, and search is bad for social. As soon as a social service provides a boost to search ranking, it gets spammed. Heavily. This has happened to Google Places., Yelp, Citysearch (really bad there), Twitter (this is why your Twitter feeds are full of spam links), Facebook "likes", and now Google +1. From a spammer perspective, social spamming is easy and cheap. Setting up a link farm requires web sites, unique content, and ongoing site maintenance. Social spam just requires phony free accounts. The social services host your spam for you, for free.

Presumably the smart people at Google have figured this out by now, but they've been told that 2011 employee bonuses depends on Google's success at social. So, from a Google employee perspective, sacrificing search quality for social features makes sense. Google top management got paranoid about Facebook, which is about 1/5 the size of Google and peaked a few months back. (Social networks grow and die like nightclubs, which have a limited lifetime of coolness. Remember AOL, Geocities, Friendster, Orkut, Yahoo 360, Myspace...)

Google search quality efforts are mostly "window dressing", as the U.S. Attorney for Rhode Island put it in his statement about Google's non-prosecution agreement. When ad revenue conflicts with search quality, ad revenue wins. Prof. Ben Eidelman of the Harvard Business School has analyzed this in detail.

Schmidt is insistent that Google has the right to know who their users are. On the other hand, Google doesn't do proper due diligence on their customers, the ones who buy ads. That just cost them a $500 million fine to the Department of Justice for running phony pharmaceutical ads. (Those supposed "Canadian pharmacies" often aren't real pharmacies at all, and many are not in Canada. DOJ went after Google because an investigation into some Mexican drug dealer was also running an offshore pharmacy.)

Because of Google's "we don't care who you are" policy about advertisers, Google has become the advertising system for a wide range of scams: typosquatting, adware, ads for free stuff that's not free, ads for counterfeit software, and mortgage modification scams. Prof. Benjamin Edelman at the Harvard Business School estimates that Google makes about $25 million a year from ads for spyware and adware, about $6 million a year from ads for "credit repair" scams, and about $100 million a year by allowing competing trademarks as search keywords (that last is being litigated.)

Most of those scams depend on advertiser anonymity. Business aren't entitled to privacy. Even in the European Union, which has privacy rights for individuals, businesses don't get that right. The European Directive on Electronic Commerce is very clear about that. Google has the right to demand proof of business identity from advertisers, and to demand that the advertiser disclose the actual name and address from which the business is conducted on their web site. Google doesn't do this, which makes Google the scammer's friend, and in some cases, as they just discovered expensively, an accomplice to criminal activity.

Google claimed to the DOJ that they cleaned up their act on drug ads. Let's see. Search for "no prescription diet pills". See a Google ad for "Phentremine 37.5 mg HCL - As low as $30. Free Shipping. www.phentreminediet.com No subscriptions, or hidden cost.". There it is, right at the top of the page, in prime position, a drug ad run by Google. This is a fake drug scam site. It's a form of drug typosquatting; the real drug is spelled "phentermine". The site has a Google Checkout seal (which may be fake) and a BBBonline seal (which is fake). Yet Google is running that ad.

Prof. Edelman says it better than I can: "I have long doubted Google's claims of innocence. For one, Google has an obvious incentive to allow deceptive and unlawful ads: each extra ad means extra revenue -- an ad in lieu of white space, or an extra competitor encouraging other advertisers to bid that much higher. Furthermore, unlawful and deceptive ads have been widespread; I found dozens in just a few hours of work. Meanwhile, it's hard to reconcile Google's engineering strength -- capably indexing billions of pages and tabulating billions of links -- with the company's supposed inability to identify new advertisements mentioning or targeting a few dozen terms known to deceive consumers. From these facts, I could only suspect what the DOJ investigation now confirms: Unlawful ads persist at Google not just because advertisers seek to be listed, but also because Google intentionally lets them stay and even offers them special assistance."

Schmidt is insistent that Google has the right to know who their users are. On the other hand, Google doesn't do proper due diligence on their customers, the ones who buy ads. That just cost them a $500 million fine to the Department of Justice for running phony pharmaceutical ads. (Those supposed "Canadian pharmacies" often aren't real pharmacies at all, and many are not in Canada. DOJ went after Google because an investigation into some Mexican drug dealer was also running an offshore pharmacy.)

Because of Google's "we don't care who you are" policy about advertisers, Google has become the advertising system for a wide range of scams: typosquatting, adware, ads for free stuff that's not free, ads for counterfeit software, and mortgage modification scams. Prof. Benjamin Edelman at the Harvard Business School estimates that Google makes about $25 million a year from ads for spyware and adware, about $6 million a year from ads for "credit repair" scams, and about $100 million a year by allowing competing trademarks as search keywords (that last is being litigated.)

Most of those scams depend on advertiser anonymity. Business aren't entitled to privacy. Even in the European Union, which has privacy rights for individuals, businesses don't get that right. The European Directive on Electronic Commerce is very clear about that. Google has the right to demand proof of business identity from advertisers, and to demand that the advertiser disclose the actual name and address from which the business is conducted on their web site. Google doesn't do this, which makes Google the scammer's friend, and in some cases, as they just discovered expensively, an accomplice to criminal activity.

Google claimed to the DOJ that they cleaned up their act on drug ads. Let's see. Search for "no prescription diet pills". See a Google ad for "Phentremine 37.5 mg HCL - As low as $30. Free Shipping. www.phentreminediet.com No subscriptions, or hidden cost.". There it is, right at the top of the page, in prime position, a drug ad run by Google. This is a fake drug scam site. It's a form of drug typosquatting; the real drug is spelled "phentermine". The site has a Google Checkout seal (which may be fake) and a BBBonline seal (which is fake). Yet Google is running that ad.

Prof. Edelman says it better than I can: "I have long doubted Google's claims of innocence. For one, Google has an obvious incentive to allow deceptive and unlawful ads: each extra ad means extra revenue -- an ad in lieu of white space, or an extra competitor encouraging other advertisers to bid that much higher. Furthermore, unlawful and deceptive ads have been widespread; I found dozens in just a few hours of work. Meanwhile, it's hard to reconcile Google's engineering strength -- capably indexing billions of pages and tabulating billions of links -- with the company's supposed inability to identify new advertisements mentioning or targeting a few dozen terms known to deceive consumers. From these facts, I could only suspect what the DOJ investigation now confirms: Unlawful ads persist at Google not just because advertisers seek to be listed, but also because Google intentionally lets them stay and even offers them special assistance."

Schmidt is insistent that Google has the right to know who their users are. On the other hand, Google doesn't do proper due diligence on their customers, the ones who buy ads. That just cost them a $500 million fine to the Department of Justice for running phony pharmaceutical ads. (Those supposed "Canadian pharmacies" often aren't real pharmacies at all, and many are not in Canada. DOJ went after Google because an investigation into some Mexican drug dealer was also running an offshore pharmacy.)

Because of Google's "we don't care who you are" policy about advertisers, Google has become the advertising system for a wide range of scams: typosquatting, adware, ads for free stuff that's not free, ads for counterfeit software, and mortgage modification scams. Prof. Benjamin Edelman at the Harvard Business School estimates that Google makes about $25 million a year from ads for spyware and adware, about $6 million a year from ads for "credit repair" scams, and about $100 million a year by allowing competing trademarks as search keywords (that last is being litigated.)

Most of those scams depend on advertiser anonymity. Business aren't entitled to privacy. Even in the European Union, which has privacy rights for individuals, businesses don't get that right. The European Directive on Electronic Commerce is very clear about that. Google has the right to demand proof of business identity from advertisers, and to demand that the advertiser disclose the actual name and address from which the business is conducted on their web site. Google doesn't do this, which makes Google the scammer's friend, and in some cases, as they just discovered expensively, an accomplice to criminal activity.

Google claimed to the DOJ that they cleaned up their act on drug ads. Let's see. Search for "no prescription diet pills". See a Google ad for "Phentremine 37.5 mg HCL - As low as $30. Free Shipping. www.phentreminediet.com No subscriptions, or hidden cost.". There it is, right at the top of the page, in prime position, a drug ad run by Google. This is a fake drug scam site. It's a form of drug typosquatting; the real drug is spelled "phentermine". The site has a Google Checkout seal (which may be fake) and a BBBonline seal (which is fake). Yet Google is running that ad.

Prof. Edelman says it better than I can: "I have long doubted Google's claims of innocence. For one, Google has an obvious incentive to allow deceptive and unlawful ads: each extra ad means extra revenue -- an ad in lieu of white space, or an extra competitor encouraging other advertisers to bid that much higher. Furthermore, unlawful and deceptive ads have been widespread; I found dozens in just a few hours of work. Meanwhile, it's hard to reconcile Google's engineering strength -- capably indexing billions of pages and tabulating billions of links -- with the company's supposed inability to identify new advertisements mentioning or targeting a few dozen terms known to deceive consumers. From these facts, I could only suspect what the DOJ investigation now confirms: Unlawful ads persist at Google not just because advertisers seek to be listed, but also because Google intentionally lets them stay and even offers them special assistance."

all kinds of dirty tricks on competitors

Did you read Edelman's bio? The guy is a paid whore:

• Ben's consulting practice focuses on preventing and detecting online fraud (especially advertising fraud). Representative clients include the ACLU, AOL, the City of Los Angeles, the National Association of Broadcasters, Microsoft, the National Football League, the New York Times, Universal Music Group, the Washington Post, and Wells Fargo.

Wait, we are talking about the same Google whose former CEO said "If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place"

Thanks for assuming that I'm a Fox News-watching idiot and intentionally leaving out the remainder of his quote: "but if you really need that kind of privacy, the reality is that search engines including Google do retain this information for some time, and it’s important to remember, for example, that we are all subject in the United States to the Patriot Act. It is possible that that information could be made available to the authorities."

CSEs

Foundem had appeared to be mimicing an affiliate spammer (note: which Foundem later corrected). Foundem's story is little more than a moron's outrage over his own incomprehension, expecting others to capitulate when the failures are his own making. The disappointing fact at the time was that Bing & Yahoo hadn't been penalizing Foundem, naively believing it to be an authentic site, as mentioned in the earlier link:

• "The last word on this goes to Ciaran Norris, who says: “I have to wonder whether the fact that Foundem apparently continues to rank well in Bing and Yahoo isn't in fact a perfect example of why those sites currently struggle to manage 10% market share between them.”"

unsuspecting WLAN owners

If Google wanted this data to begin with -- which doesn't align with their business model of negotiating and retaining information -- why would they be using a 5-minute-setup of Kismet dumped in total to an unencrypted and non-hidden drive? When large companies plan malicious deeds it's usually a lot more thought out.

The guys who have been tracking your every movement on the web through Analytics and their search engine for years

Great, you picked something we both agree on :). Analytics is reprehensible (tho quite easily blocked). I don't place the blame for it entirely on Google though -- even though they deserve the criticism for buying out DoubleClick -- but also on the website owners who endorse it. IMO the advertisement industry should be regulated, because unlike search engines, earning a monopoly by being better than the competition is a dangerous accomplishment. Computer users can't simply switch to an Analytics competitor.

all kinds of dirty tricks on competitors

Did you read Edelman's bio? The guy is a paid whore:

• Ben's consulting practice focuses on preventing and detecting online fraud (especially advertising fraud). Representative clients include the ACLU, AOL, the City of Los Angeles, the National Association of Broadcasters, Microsoft, the National Football League, the New York Times, Universal Music Group, the Washington Post, and Wells Fargo.

Wait, we are talking about the same Google whose former CEO said "If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place"

Thanks for assuming that I'm a Fox News-watching idiot and intentionally leaving out the remainder of his quote: "but if you really need that kind of privacy, the reality is that search engines including Google do retain this information for some time, and it’s important to remember, for example, that we are all subject in the United States to the Patriot Act. It is possible that that information could be made available to the authorities."

CSEs

Foundem had appeared to be mimicing an affiliate spammer (note: which Foundem later corrected). Foundem's story is little more than a moron's outrage over his own incomprehension, expecting others to capitulate when the failures are his own making. The disappointing fact at the time was that Bing & Yahoo hadn't been penalizing Foundem, naively believing it to be an authentic site, as mentioned in the earlier link:

• "The last word on this goes to Ciaran Norris, who says: “I have to wonder whether the fact that Foundem apparently continues to rank well in Bing and Yahoo isn't in fact a perfect example of why those sites currently struggle to manage 10% market share between them.”"

unsuspecting WLAN owners

If Google wanted this data to begin with -- which doesn't align with their business model of negotiating and retaining information -- why would they be using a 5-minute-setup of Kismet dumped in total to an unencrypted and non-hidden drive? When large companies plan malicious deeds it's usually a lot more thought out.

The guys who have been tracking your every movement on the web through Analytics and their search engine for years

Great, you picked something we both agree on :). Analytics is reprehensible (tho quite easily blocked). I don't place the blame for it entirely on Google though -- even though they deserve the criticism for buying out DoubleClick -- but also on the website owners who endorse it. IMO the advertisement industry should be regulated, because unlike search engines, earning a monopoly by being better than the competition is a dangerous accomplishment. Computer users can't simply switch to an Analytics competitor.

Wait, we are talking about the same Google whose former CEO said "If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place" and who have, among other things, been caught pulling all kinds of dirty tricks on competitors, trademark owners, CSEs, unsuspecting WLAN owners? The guys who have been tracking your every movement on the web through Analytics and their search engine for years and have departments full of people just working on novel ways of using all that data to their advantage and in particular not public (or your own) benefit?

Ben Edelman has done a truly exceptional job documenting the anti-trust issues involving Google's advertising.

NBC is not a monopoly, Google is. Google makes Microsoft's old monopoly look like a walk in the park. Google not only has the most used search engine but controls or has a majority chunk of the online advertising market flow through it (at least in the US, I'm sure there are exceptions on a country by country basis.) Additionally they now have what is likely to be come the #1 mobile phone operating system and potentially what could become the #1 web browser.

People go to Google to look for stuff. Lets say your business advertises on Google (mine does), and Google wants to do the same thing as your business does. Thanks to either their existing infrastructure or that you are advertising on their platform they know everything about how your business gets traffic. With the wave of a magic wand all of those search keywords and display ad placements are now directly to Google's new competitive service. I have seen Google do this in multiple markets, including my own. How do you compete against Google? You can't. Virtually every user wanting something specific comes from search.

That is an incredibly powerful monopoly, much more so than Microsoft's was.

Areas Google has already used this to their advantage: Google News (vs multiple news sites), Google Finance (Yahoo Finance and others), Google Shopping (infinite shopping sites), Google Health (WebMD etc), Google Places (remember the whole Yelp review jacking thing), and so on.

Unlike Microsoft, Google is actually putting out exceptional products and I am very thankful for that. But, a monopoly is a monopoly, and if anti-competitive practices are involved (strongly likely) US law has something to say about that. Thus any disagreement with this issue lays with US law rather than Google or the FTC.

By the way, I strongly recommend what Ben Endelman has written about this subject. I would take a guess he figured this out first.

http://www.benedelman.org/searchbias/
http://www.benedelman.org/hardcoding/ (If I recall correctly Google was caught here telling lies)
http://www.benedelman.org/news/092810-1.html

Ben Edelman has done a truly exceptional job documenting the anti-trust issues involving Google's advertising.

NBC is not a monopoly, Google is. Google makes Microsoft's old monopoly look like a walk in the park. Google not only has the most used search engine but controls or has a majority chunk of the online advertising market flow through it (at least in the US, I'm sure there are exceptions on a country by country basis.) Additionally they now have what is likely to be come the #1 mobile phone operating system and potentially what could become the #1 web browser.

People go to Google to look for stuff. Lets say your business advertises on Google (mine does), and Google wants to do the same thing as your business does. Thanks to either their existing infrastructure or that you are advertising on their platform they know everything about how your business gets traffic. With the wave of a magic wand all of those search keywords and display ad placements are now directly to Google's new competitive service. I have seen Google do this in multiple markets, including my own. How do you compete against Google? You can't. Virtually every user wanting something specific comes from search.

That is an incredibly powerful monopoly, much more so than Microsoft's was.

Areas Google has already used this to their advantage: Google News (vs multiple news sites), Google Finance (Yahoo Finance and others), Google Shopping (infinite shopping sites), Google Health (WebMD etc), Google Places (remember the whole Yelp review jacking thing), and so on.

Unlike Microsoft, Google is actually putting out exceptional products and I am very thankful for that. But, a monopoly is a monopoly, and if anti-competitive practices are involved (strongly likely) US law has something to say about that. Thus any disagreement with this issue lays with US law rather than Google or the FTC.

By the way, I strongly recommend what Ben Endelman has written about this subject. I would take a guess he figured this out first.

http://www.benedelman.org/searchbias/
http://www.benedelman.org/hardcoding/ (If I recall correctly Google was caught here telling lies)
http://www.benedelman.org/news/092810-1.html

Ben Edelman has done a truly exceptional job documenting the anti-trust issues involving Google's advertising.

NBC is not a monopoly, Google is. Google makes Microsoft's old monopoly look like a walk in the park. Google not only has the most used search engine but controls or has a majority chunk of the online advertising market flow through it (at least in the US, I'm sure there are exceptions on a country by country basis.) Additionally they now have what is likely to be come the #1 mobile phone operating system and potentially what could become the #1 web browser.

People go to Google to look for stuff. Lets say your business advertises on Google (mine does), and Google wants to do the same thing as your business does. Thanks to either their existing infrastructure or that you are advertising on their platform they know everything about how your business gets traffic. With the wave of a magic wand all of those search keywords and display ad placements are now directly to Google's new competitive service. I have seen Google do this in multiple markets, including my own. How do you compete against Google? You can't. Virtually every user wanting something specific comes from search.

That is an incredibly powerful monopoly, much more so than Microsoft's was.

Areas Google has already used this to their advantage: Google News (vs multiple news sites), Google Finance (Yahoo Finance and others), Google Shopping (infinite shopping sites), Google Health (WebMD etc), Google Places (remember the whole Yelp review jacking thing), and so on.

Unlike Microsoft, Google is actually putting out exceptional products and I am very thankful for that. But, a monopoly is a monopoly, and if anti-competitive practices are involved (strongly likely) US law has something to say about that. Thus any disagreement with this issue lays with US law rather than Google or the FTC.

By the way, I strongly recommend what Ben Endelman has written about this subject. I would take a guess he figured this out first.

http://www.benedelman.org/searchbias/
http://www.benedelman.org/hardcoding/ (If I recall correctly Google was caught here telling lies)
http://www.benedelman.org/news/092810-1.html

Hard-Coded Bias in Google's "Algorithmic" Search Results

Benjamin Edelman is a troll.

More importantly he is a paid consultant for Microsoft.

And a paid techno-whore for affiliate marketing scum.

Benjamin Edelman is a troll.

More importantly he is a paid consultant for Microsoft.

That's mainly because companies like Direct Revenue were shut down. The founders, Alan Murray, Joshua Abram, Daniel Kaufman and Rodney Hook were let off with a slap on the wrist then slithered off into the night. But at least their illegal behavior was stopped.

Here's all the dirty details:
http://www.benedelman.org/news/040706-1.html

I'm not sure if you saw the portion of our article that develops the estimate and presents the methodology for the estimate. If not, that might be of interest.

As you say, it's hard to make a precise estimate. There are important pieces of data uniquely within Google's custody, and Google isn't talking. But in these circumstances, I do feel it's appropriate to make a good-faith estimate. If you think our numbers are in error, feel free to identify which specific numbers you think are off, in which direction, and for what reason. But realize that for every number you think is too high, there is likely to be another that might be too low. (We discuss some of these complications in the page linked above.) I don't think it's clear from first principles that our estimate is biased in one way or the other.

Google Toolbar Tracks Browsing Even After Users Choose "Disable" -

  http://www.benedelman.org/news/012610-1.html

fuck him and his company, (we) have spent thousands of hours removing his companies shit from our network
they target kids especially

http://www.benedelman.org/spyware/ask-toolbars/
http://www.google.com/search?q=iac+spyware

How many lawyers post on slashdot? I did work as an intellectual property professional (in Patents) for 5 years, FWIW.

The differences between the sibling posts example and yours of covering a TV screen versus the case in point is the commercial detriment of the copyright holder.

You've bought (or someone else has) the book you're ripping pages out of. The authors commercial interest is not harmed. If you were a bookshop owner and you carefully bawdlerised the book by excising various pages, you'd be in breach of the authors moral and commercial rights wrt the book - you've altered their work and affected it's commercial value (even if more people now buy it, it's not your call to make).

Similarly with the TV all financial elements are solved prior to your viewing of the screen whether that's payment of a subscription by you or pay-per-presentation by the advertiser.

In the case of the webpage the financial benefit accrued by the author is dependent on the presentation, or more usually the use of, the adverts he causes to be presented as part of his work. By only displaying the non-advertising part of the work you've altered it and caused a potential financial loss.

All that said, I have no problem with use of ABP / NoScript, I don't believe it is allowed under international copyright law however.

Reading:
Temple Journal of Science and Tech & Enviro Law Vol.XXIV page 483+, under review of Professor of Law Donald P Harris ( http://www.law.temple.edu/servlet/com.rnci.products.PublishNow.RetrieveSingleArticle?serv=templelawdb&db=templelaw&site=TempleLaw&sction=faculty_Harris_briefbio&article=1&part=2 )

pp485 ibid: "The court interpreted the Web site argument to suggest that 'any action by a computer user that produced a computer window or visual graphic that altered the screen appearance of Plaintiff's website,however slight, would require Plaintiff's permission.' "

ibid: "Because ad-blocking software makes a permanent change, it is analogous to Shaklee, and thus infringement. Other cases support this view. In WGN Continental Broadcasting Co. v. United Video, Inc., the Seventh Circuit noted that a copyright licensee who 'makes an unauthorized use of the underlying work by publishing it in a truncated version is an infringer - any unauthorized editing of the underlying work, ... would constitute an infringement of the copyright.'"

http://www.benedelman.org/spyware/#suits gives cases where Gator, in particular, were successfully sued for covering parts of a web page with their own popup adverts a related transformative derivative action that is also mentioned in the article above.

I don't use either one, but you're thinking of something else.

http://www.benedelman.org/spyware/p2p/

TrustE is more of an apologist than a regulator. TrustE stopped being serious about privacy in 1997, when they "simplified" their seal program. A TrustE seal doesn't mean that any standard has been met. All it means now is that the company claims to comply with their own privacy statement, whatever it says. That's it.

Even worse, a site with a TrustE seal is more likely to have badware than one without a seal.

TrustE has revoked only two certificates in its ten year history.

Actually, it's much more nepostistic and unsettling than that. The company who provides the tracking software, called comScore, is not new to spyware. http://www.benedelman.org/news/062907-1.html

The Sears VP responsible for this is a former VP of comScore. http://community.ca.com/blogs/securityadvisor/archive/2008/01/02/2nd-response-to-rob-harles-vp-of-sears-shc-community.aspx (last paragraph of the post).

Somethin' sure does smell funny round bouts here.

yeah we all know about Ask.com's privacy initatives

http://www.benedelman.org/spyware/ask-toolbars/
http://blogs.zdnet.com/Spyware/?p=858
http://www.benedelman.org/news/050205-1.html
http://vil.nai.com/vil/content/v_131461.htm
http://research.sunbelt-software.com/threatdisplay.aspx?threatid=14137
http://www.siteadvisor.com/sites/ask.com

and their seedy domains that target children

cursormania.com
funbuddyicons.com
funwebproducts.com
historyswatter.com
myfuncards.com
mymailnotifier.com
mymailstationery.com
mymailsignature.com
mymailstamp.com
mywebsearch.com
popswatter.com
popularscreensavers.com
smileycentral.com
zwinky.com

ask.com are nothing but lying, deceptive scumbags, they deserve every lawsuit and fine they get

yeah we all know about Ask.com's privacy initatives

http://www.benedelman.org/spyware/ask-toolbars/
http://blogs.zdnet.com/Spyware/?p=858
http://www.benedelman.org/news/050205-1.html
http://vil.nai.com/vil/content/v_131461.htm
http://research.sunbelt-software.com/threatdisplay.aspx?threatid=14137
http://www.siteadvisor.com/sites/ask.com

and their seedy domains that target children

cursormania.com
funbuddyicons.com
funwebproducts.com
historyswatter.com
myfuncards.com
mymailnotifier.com
mymailstationery.com
mymailsignature.com
mymailstamp.com
mywebsearch.com
popswatter.com
popularscreensavers.com
smileycentral.com
zwinky.com

ask.com are nothing but lying, deceptive scumbags, they deserve every lawsuit and fine they get

don't forget these "stats" come from Comscore who are the definition of a spyware company (they have tried rebranding as researchware , lol yeah right), any anti-virus worth its salt and every single anti-spyware app on the market would remove it and as most people (average joe) have them how can these stats be even trusted ?
perhaps they should say
every person infected with Comscore who is not running an antivirus or anti-spyware and running Windows....

It will be a long time before it comes to that. The FTC can't even assess a decent fine for clear violations of existing spyware laws. Think about it, these guys got off with a measly $1.5m fine total after pocketing $6m to $10m for each of the four partners (see Ben Edelman's site for the details). They're laughing all the way to the bank. So forget about the risks of prison. Quite the contrary, start a spyware company and rake in millions.

>users should not be allowed to install any software, not even a screen saver

I know what you mean, but the example isn't the best. Installing a free screensaver is not a safe experiment, and removing some spyware is harder than getting rid of crabgrass.

This is clearly a grave miscarriage of justice.

This case is so wrong on so many levels. Julie Amero is looking at 40 YEARS in prison. For a spyware infestation.

Every available piece of evidence known to the public indicates that that Ms. Amero is innocent of the charges.

The defense contends this was a case of spyware on the school machine -- a barrage of popups. And from what we know of the case, it certainly looks like it was (if you want to see what a porn spyware infestation actually looks like, Ben Edelman shows it here: http://www.benedelman.org/news/062206-1.html -- it's quite a real problem).

According to one article, "Computer expert W. Herbert Horner, who performed a forensic examination of the computer for the defense, said Amero may have been redirected to the sexually-oriented sites through a hairstyling site accessed from the computer. He said the site allowed spyware to be downloaded onto the computer which allowed the pop-ups."

The detective in the investigation "admitted there was no search made for adware, which can generate pop-up advertisements". It's incredible that they never even _checked_ for spyware.

The court actions of the case were flawed as well. For example, one source reports that the Trial Judge, Hillary Strackbein, "was seen falling asleep during proceedings and made comments to the jury that she wanted the case over by the end of the week. It was also reported that Judge Strackbein attempted to pressure the defense into an unwanted plea deal, in place of a trial. The defense attorney for Amero, moved for a mistrial shortly before closing arguments Friday, based on reports that jurors had discussed the case at a local restaurant."

Finally, note that the school didn't even have active content filtering in place (not that it would have probably made a difference).

The fact that there were pornographic images on the computer means nothing, because whenever a popup launches, the images in the popup are stored on the computer. The fact that the logs indicated that she "visited" the sites also means nothing, since when the porn popups come through, they get logged as well.

The fact that the machine was never scanned for spyware by the investigating authorities is outrageous. In fact, this alone should have resulted in the case being dismissed, as the defense found a major spyware infection by their expert forensic evidence.

Was justice done here? A bad spyware infestation can splatter a machine full of porn popups and it's more than a bit unnerving to think that a teacher could get hard prison time for something that was innocent.

I emphatically disagree. I've written plenty about security exploits, where users need not click "yes" (or anything else), nor need ActiveX, VBS, or any other such thing. Details.

In any event, the piece at issue in the original post considers many kinds of risks -- not just exploits, but also run-of-the-mill scams, like "free" ringtones that aren't. You may not regard such sites as "risky" or harmful, but there are plenty of others who do, because they don't like the prospect of being ripped off.

If other states have laws comparable to Washington's, or if a federal law is enacted, yes. From a quick glance at Ben Edelman's State Spyware Legislation page, it looks like most states have something, but a lack of consistency could gum up the use of out-of-state precedents.

...as there are countless examples of spyware companies sueing or threatening to sue anti-spyware vendors.

Ben Edelman here. I wrote the piece cited in the original post.

These Zango practices target all affiliate merchants, not just adult web sites. Earlier this morning I happened to see Match.com (a mainstream dating site) facing commission theft by Zango and a Zango advertiser. I document this kind of problem on an ongoing basis, and it remains remarkably widespread, even 2+ years after I first wrote about it.

I'm not here to criticize the adult industry or to defend it. But Zango's practices should rise or fall on their own merits. In my view, this is a scam -- asking a merchant to pay a commission to Zango or a Zango advertiser, when the user had already, independently reached the merchant's site. Much as some folks may not like adult sites, they ought not be defrauded by spyware or spyware-using affiliates.

The person you're probably thinking of is Ben Edelman. A couple videos are here and here. Pretty interesting stuff.

The person you're probably thinking of is Ben Edelman. A couple videos are here and here. Pretty interesting stuff.

The person you're probably thinking of is Ben Edelman. A couple videos are here and here. Pretty interesting stuff.

Ask Jeeves and Spyware

Ben Edelman analysis of Ask Jeeves practices

so they dont need banner ads on their site because they are already on numerous surfers machines natively

screw Ask.com

DAEMON Tools is currently being developed and distributed by DAEMON's Home and is free for non-commercial purposes. Version 4 of DAEMON Tools is bundled with WhenU software, which is spyware.

Actually, I imagine the advertisers are more pissed off that they're paying twice for the same click.

A comment above contained a link to How Yahoo Funds Spyware. A relevant quote:

Search for "computer repair" at any major search engine, and Claria adds a popunder giving Yahoo Overture ads for that same term. Sponsored link popunders also target specific web sites. Visiting Dell often yields a Claria popunder of Yahoo Overture ads for "computer." Claria's provision of Yahoo Overture sponsored links raises clear questions of business benefit for affected advertisers. In the second screenshot at right, the user was already at the Dell.com site. (Indeed, Dell might have just paid several dollars to reach that user, via a pay-per-click ad at Yahoo, Google, or elsewhere.) Claria's popunder risks drawing the user's attention away from Dell -- but if the user then clicks on the prominent Dell ad in Claria's Overture listing, Dell has to pay again for the same user who was already at the Dell site. Why pay Yahoo and Claria to get the user back, when it was they who took the user from Dell in the first place?

Similar practices are not difficult to imagine in the context of typosquatting, and while Claria might be effectively defunct now, but rest assured that plenty of others have risen to fill the gap.

Ben Edelman has a breakdown on how Yahoo fund spyware

this is just the tip of the iceberg, Google, Ask Jeeves, MySpace, MyWay,iWon, the list of million dollar companies built from and profiting from these seedy practices goes on, its about time somebody gets the smackdown either in court or via other methods

Wouldn't it be far more daredevil-ish to use a browser that ISN'T Firefox???

They said "daredevil", not "suicidal". Using IE is just like going mountain-climbing with a bit of packaging string from 1800s instead of a really good rope.

If you use Firefox, you can go to all sorts of dangerous places and the only worry you have is that your computer is broadcasting it's IP address. While if you try to use IE to do these tricks, you die.

Any questions?

=)

I looked on Business Week's site to see how to submit a letter to the editor, but I couldn't find it. Does anyone know how to do it? I really think we all need to write them and tell them that their article was completely worthless and confusing and then direct them to benedelman.org (http://www.benedelman.org/news/040406-1.html).

PPC advertisers (i.e. SmartBargains)
->Yahoo Overture
-->Ditto.com
--->Nbcsearch
---->180solutions

Smartbargains buys ads from Yahoo(Overture). Smartbargains expects customers to click on their ads and pay Yahoo for each click.
Yahoo distributes their ads through Ditto because Ditto appears to be a legitimate publisher and Yahoo wants to increase their traffic.
Ditto pays Nbcsearch. toolbar?
Nbcsearch pays 180Solutions. toolbar?

In this example I'm not sure if Nbcsearch has their own toolbar or 180solutions licenses their toolbar to Nbcsearch on a per click basis. Here's a PDF on the situation: http://www.benedelman.org/presentations/nyu-2006.p df

If I understand correctly, a user with this spyware installed will see an ad. The spyware will register seeing the ad as a click. Ad networks get paid and the advertiser, footing the bill for everyone else, gets nothing.

(I've paid for ads from zango/180solutions/metrics direct before with success however I hate their business. The traffic can convert so it's appealing. I also used to work at an ad network with 180solutions as one of their major publishers. Not only was 180solutions elusive when being probed for fraud, management ignored the issue because killing spyware hurts revenues...crazy industry)

I wrote the original article at issue: The Spyware - Click-Fraud Connection -- and Yahoo's Role Revisited. I tried to be as clear as possible -- complete with diagrams of what I observed.

Your four points above give an almost-complete statement of what happened, in one of my click fraud examples. Revising your points a bit to finish the story:

1. An Overture advertiser takes out an advert with Yahoo!
2. Yahoo! passes the ad to its partner Ditto
3. Ditto passes the ad to its partner NBCSearch (nothing to do with the TV channel)
4. NBCSearch passed it on to 180solutions.

This "passing on" was all in a way that told Yahoo, falsely, that a click had occurred. So the advertiser ultimately ended up paying for a click that never actually happened.

What's the big deal?

1. The advertiser got cheated. The advertiser paid for a click, but no click happened.

2. The spyware vendor got paid. Spyware comes from big companies, with real expenses. They need money to pay their bills -- their programmers, their installation partners, etc. If they couldn't find revenue sources, they'd disappear.

This article seems to have been written around Ben Edelman's recent research about Yahoo ad fraud. Why not link to the original instead of BusinessWeek? Ben's pages don't have the popunder or other ads that BW offers, but most would consider that to be a blessing.

see Ben Edelelmans site for a detailed description of how low Ask Jeeves can go

at least Google is "safe" and have a product that works, ask.com is just a million dollar domain squatter