plunder3d.net

Some technologists remain skeptical. Jon Callas, PGP’s chief technology officer, says:

Unless you use encryption, a customs agent can simply remove your laptop’s hard drive, plug it into another computer, and peruse its contents. There are plenty of programs, including Guidance Software’s EnCase Forensic, that let police extract every bit of data possible from that hard drive.

Fortunately, you have some technological defenses against overly snoopy border agents. Keep reading for our easy-to-understand, Homeland-Security-inspired, color-coded News.com Guide to Customs-Proofing Your Laptop. (And no, we’re not responsible if you end up cooling your heels in some Burmese prison for using PGP; check local laws and use good judgment.)

For stegonography to work it must be custom-built for you. Or you’re relying on the fact that the person searching for the data is stupid.

Another problem is that if customs agents have physical possession of your laptop and you can’t see what they’re doing, they can install spyware. (They have the technical ability to do so; let’s put aside for the moment in which circumstances they would have the legal authority to do so. Besides, in some non-democratic regimes, questions about due process are irrelevant.)

There’s more. You’ll want to delete cookies and browser-stored passwords for Web sites. Erase the cache and Web browsing history. Securely delete files not protected by the encrypted volume so they can’t be undeleted at the border. Here are still more tips.

If this customs official says, “Aha! I see you have a steganographic file system, tell me the other password,’ what do you do?” It is unsafe to use a product that has a steganographic file system since you can never prove you have no steganographic data…

Note: I’ll be doing a live chat on this topic on Thursday (today) at 11am PT / 2pm ET. Join us!

To guard against that, you can set aside a section of your computer’s hard drive to be encrypted. This is the simplest approach because not all the files will be encrypted; the operating system itself and, in most cases, applications you use will remain unencrypted.

Most people use encrypted volumes to do things like save sensitive files–think tax returns, bank and credit card statements, medical records, and so on.

So what’s left? Concealing the data in other ways. Bring your laptop with tourist snapshots and no steganography. Put your sensitive files on your camera’s memory card or your phone’s SD card; Sandisk’s 32 GB SD card is supposed to ship soon.

One answer is steganography, which means concealing data in a way that nobody even knows it’s there. It’s an electronic form of invisible ink. Data can be stored in MP3s, in videos, and even in apparently-empty space on the hard drive.

I have a rather negative opinion about steganographic file systems. I just flat don’t believe they work. I don’t believe you can hide the data so that nobody can find it…

If you travel across national borders, it’s time to customs-proof your laptop.

Turning off your computer is especially important for OS X users, at least until Apple patches a security glitch that keeps account passwords in RAM. In the default configuration, the account password is the keychain password and yields passwords to wireless networks, Web sites, accounts accessed via SSH, network-mounted volumes, etc.

These procedures are entirely legal, according to court precedents so far. A U.S. federal appeals court has ruled that an in-depth analysis of a laptop’s hard drive using the EnCase forensics software “was permissible without probable cause or a warrant under the border search doctrine.” One lawsuit is seeking to force the government to disclose what policies it follows.

This isn’t new. In 2004, Maximillian Dornseif showed how to extract the contents of a computer’s memory merely by plugging in an
iPod to the FireWire port. A subsequent presentation by Adam Boileau in 2006 expanded the FireWire attack to Windows-based systems; he released exploit code this month.

Executives have been told that they must hand over their laptop to be analyzed by border police–or be barred from boarding their flight. A report from a U.S.-based marijuana activist says U.S. border guards browsed through her laptop’s contents; British customs agents scan laptops for sexual material; so do their U.S. counterparts.

Why not? Unix-derived systems including Apple’s OS X store details about VPN usage and user login times in unencrypted form. Some applications including Thunderbird save working copies of documents in an unencrypted area (/tmp or /private/tmp) outside the home directory. And the contents of the computer’s virtual memory file may be readable as well.

The solution is to let the contents of RAM decay by turning off your computer and letting it sit for a few minutes. A test they did showed that, after five minutes, the memory contents had completely disappeared and could not be retrieved.

Customs officials have been stepping up electronic searches of laptops at the border, where travelers enjoy little privacy and have no legal grounds to object. Laptops and other electronic devices can be seized without reason, their contents copied, and the hardware returned hours or even weeks later.

There are at least three cases in which the Feds have, with a court order, installed spyware on a suspect’s computer. As encryption becomes more popular, so will the use of fedware. There may be no easy way to detect it–security software vendors generally say they will–short of booting off of a DVD or another trusted device and checking the operating system for tampering. Linux users can use a Knoppix CD or DVD for this.

One downside with encrypted drives is that they can be a huge blinking neon side to customs officers saying: “Contraband! Likely! Here!” Even if you’re law-abiding, an encrypted drive could mean unwanted hassles and delays, and the unpleasant prospect of customs officials preventing you from entering the country unless you type in your password. In the U.S., whether you can be compelled to divulge it by court order remains an unanswered question–and other nations may not observe such legal niceties.

Under OS X, according to a security guide (PDF) by Paul Day, setting an Open Firmware password disables physical memory access for FireWire devices. Here’s how to set an Open Firmware password.

Finally, there’s always the option of bringing your data across the border electronically–by securely downloading it once you and your laptop have made it safely past customs. It may not work for everyone, and extremely large files may make it unwieldy as an option, but it may be the safest and easiest way to travel internationally nowadays.

While you’re at Threat Level Orange, you might as well take some additional steps to harden your machine against other attacks. One of those is guard against having the entire contents of your computer’s memory siphoned off through FireWire.

Microsoft has included the BitLocker Drive Encryption feature in the Enterprise and Ultimate versions of Windows Vista. A perpetual license for PGP Whole Disk Encryption 9.8–often viewed as the gold standard of encryption products–for Windows costs $149. Macintosh users are out of luck for now, though PGP did tell us last month that whole disk encryption for OS X is “in active development.” Linux users have loop-aes and dm-crypt to choose from.

If they’re out to get you, or if you’re sufficiently paranoid to think they are, you’re at Threat Level Red.

Unfortunately, steganographic file systems are about as well developed as cryptographic ones were a decade ago–they’re still more of a laboratory curiosity than something that’s been thoroughly tested and built into commercial products. One exception is TrueCrypt, which offers two levels of plausible deniability, including a standard TrueCrypt volume that appears when you’re forced to give your “password,” and a hidden one that remains concealed.

Let’s assume you’ve already backed up your files before traveling in case your laptop gets seized for an indefinite period of time. The next thing to know is that merely setting an account password is insufficient.

For Apple OS X users, FileVault does this by seamlessly scrambling the contents of your home directory (to enable, select the Security panel in Preferences and also click the “Use secure virtual memory” option). PGP sells volume encryption software for OS X and Windows. There’s also the free TrueCrypt application, which runs on
Windows Vista, Windows XP, OS X, and Linux.

That brings us to Threat Level Orange, at which point you should encrypt everything. That means you won’t have to worry about whether applications leak data outside the virtual safe of an encrypted volume.

The information security implications are worrisome. Sensitive business documents can be stored in computers; lawyers may have notes protected by the attorney-client privilege; and journalists may save notes about confidential sources. Regulations like Sarbanes-Oxley, the Health Insurance Portability and Accountability Act, and Gramm-Leach-Bliley may apply. A 2006 survey of business travelers showed that almost 90 percent of them didn’t know that customs officials can peruse the contents of laptops and confiscate them without giving a reason.

The same advice as Threat Level Yellow holds for laptopping-across-the-border: shut down your computer for a few minutes to make sure the memory decays.

All these extra steps are irksome, and stem from the fact that Threat Level Yellow with an encrypted volume doesn’t completely protect you.

But encryption isn’t enough. Research published last month (”Lest We Remember: Cold Boot Attacks on Encryption Keys”) demonstrates how encryption keys can be extracted from a laptop that’s placed in sleep mode when the contents are retained in RAM. They haven’t released the software to extract the contents yet, but it’s not terribly difficult to write and you may not want to bet your privacy on government agencies being ignorant of this attack.

Eisner was speaking at the Digital Content Newfront, ad group Digitas’ take on the traditional television upfront event. The event, part of Internet Week New York, showcased online video content companies like 60 Frames, MySpaceTV, MTV New Media, Generate, Next New Networks, and Eisner’s own Vuguru. In the audience were loads of ad-industry types; Eisner’s goal was to convince them that video on the Web is worth the investment.

Eisner took a moment to ask Shapiro about what’s next at Veoh, which just raised another round of venture funding. “I think the key is discovery,” Shapiro replied. “In a world of 400 cable channels it’s hard to find something good to watch. In a world of a million shows it’s practically impossible.”

“I’m seeding what I think will be a future business,” Eisner explained. He’s been vocal in admitting that online video isn’t a profitable business yet. But it will be, he emphasized, and he wanted to position himself to be first in line when the money starts rolling in. “You have an option when you leave 40 years of a public company. You can continue being a dyspeptic, aging, wheelchaired, drooling, irrelevant executive, or you can put the word ‘new’ next to you.”

Eisner reiterated that big shifts in media historically don’t rake in money at first. He compared the rise of online video to cable television versus broadcast: “The highest-quality programming is now on cable,” he said, adding that basic cable is “no longer an ancillary market or a rerun market. The dollars are enough that it’s a primary market.”

He was interviewed on stage by Dmitry Shapiro, founder of Veoh Networks, the online video site in which Eisner is an investor. And Eisner affirmed to the advertisers and marketers present that despite its reputation as a cesspool of dogs on skateboards and cats on treadmills, new media isn’t all that new. “(Online video) has different dynamics in the technology, but it doesn’t have different dynamics in the terms of story. The same rules from cavemen to obviously the Greeks and Shakespeare…the idea of the story as we all learn in high school English and theater, those really will prevail in new media.”

Creating promotional series is one option for brands to make a few bucks off online video, Eisner explained. So is sponsorship. “Almost everybody working inside is nervous that you’re going to damage the brand,” he warned. “You have to take risks, and you have to know the line which you cannot go over.”

NEW YORK–As head of Web video studio Vuguru, longtime entertainment exec Michael Eisner has been on a sort of tent-revival tour for the past few years, preaching the gospel of Internet video. On Thursday, his audience was the ad industry, and he was there to tell them not to be fazed by disappointing revenues on Web video.

He couldn’t stress enough that advertisers should gear up and get ready to make big investments in the field. “It’s just beginning to happen. We now call ‘new media’ obviously broadband, Internet, whatever, but there was a time that new media was home video. There was a time that new media was TV. There was a time that new media was motion pictures in the nickelodeon theater.”

“The advertisers are recognizing how big the audience can be,” Eisner said. “My interest is getting in there before they explode.”

Michael Eisner

Vuguru debuted in 2007 with Prom Queen, a scripted series syndicated on MySpaceTV, YouTube, Veoh, and a whole host of other platforms. Eisner has been open about the fact that financially, it was not a success. But he’s kept going, with several new Veoh series including the Monkees-like The All-For-Nots, and a new comedy series centered on classic trading card brand Topps, which Eisner acquired. Called Back On Topps, it cast two comedians as fictional heirs to the Topps fortune and chronicles their run-ins with famous sports stars.

“The advertisers are recognizing how big the audience can be. My interest is getting in there before they explode.” –Michael Eisner

He also suggested that advertisers could build particularly creative advertising campaigns that tie specifically into the shows they’re placed with, finding a middle ground between product placement and traditional commercials. “The commercials that I believe could follow (videos) as long as they’re short, ten seconds…somehow had the ambiance of the same environment, the same story. The audience would get the point that the brand was somehow involved in the creative process,” he described. “So that would be not product integration and not a straight dropping-in of a ten-second spot, but a sensitivity to the environment. That’s something that’s never been done before.”

This looks like a simple bug in the system, perhaps the work of a bored Googler somewhere in the world. It only affects the English-to-Spanish translation; translations from English into other languages leave “Heath Ledger” intact, and “Tom Cruise” remains “Tom Cruise” in a Spanish-to-English translation. And the bug only appears to apply to the name “Heath Ledger,” as substituting a number of other actors’ names (Owen Wilson, John Travolta, Russell Crowe, Jake Gyllenhaal) also fails to yield “Tom Cruise.”

It’d all be pretty funny were it not for the terrible circumstances surrounding Ledger, 28, who was found dead after an apparent overdose of sleeping pills; there’s nothing tasteless about it, thankfully, but cracking jokes or hinting at Scientology conspiracies just doesn’t seem all that fitting. We’ve contacted Google for comment. But we’re guessing that this won’t be a very pressing issue for Mountain View.

Gawker has unearthed a rather odd bug in the Google Translate software: its English-to-Spanish translator converts the name of the actor Heath Ledger, who died tragically on Tuesday, to the name of another actor–Tom Cruise. So if you enter in “I will miss Heath Ledger,” Google Translate will come back with “Voy a perder Tom Cruise.”

UPDATE: Google representatives informed CNET News.com on Thursday that this “internal issue with Google Translate” has been fixed.

Meanwhile, in Hannover, Germany, on Monday, Microsoft CEO Steve Ballmer made a pitch for the existing offer.

CNET News.com’s Ina Fried contributed to this report.

There’s plenty of time for Bill and Sue to hang out. The shareholder meeting, scheduled for the first weekend in May (PDF), is a multiday affair that gives investors the option of also sipping on cocktails at fine-jewelry store Borsheims, a Berkshire Hathaway holding, and dining at Gorat’s Steakhouse.

And in America’s heartland, Microsoft’s Bill Gates and Yahoo President Sue Decker could break bread, or rather, dine on a juicy steak, while attending the shareholder meeting at Nebraska-based insurance and investment company Berkshire Hathaway, at which both serve as board directors.

The software maker, in its pursuit of Yahoo, has tried knocking on the Internet search pioneer’s front door, then banging with its unsolicited bid, and now it’s two weeks away from using a battering ram, should the deadline remain fast and firm to name an opposition slate to Yahoo’s board.

Yahoo’s nonexecutive board chairman, Roy Bostock, and Microsoft director Charles Noski both serve on the board of investment bank Morgan Stanley. With Morgan Stanley’s annual shareholder meeting coming up next month in New York, it seems to be as good a time as any for Bostock and Noski to be passing notes. (Just keep them away from the watchful eye of Morgan Stanley’s chief executive, John Mack, whose firm is representing Microsoft in its Yahoo bid.)

And who knows, maybe Warren Buffet, Berkshire Hathaway’s chief executive and a close friend of Gates, may make the perfect go-between for the two companies. After all, Buffet’s advice is closely followed by the financial press, investors of high net worth, and institutional investors.

But the backdoor has plenty of potential.

Microsoft has tried the front-door approach in wooing Yahoo. But, pssst, the backdoor is unlocked.

“The deal makes sense, with the price and structure we announced. We hope it becomes reality,” he told reporters, according to the Associated Press.

Full coverage
Microsoft’s big bid for Yahoo Click here for the latest on the software giant’s attempt to buy the Net pioneer.

Taking the lead on the funding was New Enterprise Associates, with existing investors Draper Fisher Jurvetson and Walden International joining in. That brings SugarCRM’s total funding to $46 million.

SugarCRM has landed a $20 million venture investment round, designed to boost international expansion by the maker of open-source customer relationship management software, the company said Thursday.

With its infusion of funds, SugarCRM will have more leeway as it heads down the path toward an IPO within the next two years. But with the recent industry consolidation–case in point being Sun Microsystems’ planned $1 billion merger with MySQL–SugarCRM may find that option just as tasty.

The company plans to use the funds for not only research and development, but also increasing its global footprint–particularly in Europe and Asia.

SugarCRM, founded in 2004, released its Sugar 5.0 software in December. To date, the company has racked up over 4 million downloads of its commercial open-source CRM goodies and counts more than 60,000 community members.

I know memory cards are boring, but it just blows me away to see 8GB SD media selling for $29 when a few years ago you’d have paid hundreds for a card with half the capacity.

This is a Transcend Secure Digital High Capacity (SDHC) card, meaning it should be compatible with all devices (smartphones, digital cameras, etc.) that meet the SD 2.0 standard. It includes a lifetime warranty, and best of all: no rebate. Alas, you’ll pay about $9 for ground shipping, which is ridiculous given the size and weight of the product. But even at $38, this is still a pretty sweet deal.

(Credit:
eCost)

Find more deals, coupon codes, and bargains on CNET’s Shopper.com.

At the time, it seemed like the best place to move the investment chips: The ideas behind social media were just starting to coagulate. The telecommunications build-out of the 1990s had long since ended. And big tech-boom buyers like Yahoo (which my CNET News.com colleague Charlie Cooper to this day curses for forever saddling us with billionaire basketball maven Mark Cuban) had shut the money spigot.

That’s not to say there’s no money going into biotech and health care research. In fact (and here’s where the analysis gets a little tricky), the life sciences category received more investment than any other category last year: $9.1 billion in 862 deals, according to Thomson Financial and the National Venture Capital Association. That was 31 percent of all venture capital invested and well up from $7.6 billion in 2006.

Just five years ago, the high-tech industry was in the dumps and fickle Silicon Valley hearts were turning to biotechnology and so-called convergence companies that would combine computing know-how with life sciences.

A former colleague who covered the biotech boom of the early 1990s once explained to me why some venture capitalists steer clear of biotech and health care: In tech, you have product cycles that last two or three years, maximum. It doesn’t take all that long to see if you’re going to get a return on your money. (With Web 2.0 investments that cycle is probably even shorter.)

Meanwhile, human genome research was opening new windows for start-ups. And the potential for harnessing for genetics research the high end but low-cost computing power demonstrated by Google’s Linux-based data centers had entrepreneurs thinking big.

Life sciences did have a big advantage on the public markets. There were four life science initial public offerings (only one of those in biotech) in the first quarter that raised a combined $221 million. There was only one information technology IPO–ArcSight, a security management software and service company that raised $61.8 million.

So why don’t we hear very much about biotech, and so, so much about Internet companies? Well, it turns out biotech is a difficult business, and Web 2.0, by comparison, isn’t. (News.com’s Stefanie Olsen has a broader look at how VCs are girding for what could be a rough economy in the months ahead.)

But in biotech and health care, product cycles last two or three decades because of everything from regulatory approval to testing. If you’re a middle-aged investor, you’re hoping you’ll live long enough to see your money pay off. Some of the savviest investors in Silicon Valley, such as Elevation Partners’ Roger McNamee, have traditionally steered clear of biotech for exactly that reason. Even for people accustomed to taking financial risks, biotech can be too risky.

The real action was in information technology, where there were 41 deals in the first quarter, 15 of them disclosed for a total of $1.996 billion. Of those, 12 were Internet companies, 8 of them disclosed for a $1.678 billion total.

But these are long-term investments. Making money pay off in life sciences is still as hard as it ever was. In the first quarter of 2008, there were five venture-backed M&A deals in life sciences, according to NCVA. Three of them had a combined disclosed value (the other two weren’t disclosed) worth a combined $229.3 million.

So the bottom line is, well, the bottom line. Even with little appetite for tech IPOs, investing in a Web 2.0 provides a VC with an easier way to cash in than investing in biotech or health care. Are the rewards for a big hit not as great in Web 2.0 investments? Maybe so. But with increasing pressure from their investors to show how they’re putting their funds to work, VCs are making the safer call.

Roy Bostock, Yahoo chairman, is quoted as saying: “We said, considering all of these hard data, what we should do is say we think a fair value for the company is $37. It was not a take-it-or-leave it statement.” He said Microsoft did not respond to that price other than to withdraw its offer,” according to a report in The Wall Street Journal.

The $34 to $35 price range that a large slug of Yahoo’s institutional investors are clamoring for seems to be a good point of reference for a next move by Yahoo.

Yahoo shares broke through the low zone Tuesday, reaching as high as $26.25 to exceed the lowest level the shares were trading during the three-month period when Microsoft still had its buyout offer on the table.

Analysts say such comments appear to signal Yahoo is making an attempt to get back to the negotiating table, in a face-saving manner.

But by the end of the regular trading day, Yahoo closed up 5.54 percent to $25.72 a share.

On Tuesday, however, analysts say investors drove the stock up, based on renewed hope a deal will be struck between the two companies.

Moran noted that Yang’s comments that Yahoo remained open to talks and Bostock’s indication the $37 a share was not a take-it-or-leave it price point to Yahoo making the next price change in a rematch.

Coincidentally, that’s the same exact spot Yahoo shares fell to during their lowest point in the three months that Microsoft’s buyout bid was pending. Microsoft withdrew the bid over the weekend and on Monday, investors punished Yahoo, sending its shares down 15 percent.

Editors note: This post was updated Tuesday, May 6, at 2:16 p.m. PDT to reflect the market’s close.

Sue Decker, Yahoo’s president, said Microsoft never gave Yahoo a written confirmation of its sweetened $33 a share bid…noting, “The work our board did was to go around and talk to shareholders at the price Microsoft offered in writing, which was $31 a share,” according to Sarah Lacy’s Tech|ticker blog.

Here are some snippets from various interviews with the press that Yahoo executives and its chairman conducted Monday. A picture emerges of a company that would very much like to get back to the negotiating table and one where Yahoo wouldn’t be so wedded to that deal-killer, errr, make that $37-a-share buyout demand:

Wall Street soothsayers point to comments in the press from Yahoo executives and its chairman on Monday that seem to point to a “rapprochement with Ballmer,” as noted in a blog by News.com’s Dan Farber. And analysts say the public outrage factor from Yahoo’s large institutional investors will go a long way in pushing the companies back to the table.

“To say, ‘we never got the $33 a share offer in writing’ implies they don’t want to beg,” said Clayton Moran, an analyst with the Stanford Group. “A verbal offer should have been pretty solid, in this case. So, to say you never got it in writing, and therefore it’s not a hard offer, potentially indicates you are open to further talks.”

Jerry Yang, Yahoo’s CEO, said his company would listen “should somebody else come back someday and want to buy the company,” according to a Bloomberg News article.

On Friday, Broadcom announced that the U.S. International Trade Commission, or ITC, has denied SiRF’s request to review an Initial Determination that found no violation by Broadcom’s subsidiary Global Locate of Section 337 of the Tariff Act of 1930.

Some camera manufacturers are also starting to embed GPS chips to allow people to geotag photos on the go.

Broadcom’s claims against SiRF are also before the ITC. The chipmaker has filed six claims of patent infringement. An initial determination in the case, which went to trial in April 2008, was issued last week. The ITC judge ruled that SiRF infringed on six of Broadcom’s patents, which improve GPS processing and sensitivity. The ITC still must make a final determination on the matter, which is expected by December.

Chipmaker Broadcom has won the latest battle in a patent dispute with SiRF Technology Holdings, a developer of location-based technologies.

The legal battle between SiRF and Global Locate began before Broadcom bought Global Locate in July 2007. SiRF initially took Global Locate to federal court over patent infringement and then Broadcom counter-sued. Those suits were stayed pending the ITC ruling.

In June an ITC administrative law judge ruled that two of SiRF’s GPS patents were not infringed by Global Locate, giving Broadcom its first major victory in the case.

The GPS market is getting hot as more mobile devices, such as cell phones, use it to provide location-based services. Buddy-tracking technologies and services have been launched. Apple’s new iPhone 3G is the most high-profile example of a phone with embedded GPS, but other cell phones that are used on CDMA networks such as Verizon Wireless and Sprint Nextel have been required to have embedded GPS chips for E911 service for the past few years.

A scenario in which Google or Amazon are taken down isn’t likely in the next several years, however. The two are well established and the online market is reaching early adolescence, making it more difficult for newcomers to be supremely disruptive to incumbents. If competitors become a nuisance, Google and Amazon have the clout and deep pockets to acquire or extinguish them, if they see them coming.

Google and Amazon have momentum and traction, but that doesn’t mean they are invulnerable. They have only a decade of history, and they would acknowledge that they could be knocked off, just as they knocked off a variety of competitors on their road to greatness.

Google owns search, with a nearly 70 percent share, and is moving into the applications space; Amazon is the premier online, personalized retail shopping site; and both are poised to become major providers of computing infrastructure services for the planet

The two big winners in Lindsay’s report could take some lessons from Microsoft if they want to stay on top. Microsoft can provide examples of how to diversify and grow, as well as cautionary tales about treading on antitrust laws, getting big and missing major shifts, such as the initial phase of the Internet. Having the smartest people in house has helped Microsoft and the newer giants succeed, but ultimately they have blind spots. They would do well to heed the advice of former Intel executive Andy Grove: Only the paranoid survive.

Sanford C. Bernstein analyst Jeffrey Lindsay is betting that Google and Amazon.com will loom as the two giants of Internet. According to Lindsay’s report, “U.S. Internet: The End of the Beginning,” cited by Reuters, “Both Google and Amazon.com are still racking up annual growth rates in the 30-40 percent range, with only a relatively modest slowdown in sight.”

.

Given how those two companies own their respective fields, it’s not a stretch to forecast them as long-term winners in the coming years. Google and Amazon have done the best job of creating clear value propositions for online users in the last decade, although Google has the better margin business selling ads on search pages.