Home Tags Bing

Tag: Bing

Windows 10 S forces you to use Edge and Bing

Windows 10 S won't let you change default Web browser or search provider.

CA Purchase of Veracode Doesn’t Signal DevOps Consolidation: Analyst

DAILY BRIEFING: CA's Veracode deal not a sign of DevOps consolidation, analyst argues; Microsoft Power BI template enables intelligent Bing news searches; Google announces new SAP partnership, expands cloud support options; and there's more.

Google and Microsoft agree to demote piracy search results in the...

Deal struck after lengthy spat between search engines and entertainment industry.

Microsoft’s AI APIs add content moderation, speech recognition

If you want your apps to understand what someone’s saying or know if your user-content rules are being broken, Microsoft has you covered.Microsoft is expanding its portfolio of Cognitive Services—in-the-cloud APIs that provide out-of-the-box versions of useful algorithms—to include two new services that go into general availability next month: the Content Moderator and Bing Speech APIs.[ Jump into Microsoft’s drag-and-drop machine learning studio: Get started with Azure Machine Learning. | The InfoWorld review roundup: AWS, Microsoft, Databricks, Google, HPE, and IBM machine learning in the cloud. ]Talk to me, and I shall hear Bing Speech converts audio into text and vice versa.
It’s also able to apply contextual understanding to that speech or text.

The Speech API’s demo page lets you try a limited sample of both text-to-speech and speech-to-text for yourself.To read this article in full or to leave a comment, please click here

Google mistakes the entire NHS for massive cyber-attacking botnet

Hospitals advised to use Bing instead Exclusive  Google is blocking access to the entire NHS network, mistaking the amount of traffic it is currently receiving as a cyber attack.…

Facebook already has a Muslim registry—and it should be deleted

Enlarge / A Hollerith machine used in the 1890 US Census. Hollerith's company later merged with three others to create the company that later became known as IBM, and similar machines were instrumental in organizing the Holocaust.Marcin Wichary reader comments 84 Share this story Since Donald Trump's election, many in the tech industry have been concerned about the way their skills—and the data collected by their employers—might be used. On a number of occasions, Trump has expressed the desire to perform mass deportations and end any and all Muslim immigration. He has also said that it would be "good management" to create a database of Muslims, and that there should be "a lot of systems" to track Muslims within the US. In the final days of his presidency, Barack Obama has scrapped the George W.

Bush-era regulations that created a registry of male Muslim foreigners entering the US—the registry itself was suspended in 2011—but given Trump's views, demands to create a domestic registry are still a possibility. As a result, some 2,600 tech workers (and counting) have pledged both not to participate in any such programs and to encourage their employers to minimize any sensitive data they collect.

The goal is to reduce the chance that such data might be used in harmful ways. The fear in the tech community is of being complicit in some great crime.

The neveragain.tech pledge reads, in part: We have educated ourselves on the history of threats like these, and on the roles that technology and technologists played in carrying them out. We see how IBM collaborated to digitize and streamline the Holocaust, contributing to the deaths of six million Jews and millions of others. We recall the internment of Japanese Americans during the Second World War. We recognize that mass deportations precipitated the very atrocity the word genocide was created to describe: the murder of 1.5 million Armenians in Turkey. We acknowledge that genocides are not merely a relic of the distant past—among others, Tutsi Rwandans and Bosnian Muslims have been victims in our lifetimes. Today we stand together to say: not on our watch, and never again. Their concerns are not unfounded.
IBM, in particular, has a dark history when it comes to assisting with genocides.

The company's punch card-based Hollerith machines were instrumental in enabling the Nazis to efficiently round up Jews, seize their assets, deport them to concentration camps, and then systematically slaughter them. After Trump's election, IBM CEO Ginni Rometty wrote the president-elect to congratulate him on his victory and offer IBM's services in support of his agenda. Oracle co-CEO Safra Catz has joined Trump's transition team, rank and file workers have been outspoken in their unwillingness to cooperate with programs that don't, in their view, respect the Constitution or human rights or which have disturbing historical precedent. Rometty's letter has provoked a petition from current and former IBM staff; Catz's role has resulted in at least one resignation. One company, however, stands head and shoulders above the rest when it comes to collecting personal data: Facebook.

Facebook's business is data collection in order to sell more effectively targeted advertisements. While massive data collection is not new or unique to Facebook—search engines such as Google and Microsoft's Bing have the same feature—Facebook is unusual in that it actively strives to make that information personally identifiable.

Facebook accounts tend to use our legal names, and Facebook relationships tend to reflect our real-life associations, giving the company's data a depth and breadth that Google or Microsoft can only dream about. Among the pieces of personal information that the site asks users for is religion.

As with most pieces of information that Facebook requests, this is of course optional.

But it's an option that many people fill in to ensure that our profiles better reflect who we are. This data collection means that Facebook already represents, among other things, a de facto—if partialMuslim registry.

Facebook has the data already; the company can provide a list of self-attested Muslims in the US simply by writing a query or two.

That data could be similarly queried for anyone who isn't straight. As such, government coercion of Facebook—or even a hack of the company—represents a particular threat to civil liberties.

Accordingly, Facebook should take a simple and straightforward protective step: delete that information. Remove the field from our profiles, and discard the historic saved data. Deleting the information will not make Facebook safe.
It will still be a treasure trove of relationships and associations, and an intelligence agency could make all manner of inferences from the data contained within. (Religion, for instance, is likely to be discernible from the content of posts and from images of holidays and religious gatherings, but this would be more difficult to do in bulk—though we know similar inferences are already made about race.) But it would mean that Facebook is no longer so trivially searchable, and it would mean that it ceases to be such a clear database of religious affiliation. Making a change like this should be trivial for Facebook. No doubt it would marginally reduce the company's ability to tailor advertisements to individual users—but it would serve as a clear statement against the threat such a database poses.

Microsoft Edge’s malware alerts can be faked, researcher says

Fiddle with a URL and you can pop up and tell users to do anything Technical support scammers have new bait with the discovery that Microsoft's Edge browser can be abused to display native and legitimate-looking warning messages. The flaws exist in Microsoft's Edge protocols ms-appx: and ms-appx-web: which the browser uses to present warning messages when phishing or malware delivery sites are located. When Edge detects suspected Malicious sites it colours them red with a feature called "SmartScreen." Buenos Aires security tester Manuel Caballero says scammers can create warnings that replace SmartScreen text and phone numbers indicating that a nominated site also displayed in the address bar is infected. "When we place a telephone-like number a link is automatically created so the user can call us with a single click - very convenient for these scammers," Caballero says. By altering URL characters and appending a hash and a URL of a legitimate-looking site, a technical support scam page can be forged that is much more convincing than the deluge of fake Android and blue screen of death pages common to torrent sites. window.open("ms-appx-web://microsoft.microsoftedge/assets/errorpages/BlockSite%2ehtm?"+ "BlockedDomain=facebook.com&Host=Technical Support Really Super Legit CALL NOW\:"+ "800-111-2222#http://www.facebook.com"); Caballero found some of the Edge assets could be loaded directly through the address bar, albeit with errors, such as ms-appx-web://microsoft.microsoftedge/assets/errorpages/PhishSiteEdge.htm, while others would fail and perform a Bing search on the URL instead. The Edge proof-of-concept. Those errors could be avoided by changing a single character in URL, and the displayed address changed to a legitimate site by appending a hash. ® Sponsored: Flash enters the mainstream.
Visit The Register's storage hub

F-Secure Internet Security (2017)

Just what ingredients go into a security suite? It used to be a pretty clear recipe: antivirus, firewall, antispam, parental control, and various condiments. These days, though, some vendors reward their users by pushing suite-level features down into...

Search engine results increasingly poisoned with malicious links

Almost six times as many web page threats found this year compared to 2013 Malware threats in search results are getting worse despite the best efforts of Google and other vendors. The number of infected results has been increasing year by year since 2013 despite the application of multiple tools and technologies designed to exclude dodgy links, according to a study by independent anti-virus testing outfit AV-TEST.org. The analysed websites originate in various proportions from the search engines of Google, Bing, Yandex and Faroo.

Additionally, over the past two years, more than 515 million Twitter updates were examined for malicious links. Last year AV-TEST.org examined 80 million websites, spotting 18,280 infected web pages.
In the year up to August the testing lab inspected a similar 81 million websites turning up a much higher 29,632 infected web pages.

Both results were recorded without enabling Google Safe Browsing. Both figures are a big increase on 2013 when AV-TEST encountered 5,060 malware threats after examining 40 million web pages. All of the pages with malware threats found by AV-TEST were visited using the Google Safe Browsing tools.

The results were less than impressive. In 2015 the 18,280 pages with malware threats threw up Google warnings in just 555 of cases.
In the year to August of 29,632 malware-tainted pages threw up 1,337 Google warnings. Links in tweets are infected at almost exactly the same rate of frequency as links filtered by Google.

Graphs illustrating AV-TEST.org’s results can be found here. Maik Morgenstern, chief technology officer at AV-TEST.org, explained that the dynamic content of the web means it sees different content from Google/Bing when accessing and scanning the site.

This factor, together with the appearance of malicious ads, on previously clean websites goes some way in explaining the discrepancy. "It could be the ads on the website that have been flagged as suspicious by us and that changes every time you access the site," Morgenstern explained. "Or the website is delivering different content randomly or it does so by checking the user agent or location of the user. "Also I do not know what the interval is that Google/Bing are scanning the sites for malware.

There will always be a certain timeframe where malicious content could be on the site without Google/Bing knowing it, even if they were able to detect it.
It is also possible that we flagged content as suspicious that is not considered suspicious by Google/Bing." Google is yet to respond to El Reg’s request for comment. Microsoft (Bing) declined to comment. ®

Lawyers file fake lawsuits to de-index online negative reviews, suit says

EnlargeUrich Baumgartgen via Getty Images reader comments 3 Share this story Two California lawyers are being accused of filing "sham lawsuits" in a wide-ranging conspiracy to get Google and other search engines to de-index negative reviews about their clients.

As the case (PDF) brought by a group called Consumer Opinion states: The other conspirators engaged attorneys Mark W. Lapham ("Lapham") and Owen T. Mascott (“Mascott”) to file sham lawsuits either by the subjects of the negative reviews or by corporations that had no interest in the allegedly defamatory statements, against a defendant who most certainly was not the party that published the allegedly defamatory statements, and the parties immediately stipulated to a judgment of injunctive relief, so the conspirators could provide the order to Google and other search engines, thus achieving the goal of deindexing all pages containing negative reviews. Consumer Opinion runs pissedconsumer.com, and the group says these lawyers essentially manipulated California's legal system by conducting a "rather brilliant but incredibly unethical" scheme to make negative reviews on the site essentially disappear from search results.

The suit asks a federal judge to "discipline them for those misdeeds." The suit notes a complex web of reputation companies and fake or "stooge" defendants working together.

According to the lawsuit, it works like this: the attorneys sue the "stooge" authors of negative reviews—allegedly defamatory reviews that are published on the pissedconsumer.com site.

But these lawsuit defendants didn't actually write the review, and the suits immediately settle.

The judgements are then used to get Yahoo, Google, and Bing to erase negative reviews from search results.

The suit alleges that a Florida attorney, the subject of some 59 negative reviews on pissedconsumer.com, was among the beneficiaries of the alleged scheme. The lawsuit points out six similarly worded defamation lawsuits lodged in Contra Costa County, just east of San Francisco.

The suits are filed, according to the lawsuit, because pissedconsumer.com won't remove the reviews from its website. "The scam is not all that complicated," Marc Randazza, Consumer Opinion's attorney, wrote in the lawsuit. Mascott did not immediately respond for comment.

The answering machine for Lapham was full, so Ars could not leave a message. This isn't the first time we've seen these type of allegedly fake lawsuits try to game search results, according to Paul Alan Levy of Public Citizen and Eugene Volokh of the Volokh Conspiracy. The duo has concluded there are at least 25 cases nationwide with what they call a "suspicious profile." "Of these 25-odd cases, 15 give the addresses of the defendants—but a private investigator hired by Professor Volokh (Giles Miller of Lynx Insights & Investigations) couldn’t find a single one of the ostensible defendants at the ostensible address," they wrote. Levy and Volokh pointed out that search engines, when presented with a court order, "can't really know if the injunction was issued against the actual author of the supposed defamation—or against a real person at all."

Symantec Norton Security Premium (2017)

You absolutely need antivirus protection for your Windows boxes—that's a given.

But a full-scale security suite does much more than just protect against the various types of malware.
Symantec Norton Security Premium contains virtually every security component you can imagine, and a number of them are Editors' Choice products in their own right.
It lets you install Norton security on up to 10 Windows, Android, macOS, and iOS devices.
If you need to protect a large collection of diverse devices, look no further. A 10-license one-year subscription for Norton Security Premium costs $89.99, and includes 25GB of hosted online backup.

Bitdefender Total Security Multi-Device 2017 gives you five licenses for that price, or ten for $10 more. Kaspersky is a little more expensive, with five licenses for $99.99.

And for the same price as Norton, McAfee lets you install protection on every device in your household. Required ReadingMy typical pattern when reviewing a security product line is to start with the standalone antivirus and then summarize the antivirus review as part of my review of the full security suite.
If there's an even bigger mega-suite in the mix, I summarize the entry-level suite review. However, I'm going to take a different path this time. This product has precisely the same excellent security components as Symantec Norton Security Deluxe.

These include top-scoring antivirus, award-winning Android security, no-hassle firewall, consistently accurate phishing protection, a full security suite for macOS, and more.

The Premium edition adds five more licenses along with parental control and online backup, neither of which is tightly coupled to the suite's other components. Please read my review of the Deluxe edition first, then come back here for my evaluation of the added Premium features. Online and Local BackupSecurity suite vendors like to promote that their products include online backup—it gives them a nice check mark in the features table. However, all too many of them simply offer a branded version of some partner product that their users could get for free directly from the partner.

Check Point ZoneAlarm Extreme Security 2017 offers 5GB of backup space that you could just as easily get directly from IDrive, for example. Norton's Windows-specific backup component is a completely in-house product, and sells separately for $49.99 per year. PCMag's Max Eddy didn't think much of Norton Online Backup, comparing it unfavorably with other standalone backup services.

But compared with backup components in other security suites, it looks pretty good. The online backup component comes pre-configured with a default backup set that defines what to back up, where to store backed-up files, and when to run the backup.
It includes files in and below the Documents folder for each user, but specifically omits possibly massive video files and email files by default. You can edit this backup set to fit your own needs, or create any number of additional backup sets. The default destination for your backed-up files is Norton's secure online storage, but you can also back up locally. While CD/DVD backup was removed in this edition due to low usage, any other drive that shows up in Windows Explorer is a fair target.

That includes local hard drives, remote drives, network drives, and even some cloud storage services.

The backup system in Kaspersky Total Security doesn't come with online storage, but you can link it to your Dropbox account. By default, backup occurs automatically when your computer is idle.

That's probably best for ongoing maintenance, but you may want to manually launch the first backup when you're done with your system for the day, as the first time can take a while.
Subsequent backups only transmit new and changed files, so they run much faster. You can also schedule a backup set to run on a weekly or monthly schedule. You can also choose to throttle back the bandwidth used for backup, an option that's only needed if you don't choose to back up during idle time. The restore feature also comes pre-configured with logical defaults.
It restores files from the most recent backup (though you can choose another) to their original locations (though you can select a different destination).

By default, it waits for you to search out the file or files you want to recover. You can optionally browse all backed-up files, or restore the entire backup set.

And you can access your backup sets as if they were local files and folders by opening the Norton Backup Drive in Windows Explorer. Webroot SecureAnywhere Internet Security Complete also offers 25GB of hosted storage for backing up and syncing files.
It keeps up to ten versions of files and lets you create links to securely share backed-up files.

BullGuard Premium Protection also lets you share files from its 25GB of online backup. Norton just keeps the latest version, and secure sharing has been dropped in the current version.

Few consumers actually used the feature, and it made overall security more complex, according to my Symantec contact. The fanciest backup system in the world won't help if it never gets used. Norton makes backup almost effortless, which is as it should be. Parental ControlYour Norton Security Premium subscription also includes Symantec Norton Family Premier, a $49.99 value if purchased separately. Yes, the combined price of Norton Online Backup and Norton Family Premier is greater than the price of this entire suite, and much greater than the $10 you spend to upgrade from Norton Family Delux.

That's a great deal. As with Net Nanny, Qustodio Parental Control 2015, and other modern parental control systems, all configuration and reporting takes place online, with a small client app on each Windows, Android, or iOS device, to handle local monitoring and enforcement of House Rules.
Sorry, Mac users, this component isn't for you. To get started, you log in to your Norton account online and create a profile for each child.

The profile includes name, birth year, gender, and an optional photo or avatar. You can also add personal information that you don't want the child to share online. Next, you add a device that the child uses or, if it's a PC, the child's Windows user account. You can install the local Norton Family parental control agent on the current device or email a link. Keep going until you've created a profile for each of your kids; there's no specific limit on the number of child profiles or devices. With that task out of the way, it's time to define House Rules for each profile.

First up is Web Supervision, which manages content filtering.

Based on the child's age, Norton selects from the 47 content categories and determines whether to block those categories or just give the child a warning. You can pick your own custom set of categories and choose to block, warn, or just silently monitor.

ContentWatch Net Nanny 7 is even more flexible, letting you choose allow, block, or warn separately for each category. When Norton blocks access to a site, it displays the reason.

The child can send parents a message explaining the attempt to visit the site, or report that the site is categorized incorrectly.
If a child proceeds to the site despite a warning, parents get notification. Norton actually checks page content if necessary.
I found that it allowed access to a short-story website but blocked its erotic stories.
It filters secure (HTTPS) traffic, so kids won't evade it by using a secure anonymizing proxy.

And it didn't cave to a simple three-word network command that disconnects some less-clever parental control systems.
I couldn't find any sites that should have been blocked but weren't. Forcing Safe Search has become difficult now that popular search portals enforce use of HTTS.

Bitdefender and Trend Micro simply dropped that feature from parental control, though Trend Micro Maximum Security attempts to cover up naughty pictures in search results. Norton has taken a different tack.
Search Supervision enforces Safe Search on Ask, YouTube, Google, Bing, and Yahoo.
It does so using a browser extension, so a clever child might work around this restriction. Your child can turn off Safe Search and briefly see inappropriate links or pictures until the browser extension turns it on again. Video Supervision keeps track of the videos your child watches on YouTube or Hulu.
Social Media Supervision simply tracks the existence of your child's Facebook account and reports if the child used a spurious age to set up the account, or posted personal information. All of the components I've mentioned thus far are enabled by default, but Time Supervision is not.

Turning this feature on automatically schedules when the child can use the device and sets a daily maximum for screen time, based on the child's age.

For example, my imaginary 13-year-old's schedule allowed access from 6 a.m. until 9 p.m. daily, and until 10 p.m. on Friday and Saturday.
Screen time was capped at two hours for weekdays, five hours on the weekend.
If you want to tweak these settings, you must edit each day separately. You can also choose whether to cut off access or just issue a warning. Kids can check their remaining time by clicking the Norton Family icon in the notification area.

There's also an option to send a request for more time.

Android devices can still be used after hours, but Norton prevents all app activity other than calling emergency contacts. Note that time scheduling applies separately to each device the child uses.

The equivalent feature in Net Nanny is cross-device, so your kid can't time out on the PC and just switch to Android. Mobile Parental ControlThree more components become available when you assign an Android device to the child's profile.

Android protection is equivalent to Norton Family Parental Control (for Android). Some mobile parental control systems offer geofencing, meaning you can get notification when your child enters or leaves a specific location. Norton's Location Supervision doesn't do that, but if you enable it the child's device reports its position periodically, and you can view current and past locations on a map. App Supervision lists all non-default apps installed on the child's Android device.
See something you don't like? Just check the box to block use of that app. I couldn't actively test the advanced Text Supervision feature, because my Android test devices all lack cellular data connection. Here's how it works.
In the default Monitored mode, the child can text with any contact that's not specifically blocked. Norton logs all text conversations with unknown contacts. Parents can review the conversations and mark the contact as Blocked or Unmonitored.
In Blocked mode, unknowns can't contact your child at all until and unless you mark them as Unmonitored.
In Unmonitored mode, all contacts not specifically marked as Blocked are permitted, with no logging. If your child uses an iOS device, you can still install Norton's parental control, the equivalent of Norton Family Parental Control (for iPhone). However, there's just not much to it. You do get content filtering, but it only works in the app's internal browser.

During installation, the app explains how to set up Restrictions so your child can't use Safari or Chrome, disable Norton, or download other browsers. Once that's done, you get the full power of Web Supervision. Location Supervision is also available, just as it is on Android.
Video Supervision and Search Supervision both work. However, on an iOS device there's no Time Supervision, Mobile App Supervision, Text Message Supervision, or Social Media supervision.
If you really need full-powered parental control on iOS devices, look to Editors' Choice Kaspersky Safe Kids (for iPhone). Parental Reporting and NotificationSo far I've just talked about how you use Norton to define and enforce House Rules.

The other half of the equation is what Norton calls Activities—the logs of what your children have been up to.

The Activities summary shows the same eight types of supervision, with an overview of the latest activity. You can filter the summary to just look at one device, in which case you'll see a message stating "This feature is not supported" for categories that don't apply to that device. Clicking on one of the panel opens a more detailed view, and in most cases you can drill down even farther.

For example, the Web Supervision summary shows the most-used categories.

Clicking it gets a full list of all sites visited, warned, or blocked.

And clicking a specific site displays that site's categories, a thumbnail, and any message that the child sent.
Search Supervision displays a word cloud of search words in the summary and lists precise search terms when you click. On the Video Supervision summary, you see thumbnails of the videos your child has watched.

Drilling down lists the videos, along with the device used for viewing and a date/time stamp.

And clicking an item in that list lets you view the video's description or jump straight to the video itself. Your Norton Family account can have more than one designated parent—that makes sense, but it's not a common feature. Parents get email notification of quite a few events.

These include visiting a blocked site, sending information that was defined as personal, and installing an app that blocks Norton Family, among other things. You can turn off any or all of these if they get to be too much. As you can see, this is an extremely comprehensive parental control system, its only weakness being the limited iOS support.

As a standalone product, it's an Editors' Choice. A Star-Studded SuiteIf Symantec Norton Security Premium were a movie, it would have a star-studded cast.
Its antivirus component is an Editors' Choice, as is parental control system.

As a separate product, its Android security app is also an Editors' Choice.
Various components earn excellent scores in independent lab tests and in our own tests.

And it even offers a full security suite for macOS, something few competitors accomplish. Norton Security Premium is an Editors' Choice for cross-platform multi-device suites, and it's a great choice as long as its ten licenses suffice for your needs.
If your household needs security for even more devices, consider our other Editors' Choice in this area, McAfee LiveSafe.
It doesn't score as well as Norton in testing, but you can use it on every device in your household, no limits. Sub-Ratings:Note: These sub-ratings contribute to a product's overall star rating, as do other factors, including ease of use in real-world testing, bonus features, and overall integration of features.Firewall: Antivirus: Performance: Privacy: Parental Control: Back to top PCMag may earn affiliate commissions from the shopping links included on this page.

These commissions do not affect how we test, rate or review products.

To find out more, read our complete terms of use.

FTC sues 1-800 Contacts for attacking competitors’ search ads

Library of Congressreader comments 4 Share this story The Federal Trade Commission has sued online retailer 1-800 Contacts, saying the company illegally restrained competitors from buying search advertisements. It's a dramatic move that could mold the shape of online trademark law for years to come. In the administrative complaint (PDF) filed Monday, FTC lawyers say that 1-800 Contacts reached deals with at least 14 competing contact lens sellers, in which they agreed to limit their advertising on search engines like Google and Bing. In the FTC's view, those agreements constituted unfair competition, because they limited truthful advertising and restrained price competition. The 14 competitors aren't named in the FTC's lawsuit, but some of them are likely to be companies that Utah-based 1-800 Contacts sued in court. In 2008, 1-800 Contacts filed a lawsuit (PDF) against LensFast.com, saying their keyword advertising violated trademark law; in 2010, ContactLensKing.com got sued (PDF) on similar grounds. The FTC complaint is scheduled to be heard by an FTC administrative law judge in April 2017. In a statement, 1-800 Contacts General Counsel Cindy Williams said her company "strongly disagrees" that its settlement agreements are anticompetitive. "Our settlement agreements were specifically designed to protect our intellectual property rights," she said. "1-800 Contacts strongly believes in a competitive contact lens marketplace and will continue to be a leading advocate for providing consumers with more choice, greater convenience, and lower prices." Contentious Marks The role of trademark law in online search advertising has been contentious since the very inception of online search, although the matter has settled out somewhat in recent years. To understand the importance of the FTC's claims, it's worth reviewing a very brief history of the issue. Search engines like Google and Bing make money from selling ads that are keyed to search terms. Some trademark owners have long disliked the fact that when a potential customer types in their trademark company name into Google—say, "American Airlines" or "Rosetta Stone"—the user will see ads from competitors. Some companies, including both companies cited above, chose to sue search engines, saying that selling such ads without their permission constitutes trademark infringement. Google fought those cases hard, and no trademark owner has ever convinced a court that selling trademarked keywords violates the law. Not only did Google not back down, it expanded the practice to Europe after winning a court case against luxury brand owners including France's Louis Vuitton. While lawsuits against search engines wound down to nothing, some trademark owners were persistent about suing competitors who purchased ads keyed to their trademarks. However, those types of cases also mostly went in the advertiser's favor. In the past several years, US court cases in which an advertiser buys a trademarked keyword but does not use the trademark in the text of the ad have universally been resolved in favor of the advertiser, according to Prof. Eric Goldman of Santa Clara University, who has tracked and blogged about such cases for years. A third type of keyword-ad litigation involves advertisers that buy a competitor's trademark and also use that trademark in the ad copy. Those can't be easily generalized about, because the outcome is dependent on factors beyond just buying online ads. However, even in those more aggressive examples, many of the cases are resolving in favor of the advertiser, Goldman notes. Back in 2004, 1-800 Contacts began sending cease and desist letters to competing online stores, telling them that the mere appearance of their ad in response to a search query that contained "1-800 Contacts" constituted trademark infringement. "1-800 Contacts threatened to sue its rivals that did not agree to cease participating in these search advertising auctions," write FTC lawyers in the complaint. "Most often, rivals quickly acceded to 1-800 Contacts' demands in order to avoid prolonged and costly litigation." Only one competitor, Lens.com, litigated against 1-800 Contacts for the long haul. That case ultimately went up to the US Court of Appeals for the 10th Circuit, which rejected 1-800 Contacts' trademark claims. Between 2004 and 2013, at least 14 competing stores stopped bidding for ads. That left 1-800 Contacts, already the titan of the industry with more than 50 percent market share, free to bid on its own trademark with little or no competition. Long battle ahead For those who believe, as Goldman does, that competitive keyword advertising is beneficial and pro-consumer, the FTC case is potentially a big win that could create lasting change by getting a crystal-clear endorsement of keyword advertising. A legal opinion from a judge who favors the government's view will hold more weight going forward than one favoring an embittered competitor. But, Goldman warns, don't start the party quite yet. First of all, a complaint is just a complaint. "It hasn't been battle-tested," said Goldman. "No court has agreed with it, and it's possible no court will ever agree." The FTC's complaint goes ahead and assumes that competitive keyword advertising is not only okay, but indisputably legal. They're saying that the "no bidding" agreements distorted the marketplace. But if buying such ads is actually trademark infringement and can confuse consumers—as some large trademark owners continue to believe—then all 1-800 Contacts was doing was making sure the market worked correctly. "It's not really being distorted if the people bidding are infringing trademarks," said Goldman in an interview with Ars. "You have to not only believe that competitive keyword advertising is legitimate, but believe it's not even in doubt." And of course, the FTC case could utterly backfire and make the landscape more murky than it is now. But the way FTC cases work, that's not likely, at least in the near term. The administrative law judge who will hear the complaint is essentially an FTC employee; a party who loses a case to the Federal Trade Commission can appeal, but the appeal then gets heard by the full Federal Trade Commission. Only after that can a party appeal to a "regular" federal appeals court with a non-FTC judge. That's right—for two long rounds of legal battles, the FTC will get to be both prosecutor and judge. That's why some private practice lawyers have ridiculed the FTC as a kind of "kangaroo court." For 19 years, from 1995 to 2014, the agency did not lose a single administrative lawsuit with unfair competition claims. That's why one of the big questions going forward is how hard 1-800 Contacts is going to fight this case. The company is years away, millions of dollars away, from having its fate heard by an independent judge. For those looking for a deep dive into the subject, Goldman, a longtime critic of 1-800 Contacts, ponders some other questions in a lengthy blog post published yesterday. That includes the complex issue of what kind of "vertical" restrictions on keyword ads can be legally put in place for affiliates and franchisees.