I've had people email pitching me on embedding crypto-mining programmes in the games I sell on Steam. It's intensely sinister stuff.
I got an email just yesterday pitching me on a special 'credit card for gamers'. I was meant to push a special credit card to my customers. The website has zero information on what % interest this credit card has, but even if it's totally normal and above-board: eww. I make computer games, I don't want to push credit cards.
> " I've had people email pitching me on embedding crypto-mining programmes in the games I sell on Steam. It's intensely sinister stuff."
I had a "friend" (more of an acquaintance really) a while back that kept trying to convince me that this was a good idea and I (as the only programmer he knew) should help him do it. Couldn't for the life of me convince him that it was pretty much certain to backfire spectacularly in any number of possible dumpster fires he wouldn't want to be a part of. He just wasn't willing to see how sneaking crypto-mining software into other people machines without their knowledge could possibly be perceived as "bad" by anyone.
Yet take a sitcom such as Seinfeld. Each product they joked about, junior mints, snapple, etc were ads.
The furniture is an ad. The appliances, the cereal on the shelf, etc. If no ads, generic boxes and unbranded products will appear instead, nothing is free.
I am not saying videogames should be this way, merely pointing out that this is old, old almost century old advertising behaviour. The trick is to made the product better for it (Seinfeld junior mints was an incredibly funny episode).
Of course, I think the CC thing you mention, was more just a "spam your users", so hardly subtle and non-intrusive.
EG, on TV typically they write the episode, then after marketing says "ah look, he's supposed to drink a soda here, let's see who wants to pay for someone drinking their soda."
Not a new thing. In fact, a while back this guy[1] sold out the Nano extension to suspect elements and made money out of it. The new owners turned that extension into malware. The original author who sold it then started closing the github issues that were raised, made the repo read only and fled. Was discussed a while back here in HN https://news.ycombinator.com/item?id=24803740 and the malware details here
https://github.com/NanoAdblocker/NanoCore/issues/362#issueco...
I remember a post a few months ago, on a similar topic of companies wanting their SDKs (really user tracking code so they could resell that data) included in extensions. So this is definitely a widespread experience.
As an aside: The justified text here looks awful on mobile (and I checked Chrome, same result): https://i.imgur.com/AZl06K9.png
Similarweb is the biggest buyer of these extensions and they use all this data to track the websites people are going. It’s a privacy mess and Google has done nothing about it. If anyone from a Google is reading this, I dare you to bring it up to upper management because it seems they don’t care.
I tell people to not install browser extensions except for a tiny set of anti-track and and anti-ad extensions such as decentraleyes and ublock origin.
Anyone remember the AOL days when you’d visit your uncle and he’d have more space taken up by toolbars than content? Don’t let it happen to you!
My first thought on this is...wow, $4,000? The guy obviously isn't trying to monetize this extension but if he was that's insulting..he could make more money flipping burgers..
My second thought on this is...ouch, this is the same kind of stuff I'm tasked with working on in my present job. As I've mentioned elsewhere I work for a...fairly massive...corporate entity in the United States and I deal specifically with customer and member data. The majority of that data is highly protected and regulated, but the tiny little bit that isn't...we're working (and spending a ton of money) on "enriching" it from other data sources..and I absolutely hate it. This is a new direction for the company since there was a lot of executive leadership turnover in the past two years. But it makes me feel sick every time I see a new meeting pop up that involves Experian or Neustar or some other data broker. And the work on mining customer data from one part of the business to the other, people brushing off my objections because "look we already have legal approval, you need to get on the train before it leaves the station"...I hate every second of every day of it.
This is important to be aware of, because with every browser extension you install, you are trusting one more person to continuously and forever say "no" to being offered essentially free money.
I hate to say it, but developing a browser extension and getting emails like these has made me terrified of installing extensions. I’m sad by this state of things, since the era of user scripts and site-specific extensions was the one time in the history of the web where it really felt like users were in control of their experience.
Life's complexity constantly increases, but our available time is fixed... we need a community-run automated-- and user-reported addon analysis and checking service, provided though another addon, which notifies you when one of your installed (or currently page open) addons "goes to the darkside"... sigh
All of the "recommended" addons for Firefox (and maybe the most popular ones too?) are regularly reviewed by Mozilla for malicious code. I haven't heard of any problems with those ( probably because most problems are caught before they get pushed to users)
That is actually not a bad idea... but it does go to show the utter failure of Google's extension store that a community-run system would be necessary to police their platform.
> this has been a recurring problem over the past few years due to the incredible power granted to browser extensions and the poor vetting process that allows malware into official extension stores.
I am really surprised this is not a much bigger problem starting many more years ago. It's amazing that browser vendors let people hack the browser this way. I am very cautious about extensions I install. One I had been using was hacked this way. I found out only because I pay attention. Google never mailed me anything about it. What about people who aren't paying attention? Can't google email people to warn people since they know what extensions are installed and generally have an email address associated with the browser?
[+] [-] DizzyDoo|4 years ago|reply
I got an email just yesterday pitching me on a special 'credit card for gamers'. I was meant to push a special credit card to my customers. The website has zero information on what % interest this credit card has, but even if it's totally normal and above-board: eww. I make computer games, I don't want to push credit cards.
It's all so slimy.
[+] [-] blooalien|4 years ago|reply
I had a "friend" (more of an acquaintance really) a while back that kept trying to convince me that this was a good idea and I (as the only programmer he knew) should help him do it. Couldn't for the life of me convince him that it was pretty much certain to backfire spectacularly in any number of possible dumpster fires he wouldn't want to be a part of. He just wasn't willing to see how sneaking crypto-mining software into other people machines without their knowledge could possibly be perceived as "bad" by anyone.
[+] [-] b112|4 years ago|reply
Yet take a sitcom such as Seinfeld. Each product they joked about, junior mints, snapple, etc were ads.
The furniture is an ad. The appliances, the cereal on the shelf, etc. If no ads, generic boxes and unbranded products will appear instead, nothing is free.
I am not saying videogames should be this way, merely pointing out that this is old, old almost century old advertising behaviour. The trick is to made the product better for it (Seinfeld junior mints was an incredibly funny episode).
Of course, I think the CC thing you mention, was more just a "spam your users", so hardly subtle and non-intrusive.
EG, on TV typically they write the episode, then after marketing says "ah look, he's supposed to drink a soda here, let's see who wants to pay for someone drinking their soda."
This I can live with.
[+] [-] pgjs|4 years ago|reply
[1] https://github.com/jspenguin2017
[+] [-] Macha|4 years ago|reply
As an aside: The justified text here looks awful on mobile (and I checked Chrome, same result): https://i.imgur.com/AZl06K9.png
[+] [-] hydroxideOH-|4 years ago|reply
Also, you're right about the text, just re-designed my site so I'll take a look at that.
[+] [-] altdataseller|4 years ago|reply
[+] [-] PaulHoule|4 years ago|reply
Anyone remember the AOL days when you’d visit your uncle and he’d have more space taken up by toolbars than content? Don’t let it happen to you!
[+] [-] theshadowknows|4 years ago|reply
My second thought on this is...ouch, this is the same kind of stuff I'm tasked with working on in my present job. As I've mentioned elsewhere I work for a...fairly massive...corporate entity in the United States and I deal specifically with customer and member data. The majority of that data is highly protected and regulated, but the tiny little bit that isn't...we're working (and spending a ton of money) on "enriching" it from other data sources..and I absolutely hate it. This is a new direction for the company since there was a lot of executive leadership turnover in the past two years. But it makes me feel sick every time I see a new meeting pop up that involves Experian or Neustar or some other data broker. And the work on mining customer data from one part of the business to the other, people brushing off my objections because "look we already have legal approval, you need to get on the train before it leaves the station"...I hate every second of every day of it.
[+] [-] CapitalistCartr|4 years ago|reply
[+] [-] user-the-name|4 years ago|reply
[+] [-] paulgb|4 years ago|reply
[+] [-] BugWatch|4 years ago|reply
[+] [-] hoppyhoppy2|4 years ago|reply
[+] [-] hydroxideOH-|4 years ago|reply
[+] [-] amelius|4 years ago|reply
[+] [-] swiley|4 years ago|reply
[+] [-] okareaman|4 years ago|reply
I am really surprised this is not a much bigger problem starting many more years ago. It's amazing that browser vendors let people hack the browser this way. I am very cautious about extensions I install. One I had been using was hacked this way. I found out only because I pay attention. Google never mailed me anything about it. What about people who aren't paying attention? Can't google email people to warn people since they know what extensions are installed and generally have an email address associated with the browser?
[+] [-] hulitu|4 years ago|reply
[+] [-] mironov|4 years ago|reply
[+] [-] SlowBall|4 years ago|reply
[+] [-] hydroxideOH-|4 years ago|reply
[+] [-] victorbstan|4 years ago|reply
[+] [-] RobSpectre|4 years ago|reply
[+] [-] shadowfaxRodeo|4 years ago|reply