Predict your next investment

INTERNET | Internet Software & Services / Advertising, Sales & Marketing
paxfire.com

See what CB Insights has to offer

Founded Year

2003

Stage

Unattributed VC | Alive

Total Raised

$2.13M

Last Raised

$2.13M | 16 yrs ago

About PaxFire

Paxfire is the proven industry leader in monetizing Address Bar Search and DNS Error traffic for Network Operators. Through the company's carrier-grade technology, the company generate millions of dollars a month in new advertising revenue for the company's partners by enabling them to participate in the booming $20 billion a year search advertising market. The company's service aims to improve the end-user browsing experience and can be deployed rapidly across all network types at no cost to the Network Operator.n

PaxFire Headquarter Location

45665 Willow Pond Plaza

Sterling, Virginia, 20164,

United States

703-435-6375

Latest PaxFire News

Paxfire: our search query intercepts are not wiretapping

Sep 13, 2011

Photograph by George Oates Last month we covered the controversy over Paxfire, a firm that researchers have accused of "hijacking" search results by placing a proxy server between users and major search engines and modifying some responses. Paxfire and one of its customers, RCN, was soon hit with a class-action lawsuit claiming that the use of search hijacking violated the Wiretap Act, consumer protection laws, and RCN's contractual obligations. Now Paxfire has responded with a countersuit, charging the lead plaintiff, Betsy Feist, with slander, libel, and tortious interference with its business relationships. Paxfire strenuously denies that it shares user information with third parties. It argues that its actions don't constitute interception of user communications under wiretapping law and that users consented to Paxfire's activities when they signed RCN's acceptable use policy. Paxfire asked the court to award it compensatory and punitive damages of at least $50 million. Ars talked to Mike Sullivan, Paxfire's vice president for engineering, about Paxfire's technology. In this article, we'll describe the technology Sullivan explained to us, discuss whether Paxfire's actions pass muster under federal wiretapping laws, and conclude with an analysis of whether the technology is good for users. Error correction Originally, Paxfire simply offered technology to help ISPs to monetize invalid DNS queries. When a user entered a nonexistent domain name into the URL bar of his browser, Paxfire's DNS server would direct the user to a Paxfire-sponsored page of search results rather than returning an error message. This search page would generate advertising revenue, which Paxfire would share with its ISP clients. This practice has been criticized by some as a violation of network neutrality, but it's becoming increasingly common and isn't generally regarded as being against the law. Then (from Paxfire's perspective at least) browser vendors began encroaching on Paxfire's turf. Some browsers began merging the functions of the address and search bars. If the user entered an invalid URL into the address bar, the browser itself would interpret it as a search term and automatically submit it to a search engine. Google's Chrome takes this trend to its logical extreme, eliminating the search bar entirely in favor of a combined address/search bar. This reduced demand for Paxfire's DNS error-correction "service. " Apparently seeing a threat to its business model, Paxfire took an aggressive countermeasure. Its DNS servers began responding to queries for the IP addresses of search engines with the IP address of proxy servers operated by Paxfire itself. That effectively made Paxfire a "man in the middle" between the user and search engines. For most queries, the proxies would simply relay the query to the appropriate search engine and send the result back to the user. But the proxy server would handle a limited number of queries itself. For example, if the user searched for "apple," the proxy server might redirect the user to apple.com. This allowed Paxfire to claim a referral fee that might otherwise have gone to the user's chosen search engine. Paxfire shares the resulting revenue with the user's ISP. In his conversation with us, Sullivan stressed two points about this technology. First, it's highly customizable, and the final decision about how (and whether) to use the proxying capability is up to each individual ISP. Second, he said, the technology is conservative about which queries get redirected. By examining query parameters, Paxfire's proxy server can detect whether a query was generated from a search engine home page, from the search box in the browser's chrome, or from a browser's unified search/address bar. Sullivan said Paxfire servers only intervene in this final case. He said that if a user goes to google.com and enters search terms, the user will always get ordinary search results, as expected. Finally, Sullivan flatly denied the allegation that Paxfire shared the contents of queries with others. "We don't give any information to any third parties," he said. Is this wiretapping? So is this legal? To help us answer that question, Ars talked to Julian Sanchez, a privacy scholar at the Cato Institute (and Ars Technica alumnus). He told Ars that it's complicated. Federal law distinguishes between addressing information and the content of communications, with the latter receiving stricter legal protection. "To run afoul of the Wiretap Act, Paxfire and the ISP would have to be 'intentionally' divulging or intercepting 'content' without consent," Sanchez said. "If they were redirecting or logging queries from the Google-branded search bar, I think that would pretty clearly be an interception of the contents of a communication whose intended recipient was Google. " However, if a user types "apple" into the browser's unified search/address bar, it's not clear if the user considers "apple" to be a search term or an address. If the user is trying to go to Apple's website, then "apple" could be addressing information. "Depending on the details of what they're doing, the companies might be able to argue that they're only looking at faulty or incomplete addressing information in an effort to get a web request to its intended recipient. " Paxfire also argues that its service is legal because users consented to it via Paxfire's agreements with ISPs. But Chris Soghoian, a security researcher at Indiana University, rejected that argument. He noted that users rarely read the fine print of privacy policies, and tend to assume that the existence of privacy policies means their privacy is protected. Sanchez agreed. "I think they'd have an uphill battle trying to lean on vague legalese buried in the ISP terms of service to claim 'consent,'" he said. "Providers can't disavow liability under the Electronic Communications Privacy Act that easily. " Maybe not illegal, but definitely bad for users The best that can be said for Paxfire is that the company is operating in a legal grey area. There's limited case law about what exactly counts as wiretapping in a packet-switched network, and the Paxfire case may give the courts an opportunity to establish clearer principles on the topic. But whatever the outcome of the legal debate, we think it's clear that Paxfire's "service" is bad for users. The Internet was designed with an end-to-end architecture for good reasons. The user experience should be controlled by users, the browsers they choose to run, and the websites they choose to visit. Paxfire's technology undermines that principle by giving themselves the ability to tamper with search results as they traverse the Internet. Even if Paxfire's proxy servers never modified communications between users and search engines, the unnecessary man-in-the-middle would still add unnecessary complexity, degrading performance and creating unnecessary security risks. And Paxfire admits it does sometimes modify requests as they flow across the network. While the specific modifications Paxfire makes seem relatively innocuous, the principle is a dangerous one. Users shouldn't have to worry about ISPs tampering with their communications. Update: After our conversation, Sanchez did some additional reading on the Paxfire case. "On a first pass, it sounded like they were probably clear legally," he writes. "Now I think that’s likely wrong. "

Predict your next investment

The CB Insights tech market intelligence platform analyzes millions of data points on venture capital, startups, patents , partnerships and news mentions to help you see tomorrow's opportunities, today.

Expert Collections containing PaxFire

Expert Collections are analyst-curated lists that highlight the companies you need to know in the most important technology spaces.

PaxFire is included in 1 Expert Collection, including ad tech.

a

ad tech

3,632 items

PaxFire Patents

PaxFire has filed 4 patents.

patents chart

Application Date

Grant Date

Title

Related Topics

Status

8/14/2009

1/3/2012

Natural language processing, Computational linguistics, Information retrieval techniques, Bibliographic databases and indexes, Information science

Grant

00/00/0000

00/00/0000

Subscribe to see more

Subscribe to see more

Subscribe to see more

00/00/0000

00/00/0000

Subscribe to see more

Subscribe to see more

Subscribe to see more

00/00/0000

00/00/0000

Subscribe to see more

Subscribe to see more

Subscribe to see more

Application Date

8/14/2009

00/00/0000

00/00/0000

00/00/0000

Grant Date

1/3/2012

00/00/0000

00/00/0000

00/00/0000

Title

Subscribe to see more

Subscribe to see more

Subscribe to see more

Related Topics

Natural language processing, Computational linguistics, Information retrieval techniques, Bibliographic databases and indexes, Information science

Subscribe to see more

Subscribe to see more

Subscribe to see more

Status

Grant

Subscribe to see more

Subscribe to see more

Subscribe to see more

CB Insights uses Cookies

CBI websites generally use certain cookies to enable better interactions with our sites and services. Use of these cookies, which may be stored on your device, permits us to improve and customize your experience. You can read more about your cookie choices at our privacy policy here. By continuing to use this site you are consenting to these choices.