The Art Of SEO - The Science Of PPC

by Leave a Comment

When A##hat Hackers Attack

Today brings yet another story of a “hi profile” hack, this time targetting Ronaldoinho, http://www.ronaldinhogaucho.com/, one of the best soccer players in the world and a man loved and hated by million. No one should be surprised by the lack of security for a celebrity website or that the webmaster managed to “restore” the site while leaving the hidden links in the code. Likely as not, those links were not even left by the hacker Terrorist_MC who defaced the site, since if one person can find an exploit likely many others can as well.

Terrorist_MC, Konut Projeleri and Gebze Evden Eve Nakliyat, three more reasons to sign up for free website backup using the “coupon code” of itstheroi.

What really pisses me off is that someone is paying hackers “build links” for their sites so they can try to rank for “turkish web design” or “housing projects”… or perhaps sabotage their competitors. This type of “link building” destroys the reputation of our industry and makes consumers justifiably nervous when visiting sites that are not from “big brands” (although Ronaldo Inho is certainly a big brand). More importantly, just as adsense monetizes spam and scraper sites, this type of “SEO” monetizes the script kiddies and hackers who devote themselves to making the web a more dangerous place.

Just as upsetting is how bad the “back-up” and monitoring systems web hosting providers. These back-ups sound good in theory–you are assured that your site is backed-up on a system that is completely separate from the main one and that you’ll be able to access it whenever you need it. When you actually need them, like when your site has been hacked or your developers screw up, you often discover that your backup is hard to access, out of date or has been affected by the same event.

I first came face to face with this combination of blame avoidance and finger pointing about 2 years ago when a customer who had been hacked called me praying looking for a backup of his website. The only version i had was about 3 months old, which was actually newer than the most recent version his ISP was able to recover. The indian developers had a newer version–one that had never gone live because it was so full of bug. The upshot of that experience was the germ of a seed that grew into a little startup called CodeGuard.

CodeGuard is unlike ISP based backups. Instead of a static snapshot of your site kept by your ISP (hopefully), we use a File Integrity Monitoring system built on a version control system and store site data in the cloud.  CodeGuard backups are stored as the differential between each daily scan of the site; allowing users visibility into what has changed along with the ability to “undo” changes on their site and restore to a past version in real time (minus the time it takes to push the files over FTP), much like Time Machine for Apple OS does for your laptop.  

If the current backup solutions for webmasters are lackluster, then the systems that alert webmasters if their site has been hacked are criminal. Webmasters discover they have been hacked because traffic suddenly disappears, they see a warning message on Google when searching for themselves, or they get an email from a customer complaining about strange behavior.  

CodeGuard’s differential backup is a game changer for hacking detection and remediation. In addition to pinging the Google Safe Browsing API for our clients, we also scan files that have been modified since our last backup.  This allows us to identify hacking and alert the site owner before they can spread malware, have their links pirated or act as a parasitic host for spammers–hopefully before safe browsing alerts quarantines the site and kills all of the traffic.  

In the event a hack or an unauthorized change is detected, webmasters can quickly revert to the last known “good” version and have their site working in minutes without engaging a developers to remediate the issue.  CodeGuard can then be set to automatically revert the site to that version until the owner is able to patch the vulnerability in the site.

You can sign up for free website backup using the “coupon code” of “itstheroi”.

by 2 Comments

Google Scraping, Cloaking, Diverting Traffic

Search for what is work, and you will see a onebox with a Google Answers icon and the “display” or source URL as wordnetweb.princeton.edu/perl/webwn.

Follow normal search behavior and click the top link or the image in the onebox and you will go to a Google scraper page, http://www.google.com/search?hl=en&defl=en&q=define:work instead of going to the Princeton.edu page. In order to view the results on the source page, you would need to click the smaller link that says “Definition in context”.

SERP for what is work

Princeton likely doesn’t care that Google is stealing traffic from WordNet, http://wordnet.princeton.edu/, but other publishers need to know that Google is running its own scraper sites and putting 3rd party content at the top of the page and using it to divert traffic away from the source.

Thanks to David Bayer of Data Banq for pointing this out.

by Leave a Comment

Keep The World Safe From Internet Marketers

The CEO of a startup I helped form recently wrote a bio of me for our website, describing me as an” SEO Guru”. I quickly asked him to change it to “Online Marketing Veteran” because the reputation of our industry has been so besmirched by the get rich quick hucksters who run pyramid schemes and multi-level marketing scams that are designed to prey on the hopes and dreams of desperate people who have been left behind by the new economy.

Their million dollar launches profit from exploiting the weak and the innocent and once you pay them the money they even tell you how to do the same. I won’t name name (I leave that to the Salty Droid and his Kajabi Scam Review), and I won’t say this syndicate is committing fraud (until they are convicted), I hope everyone in our industry who is committed to adding value remembers to take a stand and use your knowledge and your backlinks for good instead of evil.

Meanwhile, I will use my time and effort on little things, like the movement to Vote No On Prop 19. Not because pot is bad or evil or because I want to regulate what people put in their bodies. Hell, I am a libertarian on social issues: it is none of the governments business (ironic how many libertarians want to arrest people for drugs and regulate morality). My concern is that California’s marijuana prohibition provides jobs for hundreds of thousands of people and keeps them from doing something terrible — Like becoming affiliate marketers.

by 4 Comments

We All Agree – CAPTCHA SUCKS

Tired of choosing between the lessor of two evils? Here is something Republicans and Democrats can agree on

CAPTCHA SUCKS CAPTCHA stands for Completely Automated Public Turing test to tell Computers and Humans Apart and was originally foisted upon the citizens of the internet by Carnegie Mellon in response to a call by Yahoo to develop a system to keep computer generated Spam out of email and comments. While effective, the solution was a failure from the beginning because it placed the burden of proof on the user, a burden that has become increasingly difficult every day.

  • CAPTCHA suck time and money; each day human are forced to solve 200 million Re-Captcha’s plus countless other puzzle. Do the math and CAPTCHAs waste about $12 Billion of human productivity every year.
  • It really sucks that the hackers have gotten so good at solving them that CAPTCHA is now more of an obstacle for legitimate users than for dedicated hackers.
  • It really, really sucks that you can outsource Mechanical Turks solutions via a CAPTCHA farm in China or the Philippines for about $.02 each.
  • CAPTCHA really, really, really sucks because it is an obstacle for conversion, with some estimates showing that as many as 25% of people fail the first attempt at solving it and between 3% and 10% of your potential customers simply give up.

The only thing that sucks worse than CAPTCHA and ReCaptcha is not having one to protect your site from the inevitable onslaught of Spam and bot users being held at bay by this brittle defense.

There is hope, however, as Pramana introduced two new products today that are designed to help webmasters in their battle against blight. The first is call bot alert, which allows webmasters to quantify bot activity much the same way analytics lets you quantify human activity. The second is Bot Block, a true CAPTCHA alternative that is invisible and doesn’t require your users to do anything.

BotBlock™ is the first and only real-time weapon that keeps the bots out, but lets all of your real customers in. It integrates directly into your web pages. It invisibly analyzes and interrogates each interaction, and makes a reliable, real-time determination between human and bot.
Once detected, you can deal with an automated process as you please. You can block them outright. Give them a 404 that the page doesn’t exist. You can shut them down. We provide you the control to deal with them the most effective way for your web property.

The battle is far from over, but perhaps today will mark the turning point in the war between humans and bots.

by 1 Comment

Why Apple Should Buy MySpace

While sitting around at Pubcon chewing the fat ( a marvelous Rib Eye) with a couple of very, very smart people who shall remain nameless, the subject of the emerging war between Apple and Google came up. Specifically, we were discussing the one box music search and the notable absense of iTunes from the choices for to buy digital content from Google’s new music player in the SERP.

After we agreed that cloud based DRM has certain advantages for users and lamented that Apple was unlikely to counter by licensing iTunes for Palm, Droid, RIM or Symbian (too bad because it would be a pretty shrewd move to counter Google and put a lot of pressure on everyone to make DRM purchases portable across platform), we got to discussing monetization of the OneBox and what a slippery slope that represesented.

Ultimately the conversation turned to MySpace and how it was trying to find its way back to its “roots” as a community for music and bands. Suddenly, it struck me that Apple needs to buy MySpace. Before you say I am crazy, hear me out:

  1. NewsCorp is getting hammered lately and bleeding cash, including over $1 million/month in vacant office space for MySpace alone. Selling MySpace certainly wouldn’t get anything like the $15 billion dollar valuation that was once being bandied about, but even $2.5 billion would be a nice cash infusion along with a huge profit versus the $580 million acquisition price.
  2. Apple has something like $35 billion in the bank and billions more coming in every quarter.  There are not a lot of attractive acquisitions for Apple that really provide “synergy”, they aren’t likely to start paying a dividend and they have no reason to consider a huge stock buy back. Apple has never made major acquisition and frankly it isn’t clear what technology company they would want to buy except perhaps Garmin or some other source of turn-by-turn data to counter Google.  All that cash is just balance sheet bling.
  3. MySpace has lost its mojo and is in desperate need of being cool, hip and relevant again. Apple would immediately polish that turd and erase the stench from the idea that Fox New and MySpace are owned by the same company, a definite issue for  many hipsters and “Hollywood Elites”
  4. Integrating with iTunes would instantly make all that music content, fan data and miscellaneous comments relevant, compelling and even VALUABLE and possibly even generate revenue by connecting directly to iTunes titles.
  5. The worst kept secret in the valley is that Apple is trying to become a player in streaming media to compete with the cable companies and possibly YouTube in the battle for the living room.  MySpace is well connected in Hollywood and could provide many of the same synergies for iTunes play to move from the laptop to the living room.
  6. Apple is known for amazing industrial design, clean, intuitive user interface and MySpace… uhm… MySpace could use some of that.
  7. MySpace is heavily invested in geo, so it has a nice foundation for a local play and provides some synergies for potential iPhone GPS based services that are currently powered by Google.
  8. Finally, MySpace is STILL a fairly major online destination. Convert iTunes visitors into web traffic and the combined entity is suddenly one of the top 5 web destinations with an enormous user base which is large enough to slug it out with the other platform players. Short of making a play for Yahoo, MySpace is the only property that could allow Apple to jump off the sidelines and compete on the social front.

If anyone at Apple is listening, now is the time to act, before MySpace either finds its way or becomes irrelevant. You may not be able to get into the Google OneBox, but if you play your cards right you could dominate the organic results for music, television and movies and bring users right to your door.  And if you do decide to go for it, just send me 1% for putting the deal together.

Update: 02/15/2010

MySpace CEO Owen Van Natta was unceremoniously fired last week after MySpace fell $32 million short of quarterly targets amid rumors on tension among the 3 top executives alone with some micromanagement from above, aka John Miller, head of News Corps Digital division.  Add another round of layoffs since November and MySpace is probably available for a song… or 1.55 billion songs @1.29/each in a deal which does not officially disclose the purchase price.