Images Research Events Premium Services Media Kit Network Map E-mail Offers Vendor Solutions Webcasts
Search EarthWeb Network

Be a Commerce Partner
Online Degrees
Car Donations
Prepaid Phone Card
Cheap Plane Tickets
Car Insurance
Cheap Cameras
Trade Show Items
Budget Hosting
Online Education
Cheap Airline Tickets
Prepaid Calling Cards
Truck Advertising

IT Management : Columns : Executive Tech: Commission Junction Hires Web Detectives

Symantec Data Management Solutions
Whitepaper: The Benefit of Continuous Data Protection
Data volume continues to grow at nearly 40% to 50% each year, making back up of mission critical data very difficult. For any organization looking to manage data growth, improve reliability, and speed data recovery, continuous data protection provides the avenue to address the challenges in a method that will improve overall data protection without weighing down IT with costly solutions.
Register Now to Download.
Whitepaper: Breaking Through the Dissimilar Hardware Restore Challenge
This paper discusses recovery to virtual computer environments, hardware migration strategies, hardware repurposing for optimal resource utilization, meeting recovery time objectives, and increasing disaster tolerance.
Register Now to Download.
Whitepaper: Converging System and Data Protection
From resilience against threats to efficient restoration of normal operations, Symantec can help keep your business up, running, and growing—no matter what happens.
Register Now to Download.
Webcast: Symantec Brings Disk-based Data Protection and Advanced System Recovery Together
Symantec Backup Exec™ and Symantec LiveState Recovery™ allow rapid and easy backup and recovery of virtually any Windows data and Windows system.
Join us for an informative Webcast to learn how to:
  • Create backups and restore to specific system recovery points
  • Maintain data availability and minimize server downtime
  • Eliminate backup windows, improving increased system reliability
  • Dramatically minimize downtime by rapidly recovering entire systems to dissimilar hardware platforms or even to virtual environments
Register Now to Watch.

Related Articles
Commission Junction Bans Major 'Loyalty' Affiliate
- ITSMWatch Newsletter -
IT Focus
Wireless in the Enterprise

Wireless technology continues to make great inroads into networks. But IT pros still must contend with a number of issues such as security, access and integration.

Ready? Set. Go!

Mobile Workers Never Looked So Thin

The Incredible Hidden Wireless Connection

Product Watch
PalmSecure - Biometric Identification via Palm Veins
VirusCop - Report Virus Spam, Erroneous E-mail Bounces, Other Spam
REV - Removable Hard Drive Platform for Storage and Backup
RemotelyAnywhere - Remote Access to Windows Machines via Web Browser
GLX4000 288 - High Density Physical Layer Switch

more products >>

Datamation Definitions
data mining
grid computing
network appliance
FREE Tech Newsletters

Whitepaper: The Business Case for Network Attached Storage. Learn how to consolidate storage and data, plan for increasing storage demands, and reduce your TCO.

Commission Junction Hires Web Detectives
October 25, 2005
By Brian Livingston

Brian Livingston The large e-commerce affiliate network known as Commission Junction (CJ) is gearing up a campaign that uses automated searches of the Web to catch dishonest participants.

The network has contracted with Cyveillance, a firm that monitors the online use of trademarked terms, to "spider" the Internet seeking affiliates that generate commissions without legitimately earning them.

I wrote last week that CJ and its subsidiary, BFAST, had permanently banned one of the largest "loyalty" programs on the Web, Shop At Home Select. CJ officials state that the program promised rebates to consumers who used the company's software to shop, but that the software was too often installed without users' knowledge. Shop At Home said in a statement that this was a misunderstanding.

With Shop At Home out of the picture, many other CJ affiliates may now be fingered by their own software practices if Cyveillance's spidering technology is successful.

Searching For Banned Practices

In a telephone interview, Terance Kinsky, director of network quality for CJ, described three kinds of prohibited behaviors that Cyveillance is being paid to look for:

Cookie stuffing. Many e-commerce merchants in CJ's network pay a commission for every buying customer whose PC bears a "cookie" from an affiliate's site. The cookie, a small text file, shows that the customer first visited the affiliate and then clicked a link that took him or her to a merchant's Web page.

Some dishonest affiliates write not just one cookie to visitors' PCs, but several. Each cookie is specific to a different merchant. Say a shopper visits, for example, Bob's Golf Clubs. At a later time, the person buys something from Jo's Golfing. Thanks to cookie stuffing, commissions could wrongly be paid to Bob even though his site had done nothing to send buyers to Jo's site.

Forced clicks. According to Kinsky, "the definition of a forced click is that the end user is not taking the action himself." An example would be a pop-up window that an affiliate site displays, which should not have been displayed unless the user had clicked a link to request it.

Kinsky acknowledges that pop-up windows and other techniques used by adware and spyware will not presently be caught by Cyveillance. That's because these memory-resident programs exist on users' PCs. Cyveillance searches for data only on Web servers. But some techniques that Web servers use to trick customers into clicking links can be detected by spidering, Kinsky says. 

Security exploits. Many crooked Web operators install software onto visitors' PCs using known security flaws in Microsoft's Internet Explorer (IE) browser. For example, ActiveX modules, which work only on IE, can install software without any meaningful notice being displayed to the PC user.

Kinsky says Cyveillance is not yet spidering the Web looking for ActiveX exploits, but that it will start doing so as soon as CJ delivers a list of techniques to look for. That shouldn't pose much of a problem. There are only a handful of ActiveX commands that can remotely install software, and they're easy to spot in the lines of a Web site's code.

A New Sheriff Comes To The Wild West

Since spidering isn't that expensive -- and CJ doesn't have to search every page on the Web, only those sites that claim its affiliate commissions -- one wonders why the major e-commerce networks haven't automated the outing of the bad guys before this.

Part of the answer is that Internet monitoring raises many fears, both rational and irrational. Even Cyveillance's name, a combination of "cyber" and "surveillance," suggests a spy-vs.-spy operation.

A query in any search engine on the name cyveillance reveals blog after blog that claims nefarious acts. The company is said to (1) consume vast amounts of bandwidth in its searches, (2) ignore a file named Robots.txt, which can tell search engines not to index certain parts of a site, and (3) consort with the recording industry to persecute individuals who share copyrighted music.

In response, Eric Olson, the VP of solution assurance at Cyveillance, says, "We try to maintain a light footprint, and we try not to overburden a server" during searches. He acknowledges that the company's spider does look at pages that a site's Robots.txt file labels as excluded. But, he adds, "We couldn't do our jobs if we listened to every Web site saying, don't look at these pages."

In fairness to Cyveillance, Robots.txt is an Internet practice that's supposed to save search engines the trouble of indexing large unreadable files, such as relational databases. It was never intended to render totally invisible anything that a site owner wishes to hide.

As far as catching music-sharing individuals, Olson says Cyveillance is deliberately avoiding entanglements in the music business. "We're very much not working with the RIAA [the Recording Industry Association of America]," which has filed numerous lawsuits against file sharers, he states.

Time To Throw Out The Bath Water

Hopefully, spidering the Web will result in dishonest affiliates getting the boot from CJ -- and possibly other such networks that also face scam problems. Legitimate affiliates and merchants alike constantly grumble about shady Web site owners that take money out of the system without earning it.

At the same time as CJ's detection mechanism becomes automated, though, Kinsky emphasizes that the human approach is still the best. People who see questionable practices should report them so CJ can investigate, he says. "Someone will buy a misspelling of a site" to get accidental traffic, he explains. A robotic spider might not know the difference, but it's against CJ's terms of service and affiliates can be banned for it.

Now looks like a good time for rogue e-commerce affiliates to clean up their acts and try to make money in an above-board way, for a change.

Brian Livingston is the editor of and the coauthor of "Windows Me Secrets" and nine other books. Send story ideas to him via his contact page. To subscribe free and receive Executive Tech via e-mail, visit our signup page.

Executive Tech Archives

JupiterWeb networks:

Search JupiterWeb:

Jupitermedia Corporation has three divisions:

Legal Notices, Licensing, Reprints, & Permissions, Privacy Policy.

Jupitermedia Corporate Info | Newsletters | Tech Jobs | E-mail Offers