Talk:ExpressVPN

This article is rated C-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects:

Software: Computing This article is within the scope of WikiProject Software, a collaborative effort to improve the coverage of software on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.SoftwareWikipedia:WikiProject SoftwareTemplate:WikiProject Softwaresoftware articles ??? This article has not yet received a rating on the project's importance scale. This article is supported by WikiProject Computing.

Hi @MrOllie: - I noticed there's a bit of troubling editing with SPAs. Hopefully they will declare their COI if they are with ExpressVPN. I'd never heard of Kape or Crossrider before, and after reading the Register source you found, thought you were correct in how the company is presented. But I dug a little deeper to try to understand the situation, and now think it might be a bit WP:UNDUE to label Kape as an adware and malware distributor, especially in the lead section. This [[1]] paints a slightly different picture, suggesting instead that Crossrider was a platform that was abused by bad actors, couldn't do anything about it and shut down. It's a bit bloggy, and it would be great to find a more reliable source, but in light of the possibility that the Register is incorrect, I think we want to at least keep the lead neutral. Maybe just say "...purchased by Kape Technologies, a cybersecurity company that owns several VPN providers." I'd then put the details about Kape being formerly Crossrider and info that the platform was abused by ad and malware companies, but still try to keep this neutral per WP:BALANCE. Down the road, I may do an article on Kape, and we could link to it to give people the whole history so they can decide for themselves, and not clutter this. Thoughts? TechnoTalk (talk) 03:47, 11 November 2021 (UTC)[reply]

On Wikipedia we have to follow the sources, and here we've got the Register and CNET calling crossrider adware/malware. We can't use a blog like restoreprivacy to undercut that. This is one of fairly few events in this companies life that garnered major media attention, and we need to reflect that attention accurately. MrOllie (talk) 12:10, 11 November 2021 (UTC)[reply]

@MrOllie: Definitely - it's all about the sourcing. I did a little more hunting and found [this] in Techradar, which contradicts The Register and CNET. "News of the acquisition led to the resurfacing of earlier claims that Kape predecessor, Crossrider, was previously responsible for developing and distributing adware or malware. Such claims appear to be erroneous; the Crossrider development platform had simply been misused by some third parties." I'm trying to understand why the Register and CNET might have misidentified Crossrider as the adware and malware culprit. It seems that while the Crossrider platform was just used to create the adware and malware by third parties, the name "Crossrider" was contained in the programmatic identifier of the malware files, so they were found guilty by association. The [blog] cited by the Register backs this up - the screenshot example shows that the offending party is actually something called Neoliveapp.exe. [This page] says the developer is a company called CoolMirage. The ad blocker product Ghostery also got flagged by Herdprotect as malware, even though it is an ad blocker. If you look at [herdprotect malware alert], you can see that it also explains that Crossrider is just development a tool that was abused. "The library is built using the Crossrider cross-browser extension platform. While the file utilizes the Crossrider framework and delivery services, it is not owned by Crossrider." That page lists the developer as a company called Evidon, Inc., formerly called Ghostery. There's nothing that I can find in primary or third party sources that says Crossrider was ever itself an app developer, besides its [extension development platform]. But the confusion isn't just in The Register and CNET. I found several benign third party apps that used the Crossrider development platform, including [the fan app] for soccer club Barcelona. The software informer page says "Developed by Crossrider Advanced Technologies Ltd.", but Crossrider didn't develop it. This [article] about the app says it was developed by business intelligence company MicroStrategy. It's paywalled but you can see the important part. The Register reporter might have read this or another app profile page, saw Crossrider, and got confused. It's hard to stop bad info once it gets going.

So while Techradar is a good source, the other stuff is a bit WP:PRIMARY and involves some WP:OR and WP:SYNTH that we want to avoid. I'm taking the time to document this here for future readers, but for WP:BALANCE, we can't call Crossrider or Kape a malware or adware company, and certainly not in the ExpressVPN lead. I can take a shot at explaining this in the history section if you don't want to. I'll probably just eventually do a Crossrider/Kape article and we can point readers to it. From what I saw between Crossrider and Kape, there should be enough sources to show notability. I don't have as much time to edit as I'd like, but will check in from time to time. TechnoTalk (talk) 21:37, 14 November 2021 (UTC)[reply]

Techradar isn't independent, they're just linking the same restoreprivacy blog. BALANCE doesn't mean WP:FALSEBALANCE. At a minimum they were willfully blind to what was going on as long as they were making money off of it. Their platform isn't being misused if they're supporting that use. This wasn't one or two rogue apps up for brief periods, it went on for years. - MrOllie (talk) 21:49, 14 November 2021 (UTC)[reply]

TechRadar is considered a reliable source on Wikipedia. They would be flagged on the reliable sources noticeboard if they weren't. Can you find a source that says that the company knowingly and willingly allowed its product to be misused? Without a source, it's WP:POV. A source would change things, at least in a Kape article, but I still don't think this belongs in the lead here. Given the circumstances (Crossrider shut down the old business and renamed to Kape before buying ExpressVPN), putting it in the lead is WP:UNDUE. If we can't agree, I can launch an RfC to gauge community consensus. The question I'll pose will be something like "Should the misuse of a company's discontinued development platform be added to the lead of a company they subsequently acquired?" TechnoTalk (talk) 22:56, 14 November 2021 (UTC)[reply]

Sure, without a source it is just my POV, just as that big paragraph of links stitched together into WP:OR is yours. So lets follow the reliable sources that we do have, which are the Register and CNET (and not Techradar, which is several steps below those anyway, and who are just linking to someone else's site). - MrOllie (talk) 23:08, 14 November 2021 (UTC)[reply]

@MrOllie: I think I found a good compromise that won't necessitate the drama of an RfC. I went back to your earlier description of Kape as an adware provider, but also added some of the company's other current businesses, from the Bloomberg piece. I also added the Techradar piece we discussed for WP:BALANCE. Does this version work for you? I'm still trying to decide if I want to do a Kape article - there may not be enough coverage, but if there is, we can post more info there about the conflicting views of the company history without dragging ExpressVPN into the scrum. TechnoTalk (talk) 20:34, 2 December 2021 (UTC)[reply]

Overall much better, but I did switch the POV 'misused' for 'used' in the article body. MrOllie (talk) 22:11, 2 December 2021 (UTC)[reply]

@MrOllie: Looks good. I probably won't have time to do a Kape article since I'm so infrequently here, but maybe some time will free up later next year. TechnoTalk (talk) 19:44, 17 December 2021 (UTC)[reply]