What are the worst websites for dodgy privacy, hidden fees and unpleasant users? Robert Irvine names and shames 10 of the most notable offenders
The biggest names on the web are usually popular for good reason: they’re often cheaper than their rivals, offer the most interesting content, or they simply do what they do better than anyone else does. But even the most successful websites – and sometimes especially those that have made it to the top – have a dark side, where they submit to the temptation to abuse their power or cynically exploit their users.
In this feature, we lift the lid on 10 of the top 200 most visited websites in the UK, as measured by traffic-analysis company Alexa (see the Top Sites in United Kingdom list at bit.ly/topsites379) to investigate some unsavoury practices. These include charging unreasonable fees, using privacy policies that compromise your data, exhibiting lax attitudes towards security and turning a blind eye to offensive comments under the guise of free speech.
If you feel that any of our choices are controversial, feel free to let us know, and tell us if you think we missed any sites that should have been included.
tumblr.com
What’s wrong with it?
Tumblr represents everything that’s wrong with the web: it gives free rein to damaged and destructive people to post unpleasant content, with no regard for who might see it; user accounts are frequently hacked, both individually and in large-scale cyberattacks; and, despite being owned by Yahoo (see separate entry), which paid a ludicrous $1.1 billion for it in 2013, it’s one of the laziest, low-rent social networks you’ll ever come across.
In 2012, Tumblr promised to ban self-harm blogs that encourage such dangerous (sometimes fatal) actions as self-mutilation, suicide and anorexia, following widespread criticism in the media (bit.ly/tumblr379). And yet it’s still easy to find ‘tumblrs’ with names such as Self-Harm Addiction, Suicidal Thoughts and Skinny Is As Skinny Does, all of which belong to (and are presumably read by) vulnerable and disturbed teenagers.
What to use instead:
WordPress (wordpress.com) is still the best option for a simple but sophisticated blog, although it’s had its fair share of hacks in recent years. Soup.io (soup.io) is closer to Tumblr’s anythinggoes spirit but be warned – some of its content is very risqué!
If you must use Tumblr:
You can help to clean up Tumblr by reporting unacceptable content. Click the three-dots icon below the post, choose ‘Flag this post’ and specify a reason why you object to it, such as “This violates Tumblr’s community guidelines”. You can also block the offending tumblr from following you.
www.yahoo.co.uk
What’s wrong with it?
You may be under the impression that most people have already stopped using Yahoo, but it’s notably still the fifth most popular site in the world and the eighth most visited in the UK. We’re not sure why because – Flickr aside – Yahoo ceased to innovate long ago and only gets attention these days when something bad happens. For example, in January last year, a huge database containing Yahoo Mail usernames and passwords was hacked, forcing millions of users to reset their login details. This followed reports a few weeks before that Yahoo’s advertising network had been compromised and was serving up malware-infected ads – or ‘malvertisements’ – which directed users to websites that tried to install malicious software.
Shockingly, this happened again last month, when Yahoo suffered another ‘malvertising’ attack that exploited vulnerabilities in Flash to infect users’ computers. These ads only needed to be viewed, not clicked, to spread an alarming combination of ransomware and ad-fraud malware that hijacked users’ browsers. As Oscar Wilde may have quipped, to be hacked once may be regarded as a misfortune, but to have it happen time and time again looks like carelessness.
What to use instead:
It’s boring but true that Google offers similar and mostly better alternatives to all Yahoo’s main services, including search, webmail and photo-sharing. It also takes hacking more seriously than Yahoo appears to, offering researchers prize money if they successfully hack its products.
If you must use Yahoo:
Given Yahoo’s tendency to fall prey to malvertising scams, we’d recommend using an ad blocker such as Adblock Plus or uBlock Origin when visiting its websites. Yahoo is worth $39bn, so don’t feel too guilty about denting some of its ad revenues.
www.tripadvisor.co.uk
What’s wrong with it?
Like communism, TripAdvisor’s idealistic vision set out to put power in the hands of the masses rather than a bourgeois elite. Sadly, and also like communism, it’s been tarnished by unscrupulous individuals with their own agendas and ruthless powermongers who turn a deaf ear to corruption, dishonesty and coercion among its members. Admittedly, that’s a rather dramatic way to describe a hotel-and-restaurant review site, but TripAdvisor has long been plagued by fake reviews – self-promoting guff to bump up business and damning negativity to malign rivals – and petulant curmudgeons who delight in doling out one-star ‘Terrible’ reviews with no justification.
Yes, everyone has the right to complain about poor service and shoddy amenities when they’ve paid good money for a holiday or meal, but when criticism includes such ‘constructive’ comments as “the wallpaper was horribly dated”, “the tea was too strong” and “this is a review based on a stay that did not happen”, you can sympathise with the polite-but-exasperated tone of the management responses.
What to use instead:
TripExpert (www.tripexpert.com) collates professional hotel reviews from across the web and scores them out of 100. For consumer reviews, Yelp (www.yelp.co.uk) has a fairer community than TripAdvisor and recently merged with former rival Qype to make its service bigger and better.
If you must use TripAdvisor:
There are lots of honest, reliable reviewers on TripAdvisor – the trick is to spot the fakes and ignore them. Beware of overenthusiastic raves and childish rants; check users’ comments on other entries via their profiles; and give more weight to reviews that include specific details, such as what the person ate rather than a general complaint that “the food was awful”.
download.cnet.com
What’s wrong with it?
First off, we should point out that it’s the parent site CNET rather than Download.com that appears in the UK’s top 200 websites. However, since the two are interlinked, we think it qualifies for inclusion in this feature.
Described by tech-tips site How-To Geek as a “cavalcade of crapware”, Download.com has become notorious for bundling some of the free software it offers with its own installer, which comes with various dubious extras. This is made worse by the tool actively trying to trick you into installing ‘offers’, such as browser hijackers, by using tiny text and confusing phrasing.
Download.com states on its Software Policies page that it doesn’t accept software from developers that include “additional programs or third-party items that are not clearly disclosed in the product description, end-user license agreement, or installation screens”. But it does little to abide by its own rules.
Furthermore, the site displays a ridiculous number of ads disguised as Download buttons. In fact, you could accurately call it Download.com because of its devious attempts to foist unwanted software onto your PC.
What to use instead:
MajorGeeks (www.majorgeeks.com) may not have updated its design for 13 years, but it’s a great place to find all the latest downloads – and not just the most popular ones. Usefully, it labels software that comes with extras as ‘bundleware’, to forewarn you.
If you must use Download.com:
As a rule, if the Download Now button for a program has Secure Download below it, you’ll be fine, but if it’s labelled Installer Enabled you should click the ‘Direct download’ link instead. We’ve also found that downloading programs in Chrome seems to bypass the installer.
www.reddit.com
What’s wrong with it?
There’s something rather quaint about Reddit’s design, which hasn’t been touched since 2005, and the fact that the self-proclaimed “front page of the internet” doesn’t try to cash in on its 195 million users, other than through its ad-free Reddit Gold option. Delve into a few subreddits, however, and the site soon loses it charm as you uncover a hotbed of obnoxious and offensive views, unmoderated spam and obscene material. And that’s just for starters.
Controversial subreddits (now closed, thankfully) have included ‘r/fatpeoplehate’, ‘r/CoonTown’ and ‘r/beatingwomen’. Even William Shatner, who has in his time tackled Klingons, Tribbles and a gremlin on the wing of a jumbo jet, was shocked by Reddit’s ethics when he joined the site in 2013, telling users: “I am appalled by some of the immature, horrifically racist, sexist, homophobic, ethnic, etc, posts that are just ignored here. Why are these accounts still active?” (bit.ly/shatner379).
Reddit staff have previously defended the site’s unsavoury side by saying: “We stand for free speech. We will not ban legal content even if we find it odious or if we personally condemn it” (bit.ly/reddit379). However, negative coverage of the site earlier this year has apparently changed their minds and, last month, Reddit’s co-founder and CEO Steve Huffman announced a new policy of ‘quarantining’ that requires users to opt in if they want to see the type of content that “violates a common sense of decency”. The news was welcomed by some Reddit members, but others accused Huffman of making the site “worse for everyone else”.
What to use instead:
Strangely enough, the term ‘Reddit alternatives’ recently ‘trended’ on Google, implying that many users have had enough. Our pick would be Hubski (hubski.com), a more thoughtful and mature take on Reddit, but with a similar cheap-andcheerful design.
If you must use Reddit:
Despite the trolls and other losers, Reddit still has plenty of interesting and enlightening content. Search www.reddit.com/subreddits for a topic to find suitable subreddits, and then stick to those rather than straying into the less salubrious areas.
www.adobe.com/uk
What’s wrong with it?
Like Yahoo, Adobe seems to be a perennial target for hackers, whether it’s the notoriously flaw-ridden Flash, the bloated Adobe Reader or its own website. In October 2013, a reported 38 million Adobe usernames and passwords were stolen by hackers, a figure that is significantly larger than the company’s initial estimate of 2.9 million (which is still quite a lot). A month later, the number of affected accounts was revealed to be as many as 152 million, and a few weeks ago Adobe was forced to pay an undisclosed amount to settle customer claims regarding the breach.
Now, you may be thinking: well, that was nearly two years ago, surely it’s fine to use the Adobe site now? But it still unapologetically offers Flash Player for download, without warning that you “use it at your own risk”, and continues to bundle its outdated plug-in with the annoying McAfee Security Scan Plus. Many users have also complained about Adobe’s subscription charges for its Creative Cloud service, which renew automatically after the first year – at a cost of at least £102.30 – and charge you 50 per cent of the annual subscription if you cancel after the first 14 days.
What to use instead:
Adobe prides itself on being reassuringly expensive, but unless you’re a professional photographer or designer, you can get by with free image-editing software Paint.net (getpaint.net), which has a very lively and helpful online community.
If you must use Adobe:
Once a hacker’s target, always a hacker’s target, so make sure you change your Adobe password regularly and don’t use it across several sites. Also, read the small print before signing up for Creative Cloud.
instagram.com
What’s wrong with it?
Instagram is now the 26th most visited site in the UK, and it’s not even a proper website – more a way for the perpetually vain to post endless selfies tweaked with ‘trendy’ effects. From the online evidence, it seems many Instagram users aren’t particularly nice, either, posting spiteful comments about women’s weight and looks; making death threats against celebrities, politicians and schoolchildren; and – in a story reported last month (bit.ly/baby379) – stealing pictures from a young mother to mock up adverts offering her baby for sale. Nice crowd!
Instagram itself has been criticised for a privacy policy that implied it had the right to sell users’ photos without payment or notification. This has since been amended and it will now “only share your information as well as information from tools like cookies, log files, and device identifiers and location data, with third-party organisations”. So that’s alright, then.
Instagram accounts are also frequently hacked (a Google News search for ‘Instagram hacked’ brings up a staggering 2.9 million results) and the Facebookowned company is said to be very slow to respond to such security breaches.
What to use instead:
If you want to share your photos without some troll calling you fat or ugly, Flickr (flickr.com) remains the best option. It has a friendly community and offers 1TB of free online storage.
If you must use Instagram:
To its credit, Instagram makes it easy to block spammers, trolls and other pests. Just tap their username to open their profile and choose Block User. You can also choose to make your photos private, and report offensive users, pictures and comments.
www.thetrainline.com
What’s wrong with it?
Although Thetrainline saves you money on the escalating cost of rail travel by letting you buy tickets in advance, we feel it should be more upfront about its extra charges. It’s only when you click the Fees link, which is minuscule and hidden in the bottom-left corner of the homepage, that you discover you’ll need to pay from 25p to £1.50 on top of the price of your ticket, or £1 if you’re using the mobile app. There’s also a 2-per-cent transaction fee for paying by credit card (set at £1.50 for app bookings). Worst of all, if you need to change your ticket for any reason, you’ll need to pay a £10 charge. While this may be “standard across the rail industry”, the information doesn’t need to be so tucked away. Also, there are no refunds available for advance tickets.
Another frequent complaint is the Thetrainline’s poor customer service – just check its Facebook page for daily tales of woe, including difficulty in getting refunds; group bookings being split across different carriages; and “the worst call-centre staff I have dealt with”.
What to use instead:
Redspottedhanky.com (www.redspottedhanky.com) is quicker and easier to use than Thetrainline, and doesn’t charge you a credit card fee (there’s a flat-rate £1 booking fee). It also has a clear refunds policy, which it presents as an illustrated flow chart.
If you must use Thetrainline:
You can avoid some of the site’s fees by paying for your tickets using your debit card or PayPal; collecting them from the station; and booking from the browser on your mobile device rather than Thetrainline’s app.
www.amazon.co.uk
What’s wrong with it?
The one-stop shop for everything from angle grinders to Ziploc bags has destroyed more small businesses than the Luftwaffe and the last recession combined. Once Amazon started branching out from books, many companies went bust because they couldn’t compete with its low prices and huge range of stock – unless, of course, they were willing to play the game and sell their products through the online megastore. As many ebook authors have discovered, Amazon’s view of what constitutes a ‘fair cut’ of profits can cancel out the benefits of having access to its enormous customer base.
It’s well known that despite being worth around $250bn, Amazon managed to get away with paying minimal tax in the UK until May this year by funnelling its sales through Luxembourg. Its rather feeble excuse read: “E-commerce is a low-margin business and highly competitive, and Amazon continues to invest heavily around the world, which means our profits are low”.
In March, Amazon was censured by the Advertising Standards Authority for misleading customers into signing up for its Prime service without making it clear that they’d be charged £79 after the first month, and it prompted further anger in May by doubling its threshold for free delivery to £20.
All these tactics – and we haven’t even touched on the troubling allegations about its working conditions (see www.amazonanonymous.org for details) – suggest that, for all its choice, convenience and competitive pricing, Amazon is a bully. Its friendly veneer conceals a contempt for customers, retail “partners” and even its own workers, because ultimately all it cares about is money and how to gather data to make more cash – even to the extent of tracking you on other websites. True, a good business has to chase profits, but next time you receive an email containing exclusive “offers for you” or are enticed to “get yourself something” from your Wish List, see it for the cynical strong-arm tactic that it is.
What to use instead:
Amazon now has so many departments that no other single store can compete with its variety and value. However, for books (which was Amazon’s original focus, after all), you can install the Chrome extension Bookindy (bookindy.com), which lets you browse titles at Amazon and then buy from your local, independent bookstore, often for lower prices.
If you must use Amazon:
We don’t honestly expect anyone to stop using Amazon – we use it ourselves, praise its new app on page 32 and would be delighted if you bought our new Back Issues CD and Windows 10 MagBook from the store! But we’d advise you to reduce the data it gathers about you by going to Your Account, Your Browsing History Settings and clicking ‘Turn off browsing history’.
…AND OUR NUMBER ONE WEBSITE THAT YOU SHOULD STOP USING
www.ebay.co.uk
What’s wrong with it?
In Andrew Williams’ Star Email in the last issue of Web User, he observed that he couldn’t remember the last time we ran a feature about eBay – and he’s right. ‘eBay should stop time-wasting bidders’. Either this means we’ve been unfairly neglecting the online marketplace or there simply isn’t anything exciting to say about eBay anymore (clue: it’s the latter).
Although eBay’s familiarity can feel comforting, it ticks many of the boxes for what constitutes a ‘site to avoid’. You probably remember the catastrophic security breaches suffered by the site last year: in May, a cyberattack resulted in 145 million usernames and passwords being compromised and eBay’s slow response led to an investigation by the Information Commissioner’s Office (ICO, www.ico.gov.uk). Four months later, hackers used hijacked eBay accounts, many with ‘100 per cent’ feedback ratings, to post hundreds of fake listings for items including iPhones, televisions and clothes. Clicking these listings directed users to phishing sites where they were asked to log in and enter their bank details. The hacks exploited vulnerabilities involving the use of JavaScript and Flash in listings, but eBay stubbornly refused to block the plug-ins and instead blamed users for being careless with their passwords (bit.ly/ebay379).
Compounding eBay’s lax attitude towards security is its poor treatment of sellers in recent years, despite the fact that without them it would be just another online store. In its Spring Seller Update earlier this year, eBay reduced the number of free listings per month from 50 to 20 items, with the sweetener that if the item sells it will refund the insertion fee. It also altered the rules regarding eBay Stores to limit sellers to 150 free fixed-price (Buy It Now) listings rather than auctions. To occasional users, these might not sound like drastic changes, but to people who make their livelihood by selling high volumes of products through eBay, they’re far from welcome. Added to this, eBay takes a 10-per-cent cut of every sale, while sellers cannot leave negative feedback for buyers, which means they have no defence against time-wasters who don’t pay up on time, if at all.
The site also does a bad job of weeding out dodgy listings from fraudsters who take your money for items that don’t exist and disappear before you’ve had time to lodge a complaint. True, eBay offers a Money Back Guarantee for such scams, but you only have 30 days from the estimated delivery date to request the refund.
What to use instead:
Although it doesn’t get much attention these days, eBid (uk.ebid.net) is still going strong – when we visited, we found that there had been 358,222 new listings in the last 24 hours. We like that new sellers can pay a one-off fee of £49.99 to get free, unlimited listings and five free eBid stores for life.
If you must use eBay:
One recent change we like is the Click & Collect option, which lets buyers collect packages from more than 650 Argos stores across the UK. This eliminates delivery costs for both parties and means you don’t have to wait in for the postman or a courier.