444
submitted 1 year ago* (last edited 1 year ago) by tavu@sopuli.xyz to c/privacy@lemmy.ml

@Joe_0237@fosstodon.org wrote:

Today I found out that google docs infects html exports with spyware, no scripts, but links in your document are replaced with invisible google tracking redirects. I was using their software because a friend wanted me to work with him on a google doc, he is a pretty big fan of their software, but we were both somehow absolutely shocked that they would go that far.

top 50 comments
sorted by: hot top controversial new old
[-] NocturnalMorning@lemmy.world 115 points 1 year ago

Google also replaces your Google searches with different searches behind the scenes to things they can make money off kf. Found that out the other day, and switched to duckduckgo instead. Google has become a Spyware nightmare.

[-] Heresy_generator@kbin.social 106 points 1 year ago* (last edited 1 year ago)

If anyone isn't familiar with this here's the Wired article

Here’s how it works. Say you search for “children’s clothing.” Google converts it, without your knowledge, to a search for “NIKOLAI-brand kidswear,” making a behind-the-scenes substitution of your actual query with a different query that just happens to generate more money for the company, and will generate results you weren’t searching for at all. It’s not possible for you to opt out of the substitution. If you don’t get the results you want, and you try to refine your query, you are wasting your time. This is a twisted shopping mall you can’t escape.

Why would Google want to do this? First, the generated results to the latter query are more likely to be shopping-oriented, triggering your subsequent behavior much like the candy display at a grocery store’s checkout. Second, that latter query will automatically generate the keyword ads placed on the search engine results page by stores like TJ Maxx, which pay Google every time you click on them. In short, it's a guaranteed way to line Google’s pockets.

It’s also a guaranteed way to harm everyone except Google. This system reduces search engine quality for users and drives up advertiser expenses. Google can get away with it because these manipulations are imperceptible to the user and advertiser, and the company has effectively captured more than 90 percent market share.

It’s unclear how often, or for how long, Google has been doing this, but the machination is clever and ambitious. I have spent decades looking for examples of Google putting its enormous thumb on the scale to censor or amplify certain results, and it hadn’t even occurred to me that Google just flat out deletes queries and replaces them with ones that monetize better.

[-] NocturnalMorning@lemmy.world 42 points 1 year ago

I figured this out when I searched for my gaming web page on itch.io, and it wouldn't come up. But then I went to duckduckgo and did the search, and every game I've made was in the search result. Pretty scummy if you ask me. Needless to say I changed all my browsers to duckduckgo instead of google.

[-] CrypticCoffee@lemm.ee 20 points 1 year ago

By browsers do you mean search engines in the browsers? I use DDG for search. Firefox is king, browsers wise.

[-] NocturnalMorning@lemmy.world 10 points 1 year ago

Yes, I meant search engine. I also use Firefox as well :)

load more comments (4 replies)
[-] somePotato@sh.itjust.works 16 points 1 year ago

Everytime I try to google anything that might be remotely related to a product every result will be a store.

I'd never have assumed that they just replaced my query but in hindsight it's kinda obvious

[-] CherenkovBlue@iusearchlinux.fyi 10 points 1 year ago

Yeah I noticed they got very shopping oriented in the last year or so, but I didn't anticipate this. Yikes.

[-] Anticorp@lemmy.ml 16 points 1 year ago

Google can get away with it because these manipulations are imperceptible to the user

Dude, it's blatantly obvious to the user. Idk why they think they're being clever, but when I search for "Pioneer SC71 user manual" (a home theater amp), and all it shows me are cheap car stereos listings from Walmart and Amazon (with affiliate tracking of course), I know they're not showing me what I'm looking for. It's a worthless service for anything except products and heavily filtered news (they only show what aligns with their agenda). I went from totally loving Google, to not when using them anymore. They're a disease.

[-] WarmSoda@lemm.ee 14 points 1 year ago

That's clever as fuck. And ridiculous. And crazy evil.

[-] Anticorp@lemmy.ml 2 points 1 year ago
[-] WarmSoda@lemm.ee 3 points 1 year ago

Is that why no one figured out out until now?

[-] Anticorp@lemmy.ml 5 points 1 year ago

We've suspected they were ignoring our terms for years now, and had hard proof they were ignoring our search operators. There are hundreds of Reddit threads discussing it. But people noticing or not isn't what would make it clever. Some bullshit executive suggesting they serve whatever is most profitable doesn't seem clever to me, it seems greedy, hostile, and short sighted. What would be really clever is figuring out how to still give people what they're looking for, and still increase their income.

[-] Atemu@lemmy.ml 6 points 1 year ago

Wow, that's peak enshittification.

[-] fuzzzerd@programming.dev 3 points 1 year ago

Article removed because it doesn't meet their editorial standards.

[-] wild@lemmy.world 3 points 1 year ago

How did they uncover and confirm this?

[-] online@lemmy.ml 4 points 1 year ago

The information provided in the public hearings.

[-] Anticorp@lemmy.ml 15 points 1 year ago

That's really obvious based on how fucking terrible their results are now. Google was the most useful tool in the world for a long time. Now they're just a really rich spyware farm.

[-] guckfoogle@sh.itjust.works 88 points 1 year ago

Literally went from being my favorite company to just an unethical bag of poo for me. Hope whoever's forcing these engineers to create privacy invading spyware eats a bag of dicks.

[-] nik282000@lemmy.ca 16 points 1 year ago

Having 1gb of mail storage in 2004 was epic, having a 25gb profile in 2023 that I can never see is less so.

[-] Anticorp@lemmy.ml 3 points 1 year ago

Same, dude... same.

load more comments (1 replies)
[-] NabeGewell@lemmy.world 36 points 1 year ago

Id say this is a new low, but they might have gone even lower already

[-] LilDestructiveSheep@lemmy.world 18 points 1 year ago

Definitely gone lower.

[-] ubermeisters@lemmy.world 2 points 1 year ago

See also: the entire chrome browser clusterfuck

[-] _cnt0@unilem.org 34 points 1 year ago

They've been doing the same with all hyperlinks in the gmail web frontend. Not when you fetch the mails via imap/pop, though.

[-] p_consti@feddit.de 21 points 1 year ago

It's the same thing in emails, if you use the web application. All links are redirect links over their servers.

[-] Sotuanduso@lemm.ee 18 points 1 year ago

I was skeptical about this, but yeah, I tested it, and can confirm.

[-] mspencer712@programming.dev 12 points 1 year ago

Are there any beneficial side effects? If they discover a URL is malicious after it’s been exported, would this allow them to intercept the click and stop someone from reaching the malicious site?

[-] d0ntpan1c@lemmy.blahaj.zone 31 points 1 year ago

That's how Microsoft markets their "safe links" in Outlook, which is more or less the same behavior of wrapping all links with a redirect. Whether they actually do anything with that to save you from phishing attempts or whatever... who knows. Even if there is a safety feature, it's still an easy way to mine url query params for data or learn about the user for other purposes (which they may or may not be doing)

IMO if you can't turn it off, there's a secondary motive to the feature. Especially when the feature is marketed from a place of fear rather than aid.

[-] foksmash@lemm.ee 5 points 1 year ago

The MS security feature does work quite well (at least for Enterprise).

load more comments (2 replies)
load more comments (1 replies)
[-] library_napper 12 points 1 year ago

Google would argue that this is a security feature.

Many business intentionally do this in google hosted email. It allows google to display warmings about links to malicious websites

[-] Shaul@lemmy.ca 11 points 1 year ago

How are people surprised? How is this news?

The second you mentioned Google you're talking about an all-seeing totalitarian state. Nothing you said about imbedding tracking links in docs is surprised. As a corporation they are always developing new ways to pimp you out and make you turn tricks for Google without you knowing while they keep all of the pay from your actiities.

Google tries to turn every human on the planent into their personal money making whore.

[-] insomniac@sh.itjust.works 17 points 1 year ago

Of course it’s not at all surprising but it’s still particularly egregious and should be called out.

[-] ubermeisters@lemmy.world 16 points 1 year ago* (last edited 1 year ago)

you absolute fucking nincompoop! You've never fully fleshed out every single possible vector that Google could use to track and catalog you? Moron!!

-You, just now

nincompoop

Now there's a term I haven't heard in a hot minute haha

[-] FeelzGoodMan420@eviltoast.org 7 points 1 year ago

Can someone eli5 this please? What's going on here?

[-] Sotuanduso@lemm.ee 38 points 1 year ago

I have a Google Doc that's a statblock for an RPG. It has a link to the mage armor spell, which goes directly to https://www.d20pfsrd.com/magic/all-spells/m/mage-armor/.

I just downloaded that statblock as an html. Then I opened that html file. The statblock is there and it all looks pretty much the same.

But then I hover over the mage armor link and it instead goes to https://www.google.com/url?q=https://www.d20pfsrd.com/magic/all-spells/m/mage-armor/&sa=D&source=editors&ust=1696552528610887&usg=AOvVaw1Wgq9wmajthwTbYmk1EmHx.

This page immediately redirects to the proper destination in a fraction of a second. Blink and you'll miss it. However, it does allow Google to track that I clicked the link, and probably associate it back to me and/or the original document.

[-] FeelzGoodMan420@eviltoast.org 9 points 1 year ago* (last edited 1 year ago)

Thanks. Got it. Could a pihole potentially block this?

Edit: nvm then you just simply couldn't open the links.

[-] shrugal@lemm.ee 10 points 1 year ago

Afaik there are browser extensions that find and replace these kinds of tracking links with the original ones.

[-] FeelzGoodMan420@eviltoast.org 10 points 1 year ago

Oh, right. Like clearURL and certain ublock origin lists?

[-] Sotuanduso@lemm.ee 6 points 1 year ago

It's probably easy enough to write a script that will go through the generated HTML and just scrub out the Google.

[-] someguy3@lemmy.ca 4 points 1 year ago

So if there's only a few links, you could manually replace them?

[-] Sotuanduso@lemm.ee 7 points 1 year ago

Yes. You could probably also write a simple script that scrubs the Googles out.

[-] Joe_0237@fosstodon.org 2 points 1 year ago
load more comments (1 replies)
load more comments
view more: next ›
this post was submitted on 05 Oct 2023
444 points (99.1% liked)

Privacy

32165 readers
234 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS