
Google and Paint.NET need to stop misleading users (2013) - smacktoward
https://jasonlefkowitz.net/2013/03/google-and-paint-net-need-to-stop-misleading-users/
======
zeta0134
I'm curious why these ads are even allowed to get through the network in the
first place. Is there just NO content reviewing taking place? That's seems
negligent on Google's part. There is no reason for an ad like that to exist on
any webpage, period. It should have been blocked at the source.

Where is the 3-strikes policy in the ad space? Google is so eager to punish
its Youtube streamers for running questionably offensive content, and yet it
continues to let advertising scum like this run rampant across its ecosystem.

~~~
ben_jones
I wonder if they ran an A/B test on customer spending depending on the time it
takes from "uploading" an ad to the network and the ad showing positive
metrics. My guess is the result of such a finding would impact the duration
and thoroughness of the review process.

And my guess is youtubers make up such a small slice of revenue that the
threat of lawsuits outweighs the convenience of the customer.

~~~
ocdtrekkie
I highly doubt it has to do with the time it takes to have someone review the
submission. Google does not like hiring people to do things it thinks
algorithms can do adequately, because people cost a lot more than servers.

~~~
jfim
At least on adwords, you get a "quality score" for ads, which is essentially a
clickthrough rate, which lowers your cost per impression. In this case, I
assume those ads get a high clickthrough rate due to being terribly
misleading, which leads the algorithm to believe these ads are the most
appropriate for this ad slot (they are if the only metric you care about is
money going into Google's pockets).

------
ajmarsh
[https://ninite.com/](https://ninite.com/) Accept no substitutes when
installing on Windows.

~~~
FlorianRappl
Looks nice, but I would always prefer Chocolatey
([https://chocolatey.org/packages](https://chocolatey.org/packages)). Reason:
More (and easier to customize) packages / applications to get.

~~~
nandhp
Ninite has the advantage of being self-contained in a single executable,
though. Chocolatey looks like something you have to install, which makes it
poorly suited for quickly installing something on a machine that's not yours.

~~~
hackbinary
Chocolatey is like apt for Windows. It is _worth_ the install.

------
johnnyb9
Everyone seems to give Google the benefit of the doubt here. Is it possible
they aren't doing anything because they are making lots of money from this
ethical grey area?

The incentives seem perfectly aligned... the advertiser doubtlessly doesn't
care about whether it's a scrupulous ad or not. Paint.NET authors make money,
and Google makes money.

~~~
Camillo
If the toolbars, as is typical, end up hijacking the search engine, or
injecting their own ads on pages, then Google loses money.

~~~
pawadu
And yet this happens. All the time. In adsense, on youtube, on Google+, on the
Play store and basically in every other customer-facing Google business. I can
see two reasons for that:

1\. A not-my-problem mentality at Google

2\. Google is trying to replace human intelligence with AI pseudo-intelligence
which has turned out to be really _really_ easy to fool

I believe it's actually a combination of the two and it scares the crap out of
me thinking these guys want to create self driving (and flying!) cars.

~~~
nolok
I think you should look at point 3., slightly different from 1: everytime
Google acts on something like this, they show that they can act.

If the damage it causes them, both in profit and image, is not very large then
it might very well not be worth it to risk setting a precedent than Google is
responsible for policing their ads. It is exactly the scenario they were
caught in with YouTube, and becoming the police there didn't help them at all
compared to the previous status quo.

Of course that's the good scenario, the bad one would be that Google, being of
a size and importance that can be called a monopoly in the Internet ad space,
would be violating these "fraudsters" rights since technically what they do
may not be breaking any laws, which would lead to this becoming a precedent
and all the others who currently try to keep themselves mostly clean in their
ads would be vindicated to go evil too.

I'm not saying these are the real reasons, but again if the damage and risk
they represent is insignificantly small relative to the whole, why would
Google risk opening that can of worms.

------
jug
I find that article hilarious with this context:
[https://arstechnica.com/information-
technology/2016/02/googl...](https://arstechnica.com/information-
technology/2016/02/google-now-blocking-websites-that-show-fake-download-
buttons/)

~~~
kuschku
Yet, nothing of that sort has happened.

Screenshot taken 2 minutes ago:
[http://i.imgur.com/FOcB46m.png](http://i.imgur.com/FOcB46m.png)

~~~
ascom
Here is a small sample of ads I have blocked from my sites:
[https://imgur.com/a/5SD9b](https://imgur.com/a/5SD9b)

------
jameshart
The terrible experience of pulling down an installer for Paint.net was one of
the final straws that pushed me to move over to using chocolatey for windows
workstation setup.

    
    
       > choco install paint.net
    

Unfortunately, while that allows me to never see fake download-button ads when
pulling down software for my machine, one place it's still a nightmare in is
the world of getting minecraft mods installed on a kid's computer. Picking out
the real download link from among all the fake ads is sometimes a real
challenge.

~~~
ThomW
I was going to say - obviously the author of this post hasn't looked for
Minecraft mods, because there the problem is far worse.

~~~
phit_
is it? 99% of the mods nowadays can be downloaded from Curse [1] without any
ads and for easy mod management you can even install their launcher

those that can't, can be usually found on this site with their official
download site linked [2]

[1] [https://minecraft.curseforge.com/](https://minecraft.curseforge.com/) [2]
[https://bot.notenoughmods.com/](https://bot.notenoughmods.com/)

~~~
DanBC
>and for easy mod management you can even install their launcher

Does that launcher ask for the username and password?

That's a pretty lousy message to be teaching mostly children about password
security.

~~~
phit_
no it does not, it launches the vanilla client in which you enter your
username and password so it goes directly to Mojang! the launcher (technically
a wrapper around the normal launcher) was recently rebranded to Twitch
Launcher since Amazon (Twitch) bought Curse

[https://mods.curse.com/client](https://mods.curse.com/client)

~~~
DanBC
Ah, that's good. Thanks for the correction.

------
giancarlostoro
My question is why is it so easy to have advertisements that directly link to
downloadable software? If I'm clicking on an advertisement I want to know more
about a product, not be forced to run a binary of which I have no certainty of
it's true purpose. Or am I thinking wrong? If you disallow download based
advertising including linking to pages that only offer you a download, this
could be a little more useful against malvertisements. More reason to run an
adblocker.

~~~
ethbro
I can't believe Google couldn't categoricatically add context to these type of
ads if they really cared.

Google knows the ad link. Google can crawl the target page / file. If it's an
installer, Google can run it in a VM and note what ends up being installed.

If you can't pull a clear "this is crapware" signal out of that, then their ML
is a lot less advanced than it seems.

And if they can, then just automatically put a stronger visual border around
it with something like "This is an advertisement" in bold. Then let
advertisers sort it out. Google penalizes SEO they disagree with all the time,
and people stop doing it because they don't want to take the hit.

And I'm pretty sure it is (image recognition) and they don't... so...
advertising buys trump "don't be evil."

~~~
sundvor
They _would_ care if thousands of organisations pulled their advertising over
it.

~~~
giancarlostoro
I really wish this were the case. It would be nice if more organizations were
more action oriented against malvertisement. I seem to recall there was one
blog / news site that got rid of Google Adsense from their website here on HN
not over a year ago, and I'm sure others have. It's really sad that Google
doesn't put any effort (that we know, though we would see less of this)
against these advertisements.

------
deprave
People must remember that Google is first and foremost an advertising company.
90% of its revenue comes directly from advertising. Anyone who thinks they
will prioritize anything over ad revenue is either very naive or very stupid.

Google's CEO declared it's "AI first" and they developed TensorFlow. If they
wanted to, they could have easily prevented those ads from entering their
network.

~~~
theDoug
Please explain how, since it’s easy.

~~~
webmaven
I'll take a crack at an explanation:

Google has machine learning technology that automatically reads street address
numbers on houses, regardless of angle, color, size, focus, or typeface.

Using the same type of algorithm to answer "does this ad have anything that
looks like a button in it?" is relatively simple by at least two orders of
magnitude.

So rather than it being "easy" in some absolute sense, what's meant here is
that it is easy compared to similar tasks that we already know Google does
routinely and has largely automated.

~~~
yuriks
Lots of things have button and aren't maliciously masquerading as download
links. Furthermore, if they start doing that then ad producers will start
changing their ad images to evade the algorithm. It's much harder to use ML
for a problem when you have a malicious opponent actively working against it.

~~~
SmellyGeekBoy
It should be as simple as:

\- Is this a download page?

\- Does this ad contain a button-like image with the word "Download" on it?

Presumably the people creating these ads are specifically targeting pages with
the word "download" in to create this confusion, it doesn't seem like rocket
science for Google to apply the exact same rules.

------
mrsaint
To be fair, this is not just Paint.NET. I am a Adsense publishers and I had
the chance to talk to "optimizers" from the Adsense team from time to time,
and I told them how much I loath those "Download" ads... unfortunately, up to
today, things haven't improved, and there is little an Adsense publisher could
do, because you can ban those ads in your Adsense panel, but usually they just
show up a few days later under a different account.

------
scarface74
And as unpopular as the idea is with geeks, I think this illustrates the need
for a "walled gardened" for the majority of users where each app is
sandboxxed. Something like this couldn't happen on iOS, ChromeOS or Windows
10s.

Most non developers would be served perfectly fine with a locked down OS.

~~~
twhb
What it illustrates the need for is understanding why you're receiving things
(which is a pretty vital outside of software, too). If you pay for your
product then you won't see phishing on the download page. If it's a
subscription fee, then they're going to make it difficult to abandon or switch
away from. And if it's "free", then who knows what's going on - maybe the
product will wantonly encourage spending money (advertising), or manipulate
you towards a paid service. Or maybe the secret motives are innocuous, like
the dev's resume or (very rarely) the common good, but you need to
_understand_ that before you know what's coming.

~~~
scarface74
Look at all of the open source software that is there for the common good, but
is still hijacked with crapware by places like SourceForge and Download.com.

You can even search for Windows drivers and instead of getting drivers from
the manufacturer, you end up with malware from a third party site.

~~~
twhb
.. and that's the profit model of sourceforge etc. You need to consider all
parties involved, of course.

~~~
scarface74
And you expect everyone to know this? Sourceforge caught a lot of tech savvy
people by surprise when they first started doing this.

What do most non devs gain by an "open system" that a well functioning App
Store that forces apps to be sandboxed where the user has to grant permissions
individually to apps?

------
ocdtrekkie
This is one of the examples of why I consider Google a malware distributor.
This sort of stuff just continues undealt with.

Companies should be held responsible for the ads they distribute, it's the
only way to make them care enough to vet the ads they push.

------
yuriks
You can report these bad ads by clicking the small X in the corner. Please do
that if you ever see any of those, and they'll be replaced by other kinds of
ads (and hopefully over time they'll get enough reports to be removed.)

~~~
mynewtb
The better solution is installing a capable adblocker.

~~~
julianz
That works for me, but then leads to me telling a friend/relative to get the
software and them managing to screw up their machines by doing what they think
I told them to do.

------
brodie78382
Just curious, why single out Paint.NET exclusively? These types of ads have a
long history all over the Internet, even on more popular sites than this -
isn't this more of a Google issue than an individual website operator?

------
mkup
Interesting, I've visited this website multiple times before and didn't know
about this problem until today. Ad blocker browser add-on seems to be doing
its job really well.

------
coding123
I think this was the exact same downfall as SourceForge. It's great we don't
live in the SoftPedia/SourceForge days anymore (or maybe it's just me, I'm on
a Mac now).

------
emmelaich
The Bing search engine is about as bad.

A close friend used IE to get Google Chrome. They clicked the first result and
luckily I was able to stop them before starting the install on some crapware.

So I asked them to be careful to ensure the download site is correct and left
them to it.

I came back to find they had downloaded some other crapware.

I checked the search results. The ENTIRE first one and a half page of results
were advertisements for versions of crapware which may or may not have been
Chromium or Chrome lookalikes with lots of malware.

------
dgudkov
I hope the author of Paint.NET will see this submission and removes the ads.
I'm a big fan Paint.NET and made a donation. But this practice is just shady
and makes no honor to the author of otherwise great application.

~~~
wernsey
Yes, I'm also very fond of Paint.Net, so it irks me to see this kind of
article

------
CM30
So why do they allow banner ads to look like download buttons anyway? I mean,
there's no real reason you should be able to pass an ad off as a download
link, so wouldn't the obvious answer just be to ban ads that look like that?

Heck, you could probably even automate that process with Google's technology.
If OCR technology can identify captchas, it can probably identify button
shapes in images or text that looks like program information.

------
wernsey
If it is about the money for Google, can't they at least put a warning over
the ad that says "Are you really sure you want to download [Some Malware]?" if
you hover/click on the ad.

Nevermind, the right thing to do would be to ban these kinds of ads outright,
but we can't count on them to do that now, can we?

------
tehwebguy
Wow, those ads convert well enough to be worth the clicks? Must be even
shadier on the other side of the click.

------
Grue3
I always recommend against Paint.NET _precisely_ because of its adware-ridden
website. There are enough free, open-source alternatives that you don't really
need it. Hell, even IrfanView can do little image edits if you need something
really damn quick.

------
throwaway16801
How about users, and especially corporate users, actually start paying for
Paint.NET and other pieces of software they rely on so the developers don't
have to resort to Ad Sense or e-begging to fund further development?

------
angry-hacker
And nothing has changed in 2017 from both sides, the ads are still there and
show spyware download links.

I guess Google is too busy dealing with "fake news" and paint.net can't give
up that sweet ad money.

------
Itaxpica
This article is from 2013. Google has banned these types of ads from its
network (and started blocking sites that serve them) since then, as was
discussed on HN at the time:
[https://news.ycombinator.com/item?id=11032270](https://news.ycombinator.com/item?id=11032270)

~~~
kencausey
[https://news.ycombinator.com/item?id=14336972](https://news.ycombinator.com/item?id=14336972)

And I just checked myself and confirmed the continuing existence of very
similar ads.

------
tysonstewart
I don't think 2013 article is still relevant today.

~~~
anon1385
It's still relevant. I took this screenshot a few seconds ago:
[https://i.imgur.com/6LoQ3TW.png](https://i.imgur.com/6LoQ3TW.png)

~~~
tysonstewart
Today I visited the site again and now it started to show me the same download
ads.

So it is still relevant. But how these ads are able to pass through AdWords
review.

------
wcummings
Sounds like a personal problem to me...

This is a little shady, but all the units are clearly labeled as ads. I have a
hard time getting as worked up over this as the author does. Paint.NET is a
free product, what do you expect?

~~~
threeseed
You could've at least visited the website. They are NOT clearly labeled as
ads.

[https://www.getpaint.net/index.html](https://www.getpaint.net/index.html)

~~~
webmaven
wcummings might mean the tiny grey-and-blue icons in the top right of each
unit.

If so, I disagree. Those icons are not visible enough, and are hard for many
users to click without accidentally clicking the ad instead.

~~~
wcummings
At least one of them in the screenshots says "advertisement by", in addition
to the tracking opt out icon. But yes that is what I was referring to.

------
Kenji
This is trivially solved with an ad blocker. Frankly, I do not see the
problem. Why should you rely on Google/Paint.NET/state legislation when the
solution is literally a few button clicks away on both chrome and firefox? All
browsers should come with ad blockers by default. Hell, the OS should come
with blocking hosts.txt. That would make the digital world a whole lot safer.
And before you say the internet will die, I'd be more than willing to pay a
subscription fee for stuff like youtube and twitch.tv. Or there could still be
ads like here on hackernews, relevant and embedded in the site.

~~~
GordonS
As much as I agree that the problem is solved for those who know about ad
blockers, many people (e.g. non-hacker news types!) do not know about them. In
any case, whether users can solve this by installing an ad blocker is beside
the point - this is really shitty behaviour that I wouldn't have expected
Google to allow, or for Paint.NET to allow on their site.

~~~
ocdtrekkie
I think a lot of the reason Google has been allowed to get away with this is
because of ad blockers... the people in a position to most loudly condemn the
practice and push for change... aren't using the same Internet as the rest of
us, they don't see the problem.

