Internet Sharks – Domain Registration or Daylight Robbery

A couple of years back I took advantage of an introductory offer on a .co.uk TLD domain name.
I can’t remember the exact deal, but at the time it was something like £2 for a 2 year registration.

At the time, that was cheaper than my current registrar which worked out at about £1.99 per year, so £2 for 2 years wasn’t to be scoffed at (especially when you are registering 50 or so .co.uk’s a month).

The first of them is nearing renewal and so the 60 day renewal warning turned up in my inbox, and as I expected they increased their renewal price to £9.99 a year.  I’d already started the transfer to my current registrar so it wasn’t a problem. As I said, I was expecting the hike, and I only registered with them to take advantage of saving a packet.

What I didn’t expect was an email from Nominet.

Nominet is the Internet Registry for ALL .uk TLD’s.

Continue reading “Internet Sharks – Domain Registration or Daylight Robbery”

Clueless about Malware (And probably life too)

Here is an excerpt from a post made to a group that helps/deals with Malware
reports on web sites.

I can no longer visit this site through google. “Warning – visiting this
web site may harm your computer!” This is just a lie and I think we all know
why this site is being persecuted. Keep your personal opinions and the opinions
of your investors out of it. The deeper I dig in to the StopBadware.org manifesto
the more obtuse your definitions become. A couple clicks and suddenly “Site
may harm your computer” turns in to “contains or links to badware or otherwise
violates Google’s software guidelines.” I hope someone sues you silly.

It just goes to show the general level of ignorance out there from people
that:

  1. Don’t understand the size of the problem with regard to the sheer number
    of infected web sites.

  2. Don’t understand the dangers to there own machines when visiting such
    sites.

Infected Web Sites

In one case alone last week, 10,000+ sites were hacked and malware placed
onto the sites.

In another case, a leading Advertising Agency that supplies adverts to 1000’s
of sites, unwittingly supplied an advert that carried malware.

And more alarmingly, a well known Anti-Virus/Spyware/Trojan Software manufacturer
had it’s own website hacked and malware placed on the site.

When Google or StopBadware report that there is malware on the site, you can
bet that there is a very high probability that there is (or was at some point).  The
false positive count is extremely low when you consider the number of sites
that are listed.

How Safe Am I?

Gone are the days when the you could say, “But I don’t use Internet Explorer,
I use Firefox/Opera/Mozilla” or “I’m on a Mac/Linux” etc etc etc.

You must keep whatever system you use patched with the latest updates and with
good Anti-Virus/Spyware and Rootkit detection. (If possible, use overlapping
coverage from multiple products).

With one worm alone, during 2007 there were over 17,000 variants.   That’s
around 47 variants a day.  The worm went through multiple mutations a
day !!

Most often a virus does not use a single attack vector, but will try a whole
series of attacks looking at multiple security holes and it won’t give in until
it finds one.

Protection from the bad guys and ourselves

Not everyone is vulnerable to being infected and we are talking a very small
percentage that are.  But a very small percentage of a large number of
users is still a large number of machines that are being added to ‘botnets’
on a daily basis.  Some reports put this at hundreds of thousands of newly
infected machines A DAY! And it’s increasing.

Web site visitors must do their part in ensuring that their systems are fully
protected, and web masters no matter whether large corporations or an “at home,
one man band” must also ensure that their systems are fully protected. That
includes any downloaded installations (such as blogs or forums).

Unlike the person above who appears to be in denial of any such problems,
the responsibility lies at both ends of the browser! Don’t become part of the
problem, become part of the fight back!

Google and StopBadware.org : Hide not Label

For those web masters or indeed visitors out there that are not aware, StopBadWare.org is a site that lists sites that contain malware.  This article doesn’t discuss how they malware got there, but more the way that Google lists them in its index.

StopBadware.org is a “Neighborhood Watch” campaign aimed at fighting badware. We will seek to provide reliable, objective information about downloadable applications in order to help consumers to make better choices about what they download on to their computers. We aim to become a central clearinghouse for research on badware and the bad actors who spread it, and to become a focal point for developing collaborative, community-minded approaches to stopping badware.

From: StopBadware.org

When a site is listed in Google as having badware on it, a warning is displayed similar to the following:

googlewarning1

The contentious part of the above warning is the “This site may harm your computer”.
When you click on the link within the Google index to a badware infected site, Google actually displays an information page telling you why you should not visit the site. (Note: I have purposely masked the name of the site above in order to protect the web site owner from being mentioned, the reasons why are discussed below).

If you want to see a warning for yourself, just go to the StopBadware.org site. In the search box, enter “.co.uk” for the search term.
Copy the ‘domain name part’ part of it but do not include the TLD and enter it in a Google search box.  (So if the domain was www.example-alien-web-design.co.uk, search for “example alien web design” not “example-alien-web-design.co.uk”.
This ‘should’ display a list of search results which will have the warning displayed.
Then click the search result to see the warning page.

My personal thought is that Google should just temporarily remove the site listing from the index rather than apply a label against that site.
You have to ask why Google apply that label and prevent ‘its’ users from clicking on that link within it’s index.
I can only guess at the following:

  • Google wishes to protect its users from visiting a site that has malware on it.
    (Google has checks in place, or one would hope that they do, that prevents falsely labelling a site as hosting malware).
  • Google is also expressing it’s desire to help remove malware from the ‘internet’ by contacting and informing web masters of malware upon the sites it finds.
    It doesn’t just list web sites, it does make a concerted effort to contact the web master of the site involved.

Google do have a right to stop users from visiting those sites infected, as potentially one could argue that they could be held responsible for forwarding its users to a site which ultimately costs the visitor time/money or both.
The problem is, that web masters feel that the label Google applies next to their entry in the index causes damage to the reputation of that web site as well as a loss of income. 

So why does Google apply a label?
Some have argued that it is the quickest method to ensure that the web master contacts them and the problem sorted.
(Sticking a big red flag next to your site does tend to bring it to your attention rather quickly when your users start complaining to you, OR, as should be happening, a good web master will find this out when he does his daily/weekly check).

I would rather Google remove the entry from the index altogether, not stick a “label” against the entry.  You can’t visit the site from the link in the index anyway (without a spot of cutting and pasting – at least you can’t in Firefox with my setup).You could say the link in the index is non-functional, so why bother putting it there in the first place?
Removing the infected site from the index achieves both points from above.

  • It prevents Google users from visiting the site.  The result is simply not returned.
    It is no different from the supplemental index, or at least very similar to the supplemental index.
    After all, the StopBadware database is exactly that. It is an index of sites that contain or are believed to contain malware.
    Just like the supplemental index, the results are still there, but you have to search for them in a specific index. 
  • Google can still contact web masters and let them know that their site has been placed into the ‘malware’ index as before.

The removal or placement into the “malware” index would be temporary. Rather than display a warning, it doesn’t display anything.  No harder to code than it is at present. 

Any decent web master will be monitoring his PR and his SERP placement.  Suddenly dropping off the main Google index should be pretty obvious to them.
And if his visitors complain that they are not finding the web site in the index, that too should draw the web masters attention to a possible problem.

Google will still be trying to contact the web master and the web master should also be encouraged to join Webmaster central (http://www.google.com/webmasters/) to keep an eye on their site anyway…

However, web masters have no right what so ever to complain about the damage to their reputation.  Malware is a problem, and is far more serious to their users than a lot would lead you to believe.  Ok, you could say that around 85% of your visitors would be vulnerable to being attacked by malware (due to the browser type, security settings and whether javascript is enabled). Of of that 85%, at least 50% of them would be very vulnerable, due to no firewall, no or an outdated Antivirus/Antispyware.
So there would be a large percentage of your visitors that could potentially be damaged or effected by malware.

  • You cannot say that some malware is less harmful than others.
    Malware is malware. Plain and simple.
  • You cannot say I have a set of known visitors and I know them to be safe.
    (You are complaining about being in the Google index, therefore you are potentially available to everyone who has access to the Google index).

What damage would be done to your reputation IF, one of your users blogger on a popular forum that they went to www.example.com and they got hacked.  That www.example.com has no protection, or www.example.com has bad security. Or they blame www.example.com for them installing the malware on their computers (regardless of the fact that www.example.com had NO knowledge of the exploit in the first place).
At least an entry in the Google index as at present is temporary and will be removed once Google are assured that the malware has been removed.
An entry on a web site would be within the index for a lot longer (if not ever).
And that’s if there was just one entry on one blog.  What you would do if your sites name was spread around the web by a disgruntled visitor (who was infected as a result of visiting your www.example.com)
There is no argument that the web master purposely allowed their site to become infected.
A web master of a major site earning major money will be running a much more secure system than a small time web hosting company (on a dedicated server or a shared web hosted account).  They are less likely to be the victim of an attack.
So it could appear that Google are against the smaller web hosts and web masters sin
ce you won’t find big web sites listed. That is simply not the case. 
It is just the simple fact that the smaller web site, web host or web master is more vulnerable to attack since they cannot or do not spend money on massive security defenses against malware attacks.

A web master has a responsibility to protect the visitors to their site. (Whether they rely upon the web host to do this , or whether they takes charge is another matter for discussion).
Google have the same responsibility to it’s users. They have chosen to protect their users by displaying a warning and not giving a clickable link to the infected web site.

I’d like to hear from Google as to why they chose the method they did, and for them to state why they don’t just remove the link temporarily from the index.

NIMBY’s vs. 36 Grays Lane

A soldiers Story (fictional)

250px-Basra_locationYou’re on your last patrol before your unit returns home after a 9month stint in Iraq.  You’re on point covering for your squad as they return to the Warrior after inspecting a suspected arms dump on the outskirts of Basra.

Spirits are high because tonight’s scran in the mess tent will be the last meal before you get home to your mum’s Sunday roast.  In 8 hours, you’ll be on the plane home in to the arms of the family you’ve been away from for so long. 

warrior

Your squad mates begin shouting, they are pointing towards 3 youths running out of a nearby building.  You are almost at the Warrior when there is an almighty ‘whoosh’, followed by a loud explosion.

 

When you open your eyes, you find yourself 20ft away from the Warrior.  You can’t focus on anything, you can’t hear anything. The dust is settling and you begin to see your surroundings. You try to clear the dust from your eyes, but there is something wrong. You look down towards your hand and there’s nothing there. In a panic, you try to stand, but you fall over.  The bottom of your left leg is missing. In pain you slump down to the ground as the rest of your unit reaches you.

The next time you wake, you find yourself in the Military Hospital in Basra.  The medics have had to amputate your right arm from below the elbow, you’ve lost the left leg below the knee, and you are blind in your right eye.
After a week or so, you are transferred to the facility at Headley Court.

The above could have happened to any number of our serving personnel in Basra or in fact any of the current overseas theatre of operations.  But in this case, it’s a fictional story. But there have been many of our service personnel over the years who have and are still going through similar experiences.

But the hardship doesn’t end there. Once the injured personnel come back to the UK, there is yet more pain to endure, but this time by the families of the victims themselves. 
Often families have to travel hundreds of miles to visit their loved ones.  Living in a hotel or bed and breakfast is fine for a brief business trip or a short holiday, but when the family themselves are having to deal with the emotions involved with supporting an injured loved one, it creates unwanted stress.

the fisher house In the US an organization known as “The Fisher House” exists which quotes the following on their web site.

Supporting America’s military in their time of need, we provide “a home away from home” that enables family members to be close to a loved one at the most stressful time — during hospitalization for an illness, disease or injury

Headley Court and the SSAFA

RAF Headley Court near Epsom in Headley, Surrey, England deals with with UK Military Forces personnel with physical disabilities obtained during service, and also deals with patients suffering from post-traumatic stress disorder.

With a dedicated staff of around 200, the care it provides is essential to the recovery of the personnel.  In 2005, Major David Bradley of the Princess of Wales‘s Royal Regiment was given a five per cent chance of survival as a result of injuries received whilst on duty in Iraq during 2004. Headley Court played a vital part in ensuring he had the best chance of recovery.

Having family around you during recovery is an important factor (and I know this from personal experience). Not only do families have to deal with looking at the some times horrific injuries to their loved ones, many patients will often reject the attention of their families, pushing them away as a result of their injuries, which causes further stress. 

The Soldiers, Sailors, Airmen and Families Association (SSAFA) exists in the UK to help out where ever it can.

ssafa The Soldiers, Sailors, Airmen and Families Association (SSAFA) Forces Help is the leading national charity committed to helping and supporting those who serve in our Armed Forces, those who used to serve, and the families of both.  We provide a reliable, caring and trusted service to more than 50,000 people each year.

36 Grays Lane

 The SSAFA were hoping to provide a home away from home for the family members visiting loved ones being treated at Headley Court, but met with some unexpected resistance from local residents.

It appears that a bunch of NIMBY’s have been coming up with all sorts of reasons why 36 Grays Lane should not be used by SSAFA.  To see some of their reasons, visit the 36grayslane web site.

36grayslane has been set up to highlight the actions of the Management Company representing the local residents and to gain support for the SSAFA campaign.
If ever there was a perfect example of the phrase NIMBY, they are it.

It as if they don’t want their neighborhood spoiled by having “the lower class” families of our service personal living in their area.
None of their concerns expressed (detailed at this page at 36grayslane have any merit what so ever.

Every single resident who has signed up in protest to the SSAFA proposal should be given a guided tour of Headley Court and spend time with the visiting families.

Each of the residents who signed up, should be ashamed of their selfishness and total disrespect for the families of our service men and women who have given more than most to protect our beliefs and interests.

The people at 36grayslane have a guestbook that you can sign to show your support.

There is also a petition set up on the 10 Downing Street E-Petition site.

The rest of the UK needs to show those residents of Grays Lane who are objecting just how pathetic their actions are.

I wouldn’t mind if they founded their objections on anything reasonable, but they are not. Laughable at best.
If it were a travelers camp, nightclub, sex shop or something similar to those, I could see their argument. But the truth of the matter is that the house run by SSAFA would hardly be noticeable. Their argument shows snobbery and contempt beyond belief.

Planning to Get Away?

Over at  they have a great online trip planner that allows you to build your itinerary for your complete trip.

Once you have added all of your intended destinations, you can sort out the dates and route that you intend to take.
They also have a great dynamic route map that shows your planned trip in an easy to follow layout.

When trying to organize a trip like this, one of the hardest parts is having to visit multiple sites to find all the information you need.  I’ve used the site to plan an upcoming trip, and the trip planner made the whole thing painless.

And if you are unsure of the place you are visiting, there are plenty of reviews and photographs from others who been there previously.

It even allows you to create your own notes and any other useful links that you find and save them with your itinerary.

Once you have saved your trip, you can email it to friends and family to keep them informed about your trip. (A great idea for young people to keep parents aware of your plans).

UK Rainfall Radar

What with all the recent rain and floods of late, I’ve just only found a great site for checking out the latest UK Weather Radar.

There is one at the UK Met Office but the advantage of the new one I found at Meteox is that they provide an RSS Feed (see below).

They also allow you to define your UK location using a neat Google Map API interface to give a picture of your actual location.

With the weather coming up this weekend, it might be a good idea to use something like this to keep an eye on the rain.

If you want to use the following JS on your site, just cut and paste the following code into your template where you want the feed to be used:

<script language="JavaScript" src="http://yaps4u.net/feed2js/
feed2js.php?src=http%3A%2F%2Frss.meteox.co.uk%2F&chan=y&
num=1&date=y&html=a"
type="text/javascript">
</
script> <noscript>
<a href="http://yaps4u.net/feed2js/feed2js.php?
src=http%3A%2F%2Frss.meteox.co.uk%2F&chan=y&num=1&date=y&
html=y"
>View RSS feed</a>
</noscript>

Why You Should Never Use Your ISP For Business Email

This is a partial extract from an article I’ve written for another website.

You can find the full article available here (PDF | WORD | OOD)

Why you should never use an ISP Mail address for Business

As a member and contributor to various Anti-“spam” forums, this is a subject that often appears.
Now unless you have some technical understanding of how mail works, it is not surprising that many people are not aware of the pitfalls surrounding email.

This document will discuss the issue of using any ISP for email, and examine the various other options available.

The title was intended to be contentious in order to provoke the reader into understanding the concept of why it is potentially harmful to your business not to understand the effects of not controlling your email. It must also be made clear that there are good ISP’s out there with which you could have no problems what so ever, but the points raised below still hold true for ANY ISP.

Contact Email Addresses on your Web Site.

Most companies will provide an email address on their web site as a means of contact.
There are a couple of main reasons why this can lead to problems.

  • Masses of “spam”.

  • Users unable to send mail to the address.

  • User sends mail, but it’s not received by you.

Getting No Replies to your Mail?

Imagine you have received an inquiry from a customer.
You send a reply, but never hear anything back.
You send a further reply, but still nothing back.

Or imagine you send out a newsletter from your own ISP mail account.
But you have a really low return rate.

Does this mean that your customers are just not interested in you now?
(Then why would they contact you in the first place).
The chances are that the customer never received your mail in the first place.

You can find the full article available here (PDF | WORD | OOD)

Masterseek: Why Google for anything less?

Masterseek | Business to Business Search EngineWhen you search any popular search engine, the results are varied, cluttered and full of results that you generally have no interest in.

Masterseek is a business to business search engine.  Basically it’s a yellow pages of nearly all the business links and information that you would ever need or want.  It’s global too, so you are not restricted to a specific country.  To that effect, it has a nifty little search for quick searches, and a simple to use Advanced search when you really know what you are looking for, but just don’t know where to find it.

 

 

 

To quote from their website

Masterseek® Business Search Engine

Masterseek’s global search engine provides quick and free access to company profiles, contact information, and descriptions of products and services from more than 45 million companies in 75 countries.
You can also search in your own country or worldwide and find business partners, sales opportunities and new avenues to expand your business and increase your company’s profitability
Enter your company profile and showcase your products and services to the global community

Check out masterseek for yourself.

Get Paid to Blog?

Is it real this time? Can you really get paid for blogging?
No, I don’t mean, you sign up and post on someone else’s blog and they pretend
to pay you in shares or something.
Or, no, I don’t mean you join 1000’s of other mugs who sign up and basically
provide the parent sites content (which they then sell on at 100x what they
paid you, or they rake in bucket loads of PPC revenue).

I mean you get paid to blog about what you choose to blog about on your own
blog.

If you are going to write something on your blog anyway, what is the harm
in checking on Bloggerwave,
seeing if your topic is on there and getting paid a few pennies anyway.  Even
if its a miserable $10, that’s double what you probably (should) be paying
for your monthly web hosting costs.  Write one of those a month and all
your web hosting is free.

And it might even get you into the habit of blogging more regularly. 
It’s a brand new site, but I was asked to check it out for a client of mine.
Sign up process was easy, nice user interface and all in all it appears a pretty
good bet.

Get Paid to BlogRemember,
you don’t have to pay them anything, you just have to post like you was going
to do anyway. So what you got to lose just for looking? 
Check out Bloggerwave and
make your own mind up…

Knockoff Goods, Replica Purses? Legal or Immoral?

I was just about to send out a task to the guy that writes articles for me today when at the last moment I thought I would check out the web site requested.

Basically the job description said something along the lines of :

Ashleysboutique.com sells inspired by handbags of Louis Vuitton, Coach, Prada, Gucci, etc. Our target market is USA fashion conscious women.

Fair do’s said I.  Should be simple for them to complete.
But then visiting the web site I notice that they sell Replica Purses, Knockoff Handbags, Knockoff Wrist Bands and much much more.  I didn’t realize that inspired in the job description actually mean ‘knockoff’ or ‘replica’.  Now ‘knocked off’ in the UK means stolen, but these goods don’t appear to be stolen.

Now admittedly, they do not hide this fact.  And since the site is based is hosted in Canada, perhaps these are legal copies of the originals and what the site is doing is legal too.

When you compare the prices of the goods at Ashleysboutique.com  to those at the original artists sites, there is a big big difference.

Louis Vuitton: luxury leather luggage, French fashion designer

Coach Leather Goods

Prada

Gucci

Now I wonder what these sites think of Ashleysboutique.com.  The site isn’t new, so you would think that if it ‘were’ illegal in the US/Canada, it would have been shut down a long time ago.

Go visit the site and see for yourself.  If it were not for the price, you couldn’t tell the difference. (Can’t say anything for the workmanship, I’ve never seen one before).