[HN Gopher] How hucksters are manipulating Google to promote sha...
___________________________________________________________________
How hucksters are manipulating Google to promote shady Chrome
extensions
Author : undercut
Score : 108 points
Date : 2025-01-09 00:29 UTC (3 days ago)
(HTM) web link (arstechnica.com)
(TXT) w3m dump (arstechnica.com)
| nubinetwork wrote:
| > Apparently, some extension authors figured out that the Chrome
| Web Store search index is shared across all languages
|
| Oh, you mean like google ads and android app ads? Because both
| think I'm either Chinese or Korean, despite being neither.
| dylan604 wrote:
| Targeting at its finest.
| Over2Chars wrote:
| These rogue extensions are "surreptitiously monetizing web
| searches" - but doesn't Google _conspicuously_ monetize web
| searches?
|
| So it seems the Google TOS bans competition in search
| monetization using their "open source" browser. Isn't it odd that
| an "open source" browser is apparently designed to provide a
| monopoly on search monetization by the nice people who give it to
| you for free?
|
| And being 80% or so of all searches:
| https://www.statista.com/statistics/216573/worldwide-market-...
|
| It seems like Peter Thiel's claim that google is a search
| advertising monopoly masquerading as a (competitive, non-
| monopoly) technology company might be spot on.
| HeatrayEnjoyer wrote:
| Small info piece: Chrome isn't open source.
|
| Otherwise I agree (even if it means agreeing with Peter Thiel
| in this case).
| Over2Chars wrote:
| Well shiver me timbers, if that isn't a hoot.
|
| Maybe my vernacular is off, "source available" ?
|
| ah "licensed freeware"
|
| https://en.wikipedia.org/wiki/Google_Chrome
| asddubs wrote:
| chromium is open source, chrome is chromium + proprietary
| stuff added on top
| surajrmal wrote:
| 99% of its source is open. I wonder what you think of open
| source applications that make API calls into closed source
| cloud systems?
| grues-dinner wrote:
| > Peter Thiel's claim that google is a search advertising
| monopoly masquerading as a (competitive, non-monopoly)
| technology company
|
| That's not a very deep insight, it's been pretty obvious since
| they bought out DoubleClick in 2007.
| Over2Chars wrote:
| I agree, I think it's not a deep insight, but Thiel notes (in
| his 'zero to one' speech he gave) that Google actively
| pretends not to be a search advertising monopoly, and instead
| pretends to be a competitive technology company, in a wide
| range of technology fields, to "hide" their monopoly.
|
| Thiel is openly advocating monopolies, and says competition
| is for losers.
|
| I think he's just calling GOOG out for their marketing, and
| noting their market strategy to deflect attention away from
| their monopoly.
|
| I, for one, have never heard anyone publicly mention this
| besides Thiel. Have you?
| alephnerd wrote:
| I'm not sure I buy Thiel's argument becuase plenty of their
| non-search businesses such as Google Cloud, GSuite, Waymo,
| and Verily have become pretty successful in their own
| right, and vertical integration is another form of monopoly
| that tends to cracked down on.
| Over2Chars wrote:
| Check out the big blue box. I think Thiel's point is spot
| on:
|
| https://www.statista.com/statistics/1093781/distribution-
| of-...
| whatshisface wrote:
| If I had a monopoly on sugar and traded in silver and
| healthcare, I would still have a monopoly on sugar.
| tsunamifury wrote:
| Yea but diversification is a critical business strategy
| not just a marketing ploy
| brookst wrote:
| Yeah there are far cheaper ways to "distract" from a
| monopoly than building Waymo from scratch. Alleging that
| whole project exists only as a smokescreen is pretty
| conspiratorial thinking.
| tsunamifury wrote:
| I have had drinks with Peter Thiel. If you force him to
| answer more than one question about his theories it
| totally falls apart. Mostly the logic actually goes like
| this: oh if it doesn't work I have the money to survive
| it and you don't so I still win and claim I was right.
|
| I wish more people understood this.
| alephnerd wrote:
| +1 on this.
|
| Ime he's a walking personification of "jack of all
| trades, master of none".
|
| That's the perfect trait for a VC (broad knowledge is
| critical to identify market trends), but it has its flaws
| such as extreme simplification of complex topics.
|
| That said, you can rightfully argue that this is why you
| are investing in egghead founders - so they can deal with
| solving those problems and logic gaps.
| wbl wrote:
| Vertical integration is very proconsumer as it reduces
| successive markups.
| BobaFloutist wrote:
| Until they drive competitors out of business, and then
| it's not. Much like the horizontal integration of, say,
| Walmart.
| WeylandYutani wrote:
| I never had the illusion that Google makes their money from
| Pixel phones... It was always advertising.
| prasadjoglekar wrote:
| At this point in 2024/25, it's obvious to the point of
| multiple antitrust lawsuits against Google.
|
| If you want a POV on the most recent one involving
| Doubleclick, listen to the first part of this podcast with
| Brian Kelley of App Nexus - a competitor to Google ad tech.
|
| https://m.youtube.com/watch?v=xm8gPuwqFHk
| dartos wrote:
| I mean... they're as much search as Amazon is retail, no?
|
| Doesn't GCP bring in big bucks?
|
| Not to mention gsuite. If your company don't use Microsoft
| office they use gsuite.
| Over2Chars wrote:
| The big blue block is search advertising revenue:
|
| https://www.statista.com/statistics/1093781/distribution-
| of-...
|
| the much smaller black box is GCP. Much smaller. much much
| smaller.
| fuzzy_biscuit wrote:
| Don't forget when Google bought Urchin in '05. It's all been
| a part of the same broad strategy.
| WrongAssumption wrote:
| Can you quote the relevant section of the TOS?
| Over2Chars wrote:
| I cannot. I am simply paraphrasing the leading sentence:
|
| "The people overseeing the security of Google's Chrome
| browser explicitly forbid third-party extension developers
| from trying to manipulate how the browser extensions they
| submit are presented in the Chrome Web Store. "
|
| I assumed that this explicit prohibition would be a "TOS". I
| could be wrong. Maybe it's somewhere else or called something
| else.
| wbl wrote:
| The competition is a click away.
| donatj wrote:
| I have two Chrome extensions in the store. They're not very
| popular and are really just features I wanted for my own use. I
| think I have less than 100 users total.
|
| At least once a week I get emails from people
|
| - offering money to add their "tracking" code
|
| - wanting to purchased the extension outright
|
| What they clearly want is access to my modest install base to
| push questionable code onto. I certainly am not going for these
| offers, but I could certainly see someone less financially secure
| giving in to it, and that scares me a little.
|
| The idea of paid malware insertion in smaller packages is kind of
| troubling in general. How often just in life in general do we
| just trust opaque binaries to be clean.
| luckylion wrote:
| Did they seem personalized or do they just mass-mail every
| developer they can find? 100 users seem very little to go
| through the trouble of acquiring an extension and then push bad
| code.
|
| Did they ever give you an idea of what they are ready to pay?
| donatj wrote:
| They seem pretty generic, like spray and pray. I am sure they
| just scrape all the developers details from the Chrome Store
| and bug them all.
|
| I don't seem to have saved any of them but I do recall one
| offering me $6,400 for my extension because there was a small
| voice in the back of my head whispering "that's a lot of
| money..."
|
| Most of the ones wanting me to install code offer ongoing
| payments.
| luckylion wrote:
| Thanks, that sounds like a lot of money. I assume they'd
| start negotiating once you respond and they look into it, I
| can't see them paying $6-10 per user. At that point, it has
| to be cheaper to just build extensions and let them gather
| a few users, right?
|
| Wild market though, and I applaud developers who reject the
| offers. I'm sure that small voice becomes a lot louder if
| you built an extension that now has 100k users.
| maxresdefault wrote:
| How much were they offering?
| dvh wrote:
| They're not really targeting particular extension. Most
| people probably don't want to sell anyway so they would just
| waste time. They send email to everyone who have extension
| and then when any developer replies, only then they decide if
| they even want to buy. I have extension with 50k installs in
| last 5 years that has always on full access to visited pages
| (content script) and they offered $2k.
| malfist wrote:
| $2k seems abysmally low to throw away your labor of love
| and compromise your morals. At least in the US
| dylan604 wrote:
| you're making some assumptions that every dev has morals,
| and that some unscrupulous dev didn't build the thing
| specifically in hopes of getting this offer
| malfist wrote:
| Sure, that's possible, and from a cynical perspective
| seems likely to have happened. But if I was unscrupulous,
| there seems to be a lot easier paths to money than making
| a product, offering it for free, and hoping someone will
| offer to buy it from you to corrupt it.
| dylan604 wrote:
| Sure, but this method doesn't come with risk of criminal
| charges. This is all legit shady.
| potamic wrote:
| Did you see what the tracking code does? If possible, it'll be
| useful to get access to this.
| jabroni_salad wrote:
| I am having trouble finding it now but I used to use a
| Picture in Picture extension that just made the controls more
| apparent (I use Brave and you have to do a menu dive for it
| by default). The extension had been featured by google when I
| added it.
|
| At some point they signed on with a monetization scheme that:
|
| - Redirected you through its sales attribution url any time
| you accessed a store (which bounced you to the site's front
| page instead of your search result)
|
| - Rearranged your search results to put its affiliated stores
| at the top
|
| - Marketed itself mainly to retailers as an ad network with
| no mention of browser extensions anywhere.
|
| If it werent for the annoying redirect I probably would have
| never noticed that something was wrong.
| ClassyJacket wrote:
| ...Was it Honey?
| prettyblocks wrote:
| Most of them hijack search results and do cookie stuffing.
| emahhh wrote:
| I also have a really small extension. I also get a lot of
| emails offering "help" to expand the user base through SEO and
| marketing.
| diggan wrote:
| > I think I have less than 100 users total.
|
| > At least once a week I get emails from people
|
| My extension (https://chromewebstore.google.com/detail/privorno
| t/fnpgifcbm...) currently says it has ~915 users. Usually the
| offers I get are in the $100-$200 range, but it's maybe once
| every 1-2 months I get an offer.
|
| I'm guessing they go by keywords + user count (or something,
| maybe "last updated" too?) , as my extension is very country
| and context-specific, and I'm not getting that many offers
| (thankfully). More people reaching out saying thanks, which are
| better emails to receive anyways and some asking for the source
| code, which I'm happy to provide :)
| hansvm wrote:
| That sort of thing is part of my usual spiel against automatic
| updates in most scenarios (and, when that's hard, pushing back
| on the reasons why it's hard rather than adding automatic
| updates):
|
| - What security problems are we trying to prevent with
| automatic updates? The worst-case would be allowing an
| untrusted third-party to run arbitrary code on your computer.
|
| - How did we fix it? We allow a different untrusted third-party
| to run arbitrary code on our computers.
|
| Toss in a healthy dose of developers using "security updates"
| to enshittify a product, or even just screwing up releases from
| time to time and introducing more attack vectors than they
| fixed, and automatic updates don't look very attractive.
| issafram wrote:
| Google would prefer to focus on limiting ad blockers with V3
| instead of protecting users from these extensions.
| creato wrote:
| V3 reduces the damage extensions can do to users. Complain
| about the impact to ad blockers if you want but this point is
| nonsense.
| insin wrote:
| The "This extension may soon no longer be supported because it
| doesn't follow best practices for Chrome extensions" warning on
| the uBlock Origin listing is one the shadiest things on the
| Chrome Web Store.
___________________________________________________________________
(page generated 2025-01-12 23:01 UTC)