Hacker News new | past | comments | ask | show | jobs | submit login

It's tricky, and depends on exactly how they represented their actions. They did send traffic to ebay, but it was worthless traffic.

Also, legally it's only fraud if the victim doesn't know you're lying. I'm not at all convinced that was the case here.




They _didn't_ send traffic. They just set cookies and waited for people to go to eBay who would have anyways.


By my reading they used iframes (or maybe img) to literally send traffic to eBay, and it was eBay's servers that set the cookie. As far as I understand it you can't set a cookie on a domain you don't control. But I admit I might be wrong, the article is confusing on the technical details.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: