Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> Don't invade my privacy

To varying extents, saying you don't do this is really hard for any third party application integrated into a website. Unfortunately, we can't pull up contextual search results about a text selection without consulting a third party service like Bing or Duck Duck Go, so I doubt that we'll be able to do much better than offering an "opt out" feature in our UI.

> Don't insert text into my cut and paste buffers

We don't currently do this, but if our users ask for it, there is a good chance we will add it. Since it does sound like a frustrating thing, we can push to make it an "opt in" feature on the site owner's side, as opposed to the default behavior. At least that way, it'll only happen when the site owner really wants it to.

> Don't steal my search abilities

I don't believe we currently inhibit your ability to search with your engine of choice. If you find that we do, please let me know!

> Don't steal my mouse clicks

We don't "steal" your mouse clicks (though we do listen to them ;), and we do try to make sure the window only pops up when you have selected text. This experience will hopefully improve over time. Unfortunately, not doing this prevents the app from working in the first place (unless you have a better way to implement it)

> Don't pop up windows

Again, not doing this makes it difficult to have the app in the first place. I know its not for everyone, but a lot of our users really enjoy this functionality.

> Don't break my browser

That's something I can definitely do. Please let me know if you notice us breaking your browser in any way :) us not breaking your browser is one of my highest concerns.



What you've all just witnessed is power talk masquerading as service talk.

What cdata has actually said is, "Sorry, you're not our customer. The websites that use us are our customers. Your feedback isn't really wanted. Fuck off."

The "fuck off" meta-message is aimed at the rest of us as much as it is aimed at jerrya. It emphasizes two things. One, cdata is going to pursue a strategy of nitpickery, mockery, and isolation to dis-empower dissatisfied victims of his company's software, under the guise of smoothing ruffled feathers. The strategy is containment, not satisfaction. Think of what satisfaction would have looked like, then compare it to cdata's post. Two, it emphasizes that we can participate in the game of isolating jerrya, and doing so will shield us from his treatment, as well as the harsh treatment of any who join in. Additionally, as soon as the first toady chimes in, the apparent perception of an emergent group dynamic aimed at belittling jerrya, bolstering the perceived value in siding with the group or staying away altogether.

Now, I am using the same tactics, I assure you. The difference is that I believe that you can see that I have a good warrant for using it, namely that it is precisely the surreptitious use of the tactic that must be discouraged.

Don't let cdata get away with it. It's not polite and it harms the process by which we can provide feedback about our distaste to people who want to wreck the Internet for personal gain.


I agree with some of what you say, although the argument might be more effective in less drastic language.

My reading of cdata's note boils down to this:

  * We will collect your data if there's a buck to be made
  * We will continue to muck up your copy+paste buffers
    with URLs/attribution/info if our subscribers want that 
    to happen
  * We will monitor your mouse clicks
  * There will be popups
  * I'm trying to be affable ;) ;) ;)
  * Your browser will still work fine for certain 
    definitions of "fine" ;) ;) ;)


i.e just about the same analysis as mkn's, only less confrontationally phrased.


Well, I don't think cdata's response sets the stage for other, well-informed HN readers to distance themselves from jerrya's position. cdata is not speaking from a position of significant power or influence--actually I think cdata's hands are tied somewhat in terms of tactics, acting as a quasi-official company spokesman. IMHO this area is the most adventurous of mkn's remarks.


It's not just about confrontation. mkn's "analysis" is built upon a ton of extraordinarily negative assumptions about intention that don't appear to have any real justification at all. More importantly, it's not a very constructive post - I find it quite disruptive. It doesn't focus on the problem or potential solutions.

What's so difficult about saying "My concerns are X, Y and Z. Your proposal does not address X and Y because ...."? If cdata doesn't address such a specific statement THEN maybe mkn can resort to questioning intention, but UNTIL then mkn is just derailing the conversation.


Very interesting analysis. The dark arts are dangerous! If I were cdata, I would have just said "If you don't like it, use noscript." I've been using noscript (and adblock plus) on Firefox for quite some time now, and every time I give the internet a chance and browse without it I'm always disappointed. If having annoying sites wrecks the internet, I consider it already wrecked.

I think the privacy issues have been understated. My first thought was to wave it off as "they're not seeing anything that's not public text anyway", since I was placing it in the context of reading a NYT article or something. But what if a web admin adds this plugin to a site on areas that aren't public? Two (probably unlikely, but I don't have much data) scenarios that came to my mind were: A viewer highlights their bank account number, oh look, CloudFlare has that now (and if it's context-aware can piece together what the number means). A site offers a random password generator, user highlights it to copy/paste it--oops.

Here's hoping that if Linux's Chromium gets this 'feature' baked in, it's opt-in only.


Services like Apture actually make the web stronger by exposing it's cracks.

A few years from now web browsers will have protected Copy/Paste. That will be a good thing but you wouldn't have gotten there without services that used scripts to hijack Copy/Paste in the first place.

And that protected copy/paste might have a metadata field that captures Apture-esque info on the client side while you do normal Copy/Paste and I can imagine a very useful Paste+ shortcut that spits out the clipboard contents in a link to the source.


I would love an extension that would do something like that. I clip some text and the first paste is the text, and the next paste is the link. Or the paste is a properly formatted html link, or properly formatted wiki link.

I would load that in a heartbeat.


I think this is the nastiest thing I've ever read by someone who wasn't obviously trolling. If your goal was to make people pick sides, mission accomplished.


If it was up to HN users, no website would have advertising on it.

HN users are very far removed from normal users. HN feedback is interesting, but it's not as useful as feedback from normal people.


Are we reading the same thing? What the...just wow.

"we can provide feedback about our distaste to people who want to wreck the Internet for personal gain." Pot calling the kettle black much? This would be me providing feedback then.


Wait, what the... I don't even understand what you're saying here. How is he the pot at all here?


I know its not for everyone, but a lot of our users really enjoy this functionality.

I think you made a typo there, you surely meant to write: "a lot of our advertisers enjoy this functionality".

Right?

Because, as you are most certainly aware, nobody "enjoys" these keyword/selection-popup scams.

You are free to taint your name for the sake of scamming some clicks out of the computer illiterates (those with the AOL-toolbars). But please at least spare us the hypocrisy here; it's plain old intrusive advertising of the worst kind, and you know that.


Some people like the Google toolbar. I don't use it personally (nor would I ever choose to), but that doesn't mean it doesn't hold value for other people.

That said, two facts for you:

1) We don't gain any kind of advertising revenue from this app, nor do we serve adds through this app on behalf of third parties. This app is specifically intended to be a value-add for our users.

2) Apture really is one of our most popular third party apps, and apps are entirely opt-in. You'll see that through your own lens, of course, but through ours it means that, when Apture shuts down, our users will lose one of the features that they enjoy using through our service.


> Some people like the Google toolbar. I don't use it personally (nor would I ever choose to), but that doesn't mean it doesn't hold value for other people.

So, if you don't like the Google toolbar, you simply don't install it in your browser.

With Apture, you don't get to choose. If you like it, it's only available on some websites. If you don't, you have to go through some adblock or privacy block rigamarole to prevent it (and other clones, like yours) from interfering with your ability to select text on the web.

It is a prime candidate for functionality that should be provided by the browser, not the website. Sure, it can be nice to do a mockup in JavaScript to demonstrate and experimenting with the functionality without patching your browser. But it shouldn't be something that random webmasters are enabling on a whim, because they think that their users just might like it. That's akin to bundling Google Toolbar with some random software that someone's downloading, just because you think that they might like it.


Just so we're clear, by users, you don't mean actual people sitting in front of web browsers, you mean CloudFlare Customers. In general, people using web browsers despise the Apture services - particularly when they can't be overridden, or if they are poorly done (The stupid popups interfering with web browsing behavior - particularly on small mobile screens).

Just because it's popular, doesn't mean you should be doing it. On the flip side, if you do it in an _elegant_ manner that allows the individual using their web browser to regain control over this behavior - win-win all around.


Yes, you are correct. Our users are the site owners, and their users are the ones who encounter Apture and similar "apps" in the wild. This is why, as I've said in other replies, the suggestion that we provide an easy opt-in / opt-out mechanism is well taken.

I _want_ to make this something that is elegant and useful, not just from the average internet-goers perspective, but also from the perspective of my peers and colleagues (and luckily, I'm in a good position to do so). I'm glad that some of the readers here have been willing to offer constructive and valuable suggestions about how I can do that :)


Users don't want it. The only valid constructive criticism I think you can take away from this exchange is "don't do it."


What you guys are doing would be the equivalent of Geocities offering a one-click-install animated rainbow GIF background for websites... Just because lots of the Geocities customers would have chosen to install such a 'product' doesn't make it a good idea for the users down the line ;)

Of course it's not your place to determine how your customers interact with their users, which is the point most people in this thread seem to be missing. This is good marketing for CloudFlare, plain and simple; if the users of your customer's site don't like it they can complain and/or stop using the site.


>> Apture really is one of our most popular third party apps

Site operators are not always the best group to determine what makes an overall good browsing experience. In this case, I agree with the other posters that the service changes the nature of a browsing experience in a way that is unwelcome.

I remember when blink and marquee tags were popular among site owners.


One of my clients still has a marquee (with jquery upgrades) and I installed it on their site for them. Does that make me evil?

If cdata's customers site visitors don't come back then this will feed back through the chain - cdata is making the tool not using it; blaming gun makers for murder, etc., etc..


I do. I'm a huge fan, actually.


"> Don't invade my privacy

To varying extents, saying you don't do this is really hard for any third party application integrated into a website. Unfortunately, we can't pull up contextual search results about a text selection without consulting a third party service like Bing or Duck Duck Go, so I doubt that we'll be able to do much better than offering an "opt out" feature in our UI."

Well, this was specifically something apture did that was broken. In their implementation, they captured every text selection regardless of whether I wanted to just cut and paste it, or have it be searched for, or was just absently clicking and thinking. Presumably, you only have to pull contextualize it, if I have asked for that behavior, and even so, it should be possible to do most/all of that in my browser, and never at your servers.


Thank you for clarifying what you meant by this. As it turns out, we actually changed the behavior at the last minute to do a search query every time text is selected (which is what I believe you are saying is bad about Apture). We made this change because we figured it would be a better experience for users if the larger window were populated with search results as soon as it expanded.

However, now that you've framed it from a privacy perspective, it is obvious to me how this can feel really invasive. The intent to search should activate the query. Thanks for the constructive suggestion!


> (unless you have a better way to implement it)

Actually I do. Here are a couple of ideas.

The problem is that the application gets in the way of the normal user interaction with the browser. However, there are ways you can provide the service you want without breaking UI expectations:

* Display an icon next to the selected text that opens any desired popup instead of opening it by default

* Check out the HTML5 context menus (currently works in Firefox) https://bug617528.bugzilla.mozilla.org/attachment.cgi?id=554... for adding you own search options or a "copy with attribution" action without hijacking the context menu

In addition to all that you could definitely provide an opt-out mechanism for users from your website, identifying them with a cookie or IP.


Thanks, this is a really cool suggestion. Until now, I was totally unaware of the HTML5 context menu. Also, I really like the idea of using an icon that tries to flow well with the body of the text instead of obtrusively covering it up.

And once again, some kind of opt-in and opt-on setting for our users to choose for their sites is definitely something I want to experiment with integrating.


I think the point is that your product by definition breaks the browser by interrupting the users workflow. You product adds no benefit to the user of the website, and most people don't like it. If you made it opt in, those who enjoy what you're doing will be happy and you won't break the web for the rest of us.


We (CloudFlare) are in a pretty nice position, in that we can present a simple UI to our users (site owners) that allows them to fully configure the apps we serve without requiring them to touch any code. Giving site owners the option to present site visitors with a UI where they can opt-in sounds like a really novel and practical idea, and one I would personally like to experiment with implementing. Thanks for the suggestion!


>> Don't invade my privacy

> so I doubt that we'll be able to do much better than offering an "opt out" feature in our UI.

How about you dont send my every selection to your service UNTIL and UNLESS I do an additional click to ask for contextual information. I really really don't like to not being able to select a frigging text w/o it being sent to seme server.

>> Don't insert text into my cut and paste buffers

> We don't currently do this, but if our users ask for it, there is a good chance we will add it ...

As others just said it can be "translated" as "fuck off, we can make a buck here and we don't care it annoys the hell out of you"

>> Don't pop up windows

> Again, not doing this makes it difficult to have the app in the first place

How about making it much less intrusive. light up some widget in the sidebar or top window corner. not right there where I just clicked obscuring the text under it which I might just be reading.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: