| 2:13 pm on Feb 12, 2007 (gmt 0)|
IB, reverse engineering implies that one intends to create a competing product using the knowledge of the original product's design. You can take apart Chevrolet engine to see how it works, and it's not reverse engineering unless you work for Ford.
| 2:19 pm on Feb 12, 2007 (gmt 0)|
|Are you all aware you're violating Google's Terms and Conditions where Section 15 prohibits reverse engineering of AdSense? |
Bill bring up a valid concern, but since this does not require us to process the script, modify the script, try manipulate the ads, or otherwise, I do not know if this would be considered reverse engineering. It is simply and passively looking at a string that we are allowed to look at.
However, only AdSense will know if this is against the AdSense Terms and Conditions, and I know for me, it is something I will ask them.
Linear, seems like I'm behind the boat. :) Though it is very reassuring that we came up with the same values. Have you had the same concerns about the AdSense Terms?
| 3:26 pm on Feb 12, 2007 (gmt 0)|
If you look at the context of the original discussion, the question posed was about how Google made a determination of invalid clicks. The usual feckless speculation ensued, and I observed that there was a lot of data you could verifiably document being passed to Google. Then I proceeded to enumerate that, much like in your recent thread.
So the original discussion was a bunch of people guessing that they look at this that and the other, including unique identifiers of your PC. I simply chose not to speculate, and instead looked at what info they do gather.
At the time, I recall being mildly concerned that the info could be used for wrongdoing (building a better clickbot). But it wasn't secret. Google didn't even bother to obfuscate the code or values. It would be trivial to offset some of those values in a way that makes it a lot harder to guess their meanings. They didn't.
Now about the T&Cs, since IB cited chapter and verse for us, I went back and looked. That tortured sentence that contains the term "reverse engineering" is pretty squarely aimed at those who would create a derivative product. Like a lot of legal verbiage, it attempts to include everything. It says I can't attempt to derive source code for their documentation for example. I am not fearing getting banned due to hitting ctrl+u while viewing the T&C page though.
Added: these variables are sent to G on each ad impression. There certainly could be other stuff getting sent for a click. I specifically did not click an ad (my own or anyone else's) to gather this data, it's all available by looking at the HTTP that gets sent between the browser and Adsense's web servers.
| 7:39 pm on Feb 12, 2007 (gmt 0)|
|It would be trivial to offset some of those values in a way that makes it a lot harder to guess their meanings. They didn't. |
Only because those values are not what is used to catch a fraudster.
| 11:41 pm on Feb 12, 2007 (gmt 0)|
Even if it were against the TOS, no reason they can't be discussed. Webmasters are curious and might not even be adsense members. Just curious about technology. Say Jeremy Zawodny decided to decode the url. And pass what he learns to Yahoo engineers. What are they going to do? Kick him out of the Adsense program? I doubt it...
| 3:51 pm on Feb 14, 2007 (gmt 0)|
System: The following 3 messages were cut out of thread at: [webmasterworld.com...] by brett_tabke - 8:40 am on Feb. 12, 2007 (cst -6)
Is it your opinion, since you took the action above, that the discussed thread is not against the Adsense TOS?
Is it the consensus here that this discussion is OK?
I ask because I'm always trying to improve Adsense performance (execution time) or work around it. In the past IFrames were an excellent way to prevent Adsense from slowing website presentation. At least for me this no longer works, I get untargeted ads. But I just noticed another significant performance issue, and of course I'm taking a serious look at how things work from a performance stand point. I hope to post my findings, and a consensus here regarding Adsense technical analysis would make me more comfortable.
So whats the consensus, (Brett)?
| 12:44 am on Feb 15, 2007 (gmt 0)|
|Is it the consensus here that this discussion is OK? |
Once the information is disclosed the cat's out of the bag.
But I just wouldn't want to be the person that discloses that information, violating a signed contract, and potential risking a massive loss of virtually free income.
Not sure what compels so people to nip at the hand that feeds them, but I'll leave that to those that dare to tempt fate.
| 12:58 am on Feb 15, 2007 (gmt 0)|
|Is it the consensus here that this discussion is OK? |
My money is on the OK discussion. Why? Because the folks who truly want to reverse engineer for less than honest reasons - will. Also keep in mind that having the blueprints to build something doesn't mean you can actually build it correctly.
From my own experiences the easiest scammers to find are the ones who have some of the 'know how' but are just plain dumb at implementation :-)
The hard ones to catch are the 'one click' folks and the...well...the even smarter ones :-/
| 1:29 am on Feb 15, 2007 (gmt 0)|
|Once the information is disclosed |
show_ads.js is on all of your machines already. Even if you've never clicked an ad. Are you suggesting it's a secret somehow?
| 3:32 am on Feb 15, 2007 (gmt 0)|
|Because the folks who truly want to reverse engineer for less than honest reasons - will. |
So that means we should make it easier for them?
To what end is knowing how the insides of these scripts going to help anyone's site anyway?
|show_ads.js is on all of your machines already. Even if you've never clicked an ad. Are you suggesting it's a secret somehow? |
Actually, I'm pretty sure show_ads.js resides on Google's machines at:
True, your browser may cache it, but that's not open season for dissecting it.
I'm also pretty sure it's a secret to most of the world that doesn't look at the source of their HTML pages. Webmasters might know of the existence of the file but that doesn't mean they know what it does or how it works, just that is exists and is used by AdSense.
Reverse Engineering from the Wiki:
|Reverse engineering (RE) is the process of discovering the technological principles of a device or object or system through analysis of its structure, function and operation. It often involves taking something (e.g. a mechanical device, an electronic component, a software program) apart and analyzing its workings in detail, usually to try to make a new device or program that does the same thing without copying anything from the original. The verb form is to reverse engineer. |
Note that it doesn't say you MUST make a new device or program to be deemed reverse engineering but says "usually to try to make a new device", but it's still reverse engineering regardless of the outcome.
FYI, asking me, martinibuster, Brett, or anyone else whether or not it's OK is silly because we're not Google, and only Google can determine if tearing apart the show_ads.js in a public forum is "reverse engineering" and violates their T&C agreement.
Me, I'll stay clear of it, I like my AdSense money and prefer my head doesn't end up on the chopping block if they decide to do anything about it.
| 4:57 am on Feb 15, 2007 (gmt 0)|
And what made them pick that place to put it? Was it a profound need for secrecy that motivated them to store it on what is no doubt a highly-available cluster of high-performance web servers? So no one would ever look at it?
|but it's still reverse engineering regardless of the outcome |
Why, because wiki told you so?
What is section 15 of the T&C saying? It says Google retains IP rights to their technology.
What does the particular clause say that you are so intent on warning us all about? Let's look:
no one did that
no one did that
no one did that
|prepare derivative works from, |
No one can probably convince you on this one...
no one did that
Okay, this is really my point--they hand you the source code. No one derived source in the "decompile" sense--source code was handed to each of us, multiple times a day. They want that show_ads.js on my machine a lot more than I want it. Google didn't tell me not to look at it, think about it, or talk about it--that was you.
|or otherwise attempt to derive source code from any Google services, software, or documentation, |
|or create or attempt to create a substitute or similar service or product through use of or access to the Program or proprietary information related thereto. |
And here is the real meaning of reverse engineering. Don't build a knock-off using our code or docs.
Section 15 is titled "Google Rights" not "Don't look at the source" or "don't talk about it in public."
By the way, I'm laboring under no illusions about getting kicked out. Section 1 spells it out quite nicely:
If they want a head for the chopping block, they really don't need a T&C violation to obtain one. It's sole discretion.
|Google reserves the right to refuse participation to any applicant or participant at any time in its sole discretion. |
| 10:42 am on Feb 15, 2007 (gmt 0)|
|Why, because wiki told you so? |
Being a software engineer by trade I have some clue of what reverse engineering is all about. As a matter of fact, I sued an ex-customer a few years ago for this very thing, but he actually built the software.
My real concern is some variables aren't meant to be easily known, things that probably deal with anti-fraud, etc., and it's not worth the risk to expose these things.
[edited by: incrediBILL at 10:42 am (utc) on Feb. 15, 2007]
| 5:55 pm on Feb 15, 2007 (gmt 0)|
|My real concern is some variables aren't meant to be easily known, things that probably deal with anti-fraud, etc., and it's not worth the risk to expose these things. |
What risk? That Google may have to make something less obvious to stop fraud? That's like saying no one but Microsoft should post a security hole in the Windows OS.
The bad guys have torn this thing apart WAY before the first post here. And honestly, I hope some kiddie hack looks at this for the first time and tries to scam the system because if they are learning it here for the first time they'll get caught. If anything this will help Google as we discuss it.
| 6:31 pm on Feb 15, 2007 (gmt 0)|
The fear of Google is mind blowing.
I feel so much more free since their algos/sandbox have made free traffic harder to come by, their smart pricing that doesn't work right made adsense much less of an income factor and find it hard to even use adwords without considerably overpaying for traffic. Result is no fear of Google.
Helps you think clearer about your REAL business that no one can take away from you and getting leads without SE help.
Join the club....
And if you aren't on adsense, that code is being loaded onto your computer when visiting people's sites. So why can't you decode it, discuss it, whatever? You didn't sign any agreement. There's nothing to sue you over.
I can't believe we're even debating if it's ok to discuss it.
| 1:18 am on Feb 16, 2007 (gmt 0)|
|I can't believe we're even debating if it's ok to discuss it. |
I can't believe you sign contracts and then think it's OK to violate them.
That's not a fear of Google, that's just honoring your word.
|Helps you think clearer about your REAL business that no one can take away from you and getting leads without SE help. |
You can lose your REAL business when you violate contracts as well.
Has nothing to do with Google or SE's.
[edited by: incrediBILL at 1:19 am (utc) on Feb. 16, 2007]
| 2:05 am on Feb 16, 2007 (gmt 0)|
|That's not a fear of Google, that's just honoring your word. |
If Google called me on it I'd use the same reason they used on me a few years ago when they did it to me which was "everyone does it and what we're doing isn't wrong but we'll stop without admitting guilt".
As much as I was po'd at the response I must admit they had a point. I knew what they were doing. But, there was no concrete proof of Google doing anything wrong since being curious is not a crime in itself and it certainly is not the same as reverse engineering.
If someone here was saying or even hinting at being anything other than curious I would have a problem with it as I'm sure others here would also. But since that isn't the case so far then I say fine, be curious.
| 3:37 am on Feb 16, 2007 (gmt 0)|
|But since that isn't the case so far then I say fine, be curious. |
I never said being curious was a problem as I'm a very curious person.
Publicly being curious CAN be a problem as you're making yourself a target.
That's all I'm saying.
| 12:30 am on Feb 17, 2007 (gmt 0)|
I didn't say adsense publishers had to discuss it. But there's plenty of non-publishers. What's the debate? They didn't sign anything. They can discuss it. It's not because you or I am a publisher that the thread has to die or that we can't participate.
I don't think either of us are breaking any contract by reading what others discuss? And as long as we don't directly help with reverse engineering it, what's the problem exactly?