Hacker News new | past | comments | ask | show | jobs | submit login
Google pays $18 million to shutter Apture, CloudFlare clones it in 12 hours (thenextweb.com)
118 points by jgrahamc on Dec 19, 2011 | hide | past | web | favorite | 75 comments

Apture provided a horrible mechanism that breaks browsers and violates common "web ui standards" and created gross privacy leaks. At one point, as implemented on the NYTimes site, I showed that every single time a user selected a portion of the text at an NYTimes, apture enabled post, the contents of the selection were sent to apture servers.

I was more than happy to see them go.

It's a shame that CloudFlare promises to bring them back, I am hopeful they will do this in a manner that is not so outrageous or harsh on the user.

Hi, I'm one of the engineers working on the Apture replacement (Highlight). Care to be more specific about the biggest gripes you had with Apture's original implementation? As far as the general UI and UX is concerned, I'm not sure what we would really change, but generally I'd be happy to do what I can to ensure that bad practices aren't carried over (especially those related to user privacy).

Obviously I didn't like the the poor implementation that sent any and all of my selections off to their servers.

I really dislike what it does to mouse input.

If I select something, it's mostly because I want to copy and paste it. I am very good about crediting where I collect my copy and paste segments from, I didn't need apture to put in references to the original article in every single one of my cut and paste buffers.

Sometimes I select so I can search. I want to conduct the search with my favored search engine. I don't want Apture conducting the search (poorly) with the intent of keeping me at the original site.

And sometimes I click or even select in a window just to leave a visual indicator of where I am so that when I scroll or drag a window around, I can find my place easier. I don't want apture windows popping up whenever I click or select anything. To quote the Simpson's the Internets do not work that way.

And there was no way to opt out of it short of using noscript or adblock or other technologies to strip it away.

So: don't invade my privacy, don't insert text into my cut and paste buffers, don't steal my search abilities, don't steal my mouse clicks, don't pop up windows, don't break my browser.

Apart from that, it was a real winner service for the websites, and not for their visitors

> Don't invade my privacy

To varying extents, saying you don't do this is really hard for any third party application integrated into a website. Unfortunately, we can't pull up contextual search results about a text selection without consulting a third party service like Bing or Duck Duck Go, so I doubt that we'll be able to do much better than offering an "opt out" feature in our UI.

> Don't insert text into my cut and paste buffers

We don't currently do this, but if our users ask for it, there is a good chance we will add it. Since it does sound like a frustrating thing, we can push to make it an "opt in" feature on the site owner's side, as opposed to the default behavior. At least that way, it'll only happen when the site owner really wants it to.

> Don't steal my search abilities

I don't believe we currently inhibit your ability to search with your engine of choice. If you find that we do, please let me know!

> Don't steal my mouse clicks

We don't "steal" your mouse clicks (though we do listen to them ;), and we do try to make sure the window only pops up when you have selected text. This experience will hopefully improve over time. Unfortunately, not doing this prevents the app from working in the first place (unless you have a better way to implement it)

> Don't pop up windows

Again, not doing this makes it difficult to have the app in the first place. I know its not for everyone, but a lot of our users really enjoy this functionality.

> Don't break my browser

That's something I can definitely do. Please let me know if you notice us breaking your browser in any way :) us not breaking your browser is one of my highest concerns.

What you've all just witnessed is power talk masquerading as service talk.

What cdata has actually said is, "Sorry, you're not our customer. The websites that use us are our customers. Your feedback isn't really wanted. Fuck off."

The "fuck off" meta-message is aimed at the rest of us as much as it is aimed at jerrya. It emphasizes two things. One, cdata is going to pursue a strategy of nitpickery, mockery, and isolation to dis-empower dissatisfied victims of his company's software, under the guise of smoothing ruffled feathers. The strategy is containment, not satisfaction. Think of what satisfaction would have looked like, then compare it to cdata's post. Two, it emphasizes that we can participate in the game of isolating jerrya, and doing so will shield us from his treatment, as well as the harsh treatment of any who join in. Additionally, as soon as the first toady chimes in, the apparent perception of an emergent group dynamic aimed at belittling jerrya, bolstering the perceived value in siding with the group or staying away altogether.

Now, I am using the same tactics, I assure you. The difference is that I believe that you can see that I have a good warrant for using it, namely that it is precisely the surreptitious use of the tactic that must be discouraged.

Don't let cdata get away with it. It's not polite and it harms the process by which we can provide feedback about our distaste to people who want to wreck the Internet for personal gain.

I agree with some of what you say, although the argument might be more effective in less drastic language.

My reading of cdata's note boils down to this:

  * We will collect your data if there's a buck to be made
  * We will continue to muck up your copy+paste buffers
    with URLs/attribution/info if our subscribers want that 
    to happen
  * We will monitor your mouse clicks
  * There will be popups
  * I'm trying to be affable ;) ;) ;)
  * Your browser will still work fine for certain 
    definitions of "fine" ;) ;) ;)

i.e just about the same analysis as mkn's, only less confrontationally phrased.

Well, I don't think cdata's response sets the stage for other, well-informed HN readers to distance themselves from jerrya's position. cdata is not speaking from a position of significant power or influence--actually I think cdata's hands are tied somewhat in terms of tactics, acting as a quasi-official company spokesman. IMHO this area is the most adventurous of mkn's remarks.

It's not just about confrontation. mkn's "analysis" is built upon a ton of extraordinarily negative assumptions about intention that don't appear to have any real justification at all. More importantly, it's not a very constructive post - I find it quite disruptive. It doesn't focus on the problem or potential solutions.

What's so difficult about saying "My concerns are X, Y and Z. Your proposal does not address X and Y because ...."? If cdata doesn't address such a specific statement THEN maybe mkn can resort to questioning intention, but UNTIL then mkn is just derailing the conversation.

Very interesting analysis. The dark arts are dangerous! If I were cdata, I would have just said "If you don't like it, use noscript." I've been using noscript (and adblock plus) on Firefox for quite some time now, and every time I give the internet a chance and browse without it I'm always disappointed. If having annoying sites wrecks the internet, I consider it already wrecked.

I think the privacy issues have been understated. My first thought was to wave it off as "they're not seeing anything that's not public text anyway", since I was placing it in the context of reading a NYT article or something. But what if a web admin adds this plugin to a site on areas that aren't public? Two (probably unlikely, but I don't have much data) scenarios that came to my mind were: A viewer highlights their bank account number, oh look, CloudFlare has that now (and if it's context-aware can piece together what the number means). A site offers a random password generator, user highlights it to copy/paste it--oops.

Here's hoping that if Linux's Chromium gets this 'feature' baked in, it's opt-in only.

Services like Apture actually make the web stronger by exposing it's cracks.

A few years from now web browsers will have protected Copy/Paste. That will be a good thing but you wouldn't have gotten there without services that used scripts to hijack Copy/Paste in the first place.

And that protected copy/paste might have a metadata field that captures Apture-esque info on the client side while you do normal Copy/Paste and I can imagine a very useful Paste+ shortcut that spits out the clipboard contents in a link to the source.

I would love an extension that would do something like that. I clip some text and the first paste is the text, and the next paste is the link. Or the paste is a properly formatted html link, or properly formatted wiki link.

I would load that in a heartbeat.

I think this is the nastiest thing I've ever read by someone who wasn't obviously trolling. If your goal was to make people pick sides, mission accomplished.

If it was up to HN users, no website would have advertising on it.

HN users are very far removed from normal users. HN feedback is interesting, but it's not as useful as feedback from normal people.

Are we reading the same thing? What the...just wow.

"we can provide feedback about our distaste to people who want to wreck the Internet for personal gain." Pot calling the kettle black much? This would be me providing feedback then.

Wait, what the... I don't even understand what you're saying here. How is he the pot at all here?

I know its not for everyone, but a lot of our users really enjoy this functionality.

I think you made a typo there, you surely meant to write: "a lot of our advertisers enjoy this functionality".


Because, as you are most certainly aware, nobody "enjoys" these keyword/selection-popup scams.

You are free to taint your name for the sake of scamming some clicks out of the computer illiterates (those with the AOL-toolbars). But please at least spare us the hypocrisy here; it's plain old intrusive advertising of the worst kind, and you know that.

Some people like the Google toolbar. I don't use it personally (nor would I ever choose to), but that doesn't mean it doesn't hold value for other people.

That said, two facts for you:

1) We don't gain any kind of advertising revenue from this app, nor do we serve adds through this app on behalf of third parties. This app is specifically intended to be a value-add for our users.

2) Apture really is one of our most popular third party apps, and apps are entirely opt-in. You'll see that through your own lens, of course, but through ours it means that, when Apture shuts down, our users will lose one of the features that they enjoy using through our service.

> Some people like the Google toolbar. I don't use it personally (nor would I ever choose to), but that doesn't mean it doesn't hold value for other people.

So, if you don't like the Google toolbar, you simply don't install it in your browser.

With Apture, you don't get to choose. If you like it, it's only available on some websites. If you don't, you have to go through some adblock or privacy block rigamarole to prevent it (and other clones, like yours) from interfering with your ability to select text on the web.

It is a prime candidate for functionality that should be provided by the browser, not the website. Sure, it can be nice to do a mockup in JavaScript to demonstrate and experimenting with the functionality without patching your browser. But it shouldn't be something that random webmasters are enabling on a whim, because they think that their users just might like it. That's akin to bundling Google Toolbar with some random software that someone's downloading, just because you think that they might like it.

Just so we're clear, by users, you don't mean actual people sitting in front of web browsers, you mean CloudFlare Customers. In general, people using web browsers despise the Apture services - particularly when they can't be overridden, or if they are poorly done (The stupid popups interfering with web browsing behavior - particularly on small mobile screens).

Just because it's popular, doesn't mean you should be doing it. On the flip side, if you do it in an _elegant_ manner that allows the individual using their web browser to regain control over this behavior - win-win all around.

Yes, you are correct. Our users are the site owners, and their users are the ones who encounter Apture and similar "apps" in the wild. This is why, as I've said in other replies, the suggestion that we provide an easy opt-in / opt-out mechanism is well taken.

I _want_ to make this something that is elegant and useful, not just from the average internet-goers perspective, but also from the perspective of my peers and colleagues (and luckily, I'm in a good position to do so). I'm glad that some of the readers here have been willing to offer constructive and valuable suggestions about how I can do that :)

Users don't want it. The only valid constructive criticism I think you can take away from this exchange is "don't do it."

What you guys are doing would be the equivalent of Geocities offering a one-click-install animated rainbow GIF background for websites... Just because lots of the Geocities customers would have chosen to install such a 'product' doesn't make it a good idea for the users down the line ;)

Of course it's not your place to determine how your customers interact with their users, which is the point most people in this thread seem to be missing. This is good marketing for CloudFlare, plain and simple; if the users of your customer's site don't like it they can complain and/or stop using the site.

>> Apture really is one of our most popular third party apps

Site operators are not always the best group to determine what makes an overall good browsing experience. In this case, I agree with the other posters that the service changes the nature of a browsing experience in a way that is unwelcome.

I remember when blink and marquee tags were popular among site owners.

One of my clients still has a marquee (with jquery upgrades) and I installed it on their site for them. Does that make me evil?

If cdata's customers site visitors don't come back then this will feed back through the chain - cdata is making the tool not using it; blaming gun makers for murder, etc., etc..

I do. I'm a huge fan, actually.

"> Don't invade my privacy

To varying extents, saying you don't do this is really hard for any third party application integrated into a website. Unfortunately, we can't pull up contextual search results about a text selection without consulting a third party service like Bing or Duck Duck Go, so I doubt that we'll be able to do much better than offering an "opt out" feature in our UI."

Well, this was specifically something apture did that was broken. In their implementation, they captured every text selection regardless of whether I wanted to just cut and paste it, or have it be searched for, or was just absently clicking and thinking. Presumably, you only have to pull contextualize it, if I have asked for that behavior, and even so, it should be possible to do most/all of that in my browser, and never at your servers.

Thank you for clarifying what you meant by this. As it turns out, we actually changed the behavior at the last minute to do a search query every time text is selected (which is what I believe you are saying is bad about Apture). We made this change because we figured it would be a better experience for users if the larger window were populated with search results as soon as it expanded.

However, now that you've framed it from a privacy perspective, it is obvious to me how this can feel really invasive. The intent to search should activate the query. Thanks for the constructive suggestion!

> (unless you have a better way to implement it)

Actually I do. Here are a couple of ideas.

The problem is that the application gets in the way of the normal user interaction with the browser. However, there are ways you can provide the service you want without breaking UI expectations:

* Display an icon next to the selected text that opens any desired popup instead of opening it by default

* Check out the HTML5 context menus (currently works in Firefox) https://bug617528.bugzilla.mozilla.org/attachment.cgi?id=554... for adding you own search options or a "copy with attribution" action without hijacking the context menu

In addition to all that you could definitely provide an opt-out mechanism for users from your website, identifying them with a cookie or IP.

Thanks, this is a really cool suggestion. Until now, I was totally unaware of the HTML5 context menu. Also, I really like the idea of using an icon that tries to flow well with the body of the text instead of obtrusively covering it up.

And once again, some kind of opt-in and opt-on setting for our users to choose for their sites is definitely something I want to experiment with integrating.

I think the point is that your product by definition breaks the browser by interrupting the users workflow. You product adds no benefit to the user of the website, and most people don't like it. If you made it opt in, those who enjoy what you're doing will be happy and you won't break the web for the rest of us.

We (CloudFlare) are in a pretty nice position, in that we can present a simple UI to our users (site owners) that allows them to fully configure the apps we serve without requiring them to touch any code. Giving site owners the option to present site visitors with a UI where they can opt-in sounds like a really novel and practical idea, and one I would personally like to experiment with implementing. Thanks for the suggestion!

>> Don't invade my privacy

> so I doubt that we'll be able to do much better than offering an "opt out" feature in our UI.

How about you dont send my every selection to your service UNTIL and UNLESS I do an additional click to ask for contextual information. I really really don't like to not being able to select a frigging text w/o it being sent to seme server.

>> Don't insert text into my cut and paste buffers

> We don't currently do this, but if our users ask for it, there is a good chance we will add it ...

As others just said it can be "translated" as "fuck off, we can make a buck here and we don't care it annoys the hell out of you"

>> Don't pop up windows

> Again, not doing this makes it difficult to have the app in the first place

How about making it much less intrusive. light up some widget in the sidebar or top window corner. not right there where I just clicked obscuring the text under it which I might just be reading.

Personally I hate the whole implementation. I've never found anything in those annoying boxes of any use at all. I just don't want a box popping up when I mouse over links. Its just a bad idea. Could you implement a 'permanently disable this feature' option ?

Without knowing anything about Apture's implementation, I'm reasonably certain you could block it with NoScript. For highlight, just wait until it comes up then block "highlight.cloudflare.com" (or whatever). While I don't like NoScript's default behavior, it's a godsend if you allow all globally and just blacklist domains you dislike.

That's a good idea. It's difficult to communicate the purpose of a "permanently opt out of this feature" button from the little widget that pops up, but it's definitely something we could integrate into the main window that expands. Would that be a satisfactory experience for you?

Feel welcome to suggest alternative UI ideas for adding a feature like that, if you have any.

I do like redthroway's suggestion of putting it on it's own subdomain. That makes it easy for noscript or adblock to get rid of that and only that and leave actually useful scripts and content served.

It seems like an easy way to disable it outright and permanently is a feature people would like to have. While noscript (and similar tools) would certainly solve this on a per-visitor basis, if we (CloudFlare) could provide a novel way to present an opt-out in the UI we could then report to our users how many of their visitors ultimately disabled the feature completely. This is just me musing about the possibilities, but overall that seems like it would be more constructive than our users thinking "Oh awesome, another one of those Apture things!" while their users silently grumble and block scripts..

Certainly providing a global opt-out would help your stance in that you care about the end-users, and not just the advertisers using the service. There are probably also ways to figure out how many people opt-out using no-script also.

The notion that they would be willing to take any action to encourage NoScript is wishful thinking to say the least. Its a shame too, but it flies in the face of every aspect of their business model.

For what it's worth, I personally encourage the usage of NoScript, and other similar tools, to my friends and family.

That said, what I'm trying to propose is that the UI for the app could allow site visitors to communicate a dissatisfaction with the app to the site owner, as that seems to me to allow for constructive feedback not possible when scripts are simply blocked outright.

Yeah this is something you can easily get by highlighting text, right clicking and clicking search Google when you really want to know something. Any other time it's going to be more of a hinderance than a help.

Although in saying that I don't mind the ebook highlight a word and get a definition as usually with an ebook you don't want to break the flow and venture back out onto the net, whereas while browsing the net this is perfectly normal.

That's a very good point on both counts. In some ways this duplicates existing functionality (although in our case, it is mostly a side effect of trying to provide our users with the same features they would be losing when Apture is shut down).

As you said, though, there is value in providing contextual information about a topic without breaking the flow of the page. If we could turn Highlight into a tool that captures that value really well, I think the effort would be worth our while.

Install the Ghostery addon.

If I may also contribute, I find this type of activity to be a major inconvenience, and often times infuriating. Here are three examples:

Clipboard hijacking: Remember Tynt? They hijacked your clipboard to say "Read more at <link>" or some nonsense. That is not what I copied, and you are breaking my expectations by modifying it. Gruber has a much better post on this (http://daringfireball.net/2010/05/tynt_copy_paste_jerks), but essentially: knock it off. Don't try and manipulate your reader.

Information panels: If I doubleclick a word, it's because I'm marking my place in an article, or I intend to copy and paste that word. To offer any sort of popup or panel gets in my way, and causes me annoyance. This is not the expected behavior, and I'm far less likely to continue reading the article or website if this happens.

Tracking: I don't know how bad yours is, but with Apture it was just one more company tracking me. There's already Google +1, Facebook like buttons, and Analytics on every page - and this is just one more thing to slow down my page and turn my data usage into statistics. I don't like it. I can enable Noscript, but I shouldn't have to.

You may say that these are features that your users (Cloudflare customers) want, but I'm sorry - they're morons. I deal with clients who would eat these kinds of features up, "they'll set us apart from other websites!". No. It only hurts the end users, and does not provide useful features.

And it really concerns me that Google bought Apture, I often use Chrome and do not want to see this integrated at any level. I can see marketers and managers eating this stuff up, but it surprises me that the engineers at Google are interested.

I highlight text while I'm reading it on a regular basis, almost never to copy paste it or do anything else, it just helps me keep track of where I am in the article. I pretty much never want highlighting to have any action except highlighting. Even if it didn't, it's breaking consistent behavior because highlighting on page X suddenly has completely different behavior than on page Y.

There should at least be a cookie that can optionally disable the service that can be set when it opens up. Would be pretty easy to implement and it would at least allow an out for people who think the experience is awful.

Making the box appear in a static location might make it less irritating.

That's definitely an option we can consider giving our users. It wouldn't be the first time we've supported a feature like that. Thanks for the idea!

Apture had great distribution thanks to a very simple pitch to publishers:

"When somebody is reading an article and wants more info on a word / topic you lose them to Google - with Apture keep them on your site!"

As a result they received huge support from major destination sites like NYT, Time Magazine, etc.

Funny that Google wound up buying them and negating the major value they delivered to publishers.

I wonder if they do a rev-share on the advertising it generates when it becomes a Chrome feature, probably not.

This article was so jam-packed full of meaningless drivel that I think I'm going to be sick. Why does every argument have to be framed as noble startup versus evil corporation, when all you did was write twenty lines of Javascript? If I issued a press release every time I wrote a simple computer program, I'd have my own Library of Congress by now.

(I clicked through to another article on that site raving about CloudFlare saving the Internet. Apparently by providing managed Apache hosting, they are un-breaking the broken Internet. Wow, amazing! Next week on The Tech Wankosphere and Hacker News: "jrock.us CEO runs apt-get upgrade; picks up a few bugfixes". That's right folks, I'm saving the Internet!)

You are saving the Internet, one patched bug at a time.

No, really.

I'm a former Apture developer/current Google employee (but I don't necessarily speak for either one). It's worth noting that Apture won't actually be shuttered until likely sometime in January (probably around the 10th). We had originally planned on Dec 20th, but we weren't confident that we had gotten the word out to everyone who uses our product (most notably people who use our plugin).

As someone considering CloudFlare's SSL and CDN services, this worries me.

The bottom line is that this misfeature is an annoyance for 99.9% of internet users. Of those, maybe 1% understand how to get rid of it - probably by installing browser plugins that block the origin servers to some degree. I have no intention to use this (obnoxious) feature... so if there's any risk that part of my customer base will receive a degraded experience on my website, this is a compelling reason to use a competitor.

It'll be opt-in. I have no idea how this would degrade your customer's experience in any way.

The internet has a way of "fixing" what it interprets as damage. For example, if I'm in a pool of shared IP addresses that gets used by spammers, I might find my legitimate outgoing emails blocked as spam.

Likewise, if end-users find that cloudflare provides irritating features on websites, they may very well develop browser plugins that block cloudflare services - even the 'good' services (deliberately or not). Maybe this is far fetched, but the bottom line is that anytime you associate yourself with unsavory activities, you risk getting hit by the blowback - even if you don't "opt-in" yourself.

Taking the long-term view, this cannot possibly be good for CDN customers who don't want to annoy their users.

90% in 20 hours - amazing! Maybe someone good at math can eatimate how many months it will take them to do the other 10%...

They'll probably get 90% of the remaining done pretty quickly.

and Zeno can handle the rest.

According to the ninety-ninety rule, about 20 more hours. :-)


I would but the proof is rather long for a HN comment, simplistically the limit goes to infinity.

Likely google thought they would make up the expense in increased adsense revenues from the publishers that use Apture post shut-down, but 12 hours is a terribly short window for a shut-down to be effective.

I wonder how often they'll be able to buy the 'next Apture' until they figure out that they're going to have to live with it, after all if it only takes 12 hours to clone then this seems like a winning business model with a guaranteed exit.

I think they didn't so much shut it down because they wanted it to die--they probably shut it down because they didn't want to support it and moved the team over to working on the Chrome feature alluded to in the article.

Perhaps there is an IPR issue here too? C&D just around the corner?

I love CloudFlare and their story.

IMO they are one of two (or three) recent startups that I consider to be genuine, and have a real product/service that adds actual value. The rest not so much ... just fluff and social.

CloudFlare engineer here. Just wanted to say thanks for the positive assessment :) having so many awesome users keeps us feeling really positive about the stuff we do.

Are you a user (site-owner) or a browser (a user of the site)?

Not relevant to the story completely: What does it mean that Google is rolling this into Chrome? Does it mean that now Chrome will by default pop up with tons of annoying bubbles whenever I highlight text?

I'm guessing it will be integrated in a similar way as Search and Translate are.

Apture was incredibly obnoxious. Moreso then when you copy from sfgate or the new york times and they add extra text and adds into your copied text.

I don't know what people feel like, but I really miss Apture being gone. For some of you, it might have been an annoyance, but for me, it is simply an amazing service. Apture's capabilities (which go beyond mere search) have helped me explorer so many topics right from within the site. For the college student who doesn't understand all the keywords of the text, Apture was a blessing.

I really hope, the guys will integrate it in Google at least half as good

really, people downvote me because I find a web service helpful?

It is worth mentioning that Apture was an annoying product and I for one am glad that they "shuttered" it. As for the acquisition it was probably for talent or IP or both.

> it was probably for talent or IP or both.

Or for anti-competitive reasons.

How so? seeing as whatever Apture did can be replicated in < 24hr.

Apture was interfering with people searching for the terms on Google.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact