Bonum Certa Men Certa

More Microsoft Cashback Flaws, Cashback Actually a Throwback, Internet Explorer Gets More New Flaws (Zero-Day)

Cash register



Summary: Microsoft's plan to "bribe" users of its search engine are flawed and are actually costing more than they save; New risks for Internet Explorer users

LAST WEEK we wrote about a Cashback flaw that led Microsoft to intimidating and harassing a blogger rather than fixing the problem [1, 2]. Mike Masnick writes about this leading to the revelation of only more problems.



I'd been meaning to write this up for about a week, but finally got it around to it, just in time to add some additional info. First up, though, comes the news that Microsoft's legal department demanded a blogger remove a blog post about flaws in Bing's Cashback offer (Microsoft's attempt to bribe users to search via Bing instead of Google). One of the methods for the cashback offer involved pixel tracking, and blogger Samir Meghani noted that this was easily gamed to post fake transactions to your account. He also noted problems with the way Microsoft used sequential IDs, allowing potential scammers to "deny cashback rebates to legitimate users by using up available order ID numbers." Instead of dealing with these flaws, Microsoft lawyers sent a cease-and-desist and forced the blog post offline. I'm actually quite surprised this hasn't received a lot more attention.


According to this new report, Bing cashback can actually be negative, i.e. only giving an illusion of savings.

So, if I go directly to butterflyphoto.com, I pay $699 with 0% cashback. If I use Bing Cashback, I pay $758 with 2% cashback, or $742.84. Using Bing cashback has actually cost me $43.84, giving an effective cashback rate of -6.27%. Yes, negative cashback! Is this legal? False advertising? I don’t know, but it’s pretty sketchy.

The problem doesn’t end there. Using Bing has tainted my web browser. Butterfly Photo set a three month cookie on my computer to indicate that I came from Bing. Any product I look at for the next three months may show a different price than I’d get by going there directly. Just clicking a Bing link means three months of potentially negative cashback, without me ever realizing it. I’m actually afraid to use their service even just to write this, because it may cost me money in the future. If you’ve been thinking about trying out Bing Cashback, you may want to rethink that.

To be fair to Microsoft, they aren’t offering negative cashback on every item at every store, but I know of more than a few instances. Let’s see if/when they decide to remove this “feature.”


So, it turns out that there is this other flaw in Cashback, albeit of a different kind. And a few days ago we wrote about an Internet Explorer 6/7 zero-day flaw which Microsoft finally confirms.

Microsoft has published Security Advisory (977981), confirming reports of a "zero day" vulnerability in Internet Explorer 6 SP1 and IE7. If you were thinking of upgrading to IE8, this would be a good time to do it. Microsoft says there have been no known attempts to exploit the security hole, but this could change at any time.


Another major bug in Internet Explorer is said to have just leaked private details from 50 million PDF files.

A bug in Microsoft's Internet Explorer browser is causing more than 50 million files stored online to leak potentially sensitive information that could compromise user privacy, a security researcher said.


As another last item, Cameron Neylon is quoted as follows: "would you...contribute to a survey on tech uptake...survey only available to those using Windows and IE"

Glyn Moody asks: "possible bias?"

Well, of course. Many surveys are just like that. By selecting the population that they reach they can impact ("cook") the outcome. Microsoft does this a lot to discredit competition.

Recent Techrights' Posts

Who Imitates Who? Plagiarist as Client (From Microsoft), 'Plagiarism' at the Law Firm?
let's revisit the subject
Links 10/06/2025: Jaws at 50 and US Democracy Crushed Very Rapidly (Martial Law Seems Imminent)
Links for the day
Abuse Inside the Polish Patent Office (UPRP) - Part VII: Washing Their Hands After Corruption and Abuse
"Tragedy or comedy?"
Culling Bad RSS Feeds of Bad Sites
Not throwing out the baby with the bathwater
 
IBM's CEO Roasted, Sizzled and Grilled for Dumb and Inconsistent Vapourware Promises
It looks like being a chronic liar is what it takes to lead the company once synonymous with computing
IBM's Goal Is Not (and Never Was) Computer Users' Freedom
More than 1.5 decades ago I found IBM to be an "ally of convenience" because of OpenDocument Format (ODF)
Wayland Shows the IBM/Red Hat Way of Doing Things
IBM is trying to 'kill' X
GitHub is Proprietary, Controlled by Microsoft, and GPL Violation Warehouse
"IRS tax filing software [will be] released to the people as free software" ... In general this is good news
Slopfarm Catastrophe
Seems like BetaNews (or BetaNoise) has just suffered a major data loss and restored the site from a week-old backup
Abuse Inside the Polish Patent Office (UPRP) - Part VIII: Illegal Working Conditions
How many people need to die for these people to get their massive salaries?
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, June 10, 2025
IRC logs for Tuesday, June 10, 2025
Links 10/06/2025: Apple Hype and Physical Attacks on Bloggers
Links for the day
Gemini Links 10/06/2025: Loon Lake, Farming, and Forth
Links for the day
If 'Microsoft v Techrights' is Dealt With by a 'Microsoft Court' (or a Court Outsourced to Microsoft)
More on that later
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, June 09, 2025
IRC logs for Monday, June 09, 2025
Gemini Protocol Turns Six in 10 Days From Now
If you haven't tried it yet, then give it a go today
Live as You Preach
technology is fast becoming dysphoric
Gemini Links 09/06/2025: Addition Addiction and Nitride
Links for the day
Links 09/06/2025: Science, Hardware Projects, and Democracy Receding
Links for the day
Computers Got Smaller, So GNU/Linux Got Bigger
Many people here recognise the lack of urgency (or need) to get expensive new laptops
BetaNews is a Plagiarism and LLM Slop Hub, the Chief Editor Isn't Addressing This Problem Anymore
SS Fagioli is basically a parasite leeching off or exploiting other people's work
Links 09/06/2025: Chaos in Los Angeles and Hurricane Season
Links for the day
GNU/Linux Grows at Windows' Expense and Microsoft Trolls Infest and Maliciously Target Articles About It
Microsoft is - and has long been - organised crime
They Say I'm Mr. Bombastic
They didn't take good lawyers
Links 09/06/2025: Windows TCO and Many Data Breaches
Links for the day
Abuse Inside the Polish Patent Office (UPRP) - Part VI: Political Stunts by Former President Edyta Demby-Siwek and the Connection to Profound Corruption at EUIPO
it's like a money-laundering operation where one politician rewards another at taxpayers' expense
Gemini Links 09/06/2025: Pipelines and Splitgate
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, June 08, 2025
IRC logs for Sunday, June 08, 2025