Myths/Misconceptions Vs Facts

Discussion in 'KVS' started by KVS Tool, Feb 13, 2011.  |  Print Topic

Thread Status:
Not open for further replies.
  1. Chic Silber
    • Original Member

    Chic Silber Silver Member


    Many of my friends of a certain age (like mine) have found

    it much easier to read the small type used in many of these

    online blogs & websites when the lines are double spaced

    But thanks for your observation
     
  2. Wandering Aramean
    • Original Member

    Wandering Aramean Gold Member

    It leverages http://www.getthere.com/ (but not that exact URL). Actually it passes in the credentials of a travel agent that pays a fee to GetThere to provide that agent with flight availability data. A more common "user agent" would display the site like this:
    [​IMG]

    DotRes is leveraging the credentials of TravelNet Vacations & Adventure, Strand Business Travel Management and Travel Center Huachinango on that site's interface.
     
    vbroucek likes this.
  3. Wandering Aramean
    • Original Member

    Wandering Aramean Gold Member

    No, but it does mean that the data isn't coming from a single source, as you have claimed all the data presented in your "user agent" does. I'm just trying to get clarification on that specific issue. Your repeated non-answers speak volumes IMO.
     
  4. vbroucek
    • Original Member

    vbroucek Silver Member

    I have not had time to fully analyse the encrypted part of the traffic as yet, so I do not know exact content of the initial https handshake, but the rest is http. So, I know that Sabre/GTC method is using wx1.getthere.net through gateway created for certain travel agency(*). It is either using free account that is possible to create, or (and that's what it did in my test case) tryout account with user name "****" and password "******". It then creates itinerarry for person named "* *" coming from site "*******"...

    Anyone can try by themselves by going to (link removed upon KVS Tool request and my realisation that by publishing it here I could put the site in risk of being exploited even more - contact me directly for the link).
    So KVS, are you really using only our credentials???

    (*) I have edited the details even more to protect the actual site - unfortunately, google already swept through MiPo, so there might be some remnants available, but not so easily...
     
  5. vbroucek
    • Original Member

    vbroucek Silver Member

    See my post #129 for the Sabre/GTC details and how to use it... Actually, it only starts with HTTPS and then if falls to HTTP... I could get the same for DotRes, but I am busy with more important stuff than that...
     
  6. KVS Tool

    KVS Tool Z Representative

    The data is coming from a single website. And, as mentioned previously, the currency conversion functionality is built-in into the KVS Tool for user's convenience (just like it is a part of the Forex Currency Converter" extension in FireFox).
     
  7. KVS Tool

    KVS Tool Z Representative

    And if you did, you would notice that that site does not actually require any external login credentials.
     
  8. vbroucek
    • Original Member

    vbroucek Silver Member

    You are yet again taking part of my post out of the context and ignore the remainder.
    HTTPS part does not require credentials, but the HTTP part of the session does require and uses external credentials, although they are provided by the site for demo purposes!!! Read my post #129 completely!!!
     
  9. KVS Tool

    KVS Tool Z Representative

    No, it does not -- the site contains all the required parameters internally and does an HTTPS to HTTP hand-off (part of which you were not able to see). Again, there are no "external credentials" that are provided by the Tool.
     
  10. vbroucek
    • Original Member

    vbroucek Silver Member

    So if you did not pass through "*****" and "******", how come it then creates itinerarry for person named "* *" coming from site "******", which I get if I go to (link removed upon KVS Tool request and my realisation that by publishing it here I could put the site in risk of being exploited even more - contact me directly for the link) and pass through those credentials? How come, I can trace that you are on the same page (and I can reconstruct that page from captured traffic!!!) that requires those credentials? I am starting to be really sick of your arguments and using WiKi as a source for your reference and I am seriously considering publishing the captured traffic. And as for your SSL, I am going to run it tomorrow through middle-man attack tool, so I will see exactly what you pass during the SSL session. If you think that by using SSL you can hide what you're doing, you are stupid.

    I still think that your tool is good value for money and I still think I will continue paying for it, but I guess you should finally come clean...
     
    oliver2002 and IMH like this.
  11. vbroucek
    • Original Member

    vbroucek Silver Member

    Sorry guys, I am pulling out of this debate. Tools that I have available are too powerfull and only handful of people in the world has access to them. So I think it is unfair to make my findings publicly available. Doing so could potentially do more harm than good - see Trick It! FAQ thread.
    I also believe that this debate is quickly becoming too personal and with hints of personal vendetas. I am not sure if it serves the purposes of the MiPo at all.
     
    oliver2002, ArizonaGuy and KVS Tool like this.
  12. KVS Tool

    KVS Tool Z Representative

    Again, KVS Tool does not do any "screen scraping".

    Furthermore, this a classic example of a common logical fallacy (http://en.Wikipedia.org/wiki/Correlation_does_not_imply_causation) :

    "The opposite belief, correlation proves causation, is a logical fallacy by which two events that occur together are claimed to have a cause-and-effect relationship. The fallacy is also known as cum hoc ergo propter hoc (Latin for "with this, therefore because of this") and false cause."​

    Which has nothing to do with the KVS Tool.

    That's because KVS Tool is not a "screen scraper". As with any other web browser, if a website requires external login credentials, the web browser prompts the user for those credentials.
     
  13. Wandering Aramean
    • Original Member

    Wandering Aramean Gold Member

    You cannot have it both ways. If the currency is being converted then the data is coming from more than one source.
    Read my post above (the one with the screen shot) and use google. It shouldn't be that hard to get direct access to the links without spending time on the man in the middle attack.

    At some level this also becomes a more ethics/theoretical discussion. If you simply pass an account ID in the URL does that count as passing credentials that are supposed to be reserved for only that company? IMO the answer is yes since those account IDs are not published for anyone to use as they see fit; they are for those companies to operate. The site structures leave them vulnerable to exploit and the KVS tool does precisely that. Doesn't mean that they are not credentials being passed however, at least not IMHO.
     
    oliver2002 likes this.
  14. Interesting use of phrase structure to call someone a liar. He has said here many many times he doesn't scrape and you persist. May I suggest, in my own use of good phrase structure, you are barking up the wrong tree and the ethics discussion should be self directed.
     
  15. IMH
    • Original Member

    IMH Silver Member

    Any "currency conversion functionality" needs current conversion rates. The KVS Tool gets these from finance.yahoo.com (the portfolio management software I use does the same thing, transparently, if I select that source). Currency conversion rates are data. Quite clearly a second source. Not in itself something that would trouble me greatly, but disturbing as a further example of economy with the truth.

    The key point is not precisely what "credentials" are passed. It is whether users of the KVS Tool are (unwittingly) sending searches to websites they're not authorised to access. It is clear that this is what the program enables.

    I uninstalled it yesterday, but it left a nasty taste in my mouth. If you buy a mobile phone from a stranger in a bar, or software and DVDs at a market stall far from home, you shouldn't be too surprised to discover that what you've purchased isn't quite legit. Similarly, those who download 'cracked' software or trade authorisation codes are aware of what they're doing. KVS is different, in that most users don't have a clue what's going on.
     
    Tom1024 and Chic Silber like this.
  16. He is not selling his tool services at some flea shop in case you didn't notice. Brush your teeth.[​IMG]
     
    KVS Tool likes this.
  17. IMH
    • Original Member

    IMH Silver Member

    Precisely my point.
     
    Chic Silber likes this.
  18. KVS Tool

    KVS Tool Z Representative

    The fact that KVS Tool features currency conversion functionality and that this functionality is powered by a Web Service has already been clearly mentioned in posts #15 & #29.

    The original statement that "each Method corresponds to exactly one website" remains fully accurate.

    We see no point in addressing trivial questions, answers to which are obvious, such as whether an excerpt has been edited.
     
  19. iolaire
    • Original Member

    iolaire Gold Member

    I'm thinking about using some of my Alaska Air miles so I re-upped for KVS tool again today. It quickly allowed me to see that there is Air France availability for an upcoming holiday. Thank you...
     
    Terry Quinn and vbroucek like this.
  20. IMH
    • Original Member

    IMH Silver Member

    That's funny, as you've invested considerable effort addressing relatively trivial issues, such as playing with definitions to try to persuade us that the tool is a browser and that that is somehow significant.

    Presumably there's no point in expecting anything other than silence on the big questions.
     
    Chic Silber and Tom1024 like this.
  21. Tom1024
    • Original Member

    Tom1024 Silver Member

    You summed it up right there. So let’s collectively fill in the blanks on the big questions that KVS refuses to (and make it easy for new readers of this thread to follow):

    Q: KVS calls his fees "contributions", does that mean they are optional?
    A: No, the "contributions" are mandatory. Furthermore there is no published free trial period, and if you don't like the tool, you will not be issued a refund. (see this post for details: http://milepoint.com/forums/posts/145464/)

    Q: Why is United Airlines listed as X1 for the award search?
    A: To hide from United as they asked other sites that had the information to stop using it

    Q: Only user supplied usernames and passwords are used on the websites KVS accesses, right?
    A: False. The Sabre/GTC method, for one, uses the username/password for a demo account that a Miami travel agency has made available on the home page of their website. All indications are that the travel agency doesn’t realize their demo account is being used in this way, at their expense.

    Q: Is it against the TOS of the various websites that are used for their data to be commercialized in this way?
    A: Yes. Creating a “specialized web browser” is one thing, however hiding the location of the website being visited and removing all booking links so that the website can’t even make money on a booking, is quite another. Also the websites own the data, which according to the TOS's prevents KVS from selling access to that data.

    Q: Does KVS have a list of websites that the KVS tool accesses?
    A: No. If people knew the public websites that were being used, they wouldn’t need KVS.

    Q: KVS charges different amounts for different “tiers” because of the cost of data, right?
    A: False, all of the websites that KVS uses are freely available to all, if you know where to look. The tiers are just a way to get more money from customers. In fact, KVS Tool used to be free.

    Q: The airlines/websites/agencies agents that KVS gets it’s data from must be ok with KVS using their data in this way because they haven’t shut him down, right?
    A: False. It is technically difficult to stop KVS from using the data, as the tool tells websites that it’s a regular version of Internet Explorer, so it's hard to limit functionality to KVS but not to a regular browser.

    Q: Has any website taken steps to stop KVS or anyone else from using their data?
    A: Yes, FlightStats has confirmed that they put their flight availability search behind a login wall expressly for that reason. It didn’t work.

    Q: Why can’t the airlines/websites/travel agencies just sue KVS in court?
    A: Who exactly is KVS? KVStool.com has a private registration and there is no name/address/company name/phone number, etc on KVStool.com. His anonymity allows him to hide from the airlines, otherwise he’d have more cease and desist claims then he could handle. As a result, without a full civil lawsuit that would lead to a court ordered subpoena to KVS’s web host and billing provider to find out who he is, they can’t find out. It is also believed that KVS lives outside of the USA (where most of the websites used are based) further complicating matters.

    If anyone has any others, PM me and I’ll edit the post.
     
    schnitzel, Xyzzy, Travelman and 3 others like this.
  22. Wandering Aramean
    • Original Member

    Wandering Aramean Gold Member

    Where in that post do I discuss screen scraping?

    And I do not understand how it can be claimed that the data displayed in the browser is single-source when it is so clear that some of the tools use more than one. It is because one is a web site and the other is a web service that this claim is made? Either way I am quite comfortable in my assertion that the data being displayed to KVS users is not at all what the folks at Pososhok intended.
     
  23. KVS Tool

    KVS Tool Z Representative

    All the questions raised have now been answered. Whether someone likes the answers or not is a completely different issue.

    Please refrain from providing the so-called "answers" without clearly labelling them as "science fiction", "speculation" or other appropriate designation.

    We would would also like to clarify that the OP's statements are either false, libellous, or both, and that the OP has no authority to answer those questions on our behalf.
     
    Terry Quinn likes this.
  24. vbroucek
    • Original Member

    vbroucek Silver Member

    Although I have been involved in this debate, I have also used KVS just yesterday to find availability for redeemeing some of my M&M points... And I will continue using it.
     
    mundosurfer and Terry Quinn like this.
  25. IMH
    • Original Member

    IMH Silver Member

    It's certainly fair to say that pretty much everything has now been clarified. But it's still remarkable to note that you, having chosen to start this thread, didn't do much of the clarifying.

    It's time to get some better PR consultants. This approach really isn't working.

    ??? As noted above, the OP in this thread (see post number 1) is KVS Tool.

    Anyone received a libel writ/suit from KVS's lawyers yet?
     
    Chic Silber and Tom1024 like this.
Thread Status:
Not open for further replies.

Share This Page