[HN Gopher] Airline Wizz Air is charging PS10 "System Surcharge"... ___________________________________________________________________ Airline Wizz Air is charging PS10 "System Surcharge" when using ad blocker (2020) Author : madjam002 Score : 167 points Date : 2022-08-28 21:08 UTC (1 hours ago) (HTM) web link (thepointsguy.co.uk) (TXT) w3m dump (thepointsguy.co.uk) | smcl wrote: | Wizz Air are on the rocks and should be avoided unless you | _really_ like to gamble. There have been a few flights cancelled | at _very_ last minute - one group I know were halfway through the | ~10 of them checking in when they learned their flight was | cancelled (on their way to a wedding). There was also a famous | case this summer of a flight being cancelled after everyone had | already boarded and the plane was on the runway. | | Don't bother, even if your ticket is 50 EUR cheaper it's not | worth the risk. | harvey9 wrote: | Airline says it's a 'robot' fee for automated bookings made on | the site but that errors mean it sometimes gets applied to human | customers. | dspillett wrote: | Actually seems plausible: detecting a bot through differences | in interaction, and the and blocker causing a false positive. | | Though a bad idea: I can think of no way an ad blocker could | trip it that would not mean it could sometimes trip without one | due to transient network errors, so it isn't likely to be | terribly good at its main job of being a bot detector. | kevinventullo wrote: | Not long before this applies to the flight itself. | | "Upgrade your ticket now to experience ads customization on your | flight, including features such as seatback video dimming and | optional opt-out of feedback surveys!" | geoffeg wrote: | "Upgrade your cabin pressurization now! If more than half the | flight pays to upgrade the pilots will lower the cabin altitude | from 15,000ft to 8,000ft!" | klabb3 wrote: | 15000ft is fine by me, why should I have to pay for other | passengers pressurization? I thought this was America. I | usually hyperventilate the entire flight to get my money's | worth of O2. | omginternets wrote: | In the US, they've started playing advertisements at gas pumps. | To make matters worse they turn the volume _way_ up. | | I have never in my life been so tempted to perform an act of | vandalism. Something about this kind of invasion of personal | and mental space is absolutely infuriating. I can't even | daydream anymore -- even that is up for grabs by advertisers. | ajvpot wrote: | Pro tip: Usually one of the buttons on the side of the screen | will mute the video even if the UI element isn't displayed. | macintux wrote: | I've been to a gas station where they have loudspeakers on | the building itself and they pepper their customers and | everyone else in a few hundred foot radius with noise. | | Thankfully it's been long enough I don't remember the | contents but I think it was for food and drinks inside. | thedailymail wrote: | After that there will be surcharges for wearing an eyemask or | noise-cancelling headphones, to recoup the airline's lost | revenues from passengers' less than total engagement with in- | flight ads. | acka wrote: | Black Mirror material indeed. | Mordisquitos wrote: | _"Please drink a verification can"_ | madjam002 wrote: | Just tried this myself, sure enough as you scroll down to the | card payment section on the final page of the checkout flow | (after all the optional upsells, seat selection etc), the price | increases by PS10 x per passenger thanks to a "System surcharge" | that is added. You wouldn't notice the charge being added unless | you explicitly looked out for it, as it only appears when you | start scrolling the page down to the card details form. | | Disabling ad block results in the charge not being applied. | | What's even more baffling is I had to complete a reCAPTCHA half | way through the checkout flow, so them saying it's to do with bot | detection is a stretch. | | Edited as I forgot to mention the captcha code during checkout | flow. | ytdytvhxgydvhh wrote: | All sorts of price discrimination in the travel industry. Expedia | has been advertising lower prices in their app, but at least | they're upfront about it? I dunno, but it's annoying because you | know it means "we can sell the additional data we gather if you | have our app installed". | can16358p wrote: | Plausible deniability at its finest. While it could really be a | robot filter indeed, the airline seems to be okay with charging | customers if they can't show ads to them. | | Shady, but also kind of fair TBH. | bwblabs wrote: | Note the Wizz Air anti-bot statement | (https://skift.com/2020/08/31/wizz-airs-odd-fee-for- | buying-a-...). The "System Surcharge Fee - Applicable to bookings | made by automated systems" of EUR 10 is listed on the Wizz Air | website as service fee https://wizzair.com/en-gb/information-and- | services/prices-di.... | | I just opened https://wizzair.com/ with a default uMatrix config | (only loading first party *.wizzair.com resources) and it | complains straight away: | | _Are you human? | | An unusual activity was detected from your web browsing activity, | which may also be done by a robot or "bot". For this reason it | needs to be verified that you are human. Bots are not allowed to | use our website/mobile app in order to protect your privacy and | provide a reliable user experience. | | Some activities may look like they are done by a bot, such as | running multiple sessions of the WIZZ website, or performing more | than one search in a web browser. | | What if I am not a bot? Read on for a solution. | | We take many factors into consideration to make sure real | website/mobile app users are properly distinguished from bots. We | recommend the following: | | * Use the latest version of the supported web browsers (Chrome, | Firefox); | | * Don't use your browser in incognito or compatibility mode; | | * Don't use ad blockers as they may conflict with our website's | protection; | | * Don't use anonymizer proxies with botnets to hide your | identity; | | * Try to book from another device and/or internet connection; | | * Use our mobile apps on iOS or Android | | Why can bots be harmful? | | * Some third parties such as online travel agencies use bots. If | you book your WIZZ ticket through their websites, we may not be | able to contact you about possible flight disruptions or any | relevant changes, and they may also apply additional fees on the | top of the ticket price; | | * Bots can overload our servers, slowing them down for our real | customers. | | If you are using a bot, please note that: | | * By using automation tools on our website or mobile application, | you are violating their terms of use. | | * As per these terms, we have the right to detect and block your | activity and cancel any booking you make via these channels. | | * To provide the best service to our customers, bots can still | access the Flight-Search capabilities, but we reserve the right | to discontinue or block bot users even from Flight-Search, | especially if over-use is detected; | | * If you would like to show our flights in your inventory, please | contact us beforehand and make sure users are redirected to | wizzair.com when they are ready to make their booking. You can | also use a deep link to the selected flight._ | sys_64738 wrote: | Do they actually show ads on their webpage when booking flights? | I didn't see any conclusion to that. | userbinator wrote: | The first thing that came to mind when reading the title is "how | do they detect? how can we crack it?" Much like anti-anti- | debugging is a thing, perhaps adblockers also need to have anti- | anti-adblock features. | | ...but things like this are why "remote attestation" and its ilk | should be our biggest concern, because they can use such | technologies to deny or distinguish anyone not using the --- no | doubt already narrow and increasingly narrowing --- "supported" | or "compliant" hardware and software. | c7DJTLrn wrote: | Soon they'll be charging extra for the flight to be on time. Both | my recent inbound and outbound flights were delayed | extensively... | Swenrekcah wrote: | My flight wasn't delayed, instead they announced as we were | taking off that they needed to fly a detour and stop there for | 40 minutes to refill the plane because they apparently couldn't | calculate how much fuel they needed. | sokoloff wrote: | Zero chance that was an inability to calculate. Far more | likely that it was economically driven somehow. | harvey9 wrote: | In a sense they do: compensation for delays is enforced by law | in Europe. | Aachen wrote: | Yeah I tried that. People at the counter laughed "you can't | do this here" (we were all right there and delayed by the | same amount, why not just hand us the cash? Wire it to the | accounts from which we paid the ticket? Sign us up | automatically and send us the forms?). Okay, I said, where | _can_ I do this then? "On our website probably." Okay I open | the website, after navigating a horrible attempt at a mobile | site for fifteen minutes I found the form and filled it out. | Never heard from them again. Guess I should take them to | court now? | | Railways (NL, DE) pull the same sort of crap. In NL there is | a centralized billing system, they know exactly what path you | took and when, so also that you were in the delay. Credit it | to your transport card automatically? Nah. You need to fill | out paperwork and then get a few euros for missing half of | your evening. Germany is even better: whenever there's | delays, you see long queues at the service center because | (according to my colleague with whom I was there) you need to | get something stamped IRL as proof that you were really there | during the delay. And the amount you get back is still | peanuts. | | Incentives like these to be on time don't work. I can't | imagine more than a handful of people per trainload/planeload | go through the hassle. At least for planes iirc it was a | reasonable amount, at least for short delays where you don't | have to book an entire holiday around. If you'd get it | without a legal battle. | YetAnotherNick wrote: | Do they compensate the passenger? | iso1210 wrote: | In Europe you have EU261, which if the flight is | significantly delayed (hours rather than minutes) means you | get several hundered euros in compensation. The exact delay | and amount depends on the length of the flight. | gpderetta wrote: | Mind, standard operating procedure is for most if not all | airlines to deny the compensation because of | "unforeseeable circumstances". | | Strike action because they don't pay their employees? | Unforeseeable. The plane is broken? Unforeseeable. The | airport cancelled the flight like it has been doing for | the last 6 months? Unforeseeable. | | Then you have to appeal to the regulator or small claims | and most people just give up. | | Sometimes they don't even refund your ticket after a | cancellation and if you dare to chargeback they will | prevent you from flying ever again. | | Consumer rights are great, but often is hard to enforce | them. | GekkePrutser wrote: | My friend got this money from Aer Lingus for a flight | that was delayed until the next day because of weather. | They could have argued it was unforeseeable but they | didn't. They just paid up. It doesn't always work this | way. | | The money was more than the flight was worth but the | whole ordeal was terrible, literally every hotel in | Dublin was booked out on every website (this wasn't the | _only_ flight cancelled, every one of them was) and she | had to stay in this horrible dirty hostel. So it was | kinda nice to get that money. | eertami wrote: | I've had plenty of success using the EU regulators to | enforce 261/2004 compensation requests if an airline is | not following the rules. | | It can take a while for the regulator to get to your | case, but it is only a 10-15 minute investment to find | the relevant authority and to email to them with your | information/circumstances. Then 2-4 months later the | airline follows up to arrange payment. With budget | flights the compensation can end up paying for multiple | future flights. | chrisseaton wrote: | You're eligible for compensation in those cases - claim for it. | cantSpellSober wrote: | > _due to bugs in the AdBlockers, they can make the browser act | unexpectedly, and flagged by our security tools as suspicious_ | | I sorta buy this -- when browsing in Brave w/uBlock, Captchas | appear and fail more often than when browsing without a condom | on. I don't think it's a "bug" it's just harder to track you, and | it throws off the spam catchers. | aendruk wrote: | Misleading title; more accurate would be "Surcharge intended for | automated scrapers is accidentally applied to customers who use | ad blockers" | | Still stupid, but a different kind. | baybal2 wrote: | adnauseum wrote: | What would happen if I browsed using Lynx? | userbinator wrote: | Most likely you wouldn't even be able to buy a ticket. Appsites | like these are entirely dependent upon JS for their | functionality. | | On the other hand, I find it ironic that a low-cost airline | would use such a complex site; if they are so miserly and | minimal with their services that every little bit costs extra, | a boring old HTML form seems like the most suited to them. | Tao3300 wrote: | I was going to give them the benefit of the doubt since it was | anecdotal, but when he got to the "bugs in ad-blockers" | explanation, the bullshit was spread a bit to thick for someone | innocent. | | This is ableist discrimination and it's offensive. I require an | ad-blocker to make the web usable with ADHD-PI. | titaniczero wrote: | Sounds credible to me. Some adblockers and lists block bot | detection scripts on purpose, in some cases it could lead the | system to flag you as a bot. | | What they should do in these cases is to fallback to a captcha | or something like that. | madjam002 wrote: | What's interesting is when I booked the tickets, half way | through the purchase journey I got a popup saying "Are you | human?" with a reCAPTCHA to verify that I was human. They | still tried to charge me PS10 at the end for a "System | Surcharge". | froggertoaster wrote: | "Abelist discrimination" is perhaps the biggest HN stretch I've | seen this week. | [deleted] | punkspider wrote: | Almost every time I refresh the price changes a little. Is this | normal? Video: https://i.imgur.com/C33FXlc.mp4 | p1necone wrote: | How does this even help? | | Surely for the people who visit the site and _do_ buy a ticket | the revenue lost from them blocking ads would be basically | insignificant compared to what they pay for their tickets. And | obviously the people that visit the site while blocking ads and | _don 't_ pay for a ticket won't be paying the surcharge. | | I guess ultimately it helps by just bringing in extra revenue via | a sneaky hidden charge that most people won't realize is there. | But it doesn't _really_ have anything to do with ad revenue. | aendruk wrote: | Presumably by impeding competitors who attempt to automatically | price match. | | For those who didn't read the full article (I don't blame you; | it's nearly illegible--font weight 86!?) the airline intended | to price-discriminate against automated scrapers, not against | people who don't view ads, but distinguishing between robots | and humans is futile in practice. | chrisseaton wrote: | Maybe adverts from a confirmed traveller going to a particular | destination are valuable? | [deleted] | jacquesm wrote: | Not as valuable as the typical EU fine for these kind of | nasty tricks. | MonkeyMalarky wrote: | Shit, Ticket Master is missing out on some real innovation here! | DanAtC wrote: | AXS already stops working outright in the middle of buying | tickets if Apple's Private Relay is enabled. | PaulHoule wrote: | It surprises me that they charge $10 to a suspected bot instead | of blocking it. | karamanolev wrote: | Time for adblockers to add the whole Wizz domain to their lists | then? | littlestymaar wrote: | > If you do book any Wizz Air flights and notice any unexplained | extra charges in your booking summary, turn off ad-blocking | software, which should remove the surcharge. | | Do not turn you ad-blocking software (that's what they want), | instead warn your local consumer protection authority, and email | a copy of your reporting to Wizz Air, I'm pretty sure the PS10 | fee is going to disappear as well, for you and luckily for | everyone else. | chrisseaton wrote: | Your local consumer protection authority won't have any idea | what you're talking about - they aren't experts in these | things. | jacquesm wrote: | They are going to hit them hard and they know very well what | they are doing. I really don't know where you got that idea | but EU consumer protection authorities have teeth and they | bite when it suits them. This sort of stuff will not fly, and | I'm pretty sure the various privacy authorities will also | want to put in a word or two. | chrisseaton wrote: | That's be great... but I'm imagining even trying to explain | 'ad blocker' to a typical civil servant. | jacquesm wrote: | The same people that cracked down on roaming charges will | know what to do about an adblocker surcharge. | chrisseaton wrote: | Every person understands a roaming charge, because all | they experience them. 0.001% of people use an adblocker | or even know what one is. | | This will always be a problem while government pays 10% | of big-tech pay. | jacquesm wrote: | Your stats are off by many orders of magnitude. | | https://earthweb.com/how-many-people-use-ad-blockers/ | vntok wrote: | The stats you linked includes people who use "some form | of ad blocker" and indicates "If you use Google Chrome, | you probably already know that it has a built-in ad | blocker that has a default setting to block ads across | websites" and "Firefox has an ad blocking feature as does | Safari". | | So if they count built-in adblocking features as | abblockers, of course the resulting figure is very high, | as it's basically equal to the % of internet users who | installed Chrome or Safari. This does not mean that | regular folks use and understand adblockers, just that | they use the two most popular browsers in the world. | chrisseaton wrote: | Their definition of 'adblocker' isn't what anyone else | means, is it? Come one. | airstrike wrote: | As a general concept, I'm not opposed to having to pay for a | service instead of seeing ads. Or even better, to be able to | choose whether I want a free service with ads or a paid service | with no ads. | | But if I'm already paying for the service (in this case, the | airline ticket) why are you trying to show me ads? This makes | absolutely zero sense | dalbasal wrote: | The general concept is, IMO, deceiving. | | Making ads optional is often suggested, sometimes tried, and | there aren't many success stories. Most successful combinations | of ad/payment commercial strategies aren't customer choice | scenarios. | | Most subscription papers made more on ads than subscriptions, | but subscribership made ads sell at a premium. The stable | revenue is nice too. Ryanair clones use advertising as within | their get-an-extra-penny ethos. Buses and such do the same. | | A lot of people seem to like the theory of paid opt-out... but | that doesn't seem to be a thing. | bruckie wrote: | YouTube premium seems to be a counterexample. I wonder why | it's managed to stick around (and be pushed so hard) when | other pay-for-no-ads attempts have failed (either before or | after they launched). | macintux wrote: | Sort of. Arguably the sponsored ads in many videos argues | against it being a true counterexample. | MOARDONGZPLZ wrote: | I still got ads with Premium YouTube so ended up canceling. | What's the point of paying for no ads when I get ads | anyways? | Shank wrote: | Maybe you're conflating in-video sponsorships with ads? | If you're signed into YouTube Premium the system won't | serve you ads in that browser/app, but obviously a video | creator can still read a sponsorship message. | eslaught wrote: | Paramount+ (formerly CBS All Access)? As far as I know it | still offers two subscription modes, ad and ad-free, and | subscriber stats on Wikipedia seem to be trending in a | positive direction. | | https://en.wikipedia.org/wiki/Paramount%2B | | But I think the real issue is this: aside from services that | use ads as an explicit differentiator, there is really no | reason for a service that charges customers not to also add | ads. It's just extra revenue. The only reason I could see for | services not wanting to do this is when they want to | specifically cultivate a "premium" feel. Cable in the US | was/is a classic example: people paid inordinate feels for | access, and then _also_ put up with ads on top of it all. And | for a large segment of the population, cable was so | ubiquitous as to be unthinkable not to subscribe to it. | recursive wrote: | > there is really no reason | | Ads are annoying, and drive down usage? | criddell wrote: | Are you opposed to having ads plastered on the insides of | public transit vehicles? | krm01 wrote: | Perhaps the ads help make it cheaper | paradaux wrote: | There is no universe where Wizz is earning PS10 per visitor | booking a ticket through their website. Ads are dollars or | parts of a dollar per thousand clicks | ErikVandeWater wrote: | It identifies passengers that are not price sensitive. | Price sensitive customers are subsidized in all airlines by | overcharging customers that are not price sensitive (e.g. | business class). | jacquesm wrote: | Anybody flying Wizz Air is price sensitive. | jltsiren wrote: | On some routes, there are no alternatives to low-cost | airlines if you want a direct flight. For example, when I | flew from Prague to Milan a couple of months ago, the | options were basically Wizz Air and Ryanair. | tomrod wrote: | Someone at Wizz skipped the statistics lesson on | variance. There is no way an adblocker accurately | identifies price sensitivity outside of qualitative | handwaving. | krisoft wrote: | > There is no way an adblocker accurately identifies | price sensitivity outside of qualitative handwaving. | | Perhaps they are banking on this information becoming | public knowledge, so it can become a signal? :) | [deleted] | gruez wrote: | Why not? It seems at least somewhat plausible that people | who know about ad blockers are technically savvy and | technically savvy people do better in the job market, | therefore higher income and lower price sensitivity. | tomrod wrote: | Correct. Your comment is qualitative handwaving, an | armchair speculation that sounds plausible. Is that | enough justification to pend off eventual discrimination | lawsuits? I personally doubt it. | | Very few companies have the analytics maturity to use A/B | testing in production to prove your hand-waving assertion | without the effect failing sensitivity checks. And by | very few, I point to the ones that hire economists and | eocnonetricians en masse as having an inkling and trying | to work this out in the ad tech space. | goldcd wrote: | Maybe not a loss from adverts as you book - but knowing | when somebody is going to arrive in a city is worth an f'in | fortune to hotels looking to shift unsold rooms. | jpalomaki wrote: | Might be valuable if you can monetize the information that | this person is looking to travel to certain location at | certain time. | | To my knowledge, there's different systems that are | collecting this kind of information and then driving highly | targeted marketing based on that. | dalbasal wrote: | First, perhaps not. In that case, the budget airline | mindset kicks in: if some people are willing to pay for | something, charge differentially. | | However, I wouldn't be so sure that PS10 per _user_ isn 't | the actual value of the ad impressions _and data_. Users | who would pay to opt out of ads aren 't a random sample. | They're adblock using airline ticket buyers who paid for | some sort of premium experience. Could easily be a premium | segment. | | Advertising is valuable, and that value isn't evenly | distributed at all. | bhedgeoser wrote: | Google is the only thing losing a lot of money because of | adblockers. They told them to do it? | ErikVandeWater wrote: | Yes, also, all airlines have ads visible to you. The name on | of the airline is a big billboard on every plane. It's not | actually necessary. I'm honestly surprised airlines don't put | more ads on their planes, but perhaps there is some | regulation preventing that. | loloquwowndueo wrote: | More ads? | | "We ask that you pay attention to the security presentation | - which conveniently is now bookended by ads that of course | cannot be skipped and since audio comes out of the plane's | PA, everybody has to put up with". | rad_gruchalski wrote: | The sefaty presentation will continue after an add. | teeray wrote: | Or, it could be the same price, but an airline MBA wants to | squeeze out some ad impressions from you along with your | full-price ticket. | peoplefromibiza wrote: | it doesn't make sense anyway. | | Me blocking ads should make flights less cheap for everybody, | not more expensive only for me. | | Ads are not part of the deal when I am buying flight tickets. | | Unless they can prove me blocking ads costed them 10 pounds | and I have accepted those terms. | comprev wrote: | When flying with Ryanair you're bombarded with ads - from | car hire, to package holidays in hotels, to meal bundles | and even scratch cards (!!) | | All the products/services are Ryanair branded mind but it's | still quite full-on. | peoplefromibiza wrote: | > you're bombarded with ads | | what you call ads it's actually called upselling. | | I can buy none of those items and the price of the ticket | will not increase. | | I do not travel Ryanair because I cannot skip the in | cabin ads. | | But even if I did use their services, wearing noise | canceling headphones would not cost me more. | acka wrote: | > what you call ads it's actually called upselling. | | Are you sure you don't mean cross selling? IIUC upselling | means trying to sell a customer a more expensive version | of their chosen product, while cross selling means trying | to sell extra products which combine well with the | customer's chosen product. | inferiorhuman wrote: | You get all that shit with United (and I suspect other | American based carriers) too. It's tacky but that's | modern air travel for you. | gaze wrote: | This is never how it works out. The ticket price is set to | what people will pay for it. Everything else -- ads and all, | are just additional profit. | mym1990 wrote: | This is really really reductive. There is a range of prices | that people will pay, and the final ticket price is | probably a a study of how long it would take to pay off a | project with a range of demand levels. As a plus, | advertising is more effective with more traffic, so lower | prices to get more demand and offsetting that with ads | could be worthwhile. | | Now tbh, I have no idea if this is how it works. Just my | own reasoning about things. | dehrmann wrote: | Isn't this what we've been asking for? They either make $10 | selling you info to marketers or you pay extra? And this is an | ultra low-cost carrier. It's almost expected. | josephcsible wrote: | No, we've been asking for a _choice_ between seeing ads _or_ | paying. This is _both_ seeing ads _and_ paying. It 'd only be | what we asked for if people who didn't use adblockers got their | plane tickets for free. | klabb3 wrote: | Adblockers are also used to prevent tracking. You can be | opposed to tracking without being opposed to ads and vice | versa. | jacquesm wrote: | No, it is entirely unexpected and labeled in a misleading way. | If they had opened with 'we are going to charge you $10 extra | if you don't disable your adblocker' that would be one thing | (that would likely piss off a lot of people but at least it | would be above board). | wumpus wrote: | The ad revenue is worth pennies, and the "choice" of using an | adblocker vs paying 10 pounds extra is pretty invisible. | | Neither of these are what anyone asked for. | jonnycomputer wrote: | How about this. You land on the site, and there is a popup that | says, "If you allow us to show you ads while you're shopping, | we'll give you l10 off the ticket price!" | [deleted] | ninefathom wrote: | When I got down to Wizz Air's statement about "bugs in | adblockers" making browsers "act unexpectedly" thereby triggering | the robot detection code, I was reminded of the robot detection | functionality in a very common enterprise WAF middle-box that | injects background JavaScript on the page to detect bots. The | code supposedly produced no user-visible change but would | participate in some SOAP challenge/response fluff. | | We ended up never deploying it because the false positive rate | was absurdly high- on the order of 38% or so- with no tuning | options available (short of falling back to a captcha). Having | said that, I'd expect that this is a very common practice. I also | suspect that blaming the ad blockers for lazy middle-box usage | (if indeed that's what this particular case proves to be) is | _not_ going to age well. | jacquesm wrote: | That's pretty close to an admission of incompetence. | [deleted] | [deleted] | squeaky-clean wrote: | I used to work for an airfare marketing company. We would get | our 3rd party scripts onto an airlines booking engine to be | able to run our own analytics and gather data for ads. We'd | mainly collect things like prices, number of available seats, | etc, because it turns out airlines can't really give you those | answers through an API without it costing too much, so we | piggybacked on real customer searches. | | Almost no one in the office ran adblockers, which was weird to | me. When our analytics traffic dropped by like 50% one day, I | was the only one to notice that our domain made it onto | EasyList. | | I created a GH issue about it, had a productive chat with a | maintainer about what data we collected, and which data they | thought was PII. If we wanted our domain unblocked we could | remove the PII data from the requests, or create a secondary | domain that only received the non-PII data. | | We were gathering data that was not legally considered PII by | something like GDPR, but I understand why an adblocker would be | even more strict than the legal minimums. I brought this up | with the executives and instead they tried to threaten the | maintainers of the block list and tried to educate them on how | "technically this isn't personally identifiable data according | to this legal spec". | | The maintainers stopped responding (rightfully so) and our data | collection was forever halved. | unethical_ban wrote: | You might say the WAF was Imperva-ious. | | I remember an instance where Lowe's website was broken on the | corporate network. Our proxy re-arranged the order of HTTP | content headers from the site, and Akamai took it as malicious | behavior. | capitainenemo wrote: | Lowes website has been 100% broken for me ever since I | enabled Resist Fingerprinting in Firefox. | | I can load exactly one page, but on any navigation or refresh | I get: | | ===== | | Access Denied You don't have permission to access | "http://www.lowes.com/" on this server. Reference | #18.cc69dc17.1661724957.fe4ef4 | | ==== | | Result, unless I use the profile with fingerprinting enabled, | I just have to buy elsewhere. | | Drupal.org triggers "prove you're not a robot" every few page | navigations with Resist Fingerprinting enabled. Walmart.com | too. | | Fedex package tracking errors (seemingly due to the API | server refusing the connection) if resist fingerprinting is | enabled. Amusingly if you use the website help bot and say | "track XXXXX" that _does_ work to get some basic information. | gruez wrote: | I have RFP enabled and it works fine for me. I did get the | "Access Denied" error you mentioned on my first try, but | after switching VPN servers it worked fine. | capitainenemo wrote: | On Lowes.com? Retest in a clean profile. Seems that once | they trust you you are ok for a while, at least from a | friend's test, who was able to reproduce in a clean | profile. But maybe it is IP linked and takes a little bit | to accumulate. Did you just enable | privacy.resistFingerprinting recently? | | Also. Doublecheck that it is enabled. Also, I'm using | Nightly firefox. It may be the resist fingerprinting is | more robust there. | | BTW, this isn't using a VPN or anything that might seem | suspicious. Just my bog standard US broadband. | mort96 wrote: | For the last one, make sure it's not on your end. I've seen | order tracking HTTP requests be blocked by uBlock Origin | simply because the URL contains `/tracking` or something. | capitainenemo wrote: | This is in a profile with no addons, and only Resist | Fingerprinting enabled. Also had it confirmed by someone | else. Should be fairly easy to reproduce. Just create a | clean profile and access tracking with Resist | Fingerprinting enabled in about:config | | Also the symptoms are identical to Lowes.com: | https://api.fedex.com/track/v2/shipments | | ======= | | Access Denied You don't have permission to access | "http://api.fedex.com/track/v2/shipments" on this server. | Reference #18.946bdc17.1661726294.3996e59c | | ====== | ninefathom wrote: | Not quite, but I've used that one before as well. I suspect | many of them offer similar(ly naive) functionality. | jacquesm wrote: | Is this even legal? | | I know the EU has an anti-price discrimination policy based on | location, so that probably does not apply, but I don't think they | thought anybody would be crazy enough to do this. | | Calling it a 'System Surcharge' seems highly misleading and one | of the things the EU tends to come down on like a ton of bricks | is misleading line items in service charges. If they had called | it an 'adblock surcharge' they might get away with it but this | seems entirely on purpose. | gpderetta wrote: | Probably not. Additional mandatory charges on top of the | advertised price are not legal. Airlines get fined periodically | for these reasons, but they keep on doing it anyway. | Bilal_io wrote: | Perhaps they're not being fined enough. | mort96 wrote: | Probably. When the fine is less than the gain, it's not a | fine, it's a cost of doing business. | xattt wrote: | "It was a system error brought on by unapproved use of our | website, honest!" ___________________________________________________________________ (page generated 2022-08-28 23:00 UTC)