Honey's Dieselgate: Detecting and tricking testers

Original Article ↗ Hacker News Discussion ↗

Article access and site behavior

  • Several readers had trouble with the original site (5xx errors, connection resets) likely due to a traffic spike; others found the archived page unusable because of constant reloading and scrolling.
  • Multiple commenters recommend disabling JavaScript by default on unknown sites to avoid annoying behavior and make pages readable.

What Honey allegedly did

  • Honey’s browser extension injected its own affiliate codes at checkout, overriding others’ affiliate links and taking their commissions.
  • It collected discount codes users manually entered, including sensitive ones (e.g., employee discounts), then allegedly used that data to pressure merchants to remove those codes.
  • Honey was supposed to “stand down” when an existing affiliate link was present but implemented a “selective stand down”: heuristics identified likely affiliate-network testers and only behaved correctly for them, while typical users saw the commission hijack.

Severity, analogies, and legality

  • Some see the behavior as clear fraud/wire fraud, especially because of the intentional tester‑evasion logic.
  • Others argue the “Dieselgate” comparison overstates importance; they suggest Uber’s “Greyball” is a closer (though still less public) analogy.
  • A few downplay the overall harm, noting the main fight is “which marketing company gets the kickback,” not direct consumer injury.

Affiliate marketing and adtech skepticism

  • Multiple commenters describe the affiliate ecosystem as “cancerous,” built on surveillance and arbitrage, and say the web would be better if it disappeared.
  • One practitioner reported turning off all affiliate commissions at a major telco; traffic dipped slightly but sales did not, suggesting affiliates were claiming credit for organic demand.
  • Several note Honey has long been seen as scummy and that such tricks (e.g., cookie stuffing) are decades-old.

Malware or not?

  • Some call Honey “textbook malware” or “spyware” for hijacking affiliate tags and uploading coupon codes.
  • Others counter that it operates client-side, doesn’t match strict spyware definitions, and Chrome Store approval shows platforms don’t treat this as malware (though store vetting is seen as weak).

Engineer ethics and complicity

  • Strong debate about how engineers justify building features like “selective stand down”:
    • Explanations include economic anxiety, replaceability, and “someone else owns the moral responsibility.”
    • Others insist professionals must refuse unethical work; many share anecdotes of declining jobs or leaving roles (e.g., gambling, weapons, exploitative finance/marketing) on ethical grounds.
  • Broader threads connect this to capitalism’s incentives, consumer preference for low prices, and graduated moral culpability across the system.

Miscellaneous reactions

  • Some were initially disappointed, expecting a story about real honey adulteration, not a browser plugin.
  • Discussion references earlier YouTube investigations that first surfaced the Honey allegations and renewed attention with recent follow‑up videos.