ATS and their TRUSTe certification.

Any discussion related to ATS goes here

ATS and their TRUSTe certification.

Postby mojo » Wed Aug 27, 2008 2:46 pm

So what exactly does it all mean, lets have a look at it.

SO wrote:For years we've been saying that the privacy of our members and users is important to us, and now, we've actually gone and put our money where our mouth is, and certified through TRUSTe, the largest independent organization certifying the privacy of users online.

After an extensive six-week audit of our website procedures, our operational strategies, research into any existing complaints, and slight additions to our already comprehensive Privacy Policy we have been certified as an organization that protects the privacy of our users on all available levels.

While this doesn't mean any change in our operation or site code (no changes were required after the audit), it does provide our users and members with an extra assurance that we are proactively aggressive in protecting your privacy while using our websites. Additionally, TRUSTe acts as an intermediary should any user believe their privacy was at risk, or, that we acted in a manner contrary to our Privacy Policy. Complaints of this nature can now be filed directly with TRUSTe Complaint Department and they will investigate submitted concerns.

Link, to SO's post.

Lots of pats on the back and so on, which is all fine and dandy, and i do believe that it is at least a step in the right direction. However, a few good questions raised which i probably would have asked myself if i was able.

justyc wrote:what would be the situation if a member came forward with some really, really damning or lid-blowing true information regarding some conspiracy or cover up etc? how does the privacy of the members hold up then? would you be willing to hand over their details to the asking authority or go to jail to protect your sources like some journalists?

And SO's answer.
SO wrote:Being a legally registered Limited Liability Company, we would have no choice but to comply (after exhaustive protest) with any proper court order to supply user details.

However... we retain an amazingly small amount of user details.

1) We don't record or keep server traffic logs (user IP's are never associated with the content they view)

2) We only retain your email address to confirm registration (and if you delete it from your account settings... damn, we never saw it)

3) We record your IP address when you post as the only personally-identifiable piece of data that is associated with the content you create (however, we strongly suspect anyone with something damning would be using a proxy server)

So, "they" could ask for details on a user, but the reality is that the details we keep would most likely be useless.

I’m sure that having your IP address kept, even though it is “only” associated with the content you create should be a matter of concern for serious CT’ers, I really don’t think the majority of ATS members are serious CT’ers though.
So if you post some earthshattering news the government “could” track you through the IP attached to your post, I doubt that using a proxy would save you in that case either, I’m sure they would have the technology and expertise to trace through that.

burdman30ott6 wrote:OK, so I have to ask this (no disrespect intended). If you basically retain no personally identifiable information aside from that which we willingly post about ourselves, then isn't this kind of like bragging about offering free tidal wave insurance for home owners in Arizona? Seems like you've sort of done something completely unecessary here for little reason other than to look like you've got everybody's backs.

SO wrote:It's one thing to say we adhere to a well-intended privacy policy, it's quite another to subject ourselves to a lengthy audit so that an independent group may certify we do what we say.

I think “burdman” raises a good point. As you will see later in this post TRUSTe don’t exactly go for the jugular if you are found to be contravening the agreement you have with them.
What does it really prove, I think it’s probably largely damage control, it in no way addresses any of the other complaints that have been raised regarding ATS business practices, ie stealth bans, reading PM’s and so on.
They can easily explain reading PM’s as they already do, it is in their T&C, so by doing it they are not breaking their privacy policy.
Now if it said that under no circumstances would they read private messages in their own T&C and then did so, that would be a different matter altogether and TRUSTe may be a worthwhile watchdog for ATS members.

AcesInTheHole wrote:While most will be pleased, I think the people who were so worried about their info being stolen in the first place probobly won't be as pleased. Don't you think people will start to wonder why ATS needs a third party to take care of these things? Has there been problems in the past? Is there really a need for more bureaucracy?

SO wrote:1) There have been several claims in the past, based on rumor and innuendo, that we (ATS management) have acted in a way contrary to our stated privacy policies. This third party confirmation helps to alleviate the concerns some may have because of such allegations.

2) Our core topics involve many issues where members, potential members, and non-member users may be concerned about adherence to stated privacy policies. This certification provides an increased (hopefully) level of comfort that we are serious about the privacy of our users.

3) For those who still feel we operate in a method contrary to our stated privacy policies, there is now a very public way to lodge a complaint with a third party arbitrator. Confirmed complaints would result in loss of our certification, which would be potentially troublesome given the high-profile way we've announced the certification.

I’ll answer each point quickly.
1. There is rumour and innuendo because you have stated that under some circumstances you do read private messages.
2. If you were serious about the privacy of your users then private messages would be exactly that, private. How is it that you knew that a member sent a link with amkon in the address, hmmm, and I know the member he sent it to did not make a complaint to staff about it.
3. Confirmed complaints will not necessarily result in the loss of your certification as can be seen by the continued membership of at TRUSTe.

bobbafett wrote:I'm curious about the storage of the IP address each post is associated with though. You make it sound like that would be of no use to anyone, but it would be of massive use, unless of course as you say they are using proxies and other methods (still not foolproof). Is this storage legally required, or essential to the running of the site?

Not sure of why they need to keep your IP attached to every post you make either, other than it is a good tool for compiling information on your users.

Here’s a link to the TRUSTe site, and some other interesting reading from assorted sites.
Mostly “feel good” stuff.

TRUSTe is an independent, privately held[1] organization best known for its Web Privacy Seal. TRUSTe runs the world’s largest privacy seal program, with more than 2,000 Web sites certified,[2] including the major internet portals and leading brands such as IBM, Oracle Corporation, Intuit and eBay. TRUSTe states its purpose is to establish trusting relationships between individuals and online organizations based on respect for personal identity and information in the evolving networked world.

Here’s the TRUSTe member list.

And some not so “feel good” stuff.
This is from 2002, so much it may have changed drastically since then, *shrugs*.

But Yahoo's recent announcement of sweeping changes in the way it will use customer data collected under previous policies has many calling Truste's seal as meaningless as an Andersen audit.
Even Esther Dyson, the high-profile technologist who played a major role in Truste's launch five years ago, says she is "disappointed in what ended up becoming of it."
By its own account, Truste was conceived at Dyson's industry-leading PC Forum conference in 1996. Dyson credits others with the concept, but she pushed both publicly and privately for the establishment of the nonprofit company and adoption of its "trustmark," which certifies that online companies comply with their own stated privacy policies.
Truste makes no attempt to set privacy policies. It merely ensures that companies clearly state their own rules for handling customer data, and then adhere to them.

Not sure how this works, I will have to look into TRUSTe’s policies in a bit more depth, but what action exactly can they take. They can remove your certification, well we’ll see how well that works a bit further on.

Dyson agreed that, despite being co-founded by outspoken privacy advocates the Electronic Frontier Foundation, Truste's image has slipped from consumer advocate to corporate apologist. "The board ended up being a little too corporate, and didn't have any moral courage," she said.

I guess the next thing to do would be to do some background research on the current board and their mission statements. But as you can see from this excerpt below, becoming more corporate still seems to be TRUSTe’s agenda. ... in-truste/

Is the best way to protect the public good to go private?
That is the view of Truste, a 10-year-old nonprofit organization that certifies that Web sites meet some minimum standards to protect the privacy of their users. The group is converting to for-profit status and selling the bulk of its newly created stock to Accel Partners, the venture capital firm that backed eBay and Facebook.

Oh oh...eBay and Facebook....

The amount of Accel’s investment was not disclosed, but people involved in the transaction said it is around $10 million.
In many ways, Truste has already been run like a business. Most of its $6 million in annual revenue comes from charging site owners for the right to display the Truste seal. This has long raised questions about whether the organization is appropriately tough on the companies it certifies.
For example, it does not always tell the public if it discovers violations of its principles, even if the violations are so egregious that it kicks a site out of its program.

To this day, is in breach of TRUSTe's rules, and TRUSTe knows it. Yet remains listed on TRUSTe's whitelist as if its practices are beyond reproach and as if the company is in good standing vis-a-vis TRUSTe's rules. That's outrageous, and users should demand better.

Check TRUSTe’s member list, is still there. I’m unwilling to infect my computer so I wont be downloading anything from there site, so I can’t say for sure whether that issue has been resolved or not.
I will run a bit of background research on a few of those companies in their member list and cross reference it with complaints to see if there is a significant number of other companies still certified by TRUSTe even after upheld customer complaints.

Ok Heres a bit more info on their moving from non-profit to profit enterprise. None of which should be scary ordanarily. ... rom-accel/

TRUSTe, an organization that certifies websites for having good privacy practices, is turning into a for-profit enterprise, and has taken an unspecified investment from VC firm Accel. Saul Hansell at Bits cites sources putting the funding at $10 million. You’ve probably seen their seal of approval on some of the 2,400 sites they monitor. Like the Good Housekeeping Seal of Approval, it’s supposed to convey a sense of, well, trust, to users, by showing certification from a third party. With the investment, the company plans to expand and being targeting emerging areas, like social networking and location-based services, each of which brings a whole host of privacy issues that are still just getting unpacked.

Here's TRUSTe's press release.

In response to increasing threats to consumer privacy, TRUSTe, the recognized authority on privacy best practices on the Internet today, announced the completion of its first round of financing from Accel Partners, a leading Silicon Valley venture firm. The investment will enable TRUSTe to create state-of-the-art monitoring systems to stay ahead of technology advances with new tools, products and best practices that facilitate trust between businesses and consumers.

“The Board of Directors is extremely pleased that Accel Partners has stepped forward to fuel TRUSTe’s future growth,” said Ralph Terkowitz, Chairman of the Board of TRUSTe. “We believe that Accel Partners, one of the most respected investors in venture capital, will serve as a perfect partner to guide and energize the success of TRUSTe as it expands to address new privacy frontiers.”

The only real concern i have is that a company that relies on businesses paying them to be certified may not always have the best interest of the consumer at heart.
Particularly if "profit" is to be their guiding mandate, i don't think Accel would invest in TRUSTe for purely altruistic reasons. ... nonpro.php

Facebook itself has been subject to periodic privacy concerns. Some were raised last fall when Facebook launched its Beacon service, which collects user data from around the Web for advertising purposes. TrustE said it approved Facebook's modified version of Beacon in December

Here's a few more links with relevant information.

Some information on ralph Terkowitz who is chairman of the board for TRUSTe. ... kowitz.htm

And TRUSTe's management team.

Sponsors of the TRUSTe® program recognize the vital importance of customer trust to their businesses. Sponsors provide critical support for the development of new programs such as wireless, email, and other privacy initiatives. Some of our valued sponsors include:
· Intuit
· Microsoft
Benefits of sponsorship include:
· Seat on an advisory panel or initiative
· Joint press release announcing our joint commitment to privacy advocacy
· Company logo displayed throughout TRUSTe Web site and all appropriate marketing collateral
· Rotating sponsorship of one of TRUSTe's newsletters
· Marketing exposure at key industry events
· ...and much more!

Ok, so here's some background on TRUSTe sponsors, some you will know a bit about. I think if you look at who is sponsoring TRUSTe and what there expertise is you will start to get a better picture of the motives behind Sohai choosing TRUSTe as their certification provider.
This actually throws up more questions than it answers imo.
Some of the reports below are 3 – 4 years old, the others are as recent as 2008, but it’s not difficult to find any number of negative reports regarding spying and the breaking of privacy agreements by some of these companies. ... amine.html

MAXAMINE satisfies the diverse and dynamic requirements across the enterprise with a single, coherent and fully integrated solution. With MAXAMINE, you can ensure the quality of search engine implementations, compliance with privacy, accessibility, usability, link integrity; screen for offensive content and inappropriate links; verify traffic and advertising tags, and analyze your site using custom search criteria, and quality standards, alerting, and issue management capabilities.

MAXAMINE serves leading commercial and government clients around the world, including AOL, EDS, Intuit, KPMG, WebMD, Sun Microsystems, Oracle, Wal-Mart, Legal & General, and Cadbury, as well as the U.S. State Department, Treasury Department, Department of Homeland Security, GSA, FAA, EPA, FDIC, IRS, the Victorian Government of Australia and many more.

Accenture Completes Acquisition of Maxamine

Maxamine, a privately held company founded in 1997, provides testing and optimization services to help companies improve the marketing effectiveness and financial returns from their websites and other digital marketing investments. Maxamine’s services include evaluating websites to identify implementation problems that undermine online marketing performance, as well as providing guidance to help clients improve the optimization of their websites, enhance the customer experience and decrease privacy-related and other risks.

Stephen Kirkby, Ph.D., a founder of Maxamine, said, “We’re very pleased with the opportunities that this acquisition affords the talented people of Maxamine and the greater breadth of online marketing services that the companies with which we’ve had the pleasure to work with over the years will have available to them now via Accenture.”

The closing of the Maxamine acquisition follows Accenture’s recent acquisition of Memetrics, which helps companies improve the impact of their online marketing campaigns by identifying which content will deliver the best results for targeted customer sets.

Here's just one of the products that MAXMINE provides. ... .zip/64220

Maxamine Web Analyst Professional is a complete web site management solution that can scan any publicly accessible site, visualize site structure, and perform a complete site analysis and intuitive mapping of traffic log file activity. This product will enable small and medium enterprises to conduct extensive analysis of their Web sites and those of their competitors.Maxamine Web Analyst is much more than just a link checker or log analyzer – it offers comprehensive navigation structure visualization and site reports, site search and complete traffic analysis (traffic reports and visualization on web maps). At a glance, you will see most popular pages and major traffic corridors in your site, as well as problem areas such as slow site navigation, broken links, non-returning and hard-to-reach pages, and much more.This product is ideal for scanning web sites up to 500 pages in size, which makes it an invaluable tool for small and medium enterprises, consultants, Web integrators and ISPs.


Intuit Inc. (NASDAQ: INTU) is an American software company that develops financial and tax preparation software

Hoping to win back alienated customers, personal software maker Intuit (NSDQ:INTU) Inc. is formally apologizing to users of its popular TurboTax program who rebelled against an anti-piracy feature the company introduced last year.
"I've talked one-on-one with quite a few customers, so I know this caused some of you considerable hassle and inconvenience," TurboTax general manager Tom Allanson wrote in an open letter of apology.
Mountain View-based Intuit plans to publish the letter as an advertisement in Thursday's editions of USA Today and The Wall Street Journal. The letter also will be posted on several Web sites.
Intuit is seeking forgiveness as it prepares to sell the 2003 edition of TurboTax , a program that generated $423 million, or 26 percent, of the company's revenue in its last fiscal year.
The unusual step serves as another reminder of the aggravation Intuit caused with the anti-piracy measure, known as "product activation," which was designed to prevent buyers from giving the tax program to people who hadn't paid to use it.
Intuit hoped to boost TurboTax sales with an activation code that chained the program to a single computer. The company instead faced an angry backlash from customers who abhorred the restrictions and feared product activation might allow Intuit to spy on their computer hard drives.


As you will see on the page below, if you use the RealNetworks RealDownload, Netscape/AOL Smart Download, or NetZip Download Demon utilities in their default configuration . . .

EVERY TIME you use one of these utilities to download ANY FILE from ANYWHERE on the Internet, the complete "URL address" of the file, along with a UNIQUE ID TAG that has been assigned to YOUR machine, and — in the case of Netscape's SmartDownload only — YOUR computer's individual Internet IP address, is immediately transmitted to the program's publisher.

This allows a database of your entire, personal, file download history to be assembled and uniquely associated with your individual computer . . . for whatever purpose the program's publishers may have today, or tomorrow.

Does AOL spy on you, ... 881,00.htm

A game distributed with new versions of AOL Instant Messenger does not respect users' privacy, critics say.
AOL began offering games along with the latest version of its instant messenger, and now some customers are worried that the company is playing with them, too.
People who use AOL Instant Messenger (AIM) have started complaining on AOL message boards after software bundled with AIM 5.5 began showing up in "spyware" scans. The popular chat application includes games from WildTangent, which has a tool that reports back to the company every time someone uses its products.

And everyone's favorite, Microsoft. I could provide hundreds of instances of Microsoft spying on their customers, but I’ll leave it to you to google if you need more proof. ... 003/10.php

An investigation by noted privacy advocate Richard Smith found proof that once again, the rumors were true. Using a port sniffer, Smith found that each time a DVD movie is played on a computer which is online, Media Player 8, which ships with all copies of Windows XP, contacts a Microsoft web server to get title and chapter information for the DVD. In violation of Microsoft's stated privacy policy, the server was setting a cookie with a unique identification code that enabled Microsoft to track what DVDs were being played on that particular computer. Rather than acknowledge that they had violated the privacy of their users, Microsoft merely shrugged and said "oops" before updating their privacy policy to include the behavior that they had been caught engaging in.
This wasn't the first time Microsoft has been caught lying in its privacy policy. Last year, an FTC investigation concluded that Microsoft made false promises about how secure it kept the consumer information it collected. The Director of the Bureau of Consumer Protection at the FTC, Howard Beales, said that Microsoft had been collecting information about the day and time consumers logged into participating Passport Web sites without their knowledge, and storing data for longer than it claimed.

Accel Partners, the company now financing TRUSTe.
Here's there homepage.
Lol, as soon as i logged onto their homepage "flash" tried to download, i already have the latest version. What the...

And Accel backed companies.

Theres some companies there that have had privacy concerns regarding their sites and mangement over the years, in particular Facebook and Real.
Remember Accel is the company that has effectively bought out TRUSTe.

Ok, this may be delving into the realms of fantasy, but interesting nonetheless. What do you think? ... n-you.html

The second round of funding into Facebook ($US12.7 million) came from venture capital firm Accel Partners. Its manager James Breyer was formerly chairman of the National Venture Capital Association, and served on the board with Gilman Louie, CEO of In-Q-Tel, a venture capital firm established by the CIA in 1999. One of the company's key areas of expertise is in "data mining technologies".

How would you feel about being able to be tracked via your cellphone no matter where you are.
Richard Wong from Accel partners doesn't think it's a big deal. ... 8mar08.htm

Some in the industry think wireless carriers are being too skittish. Richard Wong, a partner at venture-capital firm Accel Partners, says "operators are sometimes too careful around this issue and are stifling innovation to some degree." He says the industry isn't taking into account that younger consumers have a much more relaxed view about what constitutes an invasion of privacy than their parents.

Accenture is the company that bought out MAXIMINE, one of TRUSTe's sponsors. ... ccent.html

The Justice Department has joined three whistleblower lawsuits targeting Sun Microsystems, Hewlett-Packard and consulting giant Accenture, all of which prosecutors say defrauded the government of millions of dollars through kickbacks and rebates on massive government IT projects, according to an announcement Thursday.
The suits center on Accenture, which the government hired to help it evaluate new technology and make sure the government got the right equipment at a fair price. But the government charges that instead Accenture made $4 million cash in kickbacks from companies who landed contracts with the government through Accenture's recommendations.

Pdf's of the complaints filed available at the bottom of the page linked to above.

Accel and Accenture, very similar sounding, i'll have to look into that in more detail.

Here's a good laugh. The Privacy International Awards.

Privacy International held the 7th annual U.S. Big Brother Awards to shame the invaders and celebrate the champions of privacy. The ceremony was hosted by the 2005 Computers, Freedom, and Privacy Conference, in Seattle.

The Nominees for the Worst Corporate Invader were
- Acxiom (for a tradition of data brokering)
- Accenture (for its Government projects)
- Response Unlimited (for trying to sell the list of donors to Schiavo's parents')

I wonder if Bill thought certification by TRUSTe would stop the rumour and innuendo, lol. From what i have gathered so far just with some basic research it would seem to me that they will be only increasing the amount of stories circulating about them.
Hell, maybe that is the real motive.
Either way, thats some pretty damning information regarding TRUSTe, their sponsors and partners so far.
I wouldn't be bragging about being certified by them.

So, would I feel much better about my privacy on ATS if I were a participating member after certification by TRUSTe, well, honestly, no I wouldn’t.

I have some more information regarding a couple of the companies involved in acquisition of some of the above mentioned companies, need to do a bit more research on those also.
Stay tuned.

Btw, this isn't meant as a pick on ATS thread, there may very well be nothing at all wrong with the process and appointment of a third party watchdog, in which case all is "apples".
But nor does it mean that we should, or ATS members should take it at face value, there is no harm in checking sources and researching any given policy statements by anyone (particularly a business) that you have been involved with, are currently involved with or may be involved with in the future. :)


(disclaimer, you should never take any information you discover on the internet at face value either, i cannot vouch for the veracity of any of the information contained within this post. Check and re-check sources and look for validation from reputable sites for confirmation of any of the information contained here, as i will be doing). ;)

This thread is also posted in full at AmKon with only a few minor format changes, i have also included a link there back to Reality Uncovered and this post.

Thanks to Zep Tepi for allowing me to cross link this thread. :)

*edited to fix some formatting*
Last edited by mojo on Wed Aug 27, 2008 6:06 pm, edited 1 time in total.
User avatar
On A Quest for Reality
On A Quest for Reality
Posts: 107
Joined: Thu Jun 26, 2008 4:00 pm

Re: ATS and their TRUSTe certification.

Postby ryguy » Wed Aug 27, 2008 5:34 pm

That's an impressive write-up...and it must have taken you a great deal of time to research and write. I'm still working through it and would like to properly digest it all before responding. But I just wanted to say, nice work.

"Only a fool of a scientist would dismiss the evidence and reports in front of him and substitute his own beliefs in their place." - Paul Kurtz

The RU Blog
Top Secret Writers
User avatar
1 of the RU3
Posts: 4920
Joined: Thu Feb 23, 2006 3:49 am
Location: Another Dimension

Re: ATS and their TRUSTe certification.

Postby Zep Tepi » Wed Aug 27, 2008 6:27 pm

I'd like to echo the sentiment expressed by Ryan. Outstanding write-up and some first rate research there Mojo. I doubt any of the Amigos expected to see something as comprehensive as that!

It makes a mockery of anything ATS could claim pertaining to privacy and ethics. If anything, reading the above makes any comment they might make on the issue highly suspicious in itself.

User avatar
Zep Tepi
1 of the RU3
Posts: 2150
Joined: Wed Feb 22, 2006 12:59 pm

Re: ATS and their TRUSTe certification.

Postby moomin » Thu Aug 28, 2008 9:57 am

You know the saddest part is that ats USED to be the place where great research like this could get posted and discussed because it is interesting stuff. Nowadays it looks more and more like the online edition of weekly world news. It would be interesting to see what the response would be to the information should it ever get posted on ats but I'm sure the thread wouldn't last long before being buried. Ats should be questioning the motives of these companies, not cuddling up with them.

Posts: 28
Joined: Thu Jul 31, 2008 11:48 am

Re: ATS and their TRUSTe certification.

Postby Chorlton » Thu Aug 28, 2008 10:22 am

Well researched, thought provoking post.

I really didnt see the point of ATS calling in TRUSTe, other than it's easier for them now, when people complain, to pass the buck and simply say "Go and tell TRUSTe"

Now all they need to do is install a 'b.s. Button' for when SO or Sprinkler post anything. :lol:
I have become that which I always despised and feared........Old !

My greatest wish, would be to own my own scrapyard.
User avatar
Uncovers Reality
Uncovers Reality
Posts: 1174
Joined: Mon Oct 08, 2007 6:02 pm

Re: ATS and their TRUSTe certification.

Postby mojo » Thu Aug 28, 2008 5:57 pm

Thank’s. :)

To be honest it wasn’t all that difficult to find much of the information.
TRUSTe were extremely helpful by highlighting their main sponsors and providing a current member list.
The rest of the work was done via various search engines while I played “Internet Backgammon”. ;)

What is surprising is that ATS didn’t think that anyone would bother to delve into their association with a “for-profit” privacy watchdog funded by the businesses they are watching.

Here’s another company I pulled from the TRUSTe member list.


First here’s Nebuads Company page, with link to their privacy policy, it makes for interesting reading.

And this report regarding a senate hearing into privacy issues of online advertising. This is from July 2008. ... 2008-07-08

On the eve of a Senate Commerce, Science and Transportation Committee hearing on the privacy issues raised by online advertising, yet another cable company has pulled back from using NebuAd to track its customers. Wide Open West, a Denver-based cable provider that's been using the NebuAd since March, is ending its test of the controversial software.

Tomorrow's hearing on the Hill will give critics, who say the software and others like it violate wiretap laws because it allows carriers to track customers' communications, an opportunity to publicly air their grievances.

Cable companies and telcos say they need software like NebuAd-and it's British comrade-in-arms, Phorm-to help them develop targeted advertising for subgroups of Internet and television service users. The ad dollars, they say, are critical to their growth. Check out this Wall Street Journal story for a different look at the controversy.

And the Wall Street Journal chimes in. ... arketplace

In the past few weeks, phone operator CenturyTel Inc. and cable provider Charter Communications Inc. shelved plans to use ad-targeting technology from Silicon Valley start-up NebuAd due to privacy concerns raised by their customers and lawmakers.
Last week, another cable company, Denver-based Wide Open West, pulled the plug on NebuAd's software, which it had used since March to track its customers on the Web and subdivide them by their ...

And an article on cnet news. In fairness this article was written in 2000, but at that time TRUSTe was “not for profit”, and now that’s all changed, I would imagine this would only add to the impression that TRUSTe is now not only concerned with being a watchdog but also with turning a profit at the same time. Imo the two cannot work hand in hand.

Truste, a first-mover in online privacy seals, has gotten a tarnished reputation in the industry for turning a blind eye on alleged violations. Last year, Truste sponsor and member RealNetworks was criticized for snooping on consumers through its RealJukebox software. But Truste didn't take action against the company because it said the matter was out of the area it governs, which was the Web site itself.
"The irony is that many of these seal programs are turning into the Internet version of the old-boy network," said Ira Rothken, an attorney specializing in Internet law. "If they're being paid by the organization that they're supposed to monitor, the questions framed to them may not be the questions that privacy advocates would ask."

Apart from procedural difficulties in filing a complaint against a website, TRUSTe has not removed a seal once in more than three years for privacy violation (Hunter, 2000). There have been orders to remove the seal for those who have not renewed payment of fees. An email from the author querying how many members it had and how many have had their seals revoked was not answered.
TRUSTe's difficulties have been highlighted in the case of Real Audio and AOL. In AOL's case, a complaint was filed about the company passing information to third parties. AOL's answer was that the TRUSTe seal applied only to the site, not the site (Hunter, 2000).
In the case of Real Audio, the company's software, RealJukebox, surreptitiously monitored and collected data about the listening habits and some other activities of its users (Robinson, 1999). The company apologized but was never punished by TRUSTe because this activity was not covered by the terms of the TRUSTe seal.

An excellent article.

Here’s the abstract.

There were few differences in the privacy practices between seal authorities: TRUSTe and BBBOnLine participants offered about the same degree of privacy protection assurances and they were equal with regard to the amount or depth of personal information they requested. Notably, unsealed sites offered nearly equal privacy assurances and made fewer personal information requests than the sealed sites. However, seal program participants did provide superior access to information and assurances of data security.

And here, the complete article in PDF.

Some more.

Remember, just because a site has a privacy policy doesn't mean that the policy is in your best interest. Similarly, another "assurance" to take with a grain of salt is the TRUSTe seal. TRUSTe is a nonprofit company whose seal is supposed to ensure that a company clearly states a privacy policy and lives by the principles set in that policy. Unfortunately, TRUSTe is a paper tiger. Dependent upon the fees it receives from companies it audits, and lacking any enforcement mechanism or ability to set a penalty on violators, TRUSTe time and time again has done nothing when its clients do things that are damaging to the privacy of their users. The proof? Go to the privacy policy pages at AOL, eBay, and Yahoo. What unifies them? A TRUSTe seal of approval. Still have faith in TRUSTe?

And more. ... sty_a.html

So the next time you go to a website certified by TRUSTe, rest assured that TRUSTe will totally investigate any breaches of a privacy policy and find no evidence, even if they might have been informed months before that the breach happened, and that if it gets really bad, they will pull the seal but offer to reinstate if the company says sorry (in private, to TRUSTe).

Now to be completely fair much of this criticism of TRUSTe is from a number of years ago though the NebuAd report is only weeks old, what is disturbing is that many of the companies involved in the complaints are still certified by the TRUSTe seal.
Bill’s comment to the members of ATS that ” Confirmed complaints would result in loss of our certification, which would be potentially troublesome given the high-profile way we've announced the certification.“ just doesn’t hold water, considering that TRUSTe are notorious for not removing certification from offending companies.
I personally can’t see them becoming more aggressive towards their members and certification once they become a “for profit” organization, if anything they will become even more protective of the revenue stream.
Basically, certification by TRUSTe means absolutely nothing, and is not something that would potentially stop the staff or owners of ATS breaking some part of their own privacy policy, imho.

(ps.. I would like to find out a bit more about another TRUSTe member but I’m unable to access their site due to my location. Anyone that could help me out here it would be much appreciated).

Thanks mojo.
User avatar
On A Quest for Reality
On A Quest for Reality
Posts: 107
Joined: Thu Jun 26, 2008 4:00 pm

Re: ATS and their TRUSTe certification.

Postby Access Denied » Fri Aug 29, 2008 6:50 am

mojo wrote:To be honest it wasn’t all that difficult to find much of the information.

Yeah well if it was that “easy” everybody would be doing it. :)

Kudos to you for taking the time to research this… methinks you’ve stumbled on to a genuine conspiracy that extends beyond little ‘ol ATS.

mojo wrote:What is surprising is that ATS didn’t think that anyone would bother to delve into their association with a “for-profit” privacy watchdog funded by the businesses they are watching.

Not surprising at all, they’re used to dealing with sheeple who’ve been mind f*cked into believing ATS is on their side… no, it’s a business designed to exploit you for profit you stupid dumb f*cks! :)

[a not so subtle nod to AmKon’s equivalent of ATS Watch]

Actually, what I’d be more worried about is the advertisers they do business with…

Media Mayhem (via
Factor TG
Casale Media
Specific Media
Value Click Media
24/7 Real Media
Pulse 360

In the past ads from TribalFusion and Casale Media both tried to hijack my machine and you can’t really rely on *any* antivirus software to catch *all* zero-day exploits.

Some of these networks are clearly not preventing ad/spy/malware despite SO’s repeated denials… of course it’s always somebody else’s fault (the end user or “false positives”) because to admit otherwise would be a valid reason for folks to disregard the T&C that prohibit members from blocking *all* ads and proactively protecting themselves.

mojo wrote:(ps.. I would like to find out a bit more about another TRUSTe member but I’m unable to access their site due to my location. Anyone that could help me out here it would be much appreciated).

I take that back, you’re right this is easy, I see KnowX is owned by ChoicePoint…

ChoicePoint (NYSE: CPS) is a data aggregation company based in Alpharetta, near Atlanta, Georgia, USA, that acts as a private intelligence service to government and industry.


The company has also been the subject of lawsuits for maintaining inaccurate data, inquiries whether it allowed political bias to influence its performance of government contracts and accused of illegally selling the data of overseas citizens to the US Government.

And now LexisNexis (aka Big Brother) is taking over…

LexisNexis Parent Set to Buy ChoicePoint ... 00809.html

Publishing company Reed Elsevier, owner of the LexisNexis Group, is seeking to acquire commercial data broker ChoicePoint in a $4.1 billion cash deal that would create a global information-gathering powerhouse that would collect and analyze billions of records about who people are, where they live and with whom, and what they own.

With customers including government agencies, insurance companies, banks, rental apartments, corporate personnel offices and private investigators, the combined company's reach would extend from national security offices to the living rooms of ordinary Americans.

Both companies have played key roles in law enforcement, homeland security and intelligence. Both have also had identity-theft and security problems.

Men go and come but Earth abides.
User avatar
Access Denied
1 of the RU3
Posts: 2740
Joined: Tue Jan 09, 2007 7:32 am
Location: [redacted]

Re: ATS and their TRUSTe certification.

Postby mojo » Sat Aug 30, 2008 12:47 am


Wow AD...i mean this is all just from scraping the surface of TRUSTe sponsors and members. in particular got alarm bells ringing when i tried to find out a bit more about them. For some reason being in Australia i am unable to access their home site?

tribal fusion and Casale are renowned for their tactics.

did you cross reference ATS advertisers against TRUSTe's member list?
that might be interesting. ;)
thanks for the help.

User avatar
On A Quest for Reality
On A Quest for Reality
Posts: 107
Joined: Thu Jun 26, 2008 4:00 pm

Re: ATS and their TRUSTe certification.

Postby mojo » Sat Aug 30, 2008 4:45 am

Media Mayhem (via (not on TRUSTe member list)
DoubleClick (is a TRUSTe member) Aquired by google in march of this year.
Mediaplex (not on TRUSTe member list)
Eyeblaster (not on TRUSTe member list)
Eyewonder (not on TRUSTe member list)
Interpolls (not on TRUSTe member list)
PointRoll (not on TRUSTe member list)
Unicast (not on TRUSTe member list)
Safecount (is a TRUSTe member)
Factor TG (not on TRUSTe member list)
TribalFusion (not on TRUSTe member list)
Casale Media (is a TRUSTe member)
Specific Media (not on TRUSTe member list)
Value Click Media (not on TRUSTe member list)
24/7 Real Media (is a TRUSTe member)
Pulse 360 (not on TRUSTe member list)
That doesn't really help...or did it. Once again its not difficult to find privacy concerns/complaints associated with the TRUSTe clients.
Google aquisition of Doubleclick. ... 9720070719
WASHINGTON, July 18 (Reuters) - Lawmakers in Congress plan to hold hearings to air concerns about Google Inc.'s (GOOG.O: Quote, Profile, Research, Stock Buzz) proposed acquisition of Web advertising supplier DoubleClick Inc.
The Senate's antitrust subcommittee is planning a hearing this autumn to delve into how the combination of the companies will affect competition in the market for Internet advertising, a source familiar with the plans said on Wednesday.
The panel is expected to ask executives from Google, as well as Microsoft Corp (MSFT.O: Quote, Profile, Research, Stock Buzz). and Yahoo! (YHOO.O: Quote, Profile, Research, Stock Buzz) to appear, the source said.
In addition, the Wall Street Journal reported that a House Commerce subcommittee is also planning a hearing on the Google-Doubleclick deal and would focus on privacy concerns.
I highly reccomend listening to this interview with Dan Kaminsky at the bottom of the page regarding internet security.

Title : DoubleClick opt-out system ineffective
Report : SPR #2001-01-22
Vendor : DoubleClick.
Status : problem reported, report acknowledged and unresolved for months; report published
References : Bogus Opt-Out Activation page

The IT Consulting Group of The Elvey Partnership has discovered a privacy violation at DoubleClick that exposes the browsing activity of the public to DoubleClick's tracking systems, even for users who have opted out. A thorough analysis of the opt-out system documentation indicates that it only blocks cookie-based tracking. IP based tracking is unaffected. This vulnerability affects all users on static or near-static IPs,

Safecount.(a digital data collection company).
Why was safecount formed, page3. ... 089-1.html
Industry groups are lobbying vendors like Webroot to change the way they treat cookies. Interactive agency executives and third-party measurement firms in April formed Safecount, a group dedicated to countering anti-cookie concerns. It is compiling a set of best practices that would enable a company's cookies to get on a "good list" that could receive different treatment by anti-spyware software.

An article by Adam Peneburg about 'cookies"..
The exceptions are third-party cookies—also known as "tracking cookies"—placed by an entity (usually a marketing or advertising company) that's interested in tagging visitors. Often they make sure a user won't be hit with the same ad twice; others guarantee that someone who says they have an interest in sports gets different ads than someone who likes gadgets. But third-party cookies could also be used to compile a dossier of surfing habits. Say you visit a Web site with cookies served by a marketing company like DoubleClick. The cookie it dispatches will come alive every time you visit another site that does business with DoubleClick. That means it could track you over dozens of sites, logging every article you read, every ad you click on, and every gadget and gizmo you buy without your knowledge or approval.
Casale Media uses anonymous cookie files to control ad delivery factors including frequency (the number of times an ad is shown to a user over a specified period of time).[6]
Many personal computer security software programs will detect and quarantine or remove cookies used by Casale Media.

Real Media has been highlighted as having security/privacy concerns in previous post.

So 4 of the 16 companies that do business with ATS highlighted by AD are on the TRUSTe memberlist, and all 4 have some concerns at first glance.

What is interesting is the multiple connections many of the sites/companies on the memberlist have with the Main Sponsors of TRUSTe. Many of them are subsidiaries.
The Main Sponsors in many instances are massive corporations that have a very poor privacy record, yet TRUSTe have never, as far as i can tell, taken any action against them.
The question remains, how does certification by TRUSTe allay any fears ATS members might have regarding their privacy. Judging by the evidence so far, it doesn’t. In fact, i would be even more concerned.

[side note, just for giggles]
What i hadn't seen before was this press release from Media Mayhem. Lol.
"Media Mayhem Signs Exclusive Deal with - Building the Company's Sci-Fi Vertical" ... secret.pdf acts as a tremendous resource for Government projects and facilities, including the notorious Area
51 in Nevada, as well as "Alien-related laws", government contractors, agencies and aircraft projects, such as the
famous Aurora hypersonic spy plane.

It's simply not possible to conduct an Internet search on conspiracy theory topics without encountering the leader, ATS.
Notable members and contributors have included the likes of Stanton Friedman, NASA mission commanders, USGS
senior scientists, authors, and even presidential candidates. The ATS Website has been seen in the "bull pen" of news
rooms, sourced on MSNBC, discussed on PBS, shown on CNN, quoted on the History Channel, and is linked to by over
10,000 different Web sites. The "Gold Standard" of ATS discussions have helped to alter NASA procedures, influenced
political candidates, aided law enforcement, and exposed harmful cults.
User avatar
On A Quest for Reality
On A Quest for Reality
Posts: 107
Joined: Thu Jun 26, 2008 4:00 pm

Re: ATS and their TRUSTe certification.

Postby mojo » Wed Sep 03, 2008 5:52 pm

Not sure who jimmyx is but his comment in this thread was just completely ignored.
Perhaps its true, there really are not very many members left on ATS willing to do just a little bit of basic research and who are not afraid to question 'the amigo's". ... pid4916515

jimmyx wrote:
Originally posted by TheAvenger
The new Goggle Chrome browser says that this site contains malware, and one must give permission to proceed or it is blocked.

you might want to look at some of the affilations of the new security companies associated with ATS thru TRUSTe, interesting to say the least. their website is at the bottom of each page.
we need a good hack who can give us more info on the people that run these companies and their involvement

Sad really, that one of the few intelligent questions in numerous threads gets completely overlooked..
Oh well, their welcome to the malware/adware/spyware and invasion of privacy, in fact most of them probably deserve it.
They seem to think that invasion of privacy only means ATS passing on their email or reading the odd u2u.
What is really happening imho is that everything else, their posting habits, the sites they visit before and after ATS, the topics they read, their likes and dislikes are all being collected, if not by ATS then by one of the many ad companies they deal with.
And what will TRUSTe do about it if they are caught, sweet bugger all.
Can't kill the cash cow.

A random thought....could ATS, with the help of their new partners be compiling a massive database of their members habits, likes and dislikes, ip addresses (which are linked to each post they make) thereby allowing marketing companies to target a specific audience, not only by their personal preference but also by location. What a prize, could well be worth quite a bit of money.

reposting this snippet.

Say you visit a Web site with cookies served by a marketing company like DoubleClick. The cookie it dispatches will come alive every time you visit another site that does business with DoubleClick. That means it could track you over dozens of sites, logging every article you read, every ad you click on, and every gadget and gizmo you buy without your knowledge or approval.

and reposting this snippet from AD. ... 00809.html

Publishing company Reed Elsevier, owner of the LexisNexis Group, is seeking to acquire commercial data broker ChoicePoint in a $4.1 billion cash deal that would create a global information-gathering powerhouse that would collect and analyze billions of records about who people are, where they live and with whom, and what they own.

Why does google pay so much for Doubleclick. ... =rss_daily

Three billion dollars? On Apr. 13, Google announced that it would pay $3.1 billion for the advertising outfit DoubleClick. Just two weeks ago, as reports surfaced that the company could go for $2 billion, the price was considered lofty but justifiable. Now, Google (GOOG) is forking over 20 times DoubleClick's estimated revenues of $150 million
Paid search advertising will account for more than 40% of the $19.5 billion expected to go to online advertising this year, according to a Mar. 7 eMarketer report. Google grabs about two-thirds of the search advertising market. Much of that growth has stemmed from the ability of search engines to find consumers who have demonstrated an interest in a certain product.

Display advertising, which is often broken up by the medium, has not been as vibrant as search in recent years. In an October report, eMarketer put the display advertising number at $3.34 billion for 2006 and expected it to grow to $4.5 billion by 2010. Meanwhile, paid search advertising accounted for $6.76 billion of online ad spending in 2006 and was projected to grow to $10.3 billion by 2010.

But what was it that Doubleclick had that google wanted so badly.
Information, a massive database of user profiles.

The leading Web advertising company plans to build a database of consumer profiles that will include each user's "name, address, retail, catalog and online purchase histories, and demographic data," according to the company's new privacy policy. The database, which the company says will only be seen by DoubleClick, is intended to help members of its budding, U.S.-based Abacus Alliance perfect their target marketing.

The move comes a little over a month after New York-based DoubleClick completed its $1.7 billion acquisition of Abacus Direct and in the wake of the Federal Trade Commission's November probe on the growing trend of online profiling. Privacy advocates, who protested the deal from the start, have unsuccessfully tried to get the FTC to review the implications of the merger because they say it means one thing for consumers: less privacy.

Until recently, DoubleClick's policy was to not correlate personal information with its 100 million cookies, which are scattered worldwide. But the new database will rely on the cookies, which the company places on Net users' computers to record surfing habits and display pertinent advertising. Net users aren't informed when they are given a DoubleClick cookie unless their browser is preset to do so, but they can "opt out" through the company's Web site.

So what ATS is worth is not the user content, it is the information that the user provides about themself that they don't realize they are doing.
How much information could they be gathering, what kind of information.
Already we know they can roughly estimate your location based on your IP which is logged to each post you make.
Do any of the third party cookies track ypour movements to other sites when you leave ATS, do you notice ads that seem to be related to things you are interested in whenever you are on ATS?

Information, possibly a more valuable commodity than anyother in this age.
User avatar
On A Quest for Reality
On A Quest for Reality
Posts: 107
Joined: Thu Jun 26, 2008 4:00 pm

Re: ATS and their TRUSTe certification.

Postby torbjon » Thu Sep 04, 2008 2:54 am


Nail, on head, *Whack!* Sunk it in one.

Although I gotta say, I'm a bit surprised that you haven't read (or at least quoted from) this yet:

It's all there in black and white... um, gray and white... whatever.

Note the wording. I'm sure it will (or did) turn your stomach as much as it did mine. They state quite clearly that they, um, "share" demographic data with advertisers. If people actually can't understand the writing on that wall, S.O. says it a little more clearly here (bottom of the page)

In that line he uses the word "revealed" as opposed to "shared" or "sold" but whatever... I'm in the same boat as that daystrom dude, my surfing habits are "private" and "personal" (and much much more Valuable) to me than my "real" personal info...

You asked if any third party cookies track our movements and use that info to target ads? The answer is Yes, and they have been for a while now, it's not really a secret. Doublelclick is one of 'em that does it...

In the past ATS countered member concerns with "it's third party, it's not us" and "no Personal data is gathered"


In my book my surfing habits ARE personal. And Valuable. Very Very Valuable.

To further support your investigation lemme tell you a little very recent up to the minute story:

I hate IE with a passion. It's part of my system so I can't delete the thing but that doesn't mean that I have to use it, so I don't. I have a handful of other browsers that I use for work and pleasure, and I've let IE just sit there and rot...

So, earlier this year when I started to get involved with this Watch stuff it became apparent that I would actually have to Go to ATS to do research, and not wanting to compromise my system or give them any more data than I absolutely HAD to I decided to get over my hatred of IE and use that browser to surf ATS.

Since I NEVER used that browser for anything else ever (not even porn) the ads I saw on ATS stayed pretty consistent over time: Boy Toys. Cars and Trucks, First Person Shooters and World of Warcraft, Wristwatchs and Suits... Boy Toys *shrugs*

So, about a week ago in steps the ultimate in research assistants and my partner in crime; Nola, my four and half year old daughter. I've let Nola use my computer since she was three. (NOT unsupervised *pokes*) She has a bunch of software that is hers that she gets to use, and she's big on using Notepad and learning to type...

Well, about a week ago she decided she was bored with her games and toys and wanted to advance to the next level of computer literacy: The Internet....

Since I don't want her messing around with My stuff I set her up with IE, made the home page one of those "kids" sites where it doesn't matter what you click on, it either stays there or takes you to another "kids" site... (again, she does Not get to do this unsupervised yet, but ya gotta learn sometime, right?)

She's in heaven with this. She's feeling very grown up about it and is making her own choices and decisions as to what to click and what to play and so on...

Bit of background info: Neither her mother nor I have ever done anything to gender-type this kid. As an infant she got random clothes and toys which included what would traditionally be dubbed as "boys" stuff (ie blue pants and shirt, fire truck, toy guns, etc.) and she was allowed to choose what she liked. As she grows older she gets to pick more and more of her clothes and toys, and she has opted to be a very girlie girl: lots of pink and dresses instead of pants, Barbie dolls and ponies, that sort of stuff.

Sooo, when given free rein and allowed to "click at will" she of course would click on alla the pink things, the flowery things, the Girlie things *shrugs*

She's been doing this for some days now in IE (which, again, I never use except to check out ATS)

So today I peek in here, see the work you are doing, and decide to dig up those links for you... I fire up IE... and what do you think I see?

GONE are the Boy Toy ads, now I see nothing but Girlie Girl ads. World of Warcraft has been replaced by some Fairy Tale Princess game, trips to Hawaii and Miami are now trips to Disneyland, mens suits are now girls dresses, mens wristwatches are now girlie girl jewelry and so on...

However, I'm SURE it's just a coincidence and my daughters surfing habits had NO impact on the ads placed on ATS by third party vendors, right? It's just a fluke *rolls eyes* ya, in a pigs eye.

My advice to anyone who gives a crap about their Real "personal data" (ie your Habits and how folks can Use your habits against you) would be to never go to ATS again.... but if you simply must then clear your cookies before and after each visit, and if yer really smart you'll run a few security scans on your system after each visit too... Trust No One... ESPECIALLY that guy saying "trust me" *grins*

Okay, so, Maybe your actual Name is not attached to your Habits... you are still a Statistic on a Government Chart, how special does That make you feel?

Keep 'em flying Mojo, love your work (nice avatar, too.. FFFB rule!)

Expendable Guy. The show is no good without them.
User avatar
Focused on Reality
Focused on Reality
Posts: 378
Joined: Thu Apr 03, 2008 7:08 am
Location: New Jersey

Re: ATS and their TRUSTe certification.

Postby mojo » Thu Sep 04, 2008 4:59 am

torbjon wrote:Mojo:

Nail, on head, *Whack!* Sunk it in one.

Although I gotta say, I'm a bit surprised that you haven't read (or at least quoted from) this yet:

It's all there in black and white... um, gray and white... whatever.

Note the wording. I'm sure it will (or did) turn your stomach as much as it did mine. They state quite clearly that they, um, "share" demographic data with advertisers. If people actually can't understand the writing on that wall, S.O. says it a little more clearly here (bottom of the page)

In that line he uses the word "revealed" as opposed to "shared" or "sold" but whatever... I'm in the same boat as that daystrom dude, my surfing habits are "private" and "personal" (and much much more Valuable) to me than my "real" personal info...

Haha, well i could have used their own words i guess, but i do so enjoy the hunt, the chase and the catch.

The example you gave of your daughters surfing habits being revealed via targeted advertising is a good one, one that i can also confirm.
I have four kids (all girls) *sigh*..the oldest is 13 and spends a lot of time on msm, and lots of fashion and music sites, the twins are 8 and spend most of their time on beany kids and dress ups, and cartoon sites.
When i'm just surfing or fooling around i use the same browser (ie), just easier.
Whenever i visit ATS after my kids have been on the computer the ads there are very specifically targeted to girly stuff as you already mentioned, however when i visit ATS using my serious browser's the ads are specifically male or neutral.

You've given me a great idea for an experiment, thanks.


( lol, im so glad someone picked the fffb avvy ).
User avatar
On A Quest for Reality
On A Quest for Reality
Posts: 107
Joined: Thu Jun 26, 2008 4:00 pm

Re: ATS and their TRUSTe certification.

Postby Access Denied » Thu Sep 04, 2008 8:21 am

At the risk of being redundant…

[leave it to Torbjon to cut right to the chase]


Nice work Mojo, that press release from Media Mayhem cracks me up!

“Sci-Fi Vertical”? They got the fiction part right.

Stanton Friedman? UFOlogy’s #1 disinformationalist and profiteer. Check.

Cited by several major news outlets? Both times for hoaxes… “leaked” FBI router document and faked O’Hare UFO pic. Check.

Regarding badware…

Disinfo & Deflection ... pid4916488

Skeptic Overloard wrote:Folks... please, give me some data. So far, I have ZERO ATS-specific data from anyone claiming to be getting virus alerts when on ATS.

If this is true, we want to fix it quickly. However, if we don't get anything specific showing an ATS URL and logged issue, there's nothing we can do.

Our servers are scanned weekly for potential imbedded viruses.

Our code is continually monitored for potential exploits that could insert viruses/malware.

We have a contract security firm that is tasked with keeping track of potential problems that could result in issues like this.

All software on all our web-facing servers are updated to the most current versions with the most current levels of security.

So far, no scans or manual reviews have revealed anything.

That’s great but who said the malicious software would be coming from ATS servers and would log as an “ATS URL”?

The issue is “content” delivered (or “data” obtained) by ATS ad partners… or otherwise.

What's an IFrame attack and why should I care? ...

[emphasis mine]

An IFrame (which isn't another Apple product - it stands for "inline frame") is just a way of loading one web page inside another, usually from a different server. That can be useful for building online applications. But malware writers can make the included page just one pixel square - meaning you can't even see it's there - and obfuscate the JavaScript that will run automatically from that included page so that it looks something like %6C%20%66%72%61%6D%65%62%6F – leaving no obvious clue that it's malicious.

When this idea got going, the IFrame code would be inserted by hacking web servers, or adding it to banner advertisements. Over the past six months, however, there has been a huge growth in the use of "poisoned" search results.

Educate thyself.

Bill then goes on to say “according to Google's Safe Browsing, we're clean” and gives this link… ...

Where it says…

“Of the 55 pages we tested on the site over the past 90 days, 0 page(s) resulted in malicious software being downloaded and installed without user consent.”

Wow, only 55 pages on ATS? Was the scanner logged in like a normal ATS user? Is this scanning in real-time and capable of catching the occasional malicious code that might “slip through” an IFRAME excluded from crawling by say a robots.txt?

Oh and Bill says he uses a Mac… great way to test your web site for problems with something only 5% of your visitors will use and crackers won’t waste their time writing exploits for… amateur.

Now getting back to the privacy issue…

[from the ATS Privacy Policy]

Third Party Data Cookies:

Advertising networks that serve advertising on may write their own cookies for the purposes of determining advertising frequency and relevance. We have performed reasonable diligence on all advertising networks authorized to serve ads on our websites to ensure that their data cookies are for this purpose and nothing more. Many of the providers serving display ads on provide users with the ability to opt-out of these third-party cookies.

Define “reasonable diligence”? Testing with a Mac?

As Mojo noted a number of these “third parties” are also unTRUSTe members and we know some TRUSTe members are contracted to provide tracking information to intelligence agencies.

Does “reasonable diligence” include checking to see if any of these “third parties” are owned by other TRUSTe members or other entities that do business with the government?

Don’t like it?

[from the ATS T&C]

4b) Ad Blockers: As is provided as a free service, in part through the income of our advertising, you agree not to use "ad-blocking" software or similar built-in web browser options while using the website(s).

“In part”?

P.S. How many times do I have to tell you alternative browser snobs? Internet Explorer is safe if you go to Tools > Internet Options > Security > Restricted Sites and add * to the list… and as added bonus you won’t be artificially inflating (doubling) their statistics every time you click on a thread because it will only count as one hit instead of two.

[a gold star to the first person who can indentify what’s behind that “glitch”]

Oh, and one last ATS scam for the day... ever impressed by how many folks are logged on to ATS? Me either. Ever notice RU automatically logs you out after a specified time interval?

Code: Select all

User-agent: *
Disallow: /forum/single/
Disallow: /forum/mem/
Disallow: /forum/cc.php
Men go and come but Earth abides.
User avatar
Access Denied
1 of the RU3
Posts: 2740
Joined: Tue Jan 09, 2007 7:32 am
Location: [redacted]

Re: ATS and their TRUSTe certification.

Postby Bibliophile » Thu Sep 11, 2008 11:21 pm

I have to laugh every time I see this thread and every time I see this little bit of "reassurance" over at ATS. As I said elsewhere in this forum, I do not trust those people with my pet rock. Interestingly, I stumbled on Lear's April vids for Project Camelot and listened to them while tasking. Lear thinks ATS is a CIA front. I have got to stop hanging around these conspiracy fora. I am having trouble distinguishing reality from fantasy.

Onward . . .

I have posted over there under the anonymous moniker, but my posts are never approved for publication despite the fact that they are thoughtful and respectful. Has anyone else had this problem? Is this alleged anonymous moniker actually a sock puppet for the 3A's, which they use to nudge threads from time to time?

Let us say that I have used a number of methods to post using the anonymous feature and not once was one of my submissions posted. Considering how many times I tried, the number of machines I used, the range of topics I covered, and the quality of my submissions, something should have made it through the crucible.

The failure rate seems a little ridiculous.

"When a true genius appears, you will know him by this sign: that all the dunces are in a confederacy against him." ~ Jonathan Swift
User avatar
Posts: 22
Joined: Fri Jul 25, 2008 8:55 pm
Location: 90° South

Re: ATS and their TRUSTe certification.

Postby torbjon » Fri Sep 12, 2008 5:02 am

The only "anon" posts I've had that actually made it through their filtering system were of the "you guys are so cool" type. My "polite and civil" questions did not make the grade, nor did simply offering "valuable" information to a topic make the grade (usually in the form of things like Wiki links but a few times I offered "the answer" ie "that's NASA picture such and such, better copies are availible elsewhere online for your examination" etc.)

How / why Wiki links and raw data could / should be filtered out is, on the surface, beyond me. Like you, I can see no "logical" reason for not including certain "anon" posts to various topics at ATS, especially those which fit all of the criteria which ATS claims they desire and require (ie civil, polite, non disruptive, and Deny Ignorance)

It would seem that perhaps the primary function of Anonymous Posting at ATS is not to gather civil, polite, non disruptive and Deny Ignorance type of information anonymously from people...

Your suggestion that it is perhaps a tool for the staff and management of ATS to further manipulate thread flow sounds plausible.

Obviously, further investigation would be required...

Feel like amassing some data and presenting it here? A well written article with some facts and figures is always worth a hoot and a holler, ya know? *grins*

keep 'em flying
Expendable Guy. The show is no good without them.
User avatar
Focused on Reality
Focused on Reality
Posts: 378
Joined: Thu Apr 03, 2008 7:08 am
Location: New Jersey



Return to ATS Watch

Who is online

Users browsing this forum: No registered users and 10 guests