February 28, 2011

Déjà Vu: ISP Hijacking Google (and Other) Pages for Ads Via DPI - "Deep Packet Interference"

Greetings. Regular readers may recall the considerable furor that was triggered a bit over three years ago, when I revealed and demonstrated that a Canadian ISP was testing Deep Packet Inspection (DPI) techniques to insert their own informational messages above the Google Home Page and other Web site pages.

At the time, I explained that the JavaScript method employed depended on the use of unencrypted (non-https:) connections, and I noted that it would be a simple step to full-blown ISP-based ad insertion (without the permission of the affected sites) via the same intrusive mechanism.

Now come reports that cable ISP Mediacom has pulled the trigger on this escalation, by actually inserting their own promotional ads above other sites' pages, such as Google in this example.

Starting from this point forward, I urge the use of the (apparently previously "uncoined") term "Deep Packet Interference" (conveniently also "DPI") for this sort of unacceptable chicanery.

Google now supports https: connections that block such behavior, but you do need to explicitly specify the "https://" URL prefix to enable the encrypted path when using Google Search (some other Google services use https: by default -- there are some complex technical issues involved in this area).

And perhaps Toward Pervasive Internet Encryption: Unshackling the Self-Signed Certificate now has some additional significance -- with the proviso that I now definitely believe that a variety of techniques other than traditional PKI certificate-based encryption systems are worthy of major consideration toward achieving the goal of pervasive crypto across all aspects of the Internet.

In the meantime, Mediacom's apparent commercial interference with the communications between Web sites and their users provides a red flag warning -- and a vivid example -- of the extreme level of packet tampering that some ISPs are apparently ready, willing, and able to deploy.


Posted by Lauren at 05:46 PM | Permalink
Twitter: @laurenweinstein
Google+: Lauren Weinstein

February 24, 2011

Swiss Officials Order Citizens to Wear Masks in Public - Ban Tourists Posting Photos on Web

BERNE (ZAP) -- In a bold move to demonstrate that the Swiss government is as serious about privacy for its citizens as it has historically been regarding the protection of illicit foreign assets in Swiss bank accounts, the head of the newly created Switzerland Federal Department of Facial Anonymity, Nicolas J. Biellmann, today issued a preliminary order requiring that all Swiss citizens wear "full head coverage" masks at all times when outside their homes or places of business within the borders of Switzerland.

This groundbreaking move, being enthusiastically supported by radical pro-privacy groups in Switzerland and around the world, comes on the heels of previous Swiss orders that search giant Google must obscure every single human face -- even if this must be done manually -- that appears in their "Street View" images, or else potentially terminate Street View services for Switzerland.

"Upon due reflection," said Biellmann, "we realized that Google Street View was only the tip of the iceberg. After all, Street View imagery is usually only updated after months or even years. But there are lots of other people out there taking photos of Swiss faces every day -- whom we must protect our citizens against as well."

The "mask order" comes in conjunction with other new regulations banning tourists in Switzerland from posting to the Internet any photos of Swiss citizens, even taken in public places and gatherings. Under this new law, any such photos that are subsequently posted to the Web, will bring about swift action by Swiss authorities. This may involve Web site shutdown orders, extradition of the tourist photographers back to Switzerland if they have already left the country, and in extreme cases the so-called Swiss "doomsday" option -- the remote and permanent shutdown of any and all cuckoo clocks associated with the photos' perpetrators.

At a press conference in downtown Berne today, reporters were provided with examples of the government-approved masks that would be required under the new order [editors, see attached photo DS0393-A3 below]. Officials noted that approved masks would be available in a wide range of styles, and would include characteristics of popular Swiss folk heroes, characters from major films, and even a variety of cute animals.

In answer to a reporter's question, Biellmann explained that approved masks would be constructed from special materials that are essentially transparent to government real-time surveillance closed-circuit television (CCTV) cameras. "We want to assure everyone that the government will still be able to track your every move via our CCTV systems. Our goal here is simply to make sure that firms like Google, and individual tourists, are blocked from citizen photography. You can be confident that law enforcement and other aspects of the government will have full access to your actual faces at all times, everywhere you go in public. Your ugliness will not be seen by anyone else," said Biellmann.

After a brief comment period, the new masking and anti-tourist photography regulations are expected to become law on April 1, 2011.

- - -


Update (February 25, 2011): Yes, except for the part about Switzerland demanding that Google obscure every single Swiss face in Street View -- even if it has to be done manually -- the rest of the story described in this posting is of course a satire. But you already knew that.

Posted by Lauren at 01:40 PM | Permalink
Twitter: @laurenweinstein
Google+: Lauren Weinstein

February 22, 2011

My "Internet Freedoms" Interview - Early Draft Transcript Available - (Coast To Coast AM)

Greetings. In response to many requests, I've now made available a very early draft transcript of my "Internet Freedoms" interview on Coast to Coast AM radio last week (see: Audio Available from My "Internet Freedoms" Discussion on "Coast to Coast AM" Last Night -- or below -- for the segment audio.

The transcript is definitely a rough draft at this point. Due to the show segment being mostly a broadcast of my phone call, audio quality prevented automated speech-to-text tools from being of more than very limited assistance in generating this first-pass draft.

I plowed through the show audio manually myself and transcription errors are sure to be present. Capitalization and punctuation in this draft are inconsistent (and largely missing for that matter).

As time becomes available I will further proof and clean up the draft, bumping the version number up with each iteration.

For now, I hope that this draft, even in its current crude form, is useful for those of you who have been asking for a textual version of the interview.

Your thoughts and questions are always welcome, of course. Thanks!


Posted by Lauren at 04:17 PM | Permalink
Twitter: @laurenweinstein
Google+: Lauren Weinstein

February 18, 2011

Audio Available from My "Internet Freedoms" Discussion on "Coast to Coast AM" Last Night

Blog Update (February 22, 2011): My "Internet Freedoms" Interview - Early Draft Transcript Available - (Coast To Coast AM)

Greetings. Due to the short notification (just the day before air) that I had on this occasion, I was only able to send out this related note ahead of time.

As always, I had a great time on the show. Host George Noory and I covered a range of "Internet Freedoms" topics, including COICA legislation, domain seizures, top level domains (TLDs), DNS, privacy, security, Internet shutdowns, and much more.

Also as usual, there were some great caller questions -- such as queries about subdomains and "OSI vs. TCP/IP" protocols! (I've been saying for years that it's a big mistake for anyone to underestimate the sophistication of talk radio audiences -- this is but one example of why!)

The show segment audio is available below and at:

Internet Freedoms - "Coast to Coast AM" - 2/17/11
(YouTube [Audio Only] / ~30 minutes)

Take care all.


Blog Update (February 22, 2011): My "Internet Freedoms" Interview - Early Draft Transcript Available - (Coast To Coast AM)

Posted by Lauren at 03:52 PM | Permalink
Twitter: @laurenweinstein
Google+: Lauren Weinstein

February 15, 2011

"The SEO Lament" - With Apologies to Gilbert and Sullivan

Greetings. The usually somewhat esoteric subject of search engine results rankings has been all over the news lately, and with it the often shady world of SEO - Search Engine Optimization.

It's easy to criticize sites that employ all manner of illicit means to try attain top Google results. But don't the owners of those sites deserve at least a tiny bit of sympathy?

No. They don't deserve any sympathy at all! But we can still consider the mournful melancholy of the "black hat" SEO user. And certainly there's no better way to do this than with our old friends Gilbert and Sullivan!

Indeed, it's been quite a while since my last foray into the melodic land of G&S, and I've never had a suitable opportunity to mangle The Mikado up to now. So without further ado, I'm pleased to present:

"The SEO Lament"

To the tune of "Titwillow" from The Mikado
With apologies to Gilbert and Sullivan

MP3 Audio Performance (~2 minutes, ~1.5 MB)

YouTube Performance (Audio Only)
[Also playable in embedded window under lyrics below]

- - -

"The SEO Lament"

To the tune of "Titwillow" from The Mikado
With apologies to Gilbert and Sullivan

Lyrics Copyright © 2011 Lauren Weinstein. All rights reserved.

Now I know that my products all really do suck.
But to score real high Google ranks takes more than luck.
So I paid a guy bundles,
To boost me up high.
He said it's a sure thing,
Please send cash and you'll fly!
But I'm still buried deep,
And I just don't know why ...

There's hidden text stuffing my site oh so full.
It is cloaked cleverly and trust me that's no bull!
I've got duplicate pages.
I'm buying paid links.
I've done everything right.
But my ranking still stinks.
It all seems so unfair.
Man, I need some stiff drinks.

The Google Search Quality team wrecked my plan.
Amit Singhal and Matt Cutts lost me as a fan.
But I'll keep trying tricks.
Maybe one will break through!
Otherwise I'd need quality content,
That's true.
Though I'd rather just keep paying for,
You-know-who ...

-- fini --

- - -

Note to Gilbert and Sullivan Purists: Yes, I do know that officially, "Titwillow" should be hyphenated between the first and second syllables. But given the state of Internet purity filters these days, I'd prefer to avoid triggering aggressive blocking by technologies that don't know the difference between a bird and a slang term for part of the anatomy. What a world ...


Posted by Lauren at 09:33 PM | Permalink
Twitter: @laurenweinstein
Google+: Lauren Weinstein

February 12, 2011

Jumping the Shark: New York Times' "Dirty Little Secrets of Search"

Blog Update (February 15, 2011): "The SEO Lament" - With Apologies to Gilbert and Sullivan

Greetings. The New York Times has just published a rather lengthy article about the apparent gaming of Google Search results by (or in some way for the benefit of) J.C. Penney.

Most of the article is the discussion of a campaign to "game" certain Google organic (natural) search results to Penny's benefit, and how Google has now specifically (and appropriately) cracked-down on this subterfuge.

However, the article begins to "jump the shark" -- that is, push beyond the realm of good sense -- when it explores the conspiracy theory that Google is engaging in what might be called purposeful "illicit comingling" of natural and paid search results in this case (and by extension in other cases).

This kind of assertion just drives me bats. Such accusations seem cut from the mold of the classic loaded query: "Answer yes or no, have you stopped beating your wife yet?"

If there's one thing that Google considers to be the "holy of holies" within the context of Search, it's the sanctity of their search algorithms and their firewall between organic and paid results.

Not only has Google asserted this innumerable times over the years in public, but also to me privately as well. Google's Matt Cutts, who heads the team responsible for weeding out "spammy" search results, is in my view a great guy faced with a herculean task. The fact that "black hat" SEO can contaminate Google Search results does not reasonably imply that Google is ignoring the problem, nor that they are complicit in any way.

Rather, it demonstrates the almost unimaginably immense scale and scope of search and the associated databases, and the ingenuity of those outside parties who would illicitly game those results to their own advantage. To a certain degree, it's like an enormous game of Whac-A-Mole, with Google trying diligently to "tune" the playing field over time to make it ever harder for evil moles to appear.

Conspiracy theories are very popular with Google's adversaries. Those same parties often suggest that Google is lying about their search results -- that they actually are allowing their organic results to be influenced by the paid advertising side of the business.

To accept this line of reasoning would require not only that one considers it conceivable that Google has directly lied to the press and regulators, but that various Googlers, including Matt, have lied directly to me.

I reject such "reasoning" completely. I know many of these folks well enough that I simply do not buy the concept that they're disseminating search results falsehoods.

What's more, whether you love Google or hate them, to assume a lie-based search results "conspiracy" on their part just doesn't make logical sense.

Think about it. Search results aren't secret! Which is logically more likely when manipulated results appear -- in this case allowing the New York Times to write their story? Possibility one: Black hat SEO manipulation of search results that Google didn't catch among the vast universe of entries. Possibility two: Google purposely allows manipulated results to appear, where they could be found by anyone and used to attack Google's integrity.

What possible logical upside could there be to the latter course, as compared with the stupendous downside potential of getting caught doing such a thing?

And why would Google even need to take such a risk in the first place? The company is enormously successfully across a range of vectors and measurements not only limited to search. Does it make even remote sense to imagine their risking so much through such publicly observable sophistry?

I don't buy it. It's not logical. It only could make sense in the context of a "bizarro" world view of wacky conspiracies -- the sort that claim little grey space aliens are stealing those missing socks from our clothes dryers.

Read my lips. Google is not perfect. The organization is composed of human beings -- flesh and blood just like you and me. The scope of search is such that it is impossible for Google to weed out every underhanded campaign from entities around the planet -- who will try just about anything to get an unfair advantage in search results.

That Google is not 100% effective in eliminating all such attacks is not a sign of conspiracy, rather it's a hallmark of humanity -- people in the process of evolving technology that has only even existed for the merest relative blink of time.

I understand the many people enjoy conspiracies, even though any conspiracy theory that you've ever heard of is among the least likely to be real! It's so much easier, perhaps comforting, to believe in underhanded, secret dealings than to accept the realities of imperfection amidst even the most idealistic of endeavors.

And to be sure, political sensibilities increasingly capitalize on these fears, leading to a radicalization of opinions, and a coarsening of discourse, that seem to create an ever expanding circle of yelling at each other, rather than contemplative and productive discussions.

There has yet to be any even remotely convincing representation from Google conspiracy fans -- or anyone else -- that Google is unfairly manipulating their natural search results. But you're free to believe whatever you wish, of course -- no matter how silly and illogical.

But would you do me a favor? If you ever think that you've found my missing socks on a UFO somewhere, please ask them to hold the starch next time.


Blog Update (February 15, 2011): "The SEO Lament" - With Apologies to Gilbert and Sullivan

Posted by Lauren at 01:05 PM | Permalink
Twitter: @laurenweinstein
Google+: Lauren Weinstein

February 09, 2011

One Little Word Explains Google vs. Bing "Search Theft" Debate

Greetings. With the claims and counter-claims now made, I believe we can now distill the Google vs. Bing saga of the "stolen search results" down to its essence, and emphasize in particular one simple little word that seems very much at the heart of the controversy.

Both the Bing and Google toolbars can, with certain options enabled, send users' URLs to their respective toolbar servers. Since the URLs associated with search engine queries will typically contain the users' search query terms, those searches can also be delivered to those servers.

Microsoft is particularly aggressive when it comes to their Bing toolbar. For example, required "step one" for participation in "Bing Rewards" is installation of their toolbar. And at installation time, Microsoft by default preselects the "Improve my experience" option -- which enables transmission of URLs to Microsoft. (Image of the Bing toolbar installation options defaults)

In contrast, the Google toolbar installation presents the user with an explicit choice dialogue that requires the user to select between enabling what Google calls "Enhanced Features" that transmit URLs -- or not enabling them. The "enable" choice is in bold text, but unlike in the Bing case, the user cannot click through without making an explicit choice regarding the sending of URLs. (Image of the Google toolbar installation dialogue)

Both Bing and Google offer additional information regarding the privacy implications of these choices at links provided on these dialogue pages. On balance, Google's procedure would clearly seem to increase the probability that a user will at least think a little bit about the issue of sending URLs -- before the toolbar is activated for first use. Quickly clicking through with URL transmission enabled -- without even really considering the implications one way or another -- seems significantly more likely with the Bing approach.

But let's assume for now that users of both the Google and Bing toolbars have enabled URL sending mode. What happens next?

At this stage, we move definitively beyond technology alone, and quite forcefully into the realm of that simple little word -- ethics.

Microsoft asserts forcefully that their use of Bing toolbar user URL data -- in particular Google searches -- for new URL discovery purposes is not stealing or copying, and that it's perfectly legitimate. There is no current indication that Microsoft plans to abandon this practice.

Google asserts that Microsoft's behavior in these regards is dishonest -- that it is essentially copying and stealing -- especially of unusual "long tail" search data that Google has worked very hard to find and process in the first place. In answer to my specific queries on this subject, Google has told me definitively that they do not use URL data collected by their own toolbar in such a manner. This is completely logical of course. It would be incredibly stupid for Google to so publicly complain about Microsoft engaging in a practice if Google was doing the same thing. And Google is not stupid.

So in the end, what we're faced with is not so much an issue of what it is possible to do with collected data, but rather a question of what one chooses to do with that data.

What we can do, vs. what we decide to actually do, is the sort of choice that runs throughout most aspects of our lives. It's the difference between an honest person and a cheat -- or a crook. It's the difference between a company you trust and one you distrust, not based only on what they say, but also based on how they actually behave.

It is, very much, a matter of ethics.

I'm not a lawyer. I'm not qualified to determine whether or not Microsoft's behavior with the Bing toolbar reasonably should subject them to either criminal prosecution or civil litigation.

But I do know cheating when I see it. We all do. We all saw it in school, and we've seen it in the business world as well. We were recently almost dragged into global depression by many highly-placed players in the financial community, who felt that whatever would make them wealthier was justifiable, regardless of how many other persons would be devastated in the process. That was an ethical failing of nearly epic proportions.

Microsoft's behavior with the Bing toolbar obviously does not rise to anywhere near the same level of ethical vacuity as that of those financial marauders. But on a basic level it has a very similar smell, a stink of "anything goes for a buck" cheating that still makes one a bit sick to the stomach.

Contrary to what some critics claim, all businesses are not devoid of ethics, and do not all take merely mercenary views of their customers and users.

Most businesses do want to make money -- indeed. But how they make that money, whether or not they understand and put into practice the age-old concept of "fair play" varies greatly from firm to firm, and is where the still relevant idea of ethics comes into sharp focus.

Microsoft's behavior with their Bing Toolbar, whether legal or not, fails that ethical test.

For that, we should be ashamed of them, but more importantly, they should be profoundly ashamed of themselves.


Posted by Lauren at 09:07 PM | Permalink
Twitter: @laurenweinstein
Google+: Lauren Weinstein

February 08, 2011

Catholic Church's "Confession App" Meets Film/TV Sci-Fi!

Greetings. With word that the Catholic Church has now endorsed a "confession app" for iPhones and related devices, two trains of thought immediately occur to me.

First to mind is the potential law enforcement bonanza whenever searching for Catholic criminals, especially in states like California where the California Supreme Court has recently granted authorities access to smartphones and other devices' contents without even needing a search warrant.

[Update: February 10, 2011: The Vatican has now effectively banned the app, stating that "under no circumstances is it possible to confess by iPhone." Their full wording suggests that Android and other platforms are also excluded. Priests the world over sigh in relief.]

On the lighter side, I'm also reminded of how film and television science fiction have approached the topic of "computerized religion" in their respective genres.

So, here are two very brief clips displaying views of how the future of religion might transpire. First, let's observe a scene from George Lucas' THX 1138 (1971). Then we'll view a more obscure clip, also from 40 years ago, from the very fine series The Name of the Game -- and the only sci-fi episode of the series, titled L.A. 2017 -- directed by a young Universal staffer named ... Steven Spielberg!

Robert Duvall stars in the first clip, Gene Barry and Sharon Farrell in the latter. Bonus info: A friend of mine had a speaking role in that TV episode.

Catholic Church's "Confession App" Meets Film/TV Sci-Fi!
[YouTube] (~2.5 minutes)


Posted by Lauren at 02:06 PM | Permalink
Twitter: @laurenweinstein
Google+: Lauren Weinstein

February 05, 2011

Using Google to Harass -- and the Continuing Google Customer Support Gap

Greetings. This particular story is not the most egregious case of a Google-related problem I've seen, nor am I mentioning it simply because it is now getting a great deal of publicity. But it is a good example of a class of Google-related issues that arrive at my inbox virtually ever single day.

Today we have an upset girlfriend who ultimately leveraged Google Images to post copies of her ex-boyfriend's (apparently copyrighted) professional headshot image, emblazoned with an array of harassing and embarrassing labels.

This may sound a bit humorous -- and some of the press have been sort of playing it that way, but cases of purposely using Google Search results to slander and harass, sometimes in ways that could be extremely dangerous, even potentially life threatening, are much more common than you might imagine -- people contact me routinely with such stories begging for help getting such results removed.

In the current case of the revengeful girlfriend, we see a typical failed attempt to deal with the situation directly with Google:

"My minor son's ex-girlfriend took a copyrighted picture of him (we own copyright) and uploaded it more than 60 times to a website. On each image she wrote slanderous, defamatory and pornographic captions. The webmaster of the site states he removed the images 6 weeks ago, but Google Search still shows all the images. My son is so stressed out and embarrassed and we've done everything we can to get images off of Google including URL removal tool, a letter to Google Legal with all the URLs because of copyright infringement, and nothing has worked!"

The point here right now isn't whether or not it is actually Google's responsibility to remove indexed, cached, or otherwise displayed links or images based at other sites. That's a complex area without simple solutions (and if anyone tries to claim that this is a simple matter, they are either misleading you or ignorant regarding the subject).

But the inability of persons with issues like these to even receive a usefully substantive response in any manner from Google is itself extremely routine, and a matter of continuing concern.

One might ask, why do people come to me with these issues? Regular readers can guess, and a Google Search these days for:

    google ombudsman

will quickly reveal the reason -- my "Google Ombudsman" essays. Folks with Google-related issues start searching around for someone to ask about these problems, and -- yep -- they find my various related postings.

It is distressing to receive pleading messages from people complaining that they can't get Google to respond to them in any way, and begging me for help. Sometimes I can point them to existing Web resources and techniques that will be of use. Occasionally I can get them some help through private channels. But most of the time I'm impotent to assist in their situations. Not only does that do them no good at all, it also frankly makes me feel awful.

As I've said many times before, I understand Google's concerns about scaling when it comes to dealing with user concerns -- especially when so many Google services are provided without charge. But Google is a big, growing, successful firm, with some of the sharpest minds on the planet within its fold. There are a variety of ways that an appropriate Google Ombudsman or some other "problem resolution" hierarchy -- with appropriate triaging and escalation of problems -- could be made to work effectively and economically. Other firms of every possible size, scope, and type have managed to do this successfully.

I have enormous respect for Google as a firm, and in particular for its people. But while the complexity of the issues is a given, it is embarrassing that an organization with the skills and influence of Google continues to avoid dealing with this area in an effective manner.

Google, you've worked engineering miracles toward organizing the world's information and making it universally accessible and useful -- as per your mission statement. The time is ripe for you to bite the bullet and apply a fraction of that expertise toward dealing with your continuing customer support chasm.

Do this properly, and you'll be an even greater company as a result.

That fact at least, is really very simple.


Posted by Lauren at 10:52 AM | Permalink
Twitter: @laurenweinstein
Google+: Lauren Weinstein

February 03, 2011

Bing Stealing Google Results? Or Users Giving Them Away? Does the Difference Matter?

Greetings. In Google, Bing, and "Darth Toolbar" yesterday, I attempted to dig down into the underlying issues related to Google's accusations of Bing stealing Google search results.

Judging from responses to that posting, and discussions I'm having in other forums, it's obvious that confusion on this topic still reigns.

It's not at all surprising. This is one of the thornier Internet legal/ethical quandaries that I've encountered in quite some time.

At the gut level, it seems evident that what Microsoft is doing with their Bing toolbar is beyond the bounds of ethical propriety -- that is, it stinks. Google puts a great deal of effort into discovery and indexing of uncommon, "long tail" content, and I'll bet Bing's apparent poaching of this data via the Bing toolbar is particularly galling to Google engineers who've worked so hard to find that content in the first place.

However, just because something is unethical it isn't necessarily illegal -- don't we know it! So when we look at all this from a legal standpoint (keeping in mind that I'm not a lawyer, and in fact only an "armchair" ethicist) it's hard not to get mired down with a headache in short order.

At the foundational level, an important question seems to be -- should individual users be prohibited from sharing their search queries and results?

As I suggested in yesterday's posting, an example could be someone who chose to post their searches, and let's say the top few resulting links, on a public "My Interesting Searches" Web page, where all search engines could discover them.

Would this be illegal? Should it be? We're not talking about mass copying of materials by that individual, only the sharing of some aspects of their own specific search activities.

My guess is that in the U.S. at least, attempts to block such sharing of individual search activity data would run into a First Amendment brick wall in short order.

Microsoft would likely argue (in fact, they are asserting) that what their Bing toolbar is doing is much the same thing -- enabling the voluntary sharing of individual search data by individuals, via a process of "looking over their shoulder" at their normal interactions with Google.

It's certainly possible to question the "voluntary" part of this. I suspect that most Bing toolbar users don't have a clue that their non-Bing search activities are feeding to Bing, and many -- perhaps most -- probably wouldn't be pleased if they were aware of such behavior. But we know the story on disclosures. Most people don't read them. If they read them, they often don't usually understand them fully. Toolbars are "pre-checked" options on so many other software installs now that it's easy to not even realize that you've installed one, or more, in the first place.

And we've allowed this situation to fester for years, since it has generally been to the benefit of the toolbar vendors, one way or another. Technically at least, Microsoft's claim of voluntary use might indeed (disgustingly, sadly) pass court muster.

In essence, Microsoft might claim that what they're doing is "merely" the "crowdsourcing" of individually volunteered search usage data, and that it's no more wrong for them to do this -- e.g., on free speech grounds -- than for individuals to share their personal search activity data with Bing (or anyone else for that matter) through other means.

Would courts buy such a proposition? My assumption is that Microsoft's lawyers looked at this area quite carefully in advance, and that they felt they were on comfortable legal ground, ethical considerations be damned.

I'm not sure that I see on obvious, effective, logical escape route from this legal/ethical conflict that Microsoft has selfishly -- and I might say rather fiendishly -- has foisted upon us.

The interactions and conflicts between free speech rights and intellectual property rights are complex but delicate dances of longstanding. There is much to lose for individuals and other stakeholders on all sides from the outcomes. Microsoft has cleverly pushed the envelope in this case, in such a way as to take advantage of these perplexing issues for their own gain.

We could try pushing back. We could demand even simpler and more prominent disclosures on toolbars, and perhaps that "cross-site" data sharing like that of the Bing toolbar not be enabled by default at installation. Perhaps lawsuits against Microsoft related to this area might get some traction, but their longterm viability and possible collateral effects seem problematic right now at least.

Unless we're willing to take a major and dangerous leap, by trying to place what could be significant new prohibitions on individuals and their rights to share information -- prohibitions that themselves would have to be acceptable to courts -- it is not clear what other measures are immediately available to force the cessation of despicable behaviors like that of Microsoft's Bing toolbar.

Of course, we could simply appeal to Microsoft's own sense of ethics and good corporate citizenship. Given all the negative PR that this entire episode has generated for them, there's always a chance that Microsoft will decide that it's in their own best interests to cease the behaviors under discussion.

Miracles can happen.

Just don't hold your breath.


Posted by Lauren at 12:24 PM | Permalink
Twitter: @laurenweinstein
Google+: Lauren Weinstein

February 02, 2011

Google, Bing, and "Darth Toolbar"

Blog Update (February 3, 2011): Bing Stealing Google Results? Or Users Giving Them Away? Does the Difference Matter?

Greetings. Recently, in My Take on "Google Accuses Bing of 'Stealing' Google Search Results", I suggested that the root of this escalated arguing between Google and Microsoft fundamentally relates to the broadening scope of data collected by common "toolbars" -- that are either pre-installed on various systems, or that are installed by users (sometimes voluntarily, sometimes inadvertently as part of other software installations).

Toolbars can be extremely valuable tools for users, but in some key ways various commonly used toolbars have become a case study of "mission creep" -- and along the way have crawled further and further towards the dark side.

Early search engine toolbars were generally focused on enhancing the direct interactions between users and the search service that provided the specific toolbar in question. But over time, toolbar capabilities have in some cases expanded to include collecting data on users' interactions with other sites, both in terms of which sites users visit, and sometimes even the input that users may enter on those other sites.

It can be argued -- and it is true -- that such data (for example, Web browsing history) could be employed by any given search engine to enhance the user experience in various ways. But it's also true that these sorts of data can be extremely valuable signals for an array of competitive purposes.

Now to be clear, not all toolbars engage in these practices, nor default to the same level of information gathering. Legitimate search toolbars are typically very careful to provide user controls over these functions, installation and usage disclosures, and so on. Nor do all search engines use the data collected from toolbars in the same ways. Similar signals used by one firm as major input to their search results algorithms may have less or no significance on search results generated by another service.

In practice, of course, most people don't read the disclosures and might not understand the full significance of what was being disclosed even if they did bother to read them. And most users will tend to stick with default settings.

It was the shift toward toolbars collecting data on user behaviors beyond the confines of their interactions with the associated specific toolbar providers that has led to the current Google vs. Bing accusations.

Search terms being entered by users on Google were (and apparently are) reportedly being collected and distributed to Bing by Microsoft-provided toolbar mechanisms in certain configurations. Microsoft asserts that participation in this is completely voluntary and disclosed to users -- and technically that appears to be true.

But let's face it. Users are pushed pretty hard to accept toolbar installations along with other packages, and as I mentioned above most people aren't particularly interested in plowing through the disclosures and option settings. So it's likely that many Bing users were unaware in practice that their Google usage data was being uploaded to Microsoft.

In a way, this is sort of similar to what would happen if you automatically created a list of your Google (or Bing, or whatever) searches every day, and posted it to a public Web page, where it could be discovered and indexed by any search engines that happened along.

[Update (6:00 PM): To be more precise, a better analogy is to posting your queries including the resulting links. But in the context of this discussion we're still talking primarily about a "discovery" mechanism for new search terms plus those related links. This appears to be significantly different than would be the case if, for example, a firm was routinely scanning and copying a competitor's results en masse for already known terms in an effort to improve their own already existing results for those terms.]

Search engines would likely use any unusual or otherwise unknown terms and links in those searches (as present on this hypothetical user's "searches" Web page) for additional page and link discovery input, which then could (depending on the specific algorithms in use) find their way into those services' main search databases, where other users could find them. As you can see, the end result is quite similar to what's reportedly occurred in the current Google/Bing controversy, though enabled by toolbar activities in that case, not by public posting of searches.

So where does this all leave us as relates to the current saga?

I don't quote biblical text very often (to say the least!) but Matthew 26:51-52 seems somewhat appropriate in this case, "Put your sword in its place, for all who take the sword will perish by the sword."

Personally, I don't like what Microsoft is doing by collecting Google search inputs and using them as signal data to Bing search results algorithms. It strikes me as underhanded and unethical, and I doubt very much that most users are cognizant that it is occurring. I'll bet that at least some users would definitely be uncomfortable with such activities. I'd like to see such behavior by Bing stopped.

But ultimately, the entire search industry has been extending the bounds of toolbar data collection for years now, and it was probably inevitable that one or more players would push the envelope into the rather nasty area where Bing now resides in this respect. It has been tolerance of this gradual creeping toward the dark side of data collection by toolbars that set the stage for where we are now, and there's blame to go around for all of us on that score.

Toolbars can be extraordinary useful, or they can be abused. Or both. Like any tool, they can be abused, and even when such abuse may not actually be illegal, it can still be ethically bankrupt.

Microsoft should cease "poaching" Google search queries from users, on ethical grounds if nothing else.

But more broadly, we all should be giving some deep thought to our roles in allowing some toolbars generally to evolve toward becoming the hungry data Morlocks of Web technology, rather than evolving as the strictly useful tools -- with clear and reasonable demarcations of data collection and use -- that most of them started out to be in the first place.


Blog Update (February 3, 2011): Bing Stealing Google Results? Or Users Giving Them Away? Does the Difference Matter?

Posted by Lauren at 12:25 PM | Permalink
Twitter: @laurenweinstein
Google+: Lauren Weinstein

February 01, 2011

Free UULINK Dial-Up Internet Software to Fight Internet Tyranny

Greetings ...

Executive Summary: In an effort to do what little I can to help fight "Internet Tyranny" such as we've seen in Egypt, I am preparing to release my dial-up Internet interfacing UULINK software package for free noncommercial use.

Details: Frankly, I never imagined that turmoil in Egypt would lead to people asking me about a software package that I first developed during the 1980s. I developed UULINK to communicate between PCs and UNIX UUCP systems, and between PCs running UULINK, during a period when few individuals or firms had actual Internet "IP" connections.

UULINK was the first non-Bell Labs UUCP protocol implementation, and I built in extensive flexibility for gatewaying of email between the UUCP ("!") and Internet ("@") email networks, and to support a wide array of dial-up modems.

During the 80s and well into the 90s, I sold UULINK widely as a package oriented very much toward technically knowledgeable users -- a necessity given the complex configuration environment. As true Internet connectivity became widespread, demand for UULINK understandably tapered off, and I did not expect to be dealing with what seemed to be an obsolete package again in any significant ways.

However, events in Egypt and other concerns about centrally ordered Internet shutdowns have rekindled interest in dial-up based networks as a backup to conventional Internet infrastructures in time of crisis or emergency, and like a distant echo from the forgotten past, UULINK queries have begun again.

While I am unsure if UULINK can actually play a useful role after so many years, it's at least worth a try. I am in the process of preparing a clean distribution that can be freely copied for noncommercial use (any former [or existing?!] UULINK users out there, please do not distribute files or other materials from your copies).

There are several important issues to note:

UULINK is a DOS-based package, from the era of floppy disks (it was originally distributed on 5-1/4 inch floppies). Early users were even sent a "Cats that think use UULINK" button as shown below. A very different time.

As DOS phased out in favor of Windows, it became apparent that UULINK could function in various modes in at least some Windows versions, within the COMMAND.COM prompt context. However, this was very late in the life of the product, and I did not attempt to track the various hardware and software combinations and configurations that were useful for this purpose.

Any and all use of this upcoming UULINK distribution is pretty much on your own. I will attempt to help where I can, but I simply do not have the time (nor operational environments) for comprehensive support of this free distribution. I would of course appreciate hearing back regarding what does and doesn't work in different situations, so that I can pass that information along to other users. It may also be interesting to experiment with running UULINK under the actively developed DOSBox emulation environment. But I can offer no promises regarding operations of UULINK or its ability to function at all with any given hardware and/or software environment.

Sources are not available at this time, since I don't have access to them myself currently. I no longer have the build environments to compile new UULINK executables (I studiously avoided using Microsoft compilers for the project, but this meant the development environment was nonstandard, and in fact UULINK was written both in C and assembly language). All of the associated build materials were taken offline many, many years ago, and I simply never expected to need them again. If I can locate the necessary offline files in readable shape, the source availability situation can change.

Given the time constraints I mentioned earlier, I am not going to just dump the distribution on a server willy-nilly. However, I invite anyone who believes that they might have a serious noncommercial use for UULINK, especially in terms of promoting Freedom of Communications, to contact me and I will let you know as soon as the free distribution is ready to go (this should be shortly, I've been working for days to pull the various components together).

In the meantime, there are two items that you can inspect now. First is the original UULINK technical specifications document. I have also now released the quite long and comparatively formidable UULINK 1.4 Manual (stored on Google Docs) as a scanned PDF document -- which is the only form I can provide currently. The manual may be freely copied for noncommercial use.

Both of these are original documents, which I have quickly patched to update contact information and related data. Hopefully these docs will be enough to help prospective users decide if they really want to dive into this or not!

My special thanks to very early UULINK user (and old friend) Lou Katz, who has been of great assistance in helping me with this archaeological effort. He's proof that at least Katz that think really do use UULINK!

Again, I don't know if UULINK at this stage of the game will truly be of significant use to anyone. I do hope so.

Down with Internet Tyranny! Up with Internet Freedoms!

Take care, all.


Posted by Lauren at 07:17 PM | Permalink
Twitter: @laurenweinstein
Google+: Lauren Weinstein

My Take on "Google Accuses Bing of 'Stealing' Google Search Results"

Blog Update (February 2, 2011): Google, Bing, and "Darth Toolbar"

Greetings. An interesting story has broken today, with Google essentially accusing Bing of "poaching" or "stealing" Google users' search results.

I can't spend as much time on this today as I'd like, due to another priority, but since a number of people have already asked me about the issue I'll say the following for now.

The gist of the story appears to be that particular Google search results for "long-tail," misspelled, or just plain "wacky" searches are ending up in Bing, apparently via users exposing those Google searches to Bing through IE/Bing suggestion/toolbar mechanisms.

Google conducted a search results "sting" to demonstrate this effect.

Bing says that there's absolutely nothing wrong with what they're doing, and that such user activity, by voluntary IE/Bing Toolbar, etc. users, is a valid input signal into Bing search results algorithms.

A detailed write-up on this story is here.

and information regarding Bing's response is here.

I might note that it has long been common for database and map makers to "seed" their products with occasional fake entries to help detect mass copying by competitors.

But in the case of Google's sting operation, Google engineers themselves apparently entered the "sting" search terms through the toolbars, which alters the overall scenario considerably.

My initial reaction to this situation is that while Bing's practice seems to be quite slimy, it may be harder to make the case that it is necessarily illicit per se. After all, these sorts of toolbars and related mechanisms (not just related to Bing) primarily exist to a certain extent to provide broad data about user behavior (often above and beyond the use of particular search engines) as signals to the firms providing the toolbars. As such, they routinely blur the line between the users' interactions with a range of sites in a wide array of contexts.

So perhaps the primary focus needs to be on these toolbar systems that have evolved far beyond their original designs, and that may now intrinsically encourage the "cross-fertilization" of user activity data across various search engines and other Web sites.

More later.


Blog Update (February 2, 2011): Google, Bing, and "Darth Toolbar"

Posted by Lauren at 01:33 PM | Permalink
Twitter: @laurenweinstein
Google+: Lauren Weinstein