Beating zango and cookie overwriting
 

Correct me if im wrong but sponsors could easily solve this little problem by not allowing cookies to be overwritten for say half an hour.. i think thats a fair time period..

If there was ever a thread that should be bumped its this one.. send this message to your sponsors and bump the shit out of this thread..

If all sponsors did this it would take alot of value out of zango's traffic and others who piggyback on the hard work of webmasters

black vagina findah?

i have a few other solutions planned as well stay tuned , if theres anything you think would also help please post away

I Luv you smokey

Bump for goodness

Smokey, if sponsors stopped using cookies and instead "wrote" the affiliate ID onto every page as it loads (PHP can do it, and cgi can do it even faster), it would assure that the code would carry all the way to the end.

They can also use things like php session info to carry it forward.

They can also log and look at things like "suddenly appearing affiliate codes" on the signup page that don't have any other click matched to them.

There are any number of things to do, but before they can happen, the sponsors have to want to make it happen. Honestly, there is no money in it for the sponsors, and in fact some of them that are buying clicks over their affiliates would like lose by paying out the big per signup rates the brag about endlessly.

........

Great thread, Smokey :)!

double post...

Good idea in theory. But I think it would be exploited somehow.

well most sponsors dont rely entirely on cookies , but the other ways you mentioned are harder to spot and may not catch the problem.. ( def good ideas to start with though )

Like some f the problems arent pages being written but pages being popped overtop of other pages.. so if you click my bangrbos ref code link a popup pops a few seconds later with the same page , overwriting the original cookie

thats what this thread is for :thumbsup making sure it cant be ..

the way they would get around it would leave them open for some big lawsuits ( i.e. changing content )

I spoke to CCBILL on this and it's not as easy as you would think. But we do need more involvement from them on this.


Read this and comment.

http://www.gofuckyourself.com/showthread.php?t=665658

Smokey, if BB put your code on every page, and as the person clicked through in that browser, your code would be on it.

Now, if the surfer used the new window popped up, well, yeah, then you would be fucked.

However, if BB did a little velocity checking, they would see the same surfer getting a new cookie within seconds of the previous one... that would be enough. Most programs don't check how old the previous cookie was before re-writing... it they did, they might find some interesting data.

If the tour on average takes 5 minutes to do, then the original cookie should be good for 5 minutes.

Paul, the hardest part is that in theory, the conversion rates don't change... NET NET NET the same number of people are going to signup, because there isn't new surfers being generated from this, just existing ones hijacked.

However, it is worth looking at people with exceptionally GOOD conversion rates (they might be doing substitutions or overwrites only at the join page, example) or people who have a significantlly larger number of refering URL than normal, or people who have huge amounts of traffic with NO refering URL.

Especially important if someone is generating signups with the traffic apparently coming from domains they do not own.

Alex

well as mentioned the zango thing isnt cookie writing its popups that make a new cookie over your cookie

example. if you went to google right now typed in bangbros , and found 2 links with ref codes.. if you clicked the first one it sets a cookie with your ref code , if you close the window , and then go back to google click a dif ref code and signup , that person gets the credit, zango takes advantage of this and pops up an alternate ref link when someone visits your ref link thus creating a new cookie..

if the cookie was set so it couldnt be overwritten for say half an hour it would make this practise worthless as both links would be promoting the original ref code

i see what your saying :thumbsup

should also note you dont want to set the cookie to long or sponsors run the risk of people "cookie dropping" , as i noticed this earlier this year on a few big tgp's ( i.e. the tgp had hundreds of hidden frames to set cookies for various sponsors )

I'm not so sure it is in the benefit of sponsors, what happens to type in traffic, SEO traffic, traffic that never came via an affiliate. This could be harming them as well as affiliates.

good points and the most important one , is if affiliates are getting ripped they will stop promoting you , if your not being promoted these programs have nobody to ripoff thus the sponsor makes 100% of nothing

This is done on MOST if not ALL affiliate programs. Please don't tell me some affiliate programs rely on cookies alone. You would lose a small % of people that don't allow cookies.

I have suggested that from the beggining and actually knnow of a few sponsors working on this as we speak. Short term perminate cookies.

:thumbsup :thumbsup

it doesnt matter if its zango atm... there are a lot of other black hat stuff that can be down to change aff codes on the fly regardless of cookies...

and i am quite sure that people are already doing this...

bump............

The difference is in clear cut legality... modifying an affiliate code on the fly or intentionally modifying a cookie could cross the line into "interference with a business relationship". That is one of the reasons why Zango is so precise with their bullshit and double talk.

You are right, I am sure it is done... but it all gets back to tracking what your affiliates are actually doing and spotting the patterns.

Smokey, you mentioned the problem yourself...

Allowing 30 minute permanent cookies would mean that TGPs for example could put hundreds of hidden frames or image links on their pages which load link codes, tagging the surfer and then the links on the galleries would nolonger actually make the gallery owner any money since the permanent cookie will block the new ones coming in..

The idea in general, due to how zango works, is good though, simply by using a very short term permanent cookie of around 15-30 seconds.

I'll be looking into that.

as alex mentioned , the difference is partly in legality..

this would force sponsors to steal from their own affiliates instead of paying someone else to do it, then if they get caught they can be sued directly ( not to say they cant be sued directly as it is , but its a little bit fuzzier anyways )

true but tgp's are already doing that , it doesnt need to be 30 mins lets say a little longer than 30 seconds though ( well dont say the real number publicly but perhaps something like 5 mins )

Glad to hear you guys are onboard with finding a solution :thumbsup

bump to get rid of the crap :)

Good thread.

Yes, TGPs are doing it, but right now, the last cookie counts, so it does not help them one bit.

might even be interesting if you did something like switched to perm cookies for a set period of time just to track and find affiliates that only make sales on recently rewritten cookies , this way those affiliates would be isolated , like if nats simply did this for a day certain affiliates that were gainig sales by rewriting their cookies would get zero sales thus be readily apparent

for nats .. not all sponsors work the same way

bump 4 me

Why do you think there are always "spam me with CCBill sites" threads around here? There are people out there popping hundreds of thousands of zero frames with CCBill sites in them to get the cookies set, hoping to score a free sale or two a day.

It's amazing to watch.

Bump 4 u

Exactly, me and our webmasters are going to spend the whole day looking at the ratios, traffic, traffic sources, conversions, affiliates and anything else I can think of.

Will see if there is a move away from steady affiliates to affiliates who are rapidly improving.

I will name names if I have the proof.

Paul, you may also want to look for different affiliates from the same city / country that show referals from the same domains, or that have all suddenly started selling. YOu may find that they spread it out over many accounts as well to try to blend into the background noise.

a possible (but not a likely solution) is determining what triggers Zango to pop their ads

its most likely the domain or ip of the link being visited

without going too deep, could sponsors create a special "landing" domain / ip combination using simple aliases that zango pays no attention to?

or

this might be somewhat inefficient and impractical, but an in house session database that stores IPs and OS/browser information for unique hits... that way if another ad pops over or someone comes back it just matches the IP and other details to give credit to the correct affiliate (of course a sale or two could slip through the cracks with dynamic ips... but its not THAT likely since you're matching machine specific data to the IP)

this would probably require a few extra workhorse boxes to distribute this load w/o effecting load times that much... but sponsors might find this worth it to them to gain new interest & trust from affiliates

It'd be nice...It'd be interesting to see whether longer cookies affected review sites too...

Personally I'm thinking the sponsors can see which users are zango and which arent...They probably don't care as long as the sales keep flowing.

You know what might be fun and short-term effective too against zago is to goto their competition and buy a fucking shit load of keywords with anything fucked up webmasters or programs use to get to zango :pimp so sure it would send the traffic to dickheadripoff.com lol but at least it would fuck zango lol :1orglaugh

then just rinse wash repeat :)

There are solutions to implement to stop affiliates from inside the same network over writing cookies - its not too complicated.

This only deals with a % of the problem though. If we freeze these guys and kick the out - what do they do? They sign up with a similar program, and carry on.

So, what about the zango advertisers that use a competing program and are popping over your affiliate site with a competitors?.

The 1st job for sponsors is to make it clear in their TOS that adware use is a fundemental breach of the agreement. Run reports, & police their own back yard from scum users internal to their network. Thats the easy part.

We then have to police the rest of the industry, externally. Sponsors can use affiliatefairplay or ben edlemen to run detailed reports and supply video captures of competitors popping over our affiliates sites.

I see lots of sponsors saying "yeh we're against adware, if you see anyone using it tell us" - Theya re putting the onus on everyone else. So they will act on it if someone monitors it for them.

Its a step in the right direction but we need to be more pro-active than that. Zango promtion will only become unprofitable if we catch and freeze most of the time not some of the time.

OK another twist on this problem. Can it be programmed to write a cookie where none exists and leave an existing one alone?

We have always had a lot of our own traffic, Affiliates send traffic here via CCBILL http://www.paulmarkhamteens.com/tour/ we have traffic that goes here http://www.paulmarkhamteens.com/tour2/ not via CCBILL, for instance the links on the content store and type in from http://www.paulmarkhamteens.com/

This traffic does not have a cookie and it looks like we are losing numbers from this section. Could it be cookies being installed?

Give me a list of programs that are doing this and I will look into them and them download them onto a secure computer in the office. Then my webmaster and I will surf the net and see what pops up.

Affiliates who want me to test their links can ask nicely, sponsors can pay me.

Anyone popping anything up will be reported to the sponsor and on here. Would be nice if we could link a number to a name.

I'm not knocking the intentions of this thread, but isn't it too narrowly focused?

A surfer clicks a link on my site and the scumware triggered window (usually) pops on top of the site I want him to visit. At this point my chance of selling him anything has already taken a major dive.

The issue of overwriting cookies actually only becomes relevant if the same sponsor is popped as the one which I am promoting. And even then only when cookies are the sole tracking method. If the surfer joins, carrying someone else's referrer ID (because he clicks on the page which showed above mine), correcting the cookie - I believe - will not help.

Bumpers!

Kudos to looking at a countermeasure this way. If it was stopped or curtailed at the sponsor level then the solution would address several nefarious scumware/stealware applications out there and not solely Zango.

bump for the bear

Idiot.78

Using ie domain bugs it's possible to create cookies that CAN'T be overwritten.