Google is about to get served—with a civil subpoena, that is. The Federal Trade Commission is on the verge of serving Google as part of a formal antitrust investigation into Google's Web dominance, according to sources speaking to the Wall Street Journal, with the requests for more information expected to be sent to Google "within days."

The WSJ's sources say that the FTC's investigation will focus on Google's advertising business and whether Google has been directing search users to its own services over the competition. As is typical with investigations like this, the FTC will eventually begin requesting information from other companies that deal with Google as well in order to get further information on how Google conducts its business.

In 1998, Ask Ars was an early feature of the newly launched Ars Technica. Now, as then, it's all about your questions and our community's answers. Each week, we'll dig into our question bag, provide our own take, then tap the wisdom of our readers. To submit your own question, see our helpful tips page.

Q: I heard about Twitpic commercializing user-uploaded photos and became curious. There are alternatives out there, but what are the chances they all have similar terms of service? Is there any service that isn't my own website that won't commercialize my photos? Is this just a standard agreement, or what?

You're correct about Twitpic commercializing user photos: the company recently announced that it was the "exclusive photo agency partner" of the World Entertainment News Network (WENN). This agreement allows WENN to sell images uploaded to Twitpic and to pursue copyright action against parties who try to use those images commercially without authorization.

Google has created a new tool that allows those who install it to see security holes on websites, the company announced on their security blog Tuesday. Named DOM Snitch, the Chrome extension uses various ways of intercepting Javascript calls to spot the use of functions that can inject code from outside sources. Google intends it to help show developers where their client-side code needs work.

The company notes that, as Web applications become more complex, the number and kinds of attacks that can be successfully launched against them will increase. Google hopes that the tool will help developers, testers, and security professionals tie up more loose ends with their code and prevent client-side attacks.

While it's still in an experimental phase, DOM Snitch can intercept many different kinds of Javascript calls and then record the URLs accessed by a document and a complete stack trace. This set of information lets developers and testers see if any interlopers who intercept a call would be able to progress to "cross-site scripting, mixed content," or "insecure modifications to the same-origin policy for DOM access." Users can see DOM modifications in real time, and can export the results of the test to share with colleagues.

DOM Snitch seems like more of a teaching tool or sanity check than a must-have security essential, but it may still see wide use among those still learning how to write secure Javascript code. At least a few users won't be able to resist using the tool for a little public shaming of popular, security-negligent websites.

Read the comments on this post

Best Buy has entered the cloud-based music storage fray with a service named Best Buy Music Cloud. The program's pared-down Web and desktop presences have very little information on the details of how the service is supposed to work, but the basic uploading and listening functionalities on those incarnations appear to have made it into the soft launch intact.

According to Digital Trends, the service hasn't "officially" launched yet, though the website and desktop apps are fully accessible and based on PlayAnywhere technology by Catch Media. Users can sign up at the website right now, where the first form you're given to fill out is one about the make, carrier, and number of your cell phone (though this step is skippable).

In the next step, users can download the desktop app that will ostensibly begin syncing music and playlists from your iTunes library to the cloud (though at this time, our app has been stuck on the 62nd song of 5,606 for about 15 minutes). If you happened to give Best Buy your phone's information, around this time you'll get a text message telling you the mobile native apps aren't available yet, along with an activation code.

Best Buy's service, similar to Apple's iTunes in the Cloud, will allow users to pin songs down to their devices so they don't always have to be streamed, which saves a little on the limited data plans afforded most smartphones. The service has two pricing tiers: free, described in one line as "web + limited only" on the Web player, and a premium version for $3.99. Boy Genius Report says only premium subscribers will have access to the mobile apps for the service. 

Worse, according to this Best Buy blog post, the free version only lets customers hear the first 30 seconds of their own songs. Best Buy did not respond immediately to requests for clarification on this and other aspects of the cloud music service.

Read the comments on this post

If your spouse has been "sexting" or maintaining a relationship with someone else online, is that person just looking for an Internet ego-boost, or on the hunt for a real life affair? The answer appears to be the latter, according to a paper on infidelity and cyberspace published in the journal Sexuality & Culture. Authored by University of Nebraska at Kearny professor Diane Kholos Wysocki and Washburn University associate professor Cheryl Childers, the paper examines the behaviors of those who frequent an online dating site dedicated to extra-marital affairs. The authors find that, although many people do seem to enjoy maintaining online sexual relationships with those who are not their partners, most participants' main goal is indeed to hook up in real life.

The researchers posted a survey at AshleyMadison, a site dedicated to helping individuals hook up outside of their marriages. The goal was to discover what role the Internet plays when it comes to finding sex partners, and how common activities like "sexting" are. (The researchers defined sexting as sending sexually explicit texts or e-mails to another adult in order to increase the likelihood of a sexual relationship, either online or offline. This could include text or photos, or both.)

Do you find the reliance on things like .com, .net, and .org too restrictive? Haven't found a country code that floats your boat? ICANN, the organization responsible for managing the domain name system, has decided that it's time for a more flexible system for managing the top-level domains that help translate IP addresses into human-readable form. The plan has been in the works since 2009, but it has experienced a series of delays. Now, though, the organization has finally approved a process for handling new generic top-level domains (gTLDs), and will begin accepting applications in January.

Prior to ICANN's existence, gTLDs were pretty limited: .com .edu .gov .int .mil .net .org and .arpa, although a large collection of country codes also existed. In 2003 and 2004, however, the organization began allowing a cautious expansion, adding things like .name and .biz (along with some oddities like .aero and .cat). And, just this year, it approved the .xxx domain after a rather contentious consideration period.

ICANN apparently recognized that there's a continued interest in expanding gTLDs, and set about creating a mechanism to handle requests as they come in, rather than to consider them in batches on an ad-hoc basis. And at least according the FAQ site that it has set up, the organization expects a busy response: "Soon entrepreneurs, businesses, governments and communities around the world will be able to apply to operate a Top-Level Domain of their own choosing." (More details, including an Applicant Guidebook, are also available.)

Still, the FAQ also makes it clear that grabbing a gTLD won't be an exercise in casual vanity. Simply getting your application processed will cost $185,000 and, should it be approved, you'll end up being responsible for managing it. Do not take this lightly, ICANN warns, since "this involves a number of significant responsibilities, as the operator of a new gTLD is running a piece of visible Internet infrastructure." Presumably, service providers will take care of this hassle, but that will simply add to the cost of succeeding.

ICANN suggests the changes will "unleash the global human imagination." At best, the unleashing will be pretty limited, with a maximum of 1,000 new domains a year. Some of these will undoubtedly show signs of imagination through a clever use of character combinations in some URLs. Mostly, however, we expect that the new gTLDs will simply provide domain registrars with the opportunity to suggest you buy even more domains when you register a .com or .net.

Read the comments on this post

The New York Post has started blocking access to its website on the iPad as a way to drive those customers in the direction of the paid NY Post app in the App Store. Trying to access the paper via the Safari browser on the iPad results in a redirect page that points them to the app, as well as a few other basic services.

While Safari is a no-go, Staci Kramer of PaidContent notes that NY Post's site works fine through the free alternative browsers Skyfire and Opera Mini. "It is one of the most poorly conceived paywall efforts I’ve come across," Kramer says.

When New York Times raised its paywall, it made one big concession to readers and left the paid parts of their site accessible through social networking links and search engine results. But the NY Post has even botched this: clicking links from Facebook on the iPad redirect to the screen size app advertisement, while links from Twitter will display the articles in Twitter's in-app browser just fine.

As a Murdoch publication, the NY Post appears to be getting pushed in the direction of The Daily, which exists only as a paid app on the iPad. The NY Post app costs $1.99 to download and gets the customer 30 days of access; after that, it's $6.99 for one month, $39.99 for six months, or $74.99 for a year. By comparison, The Daily is free to download, and costs 99 cents a week or $39.99 for a year's subscription.

By clicking one of the buttons on the NY Post redirect page, users can also subscribe to the electronic edition of the NY Post and get access to the web page—again at various prices, including $9.18 for four weeks or $93.30 for the year. We're surprised that the NY Post isn't pimping this harder than their app, given that Apple recently relaxed their restrictions on making website content available through iPad or iPhone apps, which no longer have to route subscriptions through their App Store.

Read the comments on this post

Amazon's Kindle e-books store has been hit hard by spam in the last few months, according to Reuters. Hundreds of entities are pulling quasi-useless content found for free or for a small price on the Internet, reformatting it into e-books, and selling it under catchy titles for very little, clogging Amazon with low-value materials that stand to mire the platform and maybe make customers think twice about future e-book purchases.

Many of the books are created with Private Label Rights (PLR) content, which is often milled by content creators on the Internet and then made available for free or a low price. PLR content can then be reformatted or even modified if the buyer wants, and then put up for sale under virtually anyone's name. PLR content is usually of the beginner-how-to or get-rich-quick variety that baits those looking for their elevator to success: make a certain number of dollars in a much smaller number of days, money-making blogging for beginners, how to start an Internet marketing business.