Wow, the author is not exaggerating when saying it is a scam.
Looking at the .feedback page for Stack Overflow, it says at the top, in fairly large letters "We make Stack Overflow, where the world's developers get answers, share knowledge & find jobs they love. Also proud builders of the @stackexchange Q&A network."
Then at the absolute bottom, in small, washed out print it says "Disclaimer: This site is provided to facilitate free speech regarding Stack Overflow. No direct endorsement or association should be conferred."
So, users are not supposed to confer that a page claiming to be by the makers of stack overflow, are associated with SO? Beyond any reasonable doubt, the people behind that site are trying to scam visitors.
If the creators of the .feedback pages are also the TLD owners, it seems obvious to me that they should face legal charges and be stripped of the TLD.
> So, users are not supposed to confer that a page claiming to be by the makers of stack overflow, are associated with SO?
Yes, pretty clearly trademark infringement IMO. Confusingly similar, their websites purport to be run by the very organizations they're trying to extort. The disclaimer is IMO not sufficiently clear.
SO is humorously classified as a "local business". NYC HN-ers, could you drop by the SO offices and ask a Python question for me? I keep getting these `ImportError`s...
I haven't done too much looking, but that seems fairly common so far. Microsoft is also a "local business", and Google is an ISP. I mean, Google Fiber is really cool, but that's not how most people use it
In 22 years of living in germany, ive never once heard anyone use that atrocity of a word or anything close to it - I guess it's a joke-word from the tv series How I met your mother making fun of the fact that many complex german words are just glued together from other words, eg. Krankenhaus ("ill building" or "building for the ill"). This does not mean that every compound word you theoretically could form is actually a valid german word.
Isn't that true? After 2 years in Germany, it was my feeling that you could freely associate several words into one. I'll defer to your 22 years of expertise, obviously.
You totally can. Technically sometimes you need a certain conjugation or a linking "s", but usually you just combine the words.
I guess they meant that not every compound word is one that Germans actually use (as you would expect when somebody claims "it's a German word"). But you can totally make up words on the spot that every German will understand
I think "Stack Overflow Admin"'s response to Dan Manny should speak for itself:
> You fucking moron!!! You lost money because you were so stupid and not being able to differentiate bad code from good code. StackOverflow is not you free personal assistant. You should kill yourself for being so stupid.
From reading the "reviews" at http://www.stackoverflow.feedback/reviews, I get the feeling the entire .feedback TLD will soon be hosting all kinds of 4chan-alike pages and the owners will have to take the sites down because of the NSFW things that will be posted there...
Looks like all their pages have the word "scam" on them somewhere now. I also see some script alert() and other stuff that suggest they've got a lot of security bugs and people, either on here or elsewhere, have taken it upon themselves to inject/change a bunch of content so people realize it's all scammy.
It is a scam, but the reality is nobody will ever go to these domains, they will never be ranked in google or bing. So who cares. I could create a site called myfeedbacksite.com/google or google.myfeedbacksite.com.. same thing.
If you owned one of those sites, you'd probably be a bit concerned. You're probably wondering right now if it's worth it to take action, wait for another company to do so, or hope that it never gets traction, like you suggest.
Also, the domains you suggested are quite different from the current situation. A site like myfeedbacksite.com/google is clearly not owned or operated by Google. Very few people would be confused. Whereas a site named google.feedback is far more confusing. Not sure anyone would know if it's an official Google site or not.
You should only be concerned about people who know enough to tell that `google.com.feedba.ck` is probably not owned by google, but don't know enough to tell the same about `google.feedback`. I really don't think this covers a lot of people.
Two points:
- I do think they are concerned about google.com.feedba.ck, those lawyers need to fill up their day.
- google.com.feedba.ck is far more sketchy looking than google.feedback. It's far easier to fool someone with the latter, and therefore far more of a thread.
If someone puts up a site or page claiming to be a company or entity that they're not (i.e., "We make Stack Overflow, where the world's developers get answers...") then that's not a domain name or TLD issue.
It's another issue altogether that should be dealt with legally.
> Looking at the .feedback page for Stack Overflow, it says at the top, in fairly large letters "We make Stack Overflow, where the world's developers get answers, share knowledge & find jobs they love. Also proud builders of the @stackexchange Q&A network."
Plus it also looks decently designed and not like an easy to spot scam. I could easily see the average, non tech-savvy users fall for that.
Consumers will eventually learn, as they always do. Try to educate anyone you meet that brings up .feedback. If anyone on social media talks about it, link them this article.
You must be joking or have no experience beyond 1 or 2 people. The vast majority of the online population does not learn nor care about these details. The massive amount of scams that continue to exist and grow is evidence enough.
If people did something as simple as confirming the domain listed in the address bar is the site they should be on, we would see a major decrease in malware, but alas the situation continues.
The flipside of this is that if nobody visits .feedback domains, they won't be able to scam anyone. Users don't need to learn anything to avoid them, because they probably won't ever hear about them in the first place.
If they have no audience, they can be safely ignored. No reason to pay $600/yr for hypotheticals.
All I meant was, the moment someone brings up a .feedback domain or "Google's new feedback service," just let them know it's a scam and move on.
Scamming is a multi-million dollar sophisticated business. Scammers use various forms of advertisements from online advertisements to cold-calling potential victims to carry out their scams. That's how potential victims fall prey to scams and end up visiting malicious websites. That's how an audience for scamming is created.
The amount of education you spread (and assuming it's remembered and trusted) will never match the advertising and other underhanded methods scammers will use to trick people into visiting and believing this is a real site. They work on the scale of billions of online users.
They aren't going to scam Google, or any legally capable entity.
I imagine they will follow the Yelp scam model - post bad reviews against smaller companies, out so them, and charge to remove the malicious information.
whois google.feedback returns the phone number +1.1978600872, which is not a valid US area code last I checked. The address appears to be a PO box in Seattle.
facebook.feedback has the same bogus phone number and the same PO box as google.feedback.
myaccount.feedback (where they send you if you try to vote on anything, presumably other things too) has a residential address on Mercer Island, WA and a Google Voice number listed.
Calling the Google Voice number results in a voicemail where a person identifies themselves as "Jay" (presumably Jay Westerdal[0] of Top Level Spectrum, Inc who owns the .feedback TLD[1])
Another thing of interest is that myaccount.feedback encourages you to login with Google/Facebook/Twitter/LinkedIn
> ICANN's core values are creativity, innovation, and respect the flow of information. The .Feedback registry is innovating and following those core values by allowing transparency with an independent review system that can be operated by anyone willing to sponsor a name. The .Feedback domain is different from all the other registries. It is human nature to fear change and innovation, this registry doesn't want to be in the business of selling just DNS domains like every other registry. We want to innovate!
(Innovation my ass...)
Also2, this seems to be the official page for the operation:
> I would like to add that IMHO all new TLDs are scam. Brand owners are forced to register their name in many of them.
.feedback is just the tip of the iceberg.
I think this is the core issue here. I remember that a few of ICANN's new TLDs caused similar issues. The idea of selling TLDs to companies for use at their discretion is horrible enough, but they also seem to be completely ignorant of this problem.
This feels as if ICANN is trying to become the new FIFA.
(I don't really have much empathy for google etc having to pay $600 a year, but the same problem could also hit lots of small sites. Also with the current trend, TLDs seem to loose all structure and meaning and just turn into another brand vehicle or trade asset)
I actually did a fairly robust empirical analysis of the extent to which brand owners did 'register their name in many of them' back when the round of ICANN gTLD expansions was happening.
The conclusion was that both currently-fashionable arguments were kinda bogus: the new gTLDs couldn't deal with 'artificial scarcity' in any real sense, if it even existed, and yet few brand owners were defensively registering in the existing domains (even .org) so claims that it would extract massive economic rent were also overblown.
Comparing ICANN to FIFA is exactly how I have described them in the past. Having been to ICANN conferences, I can confidently say they answer to no-one at this point and it shows.
On the topic of scams, has anyone ever discovered what ICANN did with the enormous amount of money it raised by selling these TLDs at a premium?
I recall .blog being purchased by Automattic for 15-20M (that being just 1 example).
ICANN is to tech what the SEC is to finance: A corporate revolving-door where you join to do your corporate-masters bidding and then move back to your 7-figure job.
That how the conspiracy-minded assume it works because it fits their world view better, but there's little evidence to support it. Insightful finance journalist (and former investment banker) Matt Levine often suggests that the revolving-door incentives are the reverse: Create tough and complicated regulations while you work at the SEC so that a big bank will have to hire you to help navigate those regulations.
I worked for a feedback company in the past. Nobody cares even when they pay for a feedback widget and get the reports emailed/pushed to their managers. Most of the clients didn't even login to the site or collect the feedback (sign up for notifications, download a csv, etc). AFAICT, companies paid for the feedback widget to check some box on a yearly powerpoint along the lines of "manages user feedback". It's a good racket to be in once you realize that nobody cares about your product and just wants a good-looking widget that is effectively write once. You just build good sales and relationship managers then hit up enterprise.
I'm 90% sure that the entire concept of the feedback form/widget is only still with us as a way of channeling user rage into non-social platforms. "Here, complain into this void that won't hurt our public opinion!"
The places I've seen collect feedback use it partly for what you say, partly to collect praise they can plaster on their sites as well as on powerpoint to boast to the board. The complaints go nowhere, but the praise is sometimes cherished.
I think that google is kind of complicit in this then since the only way to get the stars under your listings in paid search listings or product listings is to have a certain amount of ratings using some "approved" site that they look at. We have been able to speak with the few customers that have left negative feedback and resolve issues, so it isn't useless. But Google is certainly helping to push the industry.
Not necessarily. TLDs don't rank any better than anything else. Google/Bing don't rank you just because you have a word in your tld. It's a minor signal.
It's not so much what the machines think, it's that moving from the convention of `company.domain` to `.company` confuses users and allows scams like this to happen.
GTLDs were introduced only a few years ago, but it's clear the implementers were conflicted by reckoning the freedom of the "earlier internet" with what the internet has become today. They wanted to honor the freedom of the DNS system. But they also recognized the internet has changed enormously. Today, the internet is largely ruled by large brands, just as most mainstream media is.
The GTLD system is a pretty poor compromise between those two positions. User's don't have freedom of the early DNS system, and brands now have a huge enforcement burden to mange. Registering sites like coca-cola.fun and coca-cola.shopping are almost certainly not allowed, and will be shut-down eventually, but it now costs Coke a sizable sum to monitor and take down the infringing websites.
Ick. In a way, it is a sort of corporate version of those mugshot sites.
I understand a lot of other scams. (Not condone, but I see the attraction of running it.) This one just seems like a lot of work to put into something that I really don't see the targeted companies choosing to go along with. Seems like borrowing a ton of grief - at the very least, they'll be hearing from a bunch of crabby lawyers.
> $600 is less than the cost of lawyer time for a worthwhile response
I'd love to see NewEgg get involved in this. They have a history of going after patent and other legal trolls for the sole purpose of discouraging that type of behaviour. [0]
Sadly, it seems no one has bothered to register newegg.feedback...
It's essentially the same business model -- attract user-generated content that looks bad for a company, then demand money from them to make it go away.
Reminds me of GetSatisfaction back in the day. It was never as much of an outright scam as this, but they definitely had that protection racket vibe about it.
I do remember the pitchforks and burning effigies around the GetSatisfaction drama a while back.
For those that don't know, GetSatisfaction is/was a 'user support' site designed for users of a particular app/service to provide support to each other - only the fact that it wasn't an official support page was not immediately obvious. They had a line somewhere on the page that said something like "We hope that a support rep from the company will chime in on these threads" but not much else.
People ended up getting extremely frustrated with the companies in question, believing that the company was ignoring them when questions went unanswered.
To their credit, I think they changed things and made the situation clearer when several companies lambasted them on social media, but I don't know that they ever fully recovered and became as popular as they were before that.
Yeah, this is way more likely than paying 600. Amazon lawyers are a very very brutish sort. I've worked with them.
Another possibility is that the site is trying to give the impression big companies are paying so when they go after small fry it'll go easier on them.
Amazon makes that money in about 6 seconds. I don't think they would even bother to threaten them, but that's just my opinion. Maybe that's the motivation behind the scam as well?
Aren't all ICANN accredited registrars bound by the UDRP[1]? It seems like any domain registered "on behalf" of a company could easily be taken down / claimed by the UDRP process.
Yup you're right, there's effectively no way to avoid the UDRP with domain names, with very few exceptions, usually around country code TLDs. These domains should be relatively trivial to take down for big stakeholders I'd have thought, if the experience of the UDRP case load over '.sucks' domains is anything to go by. That and of course the UDRP's well studied and documented bias towards large trademark holders thanks to the "pursuer pays" business model they use. I'd imagine a compelling argument can be drafted that these are bad faith registrations of another company's registered mark, especially if you look at the criteria the UDRP uses.
I'm always surprised how few people in the software industry know anything about the UDRP, especially in light of some of its incredibly questionable decisions over the years, and the huge impact it can have on a software business. It's pretty interesting as one of the few large scale examples of a privatized court system, and also one of the only globally enforceable trademark systems ever conceived (thanks to ICANN's total control of the DNS system), much to the annoyance of many non-US governments.
You can't do "or pay $600/year to take the web site down". There are laws against that. It's called extortionate. That being said, they could be more subtle like Glassdoor / Yelp / etc. People would actually have to find .feedback domains useful for that to happen however. My sense is that this will just go nowhere, no business will be made, and it's all a lot of sound and fury over nothing.
> You can't do "or pay $600/year to take the web site down".
Okay, IANAL, but that probably is not true.
Well, at least not in that way. They could for example, sell the .feedback domain to company owners, in regards that owner can either enable or disable user-given feedback.
Else, they could run the .feedback domain that point for a specific company, and nothing stops them, reason is pretty clear - it's their TLD, and if they got approved by ICANN, then nothing stops them in illegal way (copyright infringement are as powerful as ICANN is).
Wording things differently very often has significant legal impact, depending on the situation and context.
I have no legal training, but regularly review lengthy legal contracts and discuss them with lawyers, and tiny changes in wording can have huge implications in what they mean.
Outside of legal contracts, many agreements (such as an agreement over email, or even verbal) can be considered legally binding, and so could be affected similarly when it comes to wording.
An example away from contracts (written or otherwise): salesmen and bribing. "I'd like you to buy my company's product, let me take you to an expensive restaurant to discuss the opportunity" is fine (roughly, in some cases and depending on the monetary value of the meal it might be against company policy or in some cases even illegal, but usually fine), vs. "If you buy my company's product I will take you to an expensive restaurant" which isn't fine. (Speaking from experience, having a) had plenty of experience on both sides of the sales table, including being specifically offered bribes and including being "client entertained" including some cases where I couldn't accept even though it would have been legally not considered bribery, and also from the experience of having to write, and enforce, anti-bribery / anti-corruption company policies.)
I was a bit sloppy in my original statement. Yes, if you word a contract differently it will often have a different meaning, that's not really just a rewording, that's a material change. Same with other agreements. The different wording describes different requirements for fulfilling a contract.
An example of what I'm talking about is the difference between gifts and loans. Say you're applying for a mortgage, and I give you $50k as a gift. Sure, you can use that as a down payment. But if I make you agree to pay the $50k "gift" back as a condition, it's not a gift, it's a loan, and calling it a gift is mortgage fraud. No matter how you word it, you can't change a loan into a gift.
Just like with extortion. Extortion is an act, and you can carefully word it all you want, but it doesn't change the fact of extortion, but it may make it easier or more difficult to prove.
But I'm not trying to say something especially deep here, just that it's common for people to look at the language of the law and believe that they can avoid consequences by rewording a few things.
That's a scary precedent... Sure, similar things have been done to prevent visitors from attacks, but this is at best a platform for expressing criticism and at worst a sleazy shakedown of the companies being criticized (not the visitors), and to my knowledge the anti-phishing/malware warnings haven't been used to merely oppose competing interests or stifle ideas.
The whole point of arbitrary TLDs was to enforce self-segregation for some industries (porn above all), so I expect systems dedicated to web-filtering have adopted or will eventually adopt some policy on the subject. I guess .feedback should be considered "fraud, scam".
I can think of a lot of parties that would love precedent for Google censoring stuff from their DNS. Parties Google really doesn't want to be seen as on the same side with.
An unethical and shamefully pathetic extortion scheme. This is really a disappointing and completely uninnovative, destructive direction to take the internet in
Tangential but important. Some new domain endings are really focussed on an ethical approach to using what we view as important public infrastructure (meaningful words + DNS = impact). At home.eco we embedded ethics into our governance (ICANN Contract) our corporate DNA (B Corp) and our product (profiles.eco). We think there is real potential to leverage the DNS for good.
Couldn't companies do a class-action on the fact that they pre-registered domains with trademarks belonging to other companies but not giving those domains to those companies?
There's precedent for getting a domain based on trademark from someone else.
I dunno, between tobacco companies, oil companies, and the earlier thongs pretty much every major industry did that stimulated the labor movement from the 19th Century into the early 20th, these guys are small fry. Capitalism gives capitalism a bad name.
I am not much of a fan but I think such stuff is completely in the domain of humanity and human nature. I can't think of any political or economic system that can suppress the evil and good that comprise the human species.
This feels very similar to Trustpilot in my opinion. The format and description of the company (in the first person) is extremely similar. The only difference is branding. Trustpilot don't have a domain looking like the company, but companies can pay to take control of their brand on the platform.
I edited the site's content changing the name and description to a more appropriate one, whilst still staying entirely professional, but it failed to save the adjusted content. -1 for user-friendliness
They also own .sucks... of which they were charging $2500 per domain. I don't know why these manipulative TLDs are allowable without considerable regulation. This latest example seems to be more directly extortion, and is likely illegal in many places.
Yeah, this whole TLD expansion program seems like it was extremely poorly handled by ICANN. I think it was a good idea to expand TLDs beyond the country codes and the original ones (TLDs like .travel or .nyc are genuinely useful), but approving TLDs that could be used for defamation (like .sucks) or scams like this is clearly a huge mistake. Also, putting it in the hands of private companies that can charge extortionate rates for domains is just terrible.
Where do you draw the line on this? I can understand that unknown companies running on some obscure GTLD might raise suspicion, but what about a personal blog or someone's side project?
.info is the furthest I'd go. At a push. I'll also still click on ".google" and other reputable corp vanity domains if the content appears on HN and looks interesting enough.
This is why people should move to things like OpenNIC or to a DNS-less address scheme like the ones used in namecoin/tor/i2p. The ICANN scammers should be stopped.
If you click through "Claim this site" there doesn't seem to be anything in the form of verification, seems that just anyone can claim them. The price for SO was $750 though, not $600.
First, while it has been reported that Registry pre-registered 5,000 domains this is incorrect. We have not registered the sites you mentioned. You can check the whois and look up the owners.
Second, The pricing referenced is out of date and not accurate. Prices can be found as low as $5 for a .feedback domain. Check out Crazydomains.com
If StackOverflow did actually register stackoverflow.feedback I would understand the WHOIS data, but then I don't understand the purpose of the following disclaimer:
"Disclaimer: This site is provided to facilitate free speech regarding Stack Overflow. No direct endorsement or association should be conferred."
That disclaimer seems to imply that StackOverflow didn't register the domain. Care to explain why the WHOIS data says otherwise?
A site that provides uncensored free speech aimed at companies is considered a huge scam? It looks like the comments are not manipulated, and I appreciate that authenticity more than practices happening around Google, YouTube, Facebook etc.
How is this a scam? The result is obviously just a ratings site which never purports to be the sites referenced in their URL...why does it matter if you type in google.feedback or feedback.com/google or google.feedback.com into your browser? No reasonable person could be misled to believe that google.feedback/ was at all related to Google.
edit: Okay, I guess it is a pretty messed up website. If you go to reply to something, it gives you the ability to "officially" reply (as, say Google) for a mere $29 per message. This doesn't seem like extortion, but it is a pretty horrible business idea.
> No reasonable person could be misled to believe that google.feedback/ was at all related to Google.
Mate, that is 100% confusing to anyone on the internet.
Especially more so now that google uses their own TLD for some of their blogs/services. So `blog.google` is google. `google.com` is google, but `google.feedback` isn't. Please explain...
People who don't understand how domain names work are probably just as likely to be fooled by 'feedback.com/google' as they are by 'google.feedback'. I don't really get this either. It's obvious from the content of the site that it's not run by Google.
Looking at the .feedback page for Stack Overflow, it says at the top, in fairly large letters "We make Stack Overflow, where the world's developers get answers, share knowledge & find jobs they love. Also proud builders of the @stackexchange Q&A network."
Then at the absolute bottom, in small, washed out print it says "Disclaimer: This site is provided to facilitate free speech regarding Stack Overflow. No direct endorsement or association should be conferred."
So, users are not supposed to confer that a page claiming to be by the makers of stack overflow, are associated with SO? Beyond any reasonable doubt, the people behind that site are trying to scam visitors.
If the creators of the .feedback pages are also the TLD owners, it seems obvious to me that they should face legal charges and be stripped of the TLD.