Accused search hijacker denies all charges except covertly redirecting search

Search-marketer interecepts queries, fixes, them, adds advertisers, returns to sender

Yesterday I happily glommed on to the analysis already done by friend-and-colleague Steven J. Vaughan-Nichols about the rampant and deceptive practice of search hijacking.

Specifically, it has become common among some ISPs of hijacking a customer's search request to Bing or Yahoo! Or Google and hand them off to a third-party search-advertising provider will return to the customer Search Results page heavy with advertisers and light with honest information.

The culprit in both his original piece and my derivative one was a company called Paxfire, whose slogan is Generating New Revenue for Network Operators.

Today I got an email from Paxfire that was incredibly disappointing.

Usually when a company is ticked off enough about something I write they try to either schmooze or bully their way to a retraction or some more favorable coverage.

Schmoozing involves PR people wanting to "correct the facts" by pointing out the story has no legitimacy due to "errors of fact" like misuse of the word "flood" in the sentence "...released a flood of chemicals so toxic their names alone could cause instant, painful death into a pond bordered by open-range puppy orphanages and fluffy-bunny feed yards."

"Since the unfortunate release from the Toxic Hill Nature Reserve and Noxious Chemical Facility was several nano-liters-per-second too small to be considered a "flood' under FEMA hurricane guidelines, we would like to request a retraction of the story and apology to the workers whose feelings were hurt by the unfavorable publicity."

Aggressive responses usually start with attempts to bully the publisher about "that hack job you did on us" even if the publisher isn't sure which publication the angry advertiser is talking about, let alone which particular story.

Each approach can add some excitement to the routine drudgery of a writer who gets his or her facts right, even if, as a class, we are guilty of all the moral flaws, social and religious heresies or sexual perversions of which an angry and profane CEO may accuse us. (The one exception is that perversion thing, which makes most of us sad at not having enough imagination to think of that thing with the chicken, for example, on our own. For CEOs, flying to business meetings all over the world, and Bangkok, is apparently more of an education than most other normal people could ever hope for.)

In any case, Paxfire didn't do either of those things.

Instead it sent the only form-letter I've ever gotten from a company complaining about how I covered it.

"You recently wrote or published an article about our company, Paxfire, Inc., referencing a lawsuit that makes allegations about Paxfire. Please find below a statement from our company about the lawsuit’s major allegations."

They didn't even merge my name onto the text.

Most of it was pointed at, if not addressed to, New Scientist, which broke the story Aug. 4, then followed it up today.

More than 10 ISPs in the US, which together have several million subscribers, are redirecting queries in this way (see below for a complete list). None of the companies would comment on the redirection scheme, but evidence collected by Christian Kreibich and Nicholas Weaver at the International Computer Science Institute in Berkeley, California, who discovered the redirection and have been monitoring it for several months, suggest that the process generates revenue for the ISPs. – New Scientist, Aug. 10

Paxfire isn't the only company involved; Google figured out the scam a few months ago and has been warning people and/or trying to prevent it ever since.

While Paxfire took offense at the story, it didn't do a good job of refuting much of it.

It denied collecting, analyzing or reselling user information, but the ICSI report points out the Paxfire privacy policy said the company may keep copies of user "queries" without saying if that means to searches they use, domain names they look up or both, along with their IP addresses.

"The redirections mostly occur transparently to the user and few if any of the affected ISP customers are likely to have ever heard of Paxfire, let alone consented to this collection of their communications with search engines.... ICSI Networking's investigation has revealed that Paxfire's HTTP proxies selectively siphon search requests out of the proxied traffic flows and redirect them through one or more affiliate marketing programs, presumably resulting in commission payments to Paxfire and the ISPs involved. The affiliate programs involved include Commission Junction, the Google Affiliate Network, LinkShare, and" – ICSI Aug. 4.

Since the original story was published, a number of ISPs have stopped using Paxfire and a second lawsuit has been filed on behalf of users, according to New Scientist.

Paxfire wrote its generic note, to an entire press list, not individuals, and posted a PDF version on its web site to deny all the charges and warn that the law firms filing suit have some facts wrong, misinterpret others, and are dressed in suboptimal fashion by their female parents.

"Paxfire does not and has never distributed or sold any information on users, either individually or collectively. Paxfire does not analyze end user searches, does not hold any history or database of user browsing or search, and does not profile users in any way. Moreover, Paxfire has no plans to change this policy. To repeat: We never, ever collect, monitor, store or sell personal data on users, collectively or as individuals, and we never have.

"Second, Paxfire does not hijack searches or 'impersonate search engines.'" – according to a portion of the letter purporting to be the direct quote from CEO Alan Sullivan, who must be, in person, incredibly eloquent to speak in such complete sentences and intolerably pretentious to speak that way in the first place.

Paxfire does, in fact, impersonate search engines in that it intercepts the search request and returns what look like legitimate, uninterrupted responses, with Paxfire or the ISP's own advertisers at the top.

That's not even its primary purpose, however, according to the Sullivan doppelganger woodenly spouting flakspeak while waving its tiny clockwork arms like the animated bell ringer on one of those giant Bavarian town clocks that act out a mechanical morality play with toy villagers spinning on tracks like demented birds freaking out from having to Cuckoo the hour one time too many to a drunken, unappreciative Oktoberfest crowd. (Writers, you'll notice, are not inherently critical of the companies they write about, but are extremely susceptible to distraction.)

Paxfire intercepts search and HTTP requests primarily to correct mistakes in the URL, fix the spelling in searches, optimize the query itself, suggest alternative search phrases and optimize the results (that last thing means 'squeeze in our advertisers even if they wouldn't be otherwise).

"Finally, we want to make clear that while it is without merit, this lawsuit and its allegations are extremely harmful to our reputation and those of our partners. Under Rule 11 of the Federal Rules of Civil Procedure, a party has an obligation to ensure a foundation for his or her allegations. Clearly, this was not done adequately by the plaintiff in this case. "

What is disturbing about that last sentence from Sullivan isn't the threat – it's pretty standard to threaten to countersue someone who accuses you of doing something you do, but don't want other people to know you have done.

The disturbing thing is that, with all the requirements about evidence, need to swear on a bible that the evidence you're introducing and accusations you're making are true and all the other rules about who gets to sue, for what and how all the parties involved have to behave in the court, authors of The Federal Rules of Civil Procedure felt they had to include a specific item requiring that people filing lawsuits make sure there is at least some basis in fact in the accusations they make.

That's a little more surprising than Paxfire's effort to claim it's not in the business it tells its customers it's in, but not quite as disappointing in its execution.

ITWorld DealPost: The best in tech deals and discounts.
Shop Tech Products at Amazon