I used to work for an ad tech company (which I know already makes me the devil to some around here), and even I think that they crossed a line with this. A lot of industry terms are coded in corporate speak to make them sound better (think "revealed preferences" or "enabling personalization"), but I would genuinely like to know what the engineers thought when doing design reviews for a "selective stand down" feature. There doesn't seem to be a legit way to spin it.
Making a product to explicitly skirt agreements while working for a corporation is ... a choice
> what the engineers thought when doing design reviews for a "selective stand down" feature.
Possibly a version of, “I lack the freedom to operate with a moral code at work because I’m probably replaceable, the job market makes me anxious, my family’s well-being and healthcare are tied to having a job, and I don’t believe the government has my back.”
From my experience, it’s more likely that the engineers who got far enough in the company to be working on this code believed that their willingness to work on nefarious tasks that others might refuse or whistle-blow made them a trusted asset within the company.
In industries like this there’s also a mindset of “Who cares, it’s all going to corporations anyway, why not send some of that money to the corporation that writes my paychecks?”
I like the idea that what makes someone a 'professional' instead of just an employee is the wherewithal, agency, and expectation to say no to a particular task or assignment.
An architect or engineer is expected to signal and object to an unsafe design, and is expected by their profession (peers, clients, future employers) to refuse said work even if it costs them their job. This applies even to professions without a formalized license board.
If you don't have the guts and ability to act ethically (and your field will let you get away with it), you're just a code monkey and not a professional software developer.
In my experience, sometimes your employer blatantly lies to you about what you're making and how it'll be used. I was once recruited to work on a software installer which could build and sign dynamic collections of software which was meant to be used to conveniently install several packages at once. Like, here's a set of handy tools for X task, here are the default apps we install on machines for QA people, here is our suite of apps for whatever. It seemed to have genuine utility because it could pull data in real time to ensure it was all patched and current and so on. That could be great for getting new machines up and running quickly. Several options exist for this use case today, but didn't then as far as I recall. This was on Windows.
Ultimately it was only used to install malware in the form of browser extensions, typically disguised as an installer for some useful piece of software like Adobe Acrobat. It would guide you through installing some 500 year old version of Acrobat and sneakily unload the rest of the garbage for which we would be paid, I don't know, 25 cents to a couple dollars per install. Sneaking Chrome onto people's machines was great money for a while. At one point we were running numbers of around $150k CAD per day just dumping trash into unsuspecting people's computers.
At no point in the development of that technology were we told it was going to ruin countless thousands of people's browsers or internet experiences in general. For quite a while the CEO played a game with me where I'd find bad actors on the network and report them to him. He'd thank me and assure me they were on top of figuring out who was behind it. Eventually I figured out that the accounts were in fact his. They let me go shortly after that with generous severance.
I don't miss anything about ad tech. It was such a disheartening introduction to the software world. It's really the armpit and asshole of tech, all at once.
I think you can only get away with that excuse so long as you're actively looking for a new job while also collecting data to turn whistleblower (anonymously if need be) once you have one. Ultimately it falls on the employee to do the right thing or get out because they risk being held accountable for what they do. A replaceable employee (which is pretty much all of them) will be especially vulnerable since they can be thrown under the bus with minimal inconvenience to the company.
This is no different, and frankly far less alarming to me, than Uber's project greyball from 2017, which should have tanked a company in a just world. I suppose some companies just promulgate a culture where its acceptable or even lauded to evade law and contracts: https://www.nytimes.com/2017/03/03/technology/uber-greyball-...
Possibly "marketing is all bullshit and hopefully this destroys it faster"
It's not like any crime was committed, and civil liability falls squarely on the business here, not its employees. And the whole dispute is only about which marketing company receives marketing revenue - something where the world would improve if they all disappeared overnight. Doesn't really seem that evil to me. Underhanded, yes.
I think the only reason there's any outrage at all, outside the affiliate marketing "industry", is that some of these marketing companies are YouTube personalities with whom many people have parasocial relationships. Guess what, they just got to learn the hard way why capitalism sucks. What Honey did is a valid move in the game of business. Businesses throughout history have gained success by doing way worse things than this. Amazon's MFN clause is way worse. Uber's Greyball is way worse.
Capitalism is great at washing its hands of evil. I don't know how much slavery went into making the smart phone that I'm posting this from, but I'm sure it's not zero. I'm ethically complicit in the whole scheme. The C in ACAB stands for Capitalists. Which unfortunately, is all of us.
We're not fully complicit all of the time. You don't know how many slaves made your phone, but somebody does. If you had a choice between a phone you knew was made by slaves and a phone that wasn't I assume you'd pick the slave free version every time. While it's fine to feel guilty for your involvement in the scheme don't let that get in the way of placing the blame for it squarely on the people who set things up this way and put you in this position.
When you can't escape an evil system you just have to do your best within it, while either working to get out of it or working to improve it however you can. What more can anyone ask of you? Capitalism is pretty much inescapable, but thankfully I'm not convinced that capitalism is an evil system inherently, it just needs strong constraints and regulations to keep it from being used to do evil things.
The original site is down for me, so going based on the app I was thinking it was about the actual edible Honey product, not Honey the discount coupon thing.
Over 15 years ago I worked with a telco that had similar affiliate issues. We decided to stop paying any affiliate commission at all and evaluate sales after some time to decide to continue the experiment or not. There was a little decrease in traffic to the site but no measurable decrease in sales of new plans. There were several check moments and data validation after that, but sales numbers remained as they were.
The conclusion was that affiliate marketing claimed a lot of sales in their reporting, but the brand was strong enough (this company was #2 by market share in the country and #1 on most brand metrics) to get those customers without affiliate links.
It started as a clone of the camelcamelcamel Amazon price history site and got kicked out by Amazon for abusing the system. It pivoted to a coupon site and started sucking down user data with the plugin when PayPal paid $4Bil CASH. Honey cost me affiliate marketing commissions.
It's not malware. Marketing companies stealing commission from each other isn't malware. Giving the user less than the best possible deal isn't malware. It doesn't even upload your cookies to see if you're a tester - it does that on the client.
one point of view is why bother with any of this, google knows exactly what honey is doing, they could remove honey from chrome with the stroke of a pen, and that would be that.
>And the effort Honey expended, to conceal its behavior from industry insiders, makes it particularly clear that Honey knew it would be in trouble if it was caught.
The same could be said about yt-dlp. They know what they are doing youtube doesn't like. But yt-dlp itself is legal.
Didn't this Honey fraud thing break like a year ago (or longer)? This is the second story I've seen about it in the last couple of days and I guess I'm surprised it's even still around.
Thank you. I was confused about why this was suddenly bubbling up again. And ... paints Honey in a pretty bad light? LOL, they already looked like a fraudster scam to begin with! (But, again, thank you.)
there's something seriously wrong with this archived link. It's not staying still for one moment. It's constantly twitching and the text scrolls to weird positions. It's unreadable because of this.
Is it the archive at fault or is the original webpage this way?
Works for me here, and in 90% of the cases where someone complains of annoying page behaviour (cookie banners, revenue optimizations, subscription solicitations, "click here to ...", paywalls, ads, et alii ad nauseam).
Seriously, just disable JavaScript on unknown/untrusted/undeserving sites. It makes the web tolerable.
Was the VPT site not working for you, so you had to resort to archive.org? Original link https://vptdigital.com/blog/honey-detecting-testers/ . Anyone having trouble -- contact Ben Edelman (easily found by web search) and I will genuinely value the opportunity to get to the bottom of what is wrong.
As consumer I would love to see lower prices directly. Or at least have available some official store affiliate discount code which would give me same discount which would be win win for everyone.
- The Honey browser extension inserted their own affiliate link at checkout, depriving others of affiliate revenue.
- Honey collected discount codes entered by users while shopping online, then shook down website owners to have the discount codes removed.
- Honey should have "stood down" if an affiliate link was detected, but their algorithm would decide to skip the stand down based on if the user could be the an affiliate representative testing for compliance.
Re the second point, it specifically collected valuable codes that shouldn't be widely shared, e.g. employee discounts.
Re the third point, the algorithm would skip stand down for users who weren't likely to be testers (based on account history and lack of cookies for affiliate marketing admin panels).
Same, and that topic would have been way more interesting (cf. EVOO).
Obviously Internet affiliate marketing schemes are built on mutual exploitation of asymmetric data collection. This cannot possibly surprise anyone.
With that said, this is a good article with excellent data collection and evidence presentation. It's great to have documentation of obviously corrupt practices, even if they are unsurprising.
It's comparing Honey's behavior to a well-known and comprehended scandal. Simile is a tried and tested way (hah!) to explain otherwise potentially hard to understand or dry content.
It's not about the severity of the impact, its the fact that they were breaking the rules and explicitly coding to actively avoid being caught by testers.
These are the same types who have poisoned the well of information that was the Internet you can actually find things on for the sake of the ad driven model. Far as I'm concerned, the moral injuries are the same even if the physical details are different.
I used to work for an ad tech company (which I know already makes me the devil to some around here), and even I think that they crossed a line with this. A lot of industry terms are coded in corporate speak to make them sound better (think "revealed preferences" or "enabling personalization"), but I would genuinely like to know what the engineers thought when doing design reviews for a "selective stand down" feature. There doesn't seem to be a legit way to spin it.
Making a product to explicitly skirt agreements while working for a corporation is ... a choice
> what the engineers thought when doing design reviews for a "selective stand down" feature.
Possibly a version of, “I lack the freedom to operate with a moral code at work because I’m probably replaceable, the job market makes me anxious, my family’s well-being and healthcare are tied to having a job, and I don’t believe the government has my back.”
From my experience, it’s more likely that the engineers who got far enough in the company to be working on this code believed that their willingness to work on nefarious tasks that others might refuse or whistle-blow made them a trusted asset within the company.
In industries like this there’s also a mindset of “Who cares, it’s all going to corporations anyway, why not send some of that money to the corporation that writes my paychecks?”
9 replies →
I like the idea that what makes someone a 'professional' instead of just an employee is the wherewithal, agency, and expectation to say no to a particular task or assignment.
An architect or engineer is expected to signal and object to an unsafe design, and is expected by their profession (peers, clients, future employers) to refuse said work even if it costs them their job. This applies even to professions without a formalized license board.
If you don't have the guts and ability to act ethically (and your field will let you get away with it), you're just a code monkey and not a professional software developer.
1 reply →
In my experience, sometimes your employer blatantly lies to you about what you're making and how it'll be used. I was once recruited to work on a software installer which could build and sign dynamic collections of software which was meant to be used to conveniently install several packages at once. Like, here's a set of handy tools for X task, here are the default apps we install on machines for QA people, here is our suite of apps for whatever. It seemed to have genuine utility because it could pull data in real time to ensure it was all patched and current and so on. That could be great for getting new machines up and running quickly. Several options exist for this use case today, but didn't then as far as I recall. This was on Windows.
Ultimately it was only used to install malware in the form of browser extensions, typically disguised as an installer for some useful piece of software like Adobe Acrobat. It would guide you through installing some 500 year old version of Acrobat and sneakily unload the rest of the garbage for which we would be paid, I don't know, 25 cents to a couple dollars per install. Sneaking Chrome onto people's machines was great money for a while. At one point we were running numbers of around $150k CAD per day just dumping trash into unsuspecting people's computers.
At no point in the development of that technology were we told it was going to ruin countless thousands of people's browsers or internet experiences in general. For quite a while the CEO played a game with me where I'd find bad actors on the network and report them to him. He'd thank me and assure me they were on top of figuring out who was behind it. Eventually I figured out that the accounts were in fact his. They let me go shortly after that with generous severance.
I don't miss anything about ad tech. It was such a disheartening introduction to the software world. It's really the armpit and asshole of tech, all at once.
I think you can only get away with that excuse so long as you're actively looking for a new job while also collecting data to turn whistleblower (anonymously if need be) once you have one. Ultimately it falls on the employee to do the right thing or get out because they risk being held accountable for what they do. A replaceable employee (which is pretty much all of them) will be especially vulnerable since they can be thrown under the bus with minimal inconvenience to the company.
Also likely, some version of "get dat money"
Ah yes let's be sure not to judge anyone for anything they do
7 replies →
This is no different, and frankly far less alarming to me, than Uber's project greyball from 2017, which should have tanked a company in a just world. I suppose some companies just promulgate a culture where its acceptable or even lauded to evade law and contracts: https://www.nytimes.com/2017/03/03/technology/uber-greyball-...
You are right, but it's just a whataboutism argument, isn't it? There are lots of other evils by other businesses; why are they relevant here?
Possibly "marketing is all bullshit and hopefully this destroys it faster"
It's not like any crime was committed, and civil liability falls squarely on the business here, not its employees. And the whole dispute is only about which marketing company receives marketing revenue - something where the world would improve if they all disappeared overnight. Doesn't really seem that evil to me. Underhanded, yes.
I think the only reason there's any outrage at all, outside the affiliate marketing "industry", is that some of these marketing companies are YouTube personalities with whom many people have parasocial relationships. Guess what, they just got to learn the hard way why capitalism sucks. What Honey did is a valid move in the game of business. Businesses throughout history have gained success by doing way worse things than this. Amazon's MFN clause is way worse. Uber's Greyball is way worse.
Original MegaLag video: https://www.youtube.com/watch?v=qCGT_CKGgFE
You'd think that if you were an engineer building and maintaing a system like this, you'd have an "are we the baddies?" moment, but guess not.
For context, Ben Edelman the author of the blog post was in the video at https://youtu.be/qCGT_CKGgFE?t=1980
Their personal site is also linked in the video description https://www.benedelman.org/honey-detecting-testers/
Ben here. My real (substantive) write-up is https://vptdigital.com/blog/honey-detecting-testers/ . Happy to discuss / answer questions / etc.
1 reply →
Capitalism is great at washing its hands of evil. I don't know how much slavery went into making the smart phone that I'm posting this from, but I'm sure it's not zero. I'm ethically complicit in the whole scheme. The C in ACAB stands for Capitalists. Which unfortunately, is all of us.
All of us? I don't own any capital and don't have employees who I trim profits off of.
1 reply →
We're not fully complicit all of the time. You don't know how many slaves made your phone, but somebody does. If you had a choice between a phone you knew was made by slaves and a phone that wasn't I assume you'd pick the slave free version every time. While it's fine to feel guilty for your involvement in the scheme don't let that get in the way of placing the blame for it squarely on the people who set things up this way and put you in this position.
When you can't escape an evil system you just have to do your best within it, while either working to get out of it or working to improve it however you can. What more can anyone ask of you? Capitalism is pretty much inescapable, but thankfully I'm not convinced that capitalism is an evil system inherently, it just needs strong constraints and regulations to keep it from being used to do evil things.
The original site is down for me, so going based on the app I was thinking it was about the actual edible Honey product, not Honey the discount coupon thing.
Over 15 years ago I worked with a telco that had similar affiliate issues. We decided to stop paying any affiliate commission at all and evaluate sales after some time to decide to continue the experiment or not. There was a little decrease in traffic to the site but no measurable decrease in sales of new plans. There were several check moments and data validation after that, but sales numbers remained as they were.
The conclusion was that affiliate marketing claimed a lot of sales in their reporting, but the brand was strong enough (this company was #2 by market share in the country and #1 on most brand metrics) to get those customers without affiliate links.
It started as a clone of the camelcamelcamel Amazon price history site and got kicked out by Amazon for abusing the system. It pivoted to a coupon site and started sucking down user data with the plugin when PayPal paid $4Bil CASH. Honey cost me affiliate marketing commissions.
Apparently this thing got approved for the chrome store, which confirms that "store" approvals are near worthless for malware filtering.
It's not malware. Marketing companies stealing commission from each other isn't malware. Giving the user less than the best possible deal isn't malware. It doesn't even upload your cookies to see if you're a tester - it does that on the client.
one point of view is why bother with any of this, google knows exactly what honey is doing, they could remove honey from chrome with the stroke of a pen, and that would be that.
Why do Amazon and others pay out to Honey's affiliate accounts? They know no real referrals are coming from them.
>And the effort Honey expended, to conceal its behavior from industry insiders, makes it particularly clear that Honey knew it would be in trouble if it was caught.
The same could be said about yt-dlp. They know what they are doing youtube doesn't like. But yt-dlp itself is legal.
The difference being that yt-dlp isn't a business partner (and/or competitor) of YT.
Of course it's a competitor of yt. If you download a video, they don't get ad revenue.
Didn't this Honey fraud thing break like a year ago (or longer)? This is the second story I've seen about it in the last couple of days and I guess I'm surprised it's even still around.
The youtuber MegaLag released part 1 of his investigation roughly 1 year ago: https://youtu.be/vc4yL3YTwWk
Recently, he released 2 more parts with more new information that paints Honey in a pretty bad light: https://youtu.be/qCGT_CKGgFE https://youtu.be/wwB3FmbcC88
Thank you. I was confused about why this was suddenly bubbling up again. And ... paints Honey in a pretty bad light? LOL, they already looked like a fraudster scam to begin with! (But, again, thank you.)
Archived link: https://web.archive.org/web/20251230214339/https://vptdigita...
there's something seriously wrong with this archived link. It's not staying still for one moment. It's constantly twitching and the text scrolls to weird positions. It's unreadable because of this.
Is it the archive at fault or is the original webpage this way?
It constantly reloads for me (Firefox.) Just hit X which replaces the reload button while the page is loading and it will stop.
Disable JavaScript, reason #99e99.
Works for me here, and in 90% of the cases where someone complains of annoying page behaviour (cookie banners, revenue optimizations, subscription solicitations, "click here to ...", paywalls, ads, et alii ad nauseam).
Seriously, just disable JavaScript on unknown/untrusted/undeserving sites. It makes the web tolerable.
2 replies →
Was the VPT site not working for you, so you had to resort to archive.org? Original link https://vptdigital.com/blog/honey-detecting-testers/ . Anyone having trouble -- contact Ben Edelman (easily found by web search) and I will genuinely value the opportunity to get to the bottom of what is wrong.
I think I saw a 5xx error when I tried to see the original link. I assumed it might have been due to a hug of death.
It seems to be loading fine now.
2 replies →
The entire affiliate "ecosystem" is cancer. I'd love to see Amazon turn it off entirely.
As consumer I would love to see lower prices directly. Or at least have available some official store affiliate discount code which would give me same discount which would be win win for everyone.
Cut the middleman and order directly from china
No honour among thieves, I guess.
TLDR;
- The Honey browser extension inserted their own affiliate link at checkout, depriving others of affiliate revenue.
- Honey collected discount codes entered by users while shopping online, then shook down website owners to have the discount codes removed.
- Honey should have "stood down" if an affiliate link was detected, but their algorithm would decide to skip the stand down based on if the user could be the an affiliate representative testing for compliance.
Allegedly.
Re the second point, it specifically collected valuable codes that shouldn't be widely shared, e.g. employee discounts.
Re the third point, the algorithm would skip stand down for users who weren't likely to be testers (based on account history and lack of cookies for affiliate marketing admin panels).
Wow, I am very surprised that cookie stuffing[0] is still a thing. This could have been written 20 years ago.
[0] https://en.wikipedia.org/wiki/Cookie_stuffing
I thought this was going to be about honey adulteration, which is a major problem.
Same, and that topic would have been way more interesting (cf. EVOO).
Obviously Internet affiliate marketing schemes are built on mutual exploitation of asymmetric data collection. This cannot possibly surprise anyone.
With that said, this is a good article with excellent data collection and evidence presentation. It's great to have documentation of obviously corrupt practices, even if they are unsurprising.
No honor among thieves, eh?
Not affiliate marketers are thieves
The whole industry is based upon on nonconsensual surveillance and other taking of personal information, so yes they are.
Oh, this is about a shopping plugin and not actual honey, boring.
I mean, fraud in online advertising? Say it ain't so!
Same. I clicked the link expecting a story about actual honey.
Likening any of this to Volkswagen emissions compliance scandal does a huge disservice by treating "Affiliate Marketing" as far too important.
"Who gets a kickback on this toothbrush" is a much MUCH less important question than "do you pollute the air we are all breathing".
It's comparing Honey's behavior to a well-known and comprehended scandal. Simile is a tried and tested way (hah!) to explain otherwise potentially hard to understand or dry content.
It's not about the severity of the impact, its the fact that they were breaking the rules and explicitly coding to actively avoid being caught by testers.
choult: The factors you mention are the factors that led me to propose the "Honey's Dieselgate" title and to compare Honey to VW.
Of course I agree that health is more important than affiliate commissions. So the comparison only goes so far.
Probably better to compare to ubers grayball although that may be less well known.
1 reply →
These are the same types who have poisoned the well of information that was the Internet you can actually find things on for the sake of the ad driven model. Far as I'm concerned, the moral injuries are the same even if the physical details are different.