self policing bandits like these are great.

Good work adsense!

and the point of this thread is? lol

Point is: Google tracks MAC addresses for AdSense clicks!?

i think Google tracks more than just IP of Mac address. cookies, session records etc.

Just thinking. If google has a system that makes sure that the adsense user ABC has his code displayed on site ABCsite.com and ABD uses his computer ( tracked) to check his adsense account; then why cant a code be writen ( i guess that wud be simple ), that DOES NOT SHOW his own site's Ads on his own (tracked) computer.

I think if there is a almost perfect technology to track invalid clicks, why cant it be applied in real time to avoid showing ads.

If an IP / Mac / cookie / (or a few other things )combination generates some clicks that can be marked invalid in realtime, the ads may not get displayed at all. This will help everyone in the long run.

makes sense? whats your view?

No it does not make sense. It would be giving cheaters a giant green light to click away when they know they're not being tracked.

Anyway I think you're overestimating how powerful online tracking is. The amazing thing is that Google caught the guy at all (if in fact the story is true).

[Added: Just to clarify, some simple tools to prevent/filter accidental clicking might be helpful, although IMO that would probably result in MORE accidents rather than less. But that's not what this is about, and if Google reveals too much about how it detects bogus clicks it will become open season for scammers.]

"my friend"

LMAO...

because he clicked his own ads with his own computer using different IP addresses of different free trial dial up connetions like juno,aol etc

Brilliant! Could you give me his email address?

If that was your friend, you mix up with bad companies

"Point is: Google tracks MAC addresses for AdSense clicks!?"

How is a MAC address tracked? I wasn't aware that it can be tracked by visited web sites.

The amazing thing is that Google caught the guy at all (if in fact the story is true).

Not at all. This type of "suicide" click-fraud is akin to lemmings jumping off a cliff ;-). Tracking it is really very easy and google have a variety of means with which to do it.

Every computer is uniquely identifiable through several different means. IP address is the last one that would be used to identify click-fraud by the account holder, although I'm sure it is used to filter multiple clicks.

Deliberately changing IP address before clicking on ads from the same PC only makes it even more obvious that it's attempted fraud. You may as well write your own "Invalid Clicks" e-mail and save google the trouble.

Google tracks MAC addresses for AdSense clicks

I don't think that the peer socket transmits it's MAC address over TCP/IP?

TJ

You may as well write your own "Invalid Clicks" e-mail and save google the trouble.

That sums it up.

Basically if you wish to do dishonest clicks, then you have to know a lot more about it than the OP here. It beggars belief that someone thinks that by changing IP off the same machine, then they can fool Google.

In addition the amount of fraud that would be generated would be small, merely because this sort of fraud is not scalable.

I bet Google wish that the large scale click frauds were as easy to finalise as this sort.

How is a MAC address tracked? I wasn't aware that it can be tracked by visited web sites.

Actually, computers can be tracked down by even far more sophisticated methods. Every machine has its own fingerprint, and I wouldn't be surprised if Google has implemented these methods too - or is working on implementing it. For more information on hardware fingerprinting, have a look at this article. [caida.org] You'll be amazed...

GF

Interesting, is that article for real though? W

GoldFish, very interesting article, but it doesn't answer my question of how is a MAC address tracked? Is the MAC addressed transmitted in an HTTP request?

The MAC address is sent with each packet requested. You can't grab it using PHP or any normal web language without slowing your site to a dead crawl, but a cursory examination of the packet header using standard server packet sniffing applications reveals whether the requester is transmitting a MAC address.

Not everyone does. MAC reporting can be disabled and even spoofed.

(PS: For those who don't know, a MAC (Media Access Control) address is essentially the serial number of a network card. It does a lot more than that, but .. hey!)

My "friend" lost his AdSense account?

What's next - The dog ate my UPS club check?

The MAC address is sent with each packet requested.

The MAC address is used on a different layer of communications, you only get the MAC-adress of the previous "hop" the packet passed.
On the internet you can be pretty sure that a (web-)server you are requesting things from will not see your MAC-Adress at all. This is different in a LAN, but that is irrelevant in this context (Google and the web).

In fairness, when they noticed loads of clicks from POPs in the same area to the same site, they might have got a little suspicious? And then there's cookies, fingerprinting by IP, possibly even tracking user mouse movement... Good for AdSense! Your cheating (and presumably very, very stupid) friend deserves everything they get.

Perhaps I am not far enough out of my youth to be so jaded, but I refuse believe that anyone will go through this much trouble to make a few cents an hour over a month from now.

Perhaps I am not far enough out of my youth to be so jaded, but I refuse believe that anyone will go through this much trouble to make a few cents an hour over a month from now.

A few cents?

Not jaded and naive - they could make THOUSANDS a month with click fraud, not just cents.

Or... he may have simply forgot to clear his cookies. :)

I posted that with a "!?" at the end (about MAC addresses). Couldn't remember what layer they were in the stack. After poking around today, they are layer 2 (not 3) and if I recall, the only MAC address that could be pulled would be the MAC address of the switch that sent the web server the packet (i.e. the router that routed the packet to the web server).

Amazing how you start to forget stuff when you don't use it regularly. That and I am getting old.

A few cents?

Not jaded and naive - they could make THOUSANDS a month with click fraud, not just cents.

With a setup like that? G would be on it in short order. At least we'd all like to think so.

I'm aware click fraud can bring in thousands a month, but let's not forget the scenario described, one guy, sitting at his computer, clicking an ad, redialing, clicking, redialing...

Even at a dollar a click you're only looking at around a hundred dollars a day if the system was completely automated.

To be honest I think this is someone's round about way to see if this kind of trickery would actually work. In actuality we are all brain storming the reality of this fraud and stating our thoughts on if we think it'll work or not. Giving cheats more amunison to use... Just seems a little fishy to me.

one guy, sitting at his computer, clicking an ad, redialing, clicking, redialing...

You don't have to redial to get a new IP address, I can get several IPs easily with little effort as I'm on DHCP, lot's of ways to accomplish this task. I'd offer up other scenarios but I certainly don't want to give anyone lurking any ideas they haven't already thought of, no thanks.