Field blocked by Outpost (http://www.agnitum.com)

[innovateur]

We are receiving this message on our server on the referrers table, regarding our website:

Does this mean that users of Agitum are being blocked from visiting our website?

Our website has nothing strange or obscene, or any pop-ups - nothing untoward. Can anyone please tell me what this means.

Thank you

Eri

[Paranoid2000]

Outpost has a feature (in its Active Content plugin) that blocks the referrer field, preventing a browser's previous location from being revealed. If activated, Outpost simply changes the referrer to the "Field Blocked by..." that you are seeing.

It does not restrict access to websites (there are other plugins for Outpost that can do that, should the user want them to), unless you have created scripts or links that require a referrer ID. Some sites are doing this (bad design IMHO) - also some sites are blocking access to images if the referrer ID does not contain the website name (allegedly to prevent third party websites from linking to them).

There are a number of other programs that can also conceal the referrer field - some allow the user to set it themselves (Proxomitron is a good example), so I suspect that you may get some interesting entries in your tables....

[innovateur]

Thanks - I don't mind people protecting their identity - thats OK.

Thanks again for the info.

Regards

Eri

[MTDay]

The drawback to referrer blocking (a global option, not "per site") is that some sites and purposeses REQUIRE them.

1. You may be barred from downloading a file, maybe even from viewing an image, because the site thinks you're "stealing" it with a direct link from outside.

2. You (at www.ipoints.co.uk ) or your favourite site, may not receive credit for banner clicks.

I hope a future update makes this a per site option - and also as regards refers FROM and TO.

Rather than setting options "per site", it would be better to have configurable categories to assign sites to - eg. Friendly / Hostile

[innovateur]

I see - so there is the real possibility that programmes such as Agitum in their current format may make it more difficult for internet entreprenurs to earn money for advertising or affiliate programmes - as they will not get credit for driving that traffic through - or for subsequent purchases made as the originator is not recognised on a per user basis.

This is in addition to Agitum users not benefiting from reward and loyalty schmes such as i-points and others.

I think that Agitum really needs to work with affiliate and referral providers to get around this problem for legitimate traders - otherwise there is the real prospect that the sellers will receive all the benefit from the activities of webmasters - who will receive nothing. Particularly with this software being distributed free.

In the long term all will loose - the producer, the consumer, and the internet entrepreneurs - as the incentive of enterprise to drive the enrichment of the web is reduced.

That would only serve to hand the internet over to big business.

I agree that a great compromise at the start would be to have a simple opt-out button that Agitum could put on the browser - turning it on when privacy is required - though the danger is that users will allways leave it on...

If something is not done then protection in coding will take place and that will mean a whole new generation of cumbersome sites and confusion / lack of trust by internet surfers who will only visit limited sites .....

Collaboration with resellers and affiliate programmes is really the only practical way forward if we are not going to make it increasingly difficult for internet entrepreneurs.

Come on Agitum, be pro-active on this - its part of your corporate responsibility (I hope you do feel some!)

Eri

[Ron P]

I enable referrer and just set a global one with Proxomitron.

RP

[eburger68]

Eri:

You wrote:

Quote:

Originally posted by innovateur
[B]I see - so there is the real possibility that programmes such as Agitum in their current format may make it more difficult for internet entreprenurs to earn money for advertising or affiliate programmes - as they will not get credit for driving that traffic through - or for subsequent purchases made as the originator is not recognised on a per user basis.

Perhaps I'm missing something here, but why is this Agnitum's problem (or the problem of others who make similar privacy/security software)? Agnitum serves its users, not web site "entrepeneurs" like you. (And by the way, I am not a representative of Agnitum, so everything I say here is my own opinion or observation.)

Quote:

Originally posted by innovateur This is in addition to Agitum users not benefiting from reward and loyalty schmes such as i-points and others.

This is a non-problem. Outpost in both versions 1 and 2 allows users to toggle this setting on and off. While it could be made more useful as a per-site setting, Agnitum users can still benefit from these schemes if they so choose. The power is in their hands. All that needs to happen is for web site "entrepeneurs" to convince users that there's a demonstrable benefit to participating in those schemes (and thus disabling the setting in question). Again, that's not Agnitum's problem.

Quote:

Originally posted by innovateur I think that Agitum really needs to work with affiliate and referral providers to get around this problem for legitimate traders - otherwise there is the real prospect that the sellers will receive all the benefit from the activities of webmasters - who will receive nothing. Particularly with this software being distributed free.

In the long term all will loose - the producer, the consumer, and the internet entrepreneurs - as the incentive of enterprise to drive the enrichment of the web is reduced.

You're trying to make your problem into someone else's problem without giving them any concrete reason to accept your problem as their problem. Again, Agnitum serves its users. It seems to me that the way out of the problem is to give users concrete, demonstrable benefits to disabling that feature of Outpost instead of attempting to persuade the producers of Outpost to compromise a feature that some of its users obviously find useful.

Quote:

Originally posted by innovateur That would only serve to hand the internet over to big business.

If small businesses want to survive and compete against "big business" then they ought to provide unique benefits users -- value that "big business" isn't providing. (See the end of this post for one idea of how small business could do that.)

Quote:

Originally posted by innovateur I agree that a great compromise at the start would be to have a simple opt-out button that Agitum could put on the browser - turning it on when privacy is required - though the danger is that users will allways leave it on...

Again, this is a non-problem. Outpost users already have the ability to turn this feature on and off. The only thing that's missing for some users, apparently, is an incentive to turn it off.

Quote:

Originally posted by innovateur If something is not done then protection in coding will take place and that will mean a whole new generation of cumbersome sites and confusion / lack of trust by internet surfers who will only visit limited sites .....

Perhaps you missed its arrival, but that "future" is already here. Users resort to products like Agnitum Outpost precisely because they don't trust web sites and because they find the obnoxious marketing devices (i.e., Active Content, pop-ups, Flash ads, et al) that web sites use make surfing cumbersome and confusing. And internet "entrepeneurs" have only themselves to blame for that predicament. Products such as Agnitum Outpost are becoming increasingly popular with users because internet "entrepeneurs" have abused their trust.

Quote:

Originally posted by innovateur Collaboration with resellers and affiliate programmes is really the only practical way forward if we are not going to make it increasingly difficult for internet entrepreneurs.

Your choice of words here is telling. Notice how it elides any reference to agents at a crucial spot ("collaboration...is really the only practical way forward...") -- for whom? Why for those people specifically? The language here attempts to conflate your interests with the interests of others without providing any good reason for regarding them as the same. Thus, the "we" in the rest of the sentence is completely unjustified.

Quote:

Come on Agitum, be pro-active on this - its part of your corporate responsibility (I hope you do feel some!)

How quick you are to assign "corporate responsibility" to others without assuming any yourself. Just what are YOUR responsibilities to users, Eri?

A quick perusal of your two web sites, for example, is revealing. Not a privacy policy in sight -- apparently you don't consider it part of YOUR responsibility to be up front with users about the data that you do (or don't) collect and how those data are used or shared with any of your partners and affiliates. Moreover, in all of the advice you provide to up and coming "entrepeneurs" there's a distinct lack of advice on their responsibilities to users and customers. Why so quick to lecture Agnitum on its "responsibilities" when you're not doing the same with "entrepeneurs"?

Here's an idea for you: since internet "entrepeneurs" have such a terrible track record gaining the trust of users in the area of privacy, perhaps you could add a section on good privacy practices for "entrepeneurs." Not only would such advice help them with a concrete problem that web sites are currently facing, but it would give your users a way to set themselves apart from "big business" -- to give them an additional selling point that they could use to gain the trust of customers and users.

If you're truly interested in giving good advice to "entrepeneurs," wouldn't that be part of YOUR reponsibility?

Best regards,

Eric L. Howes

[lukas_r]

Ok this is the reason I want to change the referer string to something else, I don't want any website knows I'm using Outpost. Not because of the security reason, but privacy.

I mean I like Outpost, I would definately like to advertise for them, but not in this way tho.

[innovateur]

Dear Eric

You clearly did not read my first post.

First, I am not an "internet entrepreneur" . I have taken a company from idea to the stock market in consumer goods and we have pooled resources to provide a free and impartial site, funded by us, for the benefit of anyone developing an enterprise.

Nor have you read the concerns of other Agitum users - it is a needed product but it should have safeguards to proptect
users and ancorage safe access with reducing their functionality full or the quality of their experience.

We have a simple policy on user information - we collect zero.

We only collect data on our web server on sites that refer visitors - such as google and linked sites. Direct acces is just collected as Direct Access and is completely anonimous.

THE ONLY INDIVIDUALS THAT ARE NOT STATED AS ANONYMOUS ARE OUTPOST USERS WHERE A MESSAGE APPEARS ON OUR WEBHOSTS SERVER STATISTICS AS STATED ABOVE.

We provide free software for business planning etc and do not even take an e-mail address - nothing. No reduced functionality, no registration requirement - we have made it for others to use.

We allow users to subscribe to our newsletter and all they need to do is confirm the e-mail address as we do not want anyone to receive spam! - Nor passing of information to other users either.

People who try to collect private information or use annoying or black-magic tricks such as pop-ups and freezing are not entrepreneurs but con-men trying to trick people into things and your derisory tone implies you do not believe in genuine entreprise either.

We mentor entrepreneurs as varied organisations as High Technology spin offs from Oxford University through to Young start ups. We point some entrepreneurs to e-commerce incubators and it is the development of their propositions that could be made more difficult.

Some of their sites, and many of the users of this site, make money from genuine referral programmes. It is them for whom I am speaking for. Many provide great services that would not exist but for this income - do you not think the internet would be poorer if some of those legitimate small operators had their income reduced and legitimate opportunity reduced?

Security and privacy is everyone's right.

Ron P suggested a great and simple solution that would deal with all issues. Safeguard the user, the site owner and any legitimate intermediary. That's the way forward.

You seem to think that Agitum has no responsibility to consider these issues. I suspect they would even dissagre with you on that and they probably do pay considerable attention to it. Outpost certainly has no general responsibility in law but though you may not believe in greater morality and corporate ethics - I do and so I am simply trying to ensure that they bear these issues in mind in the continuing development of their software.

I am sorry that you feel anyone can do whatever they like without responsibility for anyone else - that view is not coherent with private protection - in fact it is against it.

[MTDay]

I must admit, I leave referrers enabled, so that I can "give a clickthrough" to a forum or other site that asks.

Like everything, there are good ones and bad ones - just like cookies, which are controllable on a site by site basis.

The only problem I CAN see in site by site referrer setting is that it means controlling something that happens as you LEAVE - link to new site in same or new window - and if you had a list of site that may be sent as referrers, they could still be sent to sites you'd rather NOT send them to - complicated!

[Atomic]

referrer blocking is not enabled by default, so users will have to enable it by themselves, and then I would say it's their decission and their right to do so. Outpost just makes it possible....

Atomic

[innovateur]

Yes - it is all complicated - there is probably an opportunity for someone to develop a third-party system of web-browsing identities - though it must privately ensure they are genuine individuals.

The third party could verify that the individual browser is an individual and keep that identity completely secure, and then assign a random number identity to that browsing individual which referrers and sites could allow access to and know that though it is anonymous, it is an individual.

That individual could then browse within a safe firewall with the mock identity being used as required.

I am not a techie but I am sure that some clever chap out there could create an opportunity from this problem which benefits everyone but the illegitimate - indeed Agintum might produce the solution itself.

[innovateur]

Dear ATomic

Its good that it is not set as as a default.

I completely agree it is the right of the user to block referal - everyone should have the right to privacy - but the same logic will apply to the website owner who may block agintum users or annonymous users - and that has the danger of Agintum users being disadvantaged and the web being slowed down for them.

There must be a better way that desn't lead to escalation on all sides and going back to the World Wide Wait....

[eburger68]

Eri:

You wrote:

Quote:

Originally posted by innovateur Nor have you read the concerns of other Agitum users - it is a needed product but it should have safeguards to proptect users and ancorage safe access with reducing their functionality full or the quality of their experience.

Oh, I read their concerns, and I agree that the functionality could be changed somewhat -- for example, to make it site specific or to allow the referrer field to be customized (as some other programs allow). But that doesn't solve YOUR problem, which is that true referrer data isn't being passed alonged by users. Again, you're confusing your interests and the interests of other web site operators with the users.

Quote:

Originally posted by innovateur We have a simple policy on user information - we collect zero.

We only collect data on our web server on sites that refer visitors - such as google and linked sites. Direct acces is just collected as Direct Access and is completely anonimous.

Then state that in a simple straightforward privacy policy. One of the key points that I tried to impress upon you in my previous post is that you shouldn't be so quick to assign responsibility to others when you haven't even taken the most basic steps of your own, but you conveniently ignored that basic point.

Quote:

Originally posted by innovateur THE ONLY INDIVIDUALS THAT ARE NOT STATED AS ANONYMOUS ARE OUTPOST USERS WHERE A MESSAGE APPEARS ON OUR WEBHOSTS SERVER STATISTICS AS STATED ABOVE.

But, again, that wan't YOUR concern, was it? I agree that the field should be user-customizable, but if Agnitum made that change you'd still have complaints because this wasn't YOUR concern.

Quote:

Originally posted by innovateur We provide free software for business planning etc and do not even take an e-mail address - nothing. No reduced functionality, no registration requirement - we have made it for others to use.

We allow users to subscribe to our newsletter and all they need to do is confirm the e-mail address as we do not want anyone to receive spam! - Nor passing of information to other users either.

Again, then state as much in a privacy policy. And in that privacy policy you'll need to deal with the companies to whom you point your users, if only to say that their privacy policies may differ from yours.

Quote:

Originally posted by innovateur People who try to collect private information or use annoying or black-magic tricks such as pop-ups and freezing are not entrepreneurs but con-men trying to trick people into things and your derisory tone implies you do not believe in genuine entreprise either.

I'm glad we can agree on that. And I'll admit that the word "entrepeneur" has become somewhat sullied in my view, primarily because of the refusal of so many "entrepeneurs" to consider taking on any responsibility of their own besides taking the money to the bank. "Genuine enterprise" is certainly possible, but "entrepeneurs" are going to have to learn more than just how to make money as quickly as possible. That's why I suggested a small section on your site dealing with good privacy practices. If you don't like the reputation that many small businesses have gotten, why not DO something about it and educate newcomers about good privacy practices.

Quote:

Originally posted by innovateur We mentor entrepreneurs as varied organisations as High Technology spin offs from Oxford University through to Young start ups. We point some entrepreneurs to e-commerce incubators and it is the development of their propositions that could be made more difficult.

Some of their sites, and many of the users of this site, make money from genuine referral programmes. It is them for whom I am speaking for.

And that's why I spoke more generally of "internet entrepeneurs," because I recognized that you, in your own words, were speaking for them. And you also happen to have demonstrated the mindset that gets so many of them into trouble with users over privacy issues (more on that below).

Quote:

Originally posted by innovateur Many provide great services that would not exist but for this income - do you not think the internet would be poorer if some of those legitimate small operators had their income reduced and legitimate opportunity reduced?

You missed my point entirely. My point was not that the web site owners ought not to be able to make money to stay afloat, it was that internet entrpeneurs (or business owners more generally) can't go around urging others to ignore their own immediate, short term interests and to assume larger responsibilities that might conflict with them when those same entrepeneurs and business folks aren't willing to discuss their own responsibilities. This can't be a one way conversation, and yet that's what all too many business folks try to make it.

Quote:

Originally posted by innovateur Security and privacy is everyone's right.

Glad to hear you say it. Would that belief be so firm that you would actively support more stringent governmental regulation of privacy practices by private businesses, esp. as they relate to internet services? I realize that you're in the UK, and in some ways the privacy laws are different than here in the U.S. (where I am), but it would be interesting to hear you on this issue, given your obvious interest in business issues.

Quote:

Originally posted by innovateur Ron P suggested a great and simple solution that would deal with all issues. Safeguard the user, the site owner and any legitimate intermediary. That's the way forward.

If I'm understanding Ron P's solution correctly (perhaps he could elaborate), that solution doesn't address your concerns. He's using The Proxomitron (http://www.proxomitron.org/) to set a custom global referrer to solve the problem that lukas_r described, namely Outpost's identifying Outpost users as Outpost users. That solution doesn't address YOUR complaint though, because true referrer information is still not being passed along at the discretion of the user.

And while we're on the subject, what is it that you want Agnitum to do? As I and several others pointed out, Outpost already allows users to toggle the referrer setting -- they've already got that power. Yet you still seem to have complaints.

Quote:

Originally posted by innovateur You seem to think that Agitum has no responsibility to consider these issues. I suspect they would even dissagre with you on that and they probably do pay considerable attention to it. Outpost certainly has no general responsibility in law but though you may not believe in greater morality and corporate ethics - I do and so I am simply trying to ensure that they bear these issues in mind in the continuing development of their software.

I am sorry that you feel anyone can do whatever they like without responsibility for anyone else - that view is not coherent with private protection - in fact it is against it.

Again, you missed my point entirely -- nay, you studiously ignored it. It was a simple one, namely, that those in private business have no business going around lecturing internet users and privacy software makers such as Agnitum about their "general responsibility" under some regime of "greater morality and corporate ethics" when they're not willing to discuss the responsibilities of business owners and entrepeneurs as well. It is just this tack that I see all the time from supporters and promoters of private enterprise on the web. Ask them what responsibilities they have to respect and protect the privacy of internet users and whether those responsibilities ought to be enforced by law, and they'll insist they have none -- if the users or customers don't like it, that's just their tough luck. But those same people are willing to go on and on, as you've done here, about the responsibilities of users and privacy software makers. That's an untenable double-standard.

At the end of my previous post I asked you pointedly what YOUR reponsibilities were or what the responsibilities of business owners and internet entrepeneurs more generally were. You ignored that question.

I also suggested that you take it upon yourself to use your web site to educate up and coming business owners and internet entrepeneurs about good privacy practices. You ignored that as well.

You stated that you're against the idea that "anyone can do whatever they like without responsibility for anyone else," yet you decline to discuss anyone's responsibilities other than Agnitum's or the users. It's going to be hard to avoid the "escalation on all sides and going back to the World Wide Wait" that you address in a later post unless business owners, entrepeneurs, and their supporters aren't willing to make this a two way conversation.

Eric L. Howes

[innovateur]

DEar ERic

I am affraid that you are just ranting about what is clearly a hobby horse of yours, abstracting arguments from context, and generally failing to make any constructive points - which is my purpose.

In the UK we do have privacy laws and anti-spam laws and we, and I, welcome them. In the UK you cannot call someone on their telephone, or fax if they have registered on the central register. We welcome that . You cannot send them e-mail either if they do not want it - but we do get alot of spam from the USA - indeed the entire Oxford University Network was brought down by a spammer using an AOL address - and to add insult to injury nearly hundreds of thousands of Oxford University network usere had all their email sent all AOL users blocked with neither sender or receiver knowing about it. Indeed the entire disruption was actually caused by an anonymous spammer.

Quite how you infer tham I am anti-privacy is preposterous and an abstraction.

You seem to believe that a written policy, found after entering a site, is the answer to everything - well it deals with nothing except administration. This is an issue of ethics and actions rather than words are reality.

Our site is still at pre-launch and I am sorry if we do not have a legalistically written privacy policy but I think that the statement we do include, in addition to our laws and our actions, is pretty clear:

"If you would like us to mail you once the next range of free modeling software is up on the site, and on any major new resource that comes on-line (but no advertising!) mail us at keep-me-in-the-loop@innovateur.co.uk . We will not pass your details on to anyone, or send you any junk mail - ever. "

You also continually refer to 'my problem' - you may be acting out of self interest but I am not.

These issues are strategic and impact users, web site owners, and marketing intermediaries. If you cannot see that then I am sorry but we'll have to agree to dissagree.

I would be happy to hear more from you if you can be constructive. If you are just interested in semantics then the discussion is a waste of time - as - unlike other posters - you have clearly ignored all the substantive points so far.