WingNews logo WingNews GitHub [2]
top | item 3460301

Google's Kenyan ripoff?

457 points| Chirag | 14 years ago |boingboing.net | reply

99 comments

order
[+] blhack|14 years ago|reply
Crossposting this from another thread:

Oh, malarky.

Here. I set up a page at http://lab2.gibsonandlily.com/google.html

Then I ran it through google translation services. Here is the result in apache's log:

74.125.16.18 - - [13/Jan/2012:10:45:37 -0600] "GET /google.html HTTP/1.1" 200 327 "http://translate.google.com/translate_p?hl=en&sl=fr&... "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.7 (KHTML, like Gecko) Chrome/16.0.912.75 Safari/535.7,gzip(gfe)

Look familiar? This one is tossing up windows NT, which is strange, but it doesn't seem like a stretch that some of the machines at google for stuff like this are running linux.

The scam here isn't being done by google, it's just a run-of-the-mill scammer scamming and using google's name.

Dearest mocotality. Turning on referals in apache logs and you'll see where on google this is coming from (if you care to).

Here is how:

in: /etc/apache2/apache2.conf (or whereever your apache configuration sits) change the "Logformat" option to the following:

LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined

and then use option:

CustomLog /var/log/apache2/access_log combined

(or whatever log path you want).

edit: to be clear, I'm not saying that they're using google translate, just demonstrating that "It came from a google IP!" reveals approximately nothing.

edit2: it was pointed out in another thread that google is probably forwarding my user agent to the site that is being translated. This makes perfect sense (duh!) and closes the loop on the story. The scammers are using linux, which is consistent with both networks that they were seeing in their logs.

[+] JS_startup|14 years ago|reply
A European Google VP just confirmed that it was not scammers or someone posing as Google, it was Google employees.
[+] moshthepitt|14 years ago|reply
There's an interesting twist in this tale.

Have a look at: http://blog.mocality.co.ke/2012/01/13/google-what-were-you-t...

It says: "OMG!!!!! We received a call on the office line (the one listed on Mocality) from India stating that they were offering website services. I think the guy on phone was Deepak or something (it sounded almost like a scam) the guy said he was from Google Kenya blah blah, we refused the offer as we already have a site. Then few days ago I was just searching our page when I stumbled upon our site on .kbo.co.ke site…I mailed them n told them to take it down! aaaaaaaarg!!!!!!"

--- This is one of the small businesses contacted by 'Google'. SO it seems that after they got the call, they later saw their business website put up on kbo.co.ke (which is Google owned).

Doesn't this sound like further proof that this is Google sanctioned?

[+] notahacker|14 years ago|reply
Not really. A small businessman gets cold-called by an SEO/Adwords agency offering to "get you on Google" at a one time special offer. Intrigued, they search Google for their business and find quite a lot of websites referring to their business they didn't know existed before. Connected?

Kbo.ke publicly advertises web hosting for free, and by the sounds of it might be automatically populating the listings. So its a reasonable assumption that someone trying to charge Ks 200 per month for their[?] web hosting service might be aware of the potential to exploit Kbo's existence but isn't acting with their blessing...

[+] danko|14 years ago|reply
Google is precisely the brand that a non-Google third-party would use to launch a scam like this, so I'm going to wait a few hours before getting the flamethrower out. This really doesn't seem like Google's style from a technical quotient, even if you ignore the ethical angle.
[+] eof|14 years ago|reply
According to the main source (http://blog.mocality.co.ke/2012/01/13/google-what-were-you-t...), after setting up the sting, there were a bunch of hits straight from google HQ.

    These new accesses were coming directly from Google’s network.
    The IP address 74.125.63.33 made 17,645 requests (15,554 to BusinessProfile.aspx). Activity really kicked off on 22 December 2011, with 8 different user agents mostly running Chrome on Linux: The top 3 are :
    Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.7 (KHTML, like Gecko) Chrome/16.0.912.63 Safari/535.7 11249 64.268982
    Mozilla/5.0 (Ubuntu; X11; Linux x86_64; rv:9.0.1) Gecko/20100101 Firefox/9.0.1 4247 24.264412
    Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.2 (KHTML, like Gecko) Ubuntu/10.04 Chromium/15.0.874.106 Chrome/15.0.874.106 Safari/535.2 1000 5.713306
    Search for “tag=mo.request 74.125.63.33″ from 20 December 2011 to 9 January 2012. Found 17,049 requests
[+] JS_startup|14 years ago|reply
If the statement about the Mountain View IP address is true then it's hard to imagine that these were scammers masquerading as Google.

My bet? Google's statement will blame some third party contractors or a miscommunication. Massive damage control and fire fighting for the rest of the day.

[+] Zirro|14 years ago|reply
Except for Kenya, I can only see India mentioned in the original article. Am I missing something, or is Boing Boing publishing incorrect information?
[+] mynegation|14 years ago|reply
My guess is that these things are done by rogue Google employee or contractor. Hypothetical profit from this kind of behavior is not worth a tiny bit of potential reputation damage.
[+] josefresco|14 years ago|reply
The article, and evidence gathered by the co seems to say otherwise. Rogue contractor maybe (unlikely IMHO), but not employee.
[+] rmc|14 years ago|reply
Or just someone pretending to work for Google. Conmen do that sort of thing all the time.
[+] swalsh|14 years ago|reply
I'm eagerly awaiting a response from google on this. Frankly I suspect that these guys are not actually associated with Google. Google isn't the kind of company that would hire an army of employees to manually click through a website to cold call people.
[+] vasco|14 years ago|reply
I don't believe this is google just because of all the manual labor involved. Google would scrape the whole site and call people with pre-recorded messages or something. The operation would be fully automated. I actually don't have any opinion wether they would do it or not, but I doubt manual labor would be involved if that was the case.
[+] jaredmck|14 years ago|reply
They've hired armies of people to cold call businesses for Google Places project, offering an adwords voucher.
[+] mikecaron|14 years ago|reply
So how do you explain the ip addresses?
[+] guard-of-terra|14 years ago|reply
They scan books that way too (manually), aren't they?
[+] nl|14 years ago|reply
Let's assume it was Google that did this, and let's assume that it was non-authorised behaviour by a branch office. (I hope for their sake this isn't the case, but there is more than enough evidence to make it possible)

What should Google do?

Obviously they shouldn't dodge the responsibility, but also they should try and repair the damage somehow.

What is an appropriate course of action for them? Paying damages? Transferring customers?

I can't think of any good options, really.

[+] Gring|14 years ago|reply
Apologizing, damages, plus laying the internal groundwork that it never happens again.
[+] napierzaza|14 years ago|reply
You're right. Ethics don't exist. Let's hope they weasel out of it and learn their lesson at the same time. Instead learning that they can break the lawn AND weasel out of it.
[+] hackNightly|14 years ago|reply
I have to admit, this is a little strange. I guess my main question is why does a company as large as Google need to solicit money from any business? Let alone Kenyan businesses well outside the scope of it's main customer base?
[+] guard-of-terra|14 years ago|reply
A local Google office might do some funny things. Using the autonomy they've got. The program in question is confined to Kenya.
[+] josefresco|14 years ago|reply
Because Google needs to grow (shareholders and all that), and with a massive and cheap workforce you can actually pull things like this off (keep in mind it's not PHD's that are doing the cold calling).
[+] rmc|14 years ago|reply
Let's not jump the gun here. Let's keep the pitchforks at bay till we find out what's going on first.
[+] danmaz74|14 years ago|reply
Agreed. But Google needs to give a good explanation... at internet speed. And, if this is true and someone at Google is involved, there should be consequences.
[+] lclarkmichalek|14 years ago|reply
Did Mocality contact Google about the issue before going public about it? I can't find any mention of dialog in the CEO's statement.
[+] jws|14 years ago|reply
Especially given the source.

For those unfamiliar, Cory Doctorow is a professional writer of fiction. Like my favorite sci fi authors, he crafts stories about an "imagine if these conditions were true, how would that world work" starting point. His selection in news carries a similar bent, he likes a news story that would be interesting if true. It's generally best to enjoy them as that.

Take a moment, imagine a world where Google actually does this, then remember that it is probably fiction and get on with life until you see the story reappear with journalistic research behind it.

Edit: I see Mr. Doctorow updated with a note that he contacted google and google is preparing a response. +1 for journalism.

[+] brown9-2|14 years ago|reply
There is another possibility here that I haven't seen mentioned yet:

Someone fraudulently representing Mocality attempted to start a joint Google-Mocality venture. Google was misled, and no one at Mocality was aware of the fraud, meaning neither party is guilty.

[+] shimon|14 years ago|reply
Is it really plausible that Google would agree to a partnership and provide payment to a false Mocality representative without even speaking to the Mocality CEO? We can't rule this out without more knowledge of the case, but it seems very far-fetched.
[+] joelhaasnoot|14 years ago|reply
IP registrations can also be wrong, and someone could also be saying they're Google, and running a scam that way.

Happens all the time with (semi-)legitimate firms acting as Adsense or Facebook Ads brokers. They often pull bait and switch tactics after you said you'd think about it.

[+] napierzaza|14 years ago|reply
There are many more blind speculations to make. This is just one of them. Aliens!
[+] joshaidan|14 years ago|reply
I would be interested in knowing what the browser client was set to in the HTTP GET request. That would be something to grab next time something like this happens.
[+] majani|14 years ago|reply
The articles on the web are wrongly portraying Mocality as the little startup that could. Truth is, Mocality is a division of a 14 billion dollar media giant called Naspers. Not saying that Google is right or anything, but I think some people are getting fired up because they view this as a David vs. Goliath story, and it really isn't.
[+] Tichy|14 years ago|reply
I can't help laughing at all the people jumping to conclusions, quoting the "don't be evil" mantra and so on. Why not wait a little bit until the fog clears up? Disappointing that boing boing also coins the phrase "Google's Kenyan ripoff", as if they were already certain of their guilt.

Will be interesting to see which news outlets will ride along with it for cheap thrills ("Goolge might be involved in a scam" etc). My guess is: most of them.

[+] yonasb|14 years ago|reply
Lots of possibilities, but if Google isn't behind this then they should have been close enough to the local biz communities to have heard of it and stopped it
[+] badclient|14 years ago|reply
To be clear, I wouldn't consider the scraping of their data as a ripoff. Border-line unethical? May be. But far, far from a ripoff.

The ripoff can be if google was trying to use their name which would effectively be phishing. I don't see them really pushing hard on that accusation.

[+] timerickson|14 years ago|reply
Scraping their data is against the TOS you have to agree to before using it. So yes, it is illegal if they're violating the TOS.
[+] mbaukes|14 years ago|reply
Bad google ....bad google!