Google removed chrome extensions that do cookie stuffing before: https://www.zdnet.com/article/google-removes-two-chrome-ad-b...
PayPal's Honey extension should be pulled by Google for doing the exact same thing. There is no difference and Honey shouldn't get special treatment just because it's owned by PayPal.
---
UPDATE: It's criminal wire fraud.
Brian Dunning sentenced to 18 months jail for cookie stuffing: https://www.businessinsider.com/brian-dunning-ebay-and-affil...
“Cookie Stuffing" internet fraud schemer Jefferson Bruce McKittrick pleads guilty: https://www.justice.gov/usao-sdal/pr/cookie-stuffing-interne...
Pie also removed its footer reference to being the team that made Honey and then deleted all of the team photos from the who are we page. They seem to understand cookies and affiliate links well but aren’t versed in the way back machine.
The ethical standards of everyone involved with Honey/Pie are deplorable and they should be outcast from the software industry.
http://web.archive.org/web/20241223012824/https://pie.org/ab...
For context, this all started about 2 weeks ago with one of the best pieces of investigative journalism I've seen on youtube: https://www.youtube.com/watch?v=vc4yL3YTwWk
And it's spiraling from there into lawsuits etc. I'm kinda glad PayPal bought them as they can't just shut down and file bankruptcy. Hopefully some of these creators will get paid out for lost revenue.
Great find. I noticed the photos disappeared yesterday, but didn't catch that footer reference change.
Sadly, Ryan Hudson knows how to play the game and Pie (with its charming .org domain) is on a roll --- already hit 1M downloads just 9 months after its launch and grown to 10+ Engineers/20+ employees.
Shameless.
On the bright side, LegalEagle also called out Pie in the video. Hopefully that'll help shine a light on them.
As if Honey isn't already under enough fire with half the youtube world releasing videos about their shady practices.
Title is misleading. The original team behind Honey has created a new company that is doing this and not Honey itself which is owned by Paypal.
Do we know when Honey started stealing affiliate links? Was it after the acquisition?
Before, this is how ALL coupon sites/extensions have worked for decades.
I'm frankly baffled it weren't more common knowledge, despite being common sense, before the MegaLag video. Did people really think that sites like retailmenot.com or wethrift.com make you open tabs to the shop you're searching for coupons for before you can see the coupon code just for fun??
Affiliate code stuffing is the coupon provider business model, it's not Honey-exclusive at all. I'd be surprised if you find a coupon site/extension that haven't always done that.
Not even just questioning how referral links work, but questioning how a company makes money. I never looked into Honey, but since it wasn't obvious how they were making their money, I assumed it was something sketchy and stayed away from it. My assumption was it was the typical data harvesting and selling (once they had the extension in your browser they could track you). While I think the tracking/selling is immoral, what they did instead seems like fraud (IANAL).
I'm pretty surprised that so many YouTube creators pushed Honey without questioning how they were making money off giving away discounts. Did they not ask, or did Honey have a lie for that as well?
https://help.joinhoney.com/article/30-how-does-honey-make-mo...
I guess they say it, but being owned by PayPal I'm guessing there was an assumption that the commissions weren't being stolen from other people, and the codes being provided were organic codes and not ones created for Honey by the merchant to manipulate the user into thinking they were getting the best deal, when they weren't.
I read the HN link after the video though, and it was full of vague misunderstandings of exactly what honey was doing, even if people did understand the technical logistics. Some of the dark patterns honey goes through to get a user to click any link or button is pretty shady.
Yep, it's somethings easy to forget that HN isn't actually mainstream; something being discussed on HN doesn't mean it's well known.
Yeah, as I watched the video all I could think was "what the fuck did you think they were doing?". I'm surprised technical youtube channels were caught by it, although maybe they did the calculation that the money Honey was paying was worth more than the affiliate sales they'd lose. There's also value to getting that money immediately, rather than at some unknown point in the future.
The only part that seemed uncouth to me was setting the referral code when they hadn't actually found any coupons, and collaborating with retailers.
In my defense I assumed they were a user data-mining scam, not a coupon code scam. Still never used it and told people not to whenever they asked, but, whatcha gonna do.
On Firefox you could use a separate container for your coupon site visits, but do the buying in another container.
The main point is not so much their busines/industry model, but how they used creators to promote it .
isn’t it egregious when you make the people who are you stealing affiliate money from to promote the same thing ?
All the YT creators are making a stink about this because surprise surprise, honey was stealing from them, not their viewers.
It's one of those open secrets that most youtube-peddled services are predatory in some way, and the creators happily kept pushing them on to their viewers because money talks. Now it turns out Honey is hurting their own bottom lines, so of course they all get on their moral high horses.
I'm curious why Amazon doesn't show you in some obvious way what affiliate code your purchase is linked to, if any. I'm imagining something like the way they used to display your Amazon Smile charity if you used that option.
Perhaps they've guessed that it would shock some people to learn how often they inadvertently use affiliate links and they would be discouraged from shopping or find some way to disable the codes.
I figured they simply had affiliate links themselves, or made deals with companies in order to get customers who normally wouldn't buy at full price.
It just seems illegal to replace an affiliate link like. I guess the courts will determine that.
Honestly the developers should be banned by name from using the Firefox extension store. So they don't come back with yet another scam.
Oh... This should have been obvious, but I only realized it from this comment.
> I'm frankly baffled it weren't more common knowledge
I think the last time I actively investigated how to save pennies with these online coupon things was the 90s when I was a teenager and I suppose that's true for more people.
[flagged]
The two together results in honey essentially being paid instead of real affiliates to suppress coupon codes from you(since they advertise to stores that they direct users away from finding coupons, and towards a more stable discount percentage).
> Paying Honey means you can limit the discounts available through Honey, sort of like a shitty protection scheme.
But the merchant controls the discounts, if they want to stop spreading higher discount codes they can do it any time.
If I had an affiliate program, I would not allow Honey on my platform.
"Earning money from affiliate links" and "stealing affiliate links" are not the same thing. There is a big range of behaviors here, and they're right at the worst end of it.
I'm surprised by how far they went, not that affiliate links were involved at all.
At no point in that writeup does Honey say they use cookie stuffing to fraudulently steal affiliate attribution when no discount code is found. This is a serious crime: people have gone to prison for cookie stuffing affiliate codes (see: https://www.justice.gov/usao-sdal/pr/cookie-stuffing-interne...)
Google removes chrome extensions cookie stuffing affiliate codes: https://www.zdnet.com/article/google-removes-two-chrome-ad-b...
> The only thing that I never understood was why brands would allow Honey to be an affiliate. Why would they want to pay Honey any money when Honey doesn’t originate any traffi?
Because Honey has leverage.
Just to provide one example, Honey can very easily hurt Amazon's bottom line by adding random affiliate codes (of independent creators) to every transaction. This wouldn't make them any money, but would bring them to the negotiating table.
Instead, Amazon can work out a deal with them where they get half the standard affiliate fee, and Amazon pockets the rest. Amazon is happy because they pay 1.5% to Honey instead of paying 3% to a different creator, Honey is happy because they get 1.5% instead of nothing, and Honey users are happy because if Honey is well-funded, they'll use some of that money on letting them find good deals online.
This is just one of the ways it could have played out; it's also possible that e.g. Honey had good access to some kind of Amazon discount codes that they kept applying too often, which Amazon didn't like, so they worked out a deal that wasn't too bad for Amazon and great for Honey.
> However, Amazon dot com is very aware of honey evidenced by advisory warnings on Amazon dot com website from a few years ago.
I missed this, do you have any more information on it?
Capital one shopping (basically the same thing) definitely originates traffic, like it prompts users to go to other websites for a better deal.
My guess to your question would be that perhaps there is the belief, or maybe data proves it factual, that when someone is considering a purchase and might be on the fence and then they see that Honey can get them a coupon or rewards points that they are then slightly more likely to go through with the purchase thinking they are getting a good deal. If data shows an increase in sales then some might consider affiliating worth it. Just my guess.
>> We earn these commissions when a member uses Honey to find available savings or to activate PayPal Rewards
Do you really think that clicking an "OK" button to dismiss a dialog after Honey doesn't find any coupons that secretly reloads the page your on and replaces the affliate cookie with its own is just "earning money from affiliate links?" That's just one of the super shady things they do.
Same with Paypal rewards. They entice users to click the rewards button to again steal the affiliate cookie, and pay them a few cents while they take tens of dollars in affiliate commision.
If a company says they make money “selling cars” you don’t assume they get those cars through theft. Same deal here, saying they get affiliate money doesn’t imply they overwrite existing affiliate links which is about a clear a case of tortious interference as you could find. https://en.wikipedia.org/wiki/Tortious_interference
So, no Honey didn’t disclose what people are complaining about.
I think you’re missing the point. Honey is stealing affiliate credits from influencers who don’t have any relationship with them.
If a YouTuber posts an link with their own affiliate code and during checkout the user uses the Honey extension to look for coupons Honey steals the affiliate credit even if they don’t have a coupon the YouTuber gets nothing.
It took LTT years to detect this behavior despite it coming up in forums and HN. They then decided to stop accepting sponsorships from them.
Sponsored ads also often boasted Honey will get you the best deal anywhere. Yet some have found them knowingly preferring their own coupons even though others users had manually entered and successfully used better coupons from elsewhere (while the extension was installed).
Title says team behind honey. (was it changed?)
Legal Eagle is suing: https://youtu.be/4H4sScCB1cY?si=bXxfG_EekkzGEW7J
Between this and that botched FOIA request, it feels real good to have content creators out there actually looking out and fighting against this BS that every other content creator lacks the expertise to do anything about.
I don't care if they do two ads per video (a normal ad and one for their firm), they more than deserve to shout themselves out.
>content creators out there actually looking out and fighting against this BS
Maybe they should have looked out before taking advertisement deals for products they don't even try to understand.
The only reason all of the "content creator" (influencer would be more fitting) care about this, is for once the product screw over them instead of there audience (just look at betterhelp).
>you don't need to have accepted the deal or even have heard of Homey to be affected
no you at the very least needed to install the addon for it to swap out your browser cookies.
>And it's effect isn't limited to YouTubers
the reason for the lawsuit based on financial damages very much does only effect them, the people who have referral programs which aren't the audience. ofc it also effects youtuber who didn't have a deal with honey.
Don’t forget all the financial YouTubers like Graham Stephan that were hawking FTX.
What botched FOIA request?
Best to hear it from the source, since the I'm not comfortable trying to explain the legalities:
https://youtu.be/caVSUaB8S3o?si=aTyhH7fsB1W72g-O
But to attempt to summarize it, LegalEagle was trying to file a FOIA request for to DOJ and the FBI for rejecting their request to retrieve documents related to the January 6th riots. And they were rejected in one way that basically suggested that it wasn't read, and one claiming that there were not "part of the media" (which shouldn't matter since anyone can file a FOIA). There's a lot of stalling tactics being done and there's worries that the records could he expunged if too much time passed.
Arguably a criminal matter also, “Cookie Stuffing" Internet Fraud Schemer Pleads Guilty: https://www.justice.gov/usao-sdal/pr/cookie-stuffing-interne...
Second half advertises its existence in a positive way as they pay for influencers.
And yet consumers aren't appalled at what the kick back on a conversion is.
Online advertising is a cesspool that makes things more expensive not less.
Honey isnt a problem it's a symptom.
Saw the numbers on some VPN provider and was surprised just how huge the cut for essentially nothing for consumer can be... Like if that was in the original price. Then again VPNs are weird when you hear these deals and compare them to normal prices. Something is broken in the model.
To me, the whole affiliate marketing with behind-the-back deals and kickbacks just reeks of corruption. We have made the kickbacks illegal for public servants ... why all the rest are fine?
The money that "the creators" and Honey are in disagreement over to whom it belongs, should have never left the consumers' pockets to begin with.
> And yet consumers aren't appalled at what the kick back on a conversion is
Because they have absolutely no idea.
Where would they ever run across that information?
Is really being "under fire" if it's just accurate reporting?
Justified fire is still fire
Yes, it's almost always justified in any situation where I've heard 'under fired' used.
Yes.
I know it’s not necessarily the same people, but it feels contradictory for this community to say “copyright infringement isn’t theft” when we’re talking about movies, but use the opposite language when talking about GPL source code.
The GPL does the exact opposite of copyright; the fact that it uses copyright to achieve that is just an implementation detail.
If you believe information should be free to share and remix, you would believe that copyright infringement is not theft and that not releasing code is wrong.
The fact that the proprietary code is based on GPL code just shows that the ex-Honey folks are hypocrites: they're trying to use copyright to control their code, but breaking the same rules in the way they reuse others' code.
> The GPL does the exact opposite of copyright; the fact that it uses copyright to achieve that is just an implementation detail.
> If you believe information should be free to share and remix, you would believe that copyright infringement is not theft
No, this is absolutely incorrect. GPL requires copyright (or similar mechanism) to function. Without copyright, anyone could take the GPL'd code and release a compiled binary without releasing source. Releasing the source is the "payment" for being granted a license to copy the original code; without releasing the source, you are in violation of the author's copyright. No one who wants to use the GPL to protect their and their users' rights would advocate for eliminating copyright, because the GPL's goals cannot be achieved without copyright.
The more direct solution would be a law that required distributing human-editable code alongside software. No need for copyright or anything remotely similar. Code being copyrightable would just be getting in the way at that point.
But in a world where that is politically infeasible, we have to use whatever tools we have at hand to get as close as we can. And, unfortunately, the tool we happen to have is the modern copyright regime.
> The more direct solution would be a law that required distributing human-editable code alongside software.
Hmm okay yeah, I buy that. Good rebuttal, I retract my comment :)
Do food nutrition labels violate the first amendment, being compelled speech?
Laws are just made up by people, we can make up new ones if we want.
But nobody is compelling anyone to write and release software. It's no different to requiring food to include a list of ingredients or products to include safety standards references etc.
I mean, there's a reasonable argument that large swathes of current copyright law in the US also violate the First Amendment. I haven't read it yet, but the book No Law from Stanford University Press[1] makes that argument and has been on my to-read list for a while.
One can still want much looser copyright. For example, 14 years by default, pay $$ to extend it, increasing exponentially each time (as compensation for stealing from the public domain). At least I'm willing to call extended copyright terms stealing if we're going to call format shifting and other personal use cases stealing.
Well, there should be laws to protect consumers from DRM, instead of laws to prevent consumers from circumventing DRM for legal uses, like say consuming the content they paid for on the device of their choice.
version 1 is now in the public domain - What's the issue?
That just privileges the rich. Just return to the original idea of copyright and limit it to 12 years.
I don't believe that ideas/intellectual work should be considered property. I will concede that granting a temporary monopoly through copyright or patents can maybe be a means of incentivizing innovation and creative work, but I'm not convinced it is the only means of doing so, and the longer that monopoly lasts, the more it can have the inverse effect of stifling innovation that builds on existing innovations.
At least in the US, copyright is a monopoly on certain rights for a limited time. By locking those rights for an extended time, it is stretching that definition. The time to benefit from your creations is in that time window. That goes for my creations, yours, and everyone else too. Public domain is patient, but I don't think it is worth depriving it of moderately older works with which others can start to use as a foundation to build upon.
> Do you also believe I should be entitled to a cut of your paycheck?
I don't necessarily agree with GP or you, but this isn't a good argument because anyone other than libertarians (i.e. anyone who supports taxation), which in practice is pretty much everyone, does believe that.
> Do you also believe I should be entitled to a cut of your paycheck?
don't you benefit from taxes?
We can see with current legal situation around AI learning and data scraping how companies and their lawyers has starting to work around the issue of not having data protected by copyright. The general alternatives to copyright seems to be TOS and contract law, except for Hollywood which went and drafted their own special law.
Downloading software from a server means you need to have access to that server, possible through an account. There is also a fair amount of precedence covering the enforceability of TOS and limitations of server access, especially when a company earn profit on intentionally ignoring them.
Contract law has its own issue, and copyright is generally seen as much easier to understand and enforce, but if contract law can be used to control how software and data is used after a user has downloaded it then it could be used for something like GPL.
The gpl sets terms, employing the right to set terms.
The fact that those terms are not for money is the implimentation detail.
The fact that there are terms that you are required to agree and adhere to, OR live without the goods, that is not.
Just like the normal terms for money, your choice is you can take it according to the terms, or leave it. Not just take it and ignore the terms.
It's definitely a special level of low to steal something that's already free.
> It's definitely a special level of low to steal something that's already free
stealing from the commons, basically.
The body of gpl code is absolutely a commons. I don't know why you imagine otherwise unless you're confused about public domain or something.
There is no joining any company or anything remotely like that no matter how hard you try to squint. The single rule in GPL is no more than any other usage-of-commons rule like don't pee in the pool or litter in the park.
The park is still free for anyone to use, you just can't fence off a part for yourself and start operating your tire-burning business in it. The body of people who either first donated it or the tax payers who voted for it set some terms for usage, and now you can either enjoy the goods under those terms or not.
But what's interesting is how some people have this kind of reaction and try to come up with this kind of argument over the act of being generous.
Are you sure GPL isn't even worse than you said? Why be so nice? Are you sure it doesn't also eat babies?
You want to use gpl code go right ahead. Want to modify it? No problem. Ignore the optional license. It isn’t a usage license.
I make changes to gpl code all the time. I never release the changes because my coding is far too embarrassing. Nobody forces me to release anything. I can and do compile it with gpl incompatible links, not a problem.
I just don’t distribute it.
> The fact that there are terms that you are required to agree and adhere to, OR live without the goods, that is not.
Uh, no there aren't. The GPL's requirements only kick in when I try to redistribute: that's why the license is in a file called COPYING. It's not an EULA: you don't need to agree with it to use GPL'd software.
You didn't make that copy, the person you got it from did.
I don't need to be granted permission to run a program on my own computer.
Those are the terms, correct. Using the code in pretty much any way you want without redistributing is adhering to those terms.
Why do you try say that means there are no terms?
The terms are ridiculously generous. But there are terms and those are they.
>If you believe information should be free to share and remix, you would believe that copyright infringement is not theft and that not releasing code is wrong.
I'm mixed, because it's an entire spectrum and there's no clear sand in the ground. It's a very nuanced topic.
But fundamentally, if people want to make sure they can benefit most from their creations, they need some way to protect themselves. Otherwise the biggest wallet will grab the idea, out-advertise you, and out support you.
That's why I always vied for minimizing copyright periods, not abolishing the idea. Creators should benefit: creators have almost zero need to benefit almost a century after they die. the original 14 + 14 made enough sense and can still work: something that was basically an average lifetime back then and is now most of a working career. Those rights can transfer to whoever they want, and it would be transferred to a beneficiary posthumously. But when 28 is up, it's up.
Copyright was created in part, and allows the author of some covered work, to control the terms of how that work is used and distributed; so that both the creator and the user may benefit from that work.
GPL was created in part, and allows the author of some covered work, to control the terms of how that work is used and distributed; so that both the creator and the user may benefit from that work.
The GPL and copyright are both about controlling what other people do with something you made. The MIT, or BSD license, or some other very permissive license that doesn't set down restrictions are arguably different from copyright. But the GPL isn't the opposite of copyright. It's just has different terms of use.
> The GPL does the exact opposite of copyright;
No, public domain is the opposite of copyright. The GPL absolutely does give the author rights to dictate how people copy the software -- in fact -- even more so than many other open source licenses.
Copyright itself is arguably theft sponsored by the state, because information can naturally be freely used/shared by all of humanity. Creating property rights in information reduces the collective knowledge of humanity (the commons), because now information can't be shared.
The goal of the GPL and viral licensing is to undo copyright as such.
I don't agree with this maximalist approach because many forms of knowledge wouldn't be created without a financial incentive. But there's many niches in the economy where free software creates greater economic benefit than a proprietary solution.
> The goal of the GPL and viral licensing is to undo copyright as such.
This does not match my understanding. My understanding is that the goal of the GPL is to weaponize the copyright system to enforce copyleft. Many creators and supporters of the GPL do oppose IP laws (at least in their current form) but the goal specifically of the GPL isn't to destroy copyright, it's to weaponize it to accomplish higher purposes.
You can live in the gift economy or the money economy. Taking stuff from the gift economy and selling it is gross.
I dislike this framing. I was paid money for over a decade to write GPL'd code; I didn't do it as a gift. I release my code under the GPL for selfish reasons: I want others to be able to improve it, and me to be able to take advantage of their improvements. To me, it's not a gift, it's just the most efficient way to write software.
OP is not asserting that all GPL'd code is part of the "gift economy". I also wrote some GPLv2 code a large corp in the past, and I wouldn't consider it that, either. But projects like UBlock Origin that are run by volunteer contributors are very different.
You seem to be basing your rejection of "gift economy" as a label for the latter on the basis that it's not done for entirely altruistic purpose. But that is generally true of gift economies - most people who participate in them (and I'm not just talking of software here!) are not doing it out of purely altruistic motives, and actually expect to receive benefit from such an economy as well. Usually this is cultural, but some people, like you, might consciously believe that it's the most efficient way to distribute goods (whatever their definition of "efficient" might be).
you can work at a charity and still be paid, even though the "non-profit" moniker can confuse layman.
> I release my code under the GPL for selfish reasons: I want others to be able to improve it, and me to be able to take advantage of their improvements.
I suppose that metphor depends on what you think of community efforts. Like say, sharing a food recipe or a workout routine. I see see the framing as "giving it away". Even if your endgoal is an ultimately selfish search of "better recipe/routine to use".
One thing I see over and over again is that those with lower moral standards often seem to prosper. The saying cheaters never prosper has never seemed to hold true from what I have seen. Still I hold myself to a high standard in life even if I could get away with something I believe in morals. If I find a wallet I return it with all it's cash. Sadly if you have no morals you take the cash and come out ahead. My son last year had $900 in his wallet and dropped it. Returned with no money. I could never do that as I would be thinking that is someones rent money or bills or food for their family. The person with low morals however gets a new ps5 and some games or whatever else they wanted. I can only hope the person who took it was in a worse situation and paid their rent or something. Thankfully my son only learned a hard lesson and was not without food or rent or anything.
Most people want to live in a high trust society. Unfortunately the low trust society moves in.
I agree completely, and yet I would still prefer language to be used consistently.
I think the "information want to be free" crowd is very consistent. They want the information to be free. They don't want artificial scarcity.
Sure they'll use IP as a means to an end, but that doesn't mean they believe IP is a good idea in general. It's just one of few tools that exist to solve it.
In an ideal world all software would be forced to be FOSS, and we'd have to come up with ways of funding it that aren't based on artificial scarcity.
The puzzle case is no different to how you can't sell somebody a rubiks cube without allowing them to "solve" it by taking it apart and putting it back together.
You can make a physical item intentionally hard to work with or modify, but I see that as a shortcoming of our current legal standard—that's why we need some kind of "right to repair" framework. Requiring people to distribute human-readable code alongside software follows the same underlying philosophy as physical "right to repair" requirements.
>Though, I wouldn’t really claim that all IP is illegitimate. I think many IP protections go way too far and last too long, but, I think some amount of copyright and patents is probably a good idea, though for a much shorter duration.
For what it's worth that's the camp I'm in as well, I'm just being a bit silly for the sake of argument.
I’ve heard an argument that people / companies would still pay for custom development, like they do now. It is a pretty weak argument, but I do see the point.
Not everyone is stupid; people would catch on very quickly.
Things are often inconsistent however there are cases where something appears inconsistent but it is only lack of knowledge of observer that displays it as inconsistent. At least that is what I have learned today in some different matter (I was that observer).
Then you’ll have to invent new language for one or the other because they’ve different and merely related meanings.
I agree though. We should always intend for accurate and consistent language.
If it isn’t the same people your observation is that some people say one thing about one topic and other people say something else about a completely different topic. That is like saying some people like elephants and other people speak Portuguese
Being fair these are semantically different meanings of “theft”.
1. Movie copyright is compared, by its owners and the law, to physical theft. This type of theft does not remove the physical use or any use from the owners.
2. GPL copyright only requires sharing changed code. Failing to disclose the changes actually does affect the owners in the way claimed.
They’re two different social contracts and we need different words for them. Honestly many social problems are like this.
We do have that. In law copyright infringement is categorically not "theft" and is not even handled by the same type of court.
The "copyright infringement (is / isn't) theft" argument is drivel on the same intellectual level as "corporations are people."
right, infringement is not theft, and corporations are not people. Corporations are governments.
The corporation you probably thinking of right now is a small private government to run a for profit endeavor. But note that cities are also corporations.
Trusts etc. are mechanisms to move inheritance from personal law into corporate law. This lets you game the system as corporate privilege often handles this more gracefully than personal privilege(wills and inheritance).
Probably want to contact a lawyer for the nuances, but the thousand foot view is you create a corporation with yourself as chief officer, and others as backup officers. set your corporate law to make your backup officers useless until the death of the chief officer and strict guidelines as to how the backup officers are to manage corporate assets. then finally transfer assets to the corporation.
The point being, the thing that makes a corporation a corporation is its corporate law governing its members, thus the assertion that corporations are not people, they are governments.
> this community to say “copyright infringement isn’t theft” when we’re talking about movies
I wasn't aware there was this community standard. I explicitly disagree with it and I presume many others here would as well. The contradiction exists only in your one sided assertion.
I think the position is more nuanced. Once I've paid for the movie then breaking it's "copyright circumvention measures" so I may copy it or display it for my own purposes and reasons is neither immoral or illegal regardless of what hollywood or the law they paid for says.
I also think that Copyright terms being the life of the author are explicitly in violation of the Constitution, let alone, life plus some arbitrary term. These laws have fallen out of the service of the many and into the hands of the few.
There's a habit to "point out the contradiction" in these forums. I think it's almost always misguided.
Not saying I agree with infringing on copyright, but I don't think it's contradictory:
GPL: "The code must be shared" Downloading/Pirating movies. "The movies should be shared"
I don't think people that people who believe in the GPL and pirate movies often do so because "pirating is the right thing to do", but one can certainly make the case that they share the same basic idea.
Individual pirates are rarely profiting from it. I'd wager most people who think pirating a movie is fine aren't cool with printing 1000 bluerays and hawking them at the flea market.
Also most pirates abhor people that charge for access to pirated content.
I once paid for a Plex share that initially was very convenient. Some free stream sites can be very slow and constant buffering. The plex share had high bandwidth connection and a huge library with content from basically all major streaming services at a great price so it was an easy buy. Plex started cracking down hard and it would disconnect way too often and require the guy setting it back up again which could take a half hour or a half a day so I ended up moving on.
I was paying for netflix until my kids could no longer watch from my house and my exwife's house. After that nonsense I just taught my kids how to find stuff for free.
I used to pirate all my games but now pay for all of it. I am trying to rack my head around why I stopped with games but having a hard time thinking of what made me change. For PC I just think it probably is risky running pirated software that may be malicious. For things like the switch well I have a older switch that can be fully modded but haven't due to not having the time to fully research all the ins and outs and not wanting my kids switch to be banned or something.
That is hypocrisy on the level of thinking buying drugs is ok but selling them is bad. You can argue about the severity of the behavior, but if you are drawing moral lines in the sand, buyer and seller are always on the same side.
You're arguing movies against drugs. Obviously buying drugs is bad, is downloading movies inherently as bad?
They are different senses of the terms. In "copyright infringement isn't theft", "theft" is in the sense if car theft. In the title, "stolen" is in the sense of a stolen idea.
Copyright infringement, while it may be wrong, truely isn't akin to car theft. It is however akin to a stolen idea. A car theft deprives the rightful owner of the car, but they don't otherwise care that the thief now has a car. An idea theft doesn't deprive the thinker of the idea, but they care that the thief is benefiting from the idea without compensation. Yet they don't care if someone becomes aware of the idea, but keeps it to themself.
It's just different people. "Copyright infringement isn't theft" is an extremely niche viewpoint in general.
Niche viewpoint amongst whom? IP lawyers?
Copyright infringement isn't theft, whether it's about movies or source code.
I don't care about the movie industry, and don't care if they lose money. I don't care about the software industry or if they lose money.
I do care about information being freely available whether its in the form of movies or source code - it's in no way contradictory for me to want people locking up source code to be stopped from doing so while also wanting to see more torrenting. Copyright law is a tool - much like fire. I don't want my house to burn down, but I also don't want the fire in the furnace to go out... is it contradictory that i want to use fire to keep warm but not have all my possessions destroyed?
There are very many differences already pointed out, so to add an other one, there is a difference between a company doing something at scale and for profit, and a private person doing something for themselves.
The people in this community that says “copyright infringement isn’t theft” do not refer to copyright infringement where people exploit the work for-profit and put it out as their own (feel free to find a single occurrence to prove me wrong). The word plagiarism comes to mind, which is morally and (depending on country and circumstance) legally a bigger crime than copyright infringement. The legal system usually also recognize that exploitation done for-profit and large scale should be considered worse and punished harder.
You're missing the point of GPL-style licensed Open Source Software. It's a matter of copy_left_, vs copyright. The difference isn't comparing the rights of GPL software writers/publishers vs the rights of movie publishers.
It's about the idea that software (and, for many, all digital media) should be free. The GPL is designed to "infect" other projects, by forcing them to be free if the GPL code is included. It's using IP/copyright laws to combat profiteering in software (and, in the case of movies, Blender releases a GPL'd movie every few years).
It's the activists' FOSS license, unlike the MIT/BSD/Apache licenses, which are just the literal definition of Free and Open Source, no strings attached.
Yeah, they used the wrong word. No "stealing" of code is happening here. It's just infringement of someone's copyrights. Theoretically, they could be taken to court over it. In practice, courts are a rich corporation's game.
Copyright should not even exist to begin with. GPL is just there to try to use the system against itself by essentially forcing everything it touches to be public domain. GPL is barely above the copyright industry from a moral standpoint. That usually causes people to treat violations of it far more charitably. Nobody feels sorry for the trillion dollar copyright industry.
We live in a world where the same trillion dollar corporations who compare us all to high seas pirates who rape and burn will also engage in AI washing of copyrighted material at industrial scales. That's a far more interesting contradiction than what you're presenting and far more deserving of the people's indignation.
Because most people in this community know how much effort it takes to make software, but not that to make movies.
Movie copyright violation: more people than intended can see the movie.
GPL violation: less people than intended can see the code.
Isn’t this the difference between MIT and GPL?
https://knowyourmeme.com/memes/we-should-improve-society-som...
In short: until society changes you play by its rules.
I guess the difference lies in ownership. If I pirate movies I won't claim that I own the rights to that movie. Can't really say the same when I have a product with stolen code.
A community is made up of individuals who each hold their own potentially conflicting opinions.
Which community are you talking about in the first place?
Absolutely not and if it weren’t for the US copyright/IP lobby it wouldn’t even be a crime in many places.
Copyright infringement may be criminal. But compared with theft there’s, rightly, a higher standard of proof required.
“So you’re pro assault when somebody’s broken into your home at night, but suddenly anti assault when I want to punch your grandma?” Exaggerated but the same idea. Though people often communicate and maybe even internalize it in simplified “copyright bad” form, actual beliefs are much more contextual. The piracy debate would look a lot different if it weren’t literally millionaires demanding money from children.
https://www.gnu.org/philosophy/open-source-misses-the-point....
FSF address this issue directly. GPL is basically fighting fire with fire.
Road to hell is paved by devils advocates.
infringing on copyright is like stealing from the rich
infringing on copyleft is like stealing from the poor
its the difference between robin hood and government corruption
A lot of folks creating unique IP aren’t rich though?
Consider a homeless person stole from a food bank to sell the food to make money - and nowhere acknowledged where the food came from or that others can get the same food for free; and moreover claimed "this is fresh food I have meticulously sourced myself!"
Everyone from the foodbank to other homeless people would justifiably be furious at this scam artist when they learn more. That's the morally repugnant situation we find ourselves in with Honey.
Copyleft infringement is perhaps better thought of as stealing from a foodbank than government corruption.
[dead]
Said on a forum where 99% of the posters are rich. When I see drivel like this it reminds me to be grateful that I wasn't born with the narcissistic delusion to believe that my behavior is privileged and morally superior to the same by others. The height of insanity is seeing yourself as the moral arbiter of the universe.
I legitimately don't see how your point meaningfully connects to the comment you're responding to
If copyright infringement is theft, then stealing GPL code is theft.
If copyright infringement isn't theft (our goal), then it doesn't matter.
Hope that makes some sense.
Rhymes with horseshoe theory.
People are willing to let behavior slide when it aligns with their interests, but will call it out when the "other team" does it.
- Copyright abuse of games, movies, commercial software vs open source software
- Censorship of conservative speech vs censorship of liberal speech
- Genocide of one geopolitical entity vs another geopolitical entity
- Separation of church/state with mandated removal of religious symbols from students and government places vs freedom of religion with removal of LGBT symbols from students and government places
- Use of executive branch authority for [liberal goal] vs [conservative goal]
It's the same behavior on both sides, just different groups of people doing it.
>- Separation of church/state with mandated removal of religious symbols from students and government places vs freedom of religion with removal of LGBT symbols from students and government places
>It's the same behavior on both sides, just different groups of people doing it.
I'm actually curious to understand how you came to the conclusion that non-standard sexual and gender identities are equivalent to a religion to you.
I don't mean to start an argument here, but do you actually believe that endorsing a specific religion is the same as endorsing gay rights?
> I don't mean to start an argument here, but do you actually believe that endorsing a specific religion is the same as endorsing gay rights?
I'm LGBT and agnostic.
Schools banning crosses and the Swiss banning burqa are very similar to the LGBT flag removal in Michigan. It's all censorship to enforce the ideology you agree with.
A free society would do none of these things.
Instead we have two angry sides playing games to anger one another.
I think OP is referring to schools banning students from wearing crosses etc.
The problem is that enforcement is unequal and always seems to benefit the rich over the creators.
If I use Photoshop's 1's and 0's and don't follow Photoshop's rules, I could be bankrupt and thrown onto the streets, dramatically decreasing my life expectancy, or locked up and legally enslaved by Tyson Foods.
If PayPal, an 85 billion dollar market cap figure that has monopolized a large amount of digital commerce, uses our 1's and 0's and don't follow our rules, we're laughed at, because we are not an 85 billion dollar market cap figure.
I expect you understand this on some level.
> - Censorship of conservative speech vs censorship of liberal speech
How so? There are many left aligned websites that remove conservative content, and many conservative websites that remove lefty content, many sites that allow both and many sites that remove both. Perhaps I misunderstood, apologies if so.
Good thing the ends matter more than the means.
This isn’t the first time they’ve been accused of shady practices.
> MegaLag also says Honey will hijack affiliate revenue from influencers. According to MegaLag, if you click on an affiliate link from an influencer, Honey will then swap in its own tracking link when you interact with its deal pop-up at check-out. That’s regardless of whether Honey found you a coupon or not, and it results in Honey getting the credit for the sale, rather than the YouTuber or website whose link led you there.
https://www.theverge.com/2024/12/23/24328268/honey-coupon-co...
This seems like tortious interference.
[flagged]
Referral sniping is only a half of the scam. The other half is that Honey snipes the code even if they don't find a discount, and that companies pay Honey to prevent it from showing certain coupon codes. They pay for it because
1) thinking you got the best code when another one exists means they get ($best_discount - $honey_discount) more than they would had you actually searched
2) honey gives the false assurance that you are getting the best deal, making you more likely to complete the purchase
So Honey is both sniping referral codes and running a protection racket.
And straightforwardly lying to its users as well!
This is likely astroturf since they posted it twice, verbatim, in the same article [1], and it uses pretty standard PR deflections (e.g., "So are there some problems with the affiliate industry? Probably. But ...") without actually addressing the central claim.
I posted it twice because there’s multiple comments covering the same thing.
You can look at my post history. I’m just trying to give an industry perspective. I’m not supporting what Honey or any shopping extension does.
Afaik the scam is honey telling users they find the best coupon but also letting shops dictate what coupons honey shows to the user. If I remember it right, the video also shows honey replacing the attribution cookie with its own even if it did not find any coupon
I heard that vague snippet from the podcast in the video. From my time in the affiliate space (which was a few years ago), Honey would not let merchants delete a code unless it was an employee or internal code. If it was publicly available, they refused to delete a code without providing an equivalent exclusive code. Maybe that policy has changed? If so, that's definitely bad, but I have no way to confirm that and I don't see any proof.
But they are allowed to claim attribution even if they don't find a coupon. Merchants know this when partnering with Honey. Most of the time, even if users don't find a coupon, they still get cash back which is funded through the commission.
Like I said, the affiliate industry is pretty wack and that's why I left it, but this is far from a scam.
Clearly users didn’t know that all this was going on. And neither did the social media influencers who promoted honey while being robbed by it.
If it were an honest business, honey wouldn’t have needed to hide what they did. (And lie about it on their website - where they claimed until recently that honey found you the best deals). Also if it were an honest business, nobody would be surprised or mad when it all came out. Honest businesses can just explain everything and people still want to do business with them!
What honey did doesn’t pass the pub test. It’s scummy.
Its not. I have had honey installed on a separate chrome instance (mainly use FF). I was not aware that the extension pulled this, otherwise I would have never used it. There are some creators I follow, whose advice I somewhat trust and I have used their affiliate links to purchase a product. I want that creator to get the commission because they sold me on the product, not honey.
Also, just because something is standard industry practice, doesn't somehow make this behaviour any less egregious.
I already agreed the affiliate industry has issues (and is part of the reason I left). If they switched to first-click or multi-click attribution, none of this would be a problem.
But I am just saying it's not a Honey problem, the blame is focused on the wrong place. If they want things to change, they should direct their rage at the companies who make the rules.
Of course people should blame honey for deciding to act unethically. If you’re actively looking for ways to get away with being a scumbag, you’re a scumbag. Crime isn’t the fault of the police or the parliament. Crime happens because someone wakes up and decides to commit a crime. Honey is the same. It’s nobody else’s fault that honey exists. Honey exists because someone found a legal way to steal money. Then they decided to do it.
Any system of rules will always have loopholes. It’s the mark of civilisation that people choose to act honourably even - and especially - when they could get away with being a dirtbag.
I watched the video and I am pretty sure that the rage is warranted at this time. There is plenty of context given: Honey and their browser extension is swapping out cookies and lying about it to the end user - it does not matter if "everyone else is doing it as well". It's bad and it needs to stop.
They don't just swap out everyone's cookies. They comply their the affiliate network's "stand down" policies. Which means they don't actively try to poach commissions in the same shopping session. These are terms everyone agrees to, including creators. If it's the next day, most merchants don't pay out for referrals older than 24 hours anyways.
So like I said, there are some legitimate problems with the affiliate industry, but the rage should be directed at the affiliate networks that dictate the terms. They could easily switch to first click attribution which would solve this problem.
You can replicate his same case and see for yourself. Click an affiliate link and go to checkout. Honey won't pop-up like normal.
He doesn't provide the context for what his timescale is for his specific case. He cites that it can be up to 30 days later and Honey will still take the commission, which is true, but most merchants don't honor any cookies that are older than a day anyways.
I'm not saying this isn't a problem, it's just not a Honey-specific problem. If he actually wanted to influence change, he should cover the affiliate networks responsible for dictating this behavior (CJ, Impact, Rakuten, Awin, etc). The extensions are forced to comply by their rules.
Strange, an addon that was written to steal income by replacing affiliate links with their own, is found to also steal the code.
The headline says the team stole code, not that they stole it for Honey.
Snopes looking real silly for this 2018 fact check: https://www.snopes.com/fact-check/honey-browser-extension/
Snopes in 2018 and Snopes in 2008 were sadly two very different things. They used to be such a great resource!
They were always a protection racket against retailers, and I haven't seen any proof that they started stuffing their affiliate code in 100% of the time only recently.
The racket is that they f*k with your campaigns by stealing codes typed by users of the extension, so even users who don't think they're sharing them end up sharing them with Honey. Imagine the fun when someone creates a valuable code for someone trusted and doesn't limit its usage sufficiently, and someone uses it on a Honey-infected machine. Now the whole Internet is getting a possibly loss-making discount!
Honey then contacts the business and says "Gee, wouldn't you like us to stop doing that? Just pay us 3% on every sale any of our tens of millions of users buy and we'll let you blacklist any codes you like!"
looks like they did a new piece about it: https://www.snopes.com/news/2024/12/30/honey-browser-extensi...
It's really shameful they haven't updated the 2018 page with this information.
A fact checker being wrong? How is that possible!!!
2 years before PayPal bought Honey. It's possible that the extension was fine at the time. Even if it had always been hijacking the referral codes, I wouldn't consider that a scam from the perspective of the users.
It wouldn’t surprise me if most companies steal GPL code. When code is closed source, how can anyone know?
https://en.wikipedia.org/wiki/GNU_General_Public_License#Leg...
There are cases here where companies used GPL code without releasing their changes.
How do licenses of a source code check if the people using their code is complying with the license it uses?
https://www.reddit.com/r/embedded/comments/18gie6l/how_do_li...
The fastest way is often to just run the "Strings" program on the software. Often it will dump out a bunch of strings that match those in the Open Source project: Error Messages, Logging messages, etc. Sometimes if they're really sloppy it'll spit out the name of the GPL program/library directly and a version number.
I often add magic arrays to my code. So.. if I find them in a binary blob...
Have there been any lawsuits involving breach of open source licences?
https://opensource.stackexchange.com/questions/11452/have-th...
There are some indirect ways.
Suspecting users can try the software to see if it has the exact same functionality or bugs as the copied GPL library. This is of course not a definite proof, but some amount of rare enough coincidences can be considered as a very strong sign for copying. Legal measures can be taken on account of these evidences.
And of course there is always the option of a whistleblower.
Usually 'strings' on the binary shows up tell-tale signs.
Granted that means the 'smart' infringers are likely to slip through the sieve, but at that point they'll have to essentially be re-writing the code anyway, and lose most of the benefit that they'd get stealing the GPL code (they'd have to hand-roll any bug or security fixes back into their stolen-but-obscured GPL code)
Not if they can use an obfuscator?
Pretty much any (non-entry level) engineer at a decent software company knows what licenses to avoid. There are strict policies against the use of viral licenses along with training and automation to detect it, etc.
Also I don't think it's that easy to conceal and not sure any serious company would risk the liability.
The people who find it more convenient to steal GPL software are not the same group willing to do the work of obfuscsting that fact.
Is he correct? That you can't have GPL files in your project without all code adhering to it? I thought it has to be linked static. So just calling a GPLed js library likely wouldn't be enough. I think the law is muddy here and not clear at all, even if the code is directly bundled.
There are multiple aspects here. In short, any kind of linking or equivalent process definitely makes your code a combined work with the GPL parts; the "safe" way of using the code are more like calling a GPL process like `system("ls -l")`.
First, if you are distributing modified code or code compiled from GPL sources, in any way, you must advertise that fact clearly, and extend an offer to the original sources plus your compilation methods to anyone who recieves this from you. This is true regardless of whether your work constitutes a combined work.
Then, if you are distributing a work that includes GPL parts and parts that you don't want to release under the GPL, you have to check specifically how the GPL parts are used. The relatively safe boundary is calling GPL binaries as separate processes, especially over a network - if this is the only way you are using the GPL code, it's probably OK to keep your other parts under an incompatible license.
If you are using the GPL parts any more closely, such as calling functions from a GPL library directly through an FFI, or worse, linking to that library, then you are almost certainly building a combined work and all of your own code has to be released under the GPL if you wish to distribute the GPL parts.
Even if you are calling the code only as a separate process, the amount and type of communication you use matters - if you are exchanging extremely complex and specific data structures with the GPL process, rather than just a few command line switches and parsing some yes/no answer, then your work may still constitute a combined work and have to be entirely distributed under the GPL.
He's correct.
GPL is called a viral license. Any project that you add GPL code to must be licensed under GPL (and made available to others under the GPL guidelines). That's why many commercial companies don't include GPL code - see Apple.
LGPL is typically meant for code packaged as a standalone library called from other, possibly non-GPL, code. You can distribute and call LGPL code from your code but your code does not have to be GPL/LGPL-licensed.
I believe the intent of LGPL was to have free LGPL versions of libraries where only popular non-LGPL libraries existed before. Any changes made to LGPL source code must be released under the usual LGPL/GPL guidelines, i.e. you can't make changes to LGPL code, release it in your project, yet keep the changes to yourself.
> That's why many commercial companies don't include GPL code - see Apple.
This is wrong in a couple ways. First, Apple ships plenty of GPL code. https://github.com/apple-oss-distributions/bash/blob/bash-13... as an example.
What Apple does not ship is GPLv3 code. GPLv3 had two major changes around patents and "tivoization". The tivoization clause in particular forces changes that break Apple's security model for their hardware, and is probably the core reason they do not ship GPLv3 software.
Note that the anti-tivoization provisions only apply to software that is sold with the hardware. If Apple wanted to use GPLv3 software in apps that you have to purchase separately the anti-tivoization provisions would not be a problem.
Thanks for the correction.
This points to one area of Apple's use of GPL code. Apple doesn't want code licensed under GPL v3+ so they're sticking with the GPL v2 codebase (and custom-backporting bugfixes?). Apple uses Bash v3.2, GNU Bash is at v5.2.
https://en.wikipedia.org/wiki/Zsh says Apple switched to zsh as the default shell (with its MIT-variant license) in 2019.
GCC was replaced with LLVM in Xcode 4.2, and GDB was replaced with LLDB in Xcode 4.5 and GDB removed in Xcode 5.0. see https://en.wikipedia.org/wiki/Xcode
If the GPL code is an integrated part of your code, then you've created a derivative work, a "work based on the Program" as the GPL calls it. In this case your work must also be licensed as GPL.
>5. Conveying Modified Source Versions.
>You may convey a work based on the Program, or the modifications to produce it from the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions:
>[...]
>c) You must license the entire work, as a whole, under this License to anyone who comes into possession of a copy. This License will therefore apply, along with any applicable section 7 additional terms, to the whole of the work, and all its parts, regardless of how they are packaged. This License gives no permission to license the work in any other way, but it does not invalidate such permission if you have separately received it.
It seems to be the case here since, as the top comment by RraaLL says, they've included GPL-licensed JavaScript from uBO in their extension.
I think you might be thinking of the LGPL, where it’s fine to use a piece of code if you dynamically link to it (and maybe something about providing relinkable object files, but I’m not too clear about that). The GPL, on the other hand, mandates that any code that interacts with GPL’d code must be GPL’d, unless it can be easily replaced or such and such (i.e. your non GPL code calls a GPL binary via fork & exec or the like).
I’m not an expert in this sort of thing, so a more knowledgeable person may chime in.
But if you create a plugin that calls (via mv2 api?) a separate GPL-licensed JavaScript file to block all ads on the page, and then use your own closed-source code to add your own ads in step 2, is it really integrated or just two separate programs bundled together?
https://en.wikipedia.org/wiki/GNU_General_Public_License#Com...
The mere act of communicating with other programs does not, by itself, require all software to be GPL; nor does distributing GPL software with non-GPL software. However, minor conditions must be followed that ensure the rights of GPL software are not restricted. The following is a quote from the gnu.org GPL FAQ, which describes to what extent software is allowed to communicate with and be bundled with GPL programs:[74]
What is the difference between an "aggregate" and other kinds of "modified versions"?
An "aggregate" consists of a number of separate programs, distributed together on the same CD-ROM or other media. The GPL permits you to create and distribute an aggregate, even when the licenses of the other software are non-free or GPL-incompatible. The only condition is that you cannot release the aggregate under a license that prohibits users from exercising rights that each program's individual license would grant them.
Where's the line between two separate programs, and one program with two parts? This is a legal question, which ultimately judges will decide. We believe that a proper criterion depends both on the mechanism of communication (exec, pipes, rpc, function calls within a shared address space, etc.) and the semantics of the communication (what kinds of information are interchanged).
If the modules are included in the same executable file, they are definitely combined in one program. If modules are designed to run linked together in a shared address space, that almost surely means combining them into one program.
By contrast, pipes, sockets, and command-line arguments are communication mechanisms normally used between two separate programs. So when they are used for communication, the modules normally are separate programs. But if the semantics of the communication are intimate enough, exchanging complex internal data structures, that too could be a basis to consider the two parts as combined into a larger program.
I don’t know about that hypothetical case, but from what the redditors are saying, it looks like the Honey team are directly including and calling upon the GPL’d code, which I’d say constitutes derived work.
For that specific hypothetical, I’d say it would function as a derived work, but others would be able to answer better.
I am not a lawyer so I can't say with certainty, but judging by the exchange between Richard Stallman and Bruno Haible, the author of CLISP, it may well be required: https://sourceforge.net/p/clisp/clisp/ci/default/tree/doc/Wh...
To be fair, Honey could easily bypass the blocklist redistribution legal issue by downloading filter lists at runtime from the official source. Then they aren't redistributing the resources.
Update: It looks like they're also using code from uBO without attribution or authorization. That's most likely illegal.
read the thread, people also found that it also stole code from uBO
I would be careful handing out legal advice as a non-legal expert, especially when it is about "bypassing legal issues". You might be doing someone a big disservice.
@readers: Obligatory notice: Don't base your business decision on random internet comments.
This is excessive. Any fool taking legal advice from pseudonymous internet comments is getting what they paid for.
Ok. Got it. Next time, I'll leave probably false legal advice unchallenged.
Ok. You are right. I think he is likely wrong, but I'm not a lawyer either. Just someone who researched this a lot for my own projects/company.
If that was true, all user-side aggregations would be considered as separate projects.
I think it might be possible to circumvent the GPL license, when the URL to the list would be user-configurable and the program also worked without the list.
If any software ever deserved being sued into non-existence it is the Honey browser extension, and any other scam software they turn out (Pie Adblock in this case).
I've seen a few ads from them on YouTube promoting their ad blocker, specifically touting that it gets around YouTube's efforts to block ad blockers.
I thought it was interesting that YouTube, in the midst of trying to crack down on ad blockers, allows ads promoting an ad blocker that is specifically claiming to evade that crackdown.
I wonder if there could be anti-trust aspects to cracking down on such ads.
Nah, just Occam's Razor. Pie Inc. payments went through and it's cheaper for YouTube to run whatever instead of paying to people to curate such ads.
Youtube ads are less moderated than youtube videos. They know where the money is.
The founders sold 5 years ago to PayPal. Do they just get to laugh on their way to the bank? Probably.
Your comment implicitly absolves PayPal of responsibility.
One thief sold to another , it is like credit card lists or botnets are sold on the dark web .
PayPal is hardly innocent here , they knew what they were getting into , this is the core business model of not just honey but all of the coupon sites.
From what I've gathered, honey basically replaced affiliate codes with their own and then gave the user part of the commission back? Is there something they did that users should be unhappy about?
It seems the voucher codes they 'find' are not the result of them searching the Web.
They are simply codes provided by partnered businesses and may be beaten by codes you can get by searching yourself.
If true, then this is them outright lying to the user.
And you know, if they don't find a coupon code for you, one might still be at least a little annoyed that the original 'salesman' didn't get their affiliate commission; it instead being pinched by another.
I think in addition to the coupon thing, they had/have some cash back points? In any case, as someone who filters affiliate links, I can't understand why anyone would want to preserve them. Making them useless by having the user's browser automatically inject one seems like an awesome feature and a great social good, even without the user getting part of it. Affiliate programs are a direct cause of a lot of the spam on the web.
It should bother you if 10-30% of your price went to whoever last got you to click on a link.
Yeah, they pass on 80 cents of the $35 commission they get from Nord VPN when they hijack someone else's affiliate link. And it's 80 cents in "points." So you have to spend more to even use those.
It's a scam in partnership with the on-line shops. The consumer loses, the reviewer using affiliate links loses, and it turns out the extension goes further by occasionally making up discounts that don't exist (this will be in the next video it seems), so the seller gets screwed, too!
Well some people actually do believe in giving credit to the person who helped them make an informed purchase. I have gone into a store and had a worker spend like 20 minutes showing me things. I wasn't ready to buy but when I was and came back I had another worker try and help me but said to them the other worker spend a lot of time helping the other day I would like to buy it through them and was sorry.
This is the one worth watching, it’s a total scam and PayPal is fine with it apparently.
[dead]
This video is just rage bait and weaponizing creators and their fans by singling out Honey and not providing any additional context. Anybody in the affiliate industry knows how last click attribution works. This isn't new or specific to Honey. CapitalOne Shopping, Rakuten, RetailMeNot...they all work the same way. Merchants partner with these shopping extensions knowing how they work, nobody forces them to do so.
The affiliate networks (CJ, Impact, etc) are the ones who determine what attribution method to use, shopping extensions just comply. The vast majority of shopping sessions don't have any prior attribution and merchants fund all of these commissions (nothing is taken from a creator or a user). Yeah, it does seem like the codes Honey has have gotten worse in recent years, probably just a consequence of PayPal acquiring them and not giving it any attention (and layoffs). But the example MegaLag points out of finding a better code on a coupon website DOES THE SAME THING AS HONEY (overides the attribution).
So are there some problems with the affiliate industry? Probably. But calling Honey a "scam" seems completely unfair and lacks critical thinking. It's saved me thousands of dollars over the years.
It is personal to creators because honey paid a lot of them generously over the years to work with .
It is not the industry is shady that made honey standout, it is the fact that they were paying the people to pick from their own pockets is what got YT creators railed up.
It is being singled out, because without that heavy creator promotion they wouldn’t have grown anywhere close to the size they were last month. They have already last 3+ millions on Chrome web store in December .
No other coupon company has been valued or sold at 4 billion honey was, it is by far the largest and most successful. It is not uncommon for largest player to get the most scrutiny even though others do the same
Couldn't agree more, fellow authentic consumer! As a completely real person with no vested interests, I must say this resonates with my genuine, unprompted experience. Thank you for sharing your totally unscripted thoughts!
This but unironically. Why would an authentic consumer care whether the right shill gets paid, and be upset that instead some other party does and they get a discount or cash back?
Do all of the upset people work in ads or ad-adjacent industries or something? Are the "influencers" (i.e. propagandists) trying to manufacture outrage and make it seem like normal people care? Please think of the spammers!
A paid "recommendation" is dishonest to begin with, and is taking advantage of misplaced trust/parasocial relationships. An honest relationship would involve asking viewers/readers/listeners to support them directly.
I offer my work for money. I don't work for free and tell clients "hey you should support me by using AWS (who will give me kickbacks) for your infrastructure." The conflict of interest is fundamental to such an arrangement, even if disclosed. Instead my employer pays me for my expertise and I do my best to give them my honest, unbiased experience/opinions/analysis. I'm explicit about the boundaries of my knowledge/experience.
Case in point: these "influencers" obviously did not do any due diligence on what this program was doing. They "recommended" something they didn't understand because they were paid to do so. If this were "merely" stealing user information (the monetization method someone else in the thread said they assumed), would there be controversy? What exactly did the people who recommended this thing think it was going to do to the people who installed it? That's the actual story here (though it should be unsurprising).
Obviously the correct solution is to spread the word about ublock and sponsorblock (and perhaps adnauseum) too. Help contribute to a better society by making advertising a less viable way to make money. If something is worth paying for, pay for it. Push the incentives toward honest practices. Don't white knight when shills play themselves.
My account is 11 years old. How dare I try to share a perspective as somebody who worked in the affiliate industry.
This is a forum run by a Silicon Valley VC firm, frequented by tech entrepreneurs. Ethical behavior is not high on their list of priorities.
Except honey does not clarify that it replaces the referral link anywhere. The vast majority of shopping sessions do not have attribution, so adding attribution to them would just drive prices higher for regular users, damaging both users and the sellers.
It could lead to lower prices if they are indeed replacing referrals. Supposing the retailers notice that this is a huge affiliate, basically understand what's happening, and negotiate a smaller commission for these programs (they obviously have a lot of negotiating power since they aren't really getting referrals and could just ban these programs, destroying them), they might have a lower overall cost.
I imagine people running affiliate programs have heard of rakuten, for example, so I suppose they have some reason they haven't banned it (i.e. it actually benefits them/lowers overall costs).
This cost would lead that less creators would participate in the referral program. Because the only criteria to participate is how much money they get from it. Though, maybe a good thing, I am tired with all the tech reviews glorifying new stuff, like it is an ad all the way. The good sign if reviewer has a ref link is that the review is probably optimized to be the last place you visit before making a purchase.
so, it exactly does not mention that it replaces the referral from the original URL you came to buy stuff with. Thanks for the confirmation.
Stop spamming the same bullshit apologism over and over and over
Nobody cares that other companies and extensions do the same thing, they're bad too.
I'm not saying this isn't a problem, it's just not a Honey-specific problem. If he actually wanted to influence change, he should cover the affiliate networks responsible for dictating this behavior (CJ, Impact, Rakuten, Awin, etc). The extensions are forced to comply by their rules.
People should also be angry at all these other extensions and companies, they’re complicit and just as bad. But the source of change needs to come from the affiliate networks, who dictate the rules.
Minor quibble with the linked complaint: the GPL doesn’t require you to post source code, it just requires that you have to provide it when asked, and only to people using your software. (But you’re not allowed to restrict anything they do, like repost it.) Just follow the whole Redhat / CentOS drama for exhibit A in this behavior.
If something is "heavily promoted by influencers", it's garbage.
Would it make a difference if this garbage was GPL licensed?
personally I think it's hilarious that "influencers" were taking a pittance to unknowingly cut off their affiliate income
and not just cut it off once, but cut it off forever
and as a bonus: cut it off for all other influencers too
Adtech cancer grew so big it constantly gets its own cancers.
What's so hilarious about it?
It works. The only reason I knew what Honey was because so many Podcasters and Youtubers have advertised it on their content. I have never used it, but I recognized the name and knew what it does.
In case you missed the news, it doesn't work the way it was advertised.
Honey _does not_ scour the web for discount codes. Honey instead partners with webpages to provide you a discount code (or not) with the advantage for the webpage being that less people will use a 30% discount code and instead use Honey's 10%.
Of course the really funny part was that basically none of the influencers did due diligence on their counter-party and Honey also took all of the influencer's affiliate money as well.
They do crowdsource discount codes from other users which is how you get internal discount codes used for testers leaked to other users.
I think this is a facilitation of theft, though the theft is hidden to the user so the user does not possess criminal intent while using the code. I’m not sure how illegal it is but it is clearly wildly unethical.
It should be incumbent on Honey to check if these discounts are indeed public. 100% discounts would be an obvious place to start. Given that Honey claims to search the public internet for discounts according to their claims they can in fact do this.
At the scale and resources of Honey the claim of ignorance becomes unreasonable. It would help their case if they had a made a documented good faith attempt, but I think due to the obvious nefarious nature they would have avoided collecting such data because they wanted to continue the practice.
But as mentioned, I’m not sure how illegal it is despite the TOS but it’s clearly wildly unethical.
Oh it gets even better:
> Pie Adblock: Block Ads, Get Paid
Really? Do people not understand how the economy works or something? Education failed so bad :(
From their home page:
> Browse ad-free with Pie Adblock and earn cash rewards for the ads you choose to see.
Sounds like they replace the ads with their own, paying you (and surely taking their cut). Sounds a lot like Brave Rewards, similar thing...
I was gonna say the same thing. Brave browser all over again
Yes, possibly a huge difference. If they provided legitimate work and contributed to the project, with diligence and respect for the licensing, and respectfully, transparently, honestly ran with some sort of referrals / adshare type program for monetization, it would almost be respectable.
What they did was out themselves as garbage humans, with laziness, antisocial grifting, disrespect for the law, and general unpleasantness at every possible level. It'd be difficult to be worse people without adding murder or violence to the mix.
I would never install anything advertised on youtube. Not claiming that I'm an elitist, but the audience on youtube would not have the ability to differentiate between a chocolate bar and a landmine.
Not sure where to start here. You could have found Honey advertised basically anywhere on the internet, not just YouTube. YouTube users are common across most of the developed world at this point, so it's probable that there are millions of YouTube users that are more intelligent than you or me. And what you said implies you do differing levels of due diligence for the services you sign up for depending on the platform you heard about them from, which is ill advised; regardless of where one found out about Honey, you should have questions about how their business works. Someone who has been around the block a couple times would have deduced that a business that clips coupons for you is doing something to make money, and since it's not obvious what that thing is, it's almost certainly something shady.
How does Pie Adblock make money?
It's free so I'm suspecting they're doing more affiliate marketing stealing or something similar to Honey.
From the webstore extension overview:
> Get Paid to See Ads — Opt-in to see a limited number of partner ads and earn rewards.
After what happened with Honey, I guess this probably means: they replace ads on pages with their own, pocket most of the money, and extort the sites who would have earned money with the ads into partnering with them.
paypal paid 2 billion for honey did all the devs leave?
Looks like they sold in 2020 for $4Bn, and both founders left two years later in March 2022. One founder started Pie, which basically seems like Honey with a slightly different angle. The other founder became a VC.
It looks more like Brave (the original idea), an adblocker that actually replaces ads and pays you rewards.
I really wish PieAdblock was in the article headline, since it's more relevant.
"UBlockOrigin GPL code stolen by Pie Adblock Extension and Honey team"
Of course Pie is scummy, it is brought to you by the people behind Honey. In addition to stealing GPL Source the new over-hyped Adblocker that probably also steals (silently rewrites in the background) affiliate links, just like the old "coupon finder". No surprises!
The developers of the misused code can sue for breach of copyright. The people in breach in this case have money and are worth going after if there are a reasonable number of copies of the code illegally distributed.
PayPal Honey is also involved in lawsuit where it stole Referral Codes and replaced them with its own.
Basically every dollar the company has made is basically illegal.
Is there a better option to Honey? The extension has saved me a good bit of money over the years, especially on newer and independent sites that sometimes offer deep discounts for your first order. But it does seem like the coupon codes come from the community and there should be a community version of the extension.
Honey actually hides the best deals from you at the site's request. You'd be better off finding the codes yourself.
I'd rather get 10% off automatically instead of 15% off if I have to spend 30 minutes on every single purchase trying dozens of dead codes from various sites. It being automated is the entire point.
I don't think you can copyright lists of publicly available information (iirc there was some case with phone numbers before). That being said, they also stole code...
ProCD, Inc. v. Zeidenberg was sort of about this:
> For Zeidenberg's argument, the circuit court assumed that a database collecting the contents of one or more telephone directories was equally a collection of facts that could not be copyrighted. Thus, Zeidenberg's copyright argument was valid.[1] However, this did not lead to a victory for Zeidenberg, because the circuit court held that copyright law does not preempt contract law. Since ProCD had made the investments in its business and its specific SelectPhone product, it could require customers to agree to its terms on how to use the product, including a prohibition on copying the information therein regardless of copyright protections.
Moreover, it doesn't seem like static linking to me.
A similar example would be using a GPLv3 licensed JavaScript library in a website. What it implies to other HTML/JS/CSS code is controversial [0]. The FSF actually believed that they should not be "infected" [1], and the legal implications may need to be tested in court.
The FSF question is about templates, but the chrome extension in question also seems to have copied nontrivial JS.
I don't think chrome extensions can be modified by the user; there's probably some integrity check. So to be GPL compliant they need to publish source files to rebuild the extension?
Depends on the country https://en.wikipedia.org/wiki/Database_right
Thanks for the list! It seems that unfortunately copyright applies to databases in EU.
Right, or: maybe. Depends on where you are (or maybe better: where they are), and whether data collections fall under copyright or some other protection that is translateable enough for the gpl to apply. But if they really also used code that point is moot.
I'd only heard of Honey by way of random YouTube thumbnails, I assumed it was some sort of scam. Go figure they're connected to PayPal...
The author of UBlockOrigin should contact the PayPal legal department (in a legal manner). That might be a more direct path dealing with the Honey business.
This is by people who used to work on Honey - they're not part of PayPal.
I guess honey is just going all out now?
Yea but who is going to do anything about it? What is the enforcement method?
Wow these people really just go all in on the unethical practices.
I thought config files can’t be copyrighted. The post talks about what appears to just be a config file.
It is the filter list, which are the things that defines ads and loaded by adblocker to block them.
If piracy isn't 'stealing' neither is this, since the original code is still available.
You are not making money off the product when doing piracy. In this case they stole the code to make money off it which is very different
Money has nothing to do with it. The justification for piracy has always been that the original work is still there, so it's not considered theft.
Not only is the original GPLd code still there, the owner of that code didn't have the money in their pocket, so nothing was actually 'stolen'.
It's why I support using GPLd code in proprietary applications. This team just got sloppy and copy/pasted. They should have hired me and I would have made it virtually untracable.
I don't understand. Wanting everything for free and stealing stuff is just good capitalist praxis. Has been for centuries.
Why can't people just run businesses decently without deception & scams?
I'm sure they can be profitable.
This deceptive behaviour actually makes the business loose customers in the long term.
The bad pushes out the good until you’re only left with bad.
A system that tolerates bad actors like this will in time only have bad actors. It’s tolerated because it makes a large amount of money for a small number of people.
This is exactly it. When things are horrible around us, there is a strong temptation to throw ones hands up in apathy and let the rot fester. "Eh, Honey is probably selling my data but I got $5 off my new mattress, so wtv".
We need to resist that call to apathy, stop acquiescing, and start demanding better of others. That, incidentally, often starts at demanding better of ourselves.
I work for a very large company. I'm very close to throwing my hands up in apathy because the company keeps throwing the teams in our area into chaos and disarray with little regard for the humans in them.
We have no investors to answer to. We're printing money. Yet at every opportunity company leadership reveals itself as this slavering beast where the only people in positions of power have gotten there through duplicity and a lack of empathy.
The tech job market is terrible. I'm trapped in the guts of a machine that was supposed to be one of the "good ones".
I'm not sure there's anything to do for people who want to act ethically and be decent to each other if even the "good" companies show a complete lack of regard for anything but making their profits take off into the stratosphere.
I disagree that it’s down to the individuals. While individuals can throw themselves into the gears of the machine it is understandable why they do not.
I see things in terms of a sharecropping analogy, feudal lords (corrupted government) allow the scammers to harvest the crop (victims) for a share of the proceeds. We cannot fix people to the point they are un-scammable and there does not exist a democratic force strong enough to fix the government. Almost all ads I’ve ever seen are for obvious scams, especially on twitter. You’d think the richest guy in history (possibly?) could afford not to allow industrial exploitation of his users but apparently not.
You have gambling sites and binary auction scams that have a turnover that includes a significant percentage of suicides. I wish we had a democracy that could prevent this but we do not. While many of us here may be smart enough to avoid falling victim to these scams we have family members that we care about who are not so this still indirectly costs us wealth.
While I agree with that ideal I’m not sure how realistic it is. Trump was elected on a populist platform and quickly betrayed his base again, this time before he has even taken office. What are people to do, vote harder? It’s not like Kamala would have fixed this either. If Kamala had a better chance of winning the ‘Tech Titans’ wouldn’t have switched teams. They would have done anything the government asked for so long as the scamming ad revenue kept flowing.
If we mean ‘we tech workers’ then you’ll just be replaced, just like how I was when I quit being a researcher at FANG companies over this and other ethical concerns. The only observable outcome is that my clear conscious came with the cost that I’m far poorer than I could have been. I’m lucky as I’m still well off but not everyone can make that call and survive. These scamming behaviors are trivial to detect and especially so at the large internet company level. It exists on these platforms because the owners want them to.
‘We’ are animals who have evolved to be a certain way. You could maybe at tremendous effort fix one person but you cannot fix a population. Ever try to get an alcoholic to quit drinking, a junkie to quit drugs, a gambling addict to quit gambling.
Humans have built in innate weaknesses that are easily exploited by the unscrupulous. People have been exploiting others since time immemorial, secret police keep libraries of exploits and you can see them used repeatedly and effectively throughout history. Pied-piper strategy (basket of deplorables), Operation Trust (Q-Anon).
I don’t know how to counter it.
Unfortunately the "first past the post" system used in the USA and UK are effectively a form of prisoner's dilemma. The best thing to do is for everyone to not vote for one of the two oligarchy parties, but if only a small number do that it's meaningless.
It does and yet this seems to highly simplifying things.
Consider the US scoped studies studies showing that the population doesn't get what it wants. They showed that policy follows the whims of the wealthy even in the cases where the population overwhelmingly agrees on a contrary direction. So the data says "no", control has been removed from us.
Part of the complication is that the determined action of a few actors can efficiently spoil the efforts of communities.
> I disagree that it’s down to the individuals.
Individual action is known to be so inefficient that the oil&gas industries poured money into promoting the idea of the personal climate footprint.
That's not apathy, that's not caring and, frankly, there's nothing wrong with that.
You and I value our privacy but most people don't. That's the truth. The tone of your post assumes people agree with you but, clearly, most people don't.
It isn't the market that creates the demand.
This. Allowing bad actors to participate in a system allows them to externalize costs, which makes them more competitive than good actors. In human relationships, this behavior is punished by excluding bad actors from social relationships (i.e. the "no assholes" rule).
That does not work for corporations, because most people who are customers of these corporations are unaware of the corporation's bad behavior, are unable to avoid the corporation's products, or are stuck with a choice between bad options.
The main solution is regulation, oversight, and legal action, but the first two of these are unlikely to be enacted in the US in the current political climate. The Biden administration made some steps towards stronger regulation (e.g. by putting Lina Khan in control of the FTC), but received little to no political benefit from it and probably harmed fundraising for the Democrats.
Legal action is often prevented by arbitration clauses or disparate funding, where it is financially untenable to restrain bad actors using legal action.
> That does not work for corporations, because most people who are customers of these corporations are unaware of the corporation's bad behavior, are unable to avoid the corporation's products, or are stuck with a choice between bad options.
I think it's more often that they don't care.
I mean laws are supposed to stop the bad actors but at this point the extreme cost of legal action and the street-crime fixation of police forces mean those laws don't constrain wealthy interests unless they harm other wealthy interests.
Protects and does not bind vs bind but does not protect. Same as always.
How do you propose a company like Honey should make a profit without deception and scams?
Their product is supposedly: install a FREE extension and you get discount codes applied for you at retailers when you check out.
It turns out they were able to be profitable by making themselves the affiliate every time you purchase something, but that's scammy because it's stealing from others who actually generated the referral.
But what other non-scammy business model could they have? There's basically no business model for what they're trying to offer that makes sense other than end-users paying for it.
I propose Honey should not make money. There is, in fact, no right to make money by doing whatever you want. Honey should lose massive amounts of money and be shut down. Theft is not a business model that needs to be protected.
Why do you assume they are always stealing a referral from somebody? Do you think everything people buy comes from a prior affiliate link? Yes, Honey makes money from affiliate commission. That money is funded by the merchants who voluntarily choose to partner with Honey. How is that scammy?
In the rare case there is a prior referral, yes last click attribution comes into play. But that's the same for every shopping extension (Rakuten, Capital One, etc). The extensions have to comply with the affiliate network's "stand down" policies, which means they can't just automatically pop-up and actively try to poach the commission if it's within the same shopping session. And they all comply. MegaLag focuses on a very niche case of going back to the merchant in the same month.
Source: I worked in the affiliate industry for a few years
> last click attribution comes into play
Thats an extremely generous way to say that they steal referrals from genuine affiliate partners.
I agree it's a problem. I believe the affiliate networks should switch to first-click or multi-click attribution. Problem solved.
Are you on Honey's PR team now?
I don't know anyone over there anymore, just a few people back before they were acquired, from when I worked in the industry. I'm just trying to provide an industry perspective.
If I understood MegaLag's video correctly, Honey was indeed overriding an affiliate session cookie with their own once the user the reached the checkout. The extension would silently open a tab in the background, which seems pretty scummy. I've observed the same background tab shenanigans with the Capital One extension as well.
Cookie stuffing to steal affiliate attribution is fraud. People have gone to prison for doing what Honey does: https://www.justice.gov/usao-sdal/pr/cookie-stuffing-interne...
https://www.businessinsider.com/shawn-hogan-sentenced-in-eba...
Stop justifying Honey's scumminess.
Yet another defense of these practices, it's almost as if you're not sincerely trying to put blame in the right place as you've said in other comments on this story but rather defending the whole evil industry like a shill.
> Why can't people just run businesses decently without deception & scams?
1 - Because investors are now the customer. There is no incentive to solve a problem or provide a product for end-users, only to funnel money to investors. That is the business model. 2 - The attention economy is run entirely on deception. Without solving someone's problem, the best option is to keep their attention and prevent them realizing they don't need a subscription. Literally addicting people to notifications and scrolling.
Businesses which quietly do the right thing don't make the news.
Even worse, businesses which quietly do the right thing have their lunch eaten by those who don't.
My understanding from consumer branding research is that consumers have a strong preference for established brands. The average person is much more interested in drinking Coca-Cola than Neo-Cola, even if Neo-Cola is said to taste just as good, and offers a 10% discount.
If you assume that purchasing decisions are also affected by scandals -- which would make sense -- then the overall consumer purchasing algorithm could be summarized as "buy whichever brand has existed for the longest period of time without a scandal". So businesses are rewarded for minimizing their scandal rate.
Top story on HN today:
"Since we launched PlasticList, we’ve been heartened to have quite a few food companies reach out and ask for help interpreting their results and tracking down and eliminating their contamination." https://x.com/natfriedman/status/1874884925587087434
Warren Buffet said:
"It takes 20 years to build a reputation and five minutes to ruin it. If you think about that, you'll do things differently."
"Lose money for the firm, and I will be understanding. Lose a shred of reputation for the firm, and I will be ruthless."
And also:
"The stock market is a device for transferring money from the impatient to the patient."
Overall, I think there's a case to be made that doing the right thing is actually the most profitable strategy in the long term. It's not flashy, but it works.
> I'm sure they can be profitable.
Some aren’t and never will be without the deception and those companies just shouldn’t exist.
Hayek: Why the worst get on top
https://fee.org/resources/the-road-to-serfdom-chapter-10-why...
Many businesses can be profitable without deception, but can Honey in particular can be profitable without deception? I'm not so sure. It seems like they have been deceptive about their core business from the start.
> I'm sure they can be profitable.
But can you be as profitable as your indecent, deceptive, scamming competitor?
If not, it won't matter how much of a goody-two-shoes you are. If the market sets the bar low, you either limbo or leave.
some people have a substantially lower bar for personal ethics. "why can't people..." what you and I consider to be normal is not even on some people's radar.
"No conflict, no interest" is a common saying in investor circles, or so I have heard.
Most do, but the scammers and hustlers often win. When you're scamming and hustling you don't have to do the real work, which means you can spend 100% of your time and energy marketing and you win there.
I'm deeply pessimistic about the future of open source. A lot of people are going to give up on it as it becomes clear that it's just free labor for SaaS companies and hustlers. That and I expect far more supply chain attacks in the future. I'm quite surprised there haven't been a lot more like the attempted XZ poisoning... yet. Or maybe there have been and we haven't caught them.
Edit: I forgot free training data for code writing AI. It's that too.
OSS is one of the Internet's last remaining high trust spaces. It'll be dead soon like all the others. The Internet is a dark forest.
I get all kinds of free open source and contribute. I don't care that people or big corps make money off my contributions.
I get linux for free, an entire OS. Tons of giant companies contribute to it. I get llvm and clang mostly paid for by giant companies. I get python, go, node paid for by giant companies. I get free hosting for open source projects and free CI (github) paid for by giant companies. I get free frameworks (React, Flutter). Free languages, free libraries, etc...
My open source is just part of that. Contributing back to all the free stuff I get, much of it from giant companies.
AI is a great example of this. Search engines as well.
Legally and morally they should ask the permission for each content they crawl / ingest, but they do not.
My general belief is that you can be a millionaire by acting ethically, but you can’t be a billionaire. Lots of people motivated by money want to be billionaires.
And in this case it worked, PayPal acquired Honey for $4 billion in cash. I can't say I'm surprised to learn that the founder is also very into Web3. Crypto is a grifter magnet.
I know one billionaire. He's third generation to run a investment / hedge fund firm that is super secretive. Can barely find him on google, just a few articles about his dad and granddad. They quietly played the financial system for 7 decades and the fourth son will soon take over, but all he seems to do is travel because their employees do all the work. I've learned there are hundreds of billionaires that play this quiet financial-machine game and do everything in their power to remain anonymous. To the first order they are "ethical" because they follow the law, but when you can write the laws that define the financial system by funding congresspeople to insert obscure legislation that no one but financial experts can comprehend, it is very hard to explain exactly what is unethical in a way that your typical Cletus-like voter can understand (hell, I have no effing clue so I should go easy on Cletus).
You're right though, centimillionaires feel entitled to become billionaires, and billionaires feel entitled to become centibillionaires. However, I have noticed that the decimillionaires I know are aware that they still aren't in the right lane to even think that way and are largely content.
(wow, you're getting downvoted, the little boys on the site sure are a jealous bunch.)
That family has most likely a big beard somewhere ;)
They seem to be more on the respectful and ethical side btw.
Why?
I don’t see any incentives for decency.
Decency is as desired by society as “made locally.” Very few people are willing to pay for it and behaving that way he tremendous opportunity costs.
"...for decency" [...given the current ambient incentive structure]
Because we, as a society, have decided that lying should be effectively mandated and there should be no punishment for it in general. It's not just a few businesses, it's practically all of them. As a rule, an honest businessman can't make enough money to survive while being undercut by everyone else.
This is basically it.
Are the liars of our society shunned and condemned to penury? Nope.
Jeff Skilling (Mr Enron) got out of jail and raised money for a new company. Pull off the fraud synonymous with corporate fraud and get investors.
Former convicted Enron corporate officers enjoy fat speaking fees and cushy consulting gigs.
You can pull off the fraud everyone knows and pay no social price for it.
You can defraud investors by the billions and get a movie about you (Wolf of Wall Street).
You can cook up the disaster that was WeWork and raise hundreds of millions from the most powerful VCs right after.
[dead]
[dead]
[dead]
[dead]
[dead]
[dead]
[flagged]
> They're not stealing, they're disrespecting a license.
Breaking into someone's car and riding off isn't stealing, just disrespecting the concept of ownership.
The difference is that theft is a criminal offense, where you’ll be prosecuted by the state.
Violation of a software license is not a criminal offense but a breach of contract, opening you up to civil suits. So, it’s up to the rights holder to file suit and drag you to court for damages.
Copyright infringement can also be a criminal offense, in some cases, in the US.
One breaks the criminal law, another breaks the civil law. Both break the law.
So what’s the case law for violations of the GPL? Did anyone get criminally convicted prosecuted for violating any software license at all, and was anyone convicted? I’m only aware of civil suits in this regard.
If this magically didn't interfere in my ability to use the car in any way, I'd have no problem of anyone stealing it
Depriving the original owner of the right to enjoy the specific property is a core, distinguishing tenet of "stealing."
Normally, a person only has one car - it's not infinitely replicable.
See also: you wouldn’t download a pizza.
Are you a lawyer? Asking because "cookie stuffing" (which is indeed criminal) refers to the practice of setting a ton of referral cookies for the sites the browser had no intention of visiting, just for the case it will visit them some time in the future. In my understanding it does not refer to setting a cookie for the site the browser is currently on.
No but, LegalEagle is, and he's suing for class action with a bunch of other lawyers and creators [0] [1].
[0]: https://www.youtube.com/watch?v=4H4sScCB1cY
[1]: https://eagleteam.law/honeycase/
Is he suing for class action on the claims of cookie stuffing? I haven't found the actual case in either link (the second one is for "creators" only), so I can't get the answer myself.
The actual lawsuit does mention the cookie practices, it's the core of their class action.
https://storage.courtlistener.com/recap/gov.uscourts.cand.44...
My understanding of US law is extremely limited, but seeing it's a class action, would the lawyer be able to file the suit on behalf of the customers instead, if e.g. they thought it has a better chance to succeed as such? And if not, is the fact that this suit is filed on "breach of contract and unfair practices" claims presenting any evidence that Honey engaged in a specific legally defined practice of "cookie stuffing"?
I see. To be clear, I’m not saying what Honey did is not criminal activity, I’m just saying what they did does not look to me as if it qualifies as “cookie stuffing”. It might still be illegal, for a different reason. (Obligatory IANAL.)
This thread has started with GP saying "cookie stuffing is illegal" and me replying "does this qualify as cookie stuffing?" I'm not claiming what they did is legal, I'm claiming it might be illegal, just not for "cookie stuffing". As far as I can see there is no evidence that this particular suit claims "cookie stuffing", so there is nothing in it that can add to the question whether this qualifies as "cookie stuffing" or not. Which was my only original question.
More to it than that, alleging unjust enrichment among things in the latest amended filing: https://storage.courtlistener.com/recap/gov.uscourts.cand.44...
Cookie stuffing is criminal fraud because the offender is receiving commissions for sales they did not generate, thus defrauding legitimate advertisers and companies paying for the advertising.
Obtaining money by means of false or fraudulent pretenses is wire fraud.
Honey's extension stuffs a ton of different affiliate cookies via its extension for sales it did not generate. They are representing themselves as the one who made the referral, and receiving commissions for doing so, when they did not.
> Cookie stuffing is criminal fraud
There is no disagreement about that. Murder is also criminal. The disagreement is whether what Honey did classifies as "cookie stuffing". (I hope there is no disagreement that it does not qualify as murder, which is a different crime.)
> Obtaining money by means of false or fraudulent pretenses is wire fraud.
This is ... not the definition of what "wire fraud" is, but let's leave it aside as it's irrelevant to this discussion.
> Honey's extension stuffs a ton of different affiliate cookies via its extension
I have not seen any evidence that Honey's extension stuffs more than one cookie for any given transaction. In my understanding "cookie stuffing" refers to a practice of stuffing a ton of cookies for one transaction, not to a practice of "stuffing" one cookie for multiple transactions. Moreover, "cookie stuffing" is not a result of "stuffing" a "cookie", just like "guinea pig" is not a "pig" and it didn't come from a place known as "Guinea". "Cookie stuffing" is a specific legal term describing a certain well-defined behavior, and it would be inaccurate to apply it to anything that involves "cookies" and "stuffing". In other words, if I put some jelly inside an Oreo, this would not qualify as "criminal fraud" known as "cookie stuffing", even though it can be said that by doing that I'm "stuffing" (putting "stuff") inside a "cookie" (Oreo). That's why I asked if you're a lawyer -- they usually understand that e.g. "wire fraud" could be done without any "wire", for instance completely wirelessly -- or that someone committing a "regular" fraud while holding a pack of wire in their hand does not commit "wire fraud".
P.S. The search for "stuffing" in the filing you attached brings no results, so I assume the lawyers also don't argue that Honey engaged in "cookie stuffing" (which is criminal).
Similar actions can result in different verdicts. For example, an act of firing a gun on one end and having a dead body on the other can result in a whole variety of verdicts, which includes (but not limited to) “terrorism”, “murder”, “killing”, “negligence”, or “self-defense”. You can have several functionally identical cases — e.g. same gun, same ammunition, same wounds, etc. - and still end up with a variety of verdicts, from “not guilty” to “death sentence”.
From what I can find, the definition of cookie stuffing is to deceptive claim credit for sales that they did not facilitate. Its the deception that is illegal, not the act of setting cookies. As such, the amount, ton, or a few, does not change the definition. If they are claiming credit for the sale then they are either doings it in good faith or in bad faith.
Which definition/source for cookie stuffing are you looking at?
> claim credit for sales that they did not facilitate
They will argue that by providing a coupon that lowered the price for the customer they did in fact facilitate the sale. IANAL but this sounds reasonable to me. Less so for the sales they did not find a coupon for (even if they argue they've tried).
The rest of your comment folds under this.
I guess we'll see how this plays out, but for what it's worth, the attached filing does not argue "cookie stuffing". (It argues other things.)
This may also go to a completely different direction of e.g. "securities fraud" -- the SEC may argue that PayPal, as a public company, has advertised their Honey service as "finding the best deals for their customers", and on the basis of that claim some of the investors chose to buy its shares. If this was a lie, the shares sale was made under false premises, and that seems like "securities fraud".
One doesn't need to be a lawyer to understand that big business always wins. Those guys weren't big business, but PayPal is.
This reminds me of how as times changed, once illegal behaviors are now considered normal because "big tech" embraced it.
Remember Kazaa, BonziBuddy, Gator (The OG adware), etc.? They were demonized for collecting data on all the web traffic you were doing it. They got sued by the FTC and were forced to change their business models and/or close down.
Then Facebook, Google came along and did the same thing in the early 2010's except via cookies and Javascript, but somehow that's ok. Even worse, it's considered a normal business practice.
It amazes me that Honey has been able to become so popular given it's business model has always been more of a hack than an actual product. How did commission programs not sue them for fraud?
Probably because they had good ole Silicon Valley VC money to scare them off.
but they provide coupons and stuff. So it's more a "service", and they get their cut by offering "refferals".