Unwanted Linking

← Back to Stories (view on slashdot.org)

Posted by michael on Saturday March 24, 2001 @04:17AM from the somebody-needs-a-cluestick dept.

parvati writes: "The weekly "cyber law journal" column in the NYTimes examines a case in which the Better Business Bureau requested that a for-profit site not associated with the BBB remove links to it (the BBB). Although the BBB did not threaten a lawsuit, a spokesperson did mention that they were developing software to prevent unwanted hyperlinking (in the name of 'consumer confusion')." We resisted running this story when it first hit, because it seemed like just another case of lack-of-clue-itis at the BBB. But at least they're getting a clue about how to stop people from linking with technology rather than threats.

24 comments

Min score:

Reason:

Sort:

Prohibiting linking by mrbill · 2001-03-24 17:08 · Score: 2

You can deny access to a URL based on
*referrer*. I've done it before, when someone
I didnt like had links to some pages I had up.
Whenever someone clicked those links on their
pages, my site redirected them or gave them
a (selectable) error.

I believe its in the mod_referer stuff in
Apache; apache.org is down right now or
I'd give a URL. Anyways, its quite easy
to setup in Apache's config files.
1. Re:Prohibiting linking by fleener · 2001-03-25 23:11 · Score: 2
  
  Better yet, use extended SSIs to display a disclaimer in the page that will only be shown to users coming from the offending site. Anyone familiar with XSSI can do this (even non-programmers). At least this way your pages can still be used by the innocent ones in all of this (the users).
2. Re:Prohibiting linking by Robert+A.+Heinlein · 2001-03-25 02:16 · Score: 1
  
  You can deny access to a URL based on *referrer*.
  This is trivial to get around. You cannot trust anything sent by the client.
  Its like a bad flashback to those Matt Wright scripts from a few years ago - Insta-root, just add CGI!
Re:Understandable by acroyear · 2001-03-26 00:19 · Score: 2

Exactly -- the BBB is an organization that one is meant to trust. The BBB exists to praise companies with sound and fair (and honest publically, if not totally open) business practices, and as such, maintains a hit-list also of those that continually lie, deceive, perpetuate frauds, etc.
Having a link to the BBB is tantamount to trying to give the impression that your company is on the BBB's "praiseworthy list". If you are not on that list, you're piggybacking your company in quite an unethical fashion...which of course immediately puts you on their list of "deceptive" companies.
Getting rid of the link is really the better approach...from an ethical standpoint.
Of course, ethics can sometimes be something a company has little of...

--
"But remember, most lynch mobs aren't this nice." (H.Simpson)
-- Joe
Re:We already have software to prevent linking by merlyn · 2001-03-24 02:54 · Score: 3

Yes, I've had code to do this in Perl on my website since late 1997. It's really not that difficult.
--
- Randal L. Schwartz, Just another Perl hacker for Stonehenge
Re:We already have software to prevent linking by Kris_J · 2001-03-24 09:04 · Score: 4

But if every link to your site takes a visitor to the front door that's where most of them will stay. I don't wan to have to wade through who-knows how many levels of bad HTML just to find the one interesting bit of data my friend found the day before. You'd better hope that your in-site navigation is nothing less than superb.

--
Re:Understandable by Col.+Klink+(retired) · 2001-03-26 05:01 · Score: 2

If you've got the "referer", why not redirect links from "guys you don't like" to pages that describe what you don't like about them.

If a non-BBB member makes it look like they're a member of the BBB, any referred links should go NOT to the front page, but to a page that either says "they're not affiliated with us" or "here's what's wrong with the company you just visited". I think that would stop the unwanted linking faster than anything else.

--
-- Don't Tase me, bro!
Re:Can we get around this? by lizrd · 2001-03-26 00:48 · Score: 2

One thing that you can do is put this little bit of Javascript at the top of each page:
top.location.target="_top" if(window.location.target != "_top") { top.location.href=window.location.href }
This will break you out of anyone's frames which was the biggest problem that the BBB was complaining about in this case. Frankly, it's just not right to link to someone else's content within your framset to make it look like their content is your work.
_____________

--
I don't want free as in beer. I just want free beer.
Bookmarks by nuggz · 2001-03-26 05:51 · Score: 1

Yeah I love sites like that, so much that I try to link to the page with the information I care about.
Then it doesn't work, I silently swear at the moron who did it, and move on to a site that allows me to use it more conveniently.
Perhaps... by rakslice · 2001-03-24 17:14 · Score: 2

If you can overload the referrer information, and any other browser state, sure. I'm not sure if you can do this easily from javascript or java (which I presume you would want to use).
1. Re:Perhaps... by XO · 2001-03-25 02:15 · Score: 1
  
  My website is coded entirely in PHP.. even pages that really don't need it are PHP, just to keep everything in line with each other. Actually, since my topnavbar is PHP, i probably do need it everywhere now.. but..
  if($HTTP_REFERER == "blah.xyzzy.com") { Header("Location: /index.php"); }
  
  --
  "Champagne for my real friends - and real pain for my sham friends!" http://ericblade.postalboard.com/
Re:Understandable by CaptainZapp · 2001-03-26 15:51 · Score: 1

Anyway, I disagree with what you're saying. Using Greenpeace's logo without their permission is a trademark violation
That's questionable and probably has to be decided by the courts (sigh) eventually. I urge you to have a look at the Monsantos web site. An activists website which makes multiple use of the Monsanto trademark and has a site design which precisely resembles the Monsanto corporations old site. BTW: This is not a parody site.
Is it possible that Monsanto just doesn't care ? Given their history in litigation happyness it's not likely (but what do I know?). It's actually more likely that the activists can get away under some fair use doctrine.
Now, using a logo for a link is probably far less misleading then the example above.

--
ich bin der musikant
mit taschenrechner in der hand
kraftwerk
Re:Understandable by CaptainZapp · 2001-03-30 15:04 · Score: 1

As is obvious: Me neither. But I figured it's a nice analogy :>

--
ich bin der musikant
mit taschenrechner in der hand
kraftwerk
Understandable by CaptainZapp · 2001-03-25 17:15 · Score: 3

Although restricing linking (by definition of the web) is a stupid idea, organizations do have valid reasons to restrict linking.
For example: Greenpeace should be very weary about corporations that are in reality environmental pigs, but try to obsfucate this by displaying the Greenpeace logo and link to their site.
Same applies for Amnesty International. Should Amnesty accept links from a government site of a country that is known to literally stomp over human rights, just so they can abuse the organization for a bit of PR of their own ?
Deep linking is another issue and I can accept a site owners desire that you enter through their main page (portal if you wish).
All that said, it should not be up to courts or legisilators to regulate this. This should be handled by software. Other advantages could be to display selected pages to "abusive linkers".
Just imagine a page like:
Thank you for visiting greenpeace.org. You are visiting from http://www.dubia.com which intends to use our site and organization for some cheap propaganda.
We would like to inform you, that the current American government has turned back the wheel on environmental issues 30 years in just 3 month and we thought you should be aware of that.
Armed with that knowledge: Wlecome to greenpeace.org

With such a scheme in place cheap PR tricks could be the equivalent of aiming a double barreled shotgun at your feet while pulling both triggers.

--
ich bin der musikant
mit taschenrechner in der hand
kraftwerk
1. Re:Understandable by pixel_bc · 2001-03-26 13:19 · Score: 1
  
  Thank you for visiting greenpeace.org. You are visiting from http://www.dubia.com which intends to use our site and organization for some cheap propaganda.
  I think that would be great - the ability to access someone's TRUE position or opinion will cause more responsibility in what people claim to be the truth, won't it?
2. Re:Understandable by CyberDawg · 2001-03-26 02:10 · Score: 2
  
  Greenpeace should be very weary about corporations that are in reality environmental pigs, but try to obsfucate this by displaying the Greenpeace logo and link to their site.
  
  I presume you mean they should be "wary," although maybe they're just tired of it <grin>. Anyway, I disagree with what you're saying. Using Greenpeace's logo without their permission is a trademark violation, and it's against the law. That's very different than a link. If I disagree with an article on the Web, why shouldn't I be able to say, "I think this article is a pile of hooey" (including a link to the article I don't like)?
  
  I strongly feel that if information is placed on the web for public consumption (no login required), then anyone should be able to link to it from anywhere, as long as they're not claiming ownership of it. Heck, I encourage it! That's what the Web is all about! People keep asking you how to become a hacker? Link 'em here! You want people visiting your Web site to be able to learn about closed captioning? Link 'em here! Visitors looking for information about Scratch 'n Sniff Macintoshes? Link 'em here!
3. Re:Understandable by webmaestro · 2001-03-31 04:16 · Score: 1
  
  Actually, in my experience many over-under shotguns do in fact only have one trigger, but many side-side shotguns do have two triggers.
4. Re:Understandable by geekgal+emem · 2001-03-30 00:23 · Score: 1
  
  That might be called... Javascript.
  I don't understand anyone not wanting to be linked by a site. I can just see it now: "Dear Ms. kEwLiEz GrRl, Webmistress of 'Ashley's Kewl Site'. We here at Abercrombie and Fitch would like to request that you remove your link to us as it damages our reputation as a highly respected and classy clothing manufacturer."
  Eek!
  
  --
  he was a zither-player and not a man
5. Re:Understandable by Doofus+Brandon · 2001-03-30 06:15 · Score: 1
  
  ...cheap PR tricks could be the equivalent of aiming a double barreled shotgun at your feet while pulling both triggers.
  
  I'm not a real expert on guns or any kind of weapons as I am under eighteen, but it's my understanding that double-barreled shotgun only has one trigger. My memory could fail me though. I like the rest of the post though....
  
  --
  -Brandon
We already have software to prevent linking by satch89450 · 2001-03-24 00:59 · Score: 4

I'm sorry, but I'm surprised that no one has already pointed out the obvious: if you don't want linking, there are several methods of preventing linking.

I am writing an active-server Web site using PHP (nothing special about PHP, it could be as easily done in PERL or C or, I suspect, Visual Basic) that does not carry state information in the URL. No state information in the URL, no deep linking or even "shallow" linking. Any link goes to the "front door".

When I first heard about the BBB demanding that people bring down links, I was under the impression that the BBB didn't want any links to their site at all. The example that was cited in the report, though, did deep linking into the BBB side, but did it in such a manner that there could be some confusion about the association between the site in question and the BBB.

A footnote: not all links are "bad" in the eyes of the BBB. If you are a member of the Better Business Bureau, you are allowed to have a link from your Web site to the BBB in the context of "we support the principles of the BBB" or some such.
1. Re:We already have software to prevent linking by neilg · 2001-03-24 17:56 · Score: 2
  
  Using the technique described it is possible to provide a link with state information in the URL and bypass the front page.
  In order to avoid this the user's state in the current session must also be stored on the server. If the state provided in the URL and the state stored on the server are different then go to the front page. Otherwise go to the requested page. This way, when entering the site from a link, there is no state information for that user on the server, and the user is directed to the front page.
  This technique can be applied in other situations, e.g. in order processing to ensure the user follows a sequence of pages in the correct order.
2. Re:We already have software to prevent linking by GigsVT · 2001-03-24 16:17 · Score: 2
  
  I think the best way to deal with this is on a case by case level. Mine your web server logs for referrer URLs, and when it appears that someone is linking to you that shouldn't be, then block them on a ip address basis, through the web server.
  -
  
  --
  I've had enough abrasive sigs. Kittens are cute and fuzzy.
Confusing? by NineNine · 2001-03-25 13:17 · Score: 1

It's not confusing. If someone is pulling out the info into frames, then it's easy to jsut write Javascript to break out of them. Otherwise, check the referrer. Generally, the more links to your website from anywhere, the better off you are. Generally, the whole idea behind being on the web is providing as much info to as many people as possible.
Re:It works for most people though by Robert+A.+Heinlein · 2001-03-26 21:13 · Score: 1

Actually, I was thinking of a server side pass-through cgi proxying the request.
Capture the client request header, change as appropriate, send new request to server, get response, send response to client.
If you have netcat, socket, netpipes, etc. this can be done in a shell script. With the LWP perl module it can be done in a couple lines of non-obfuscated perl.