Friday 21 December 2007

Pick up the batphone

We have an incoming line to our team in the office for any customers having trouble logging into their online account/profile e.t.c. It's known as the batphone.

I found this very amusing, but it's not original; corporate batphones appeared on Wikipedia twelve months ago. Nevertheless 'batphone' is now up there with 'spam' in my favourite web buzzwords.

Why do IT people use comic book words for everything?
In my last job whenever someone from the IT department logged in as administrator to install a programme or release the child lock the password they used was one of or a combination of the following: be0wulf, sp1derman, wolver1ine, sup3rman.

Now surely this must stop in the interests of corporate security. If someone like Stan Lee decided to become a hacker he'd have access to half of the capitalist world in less than a month.

Thursday 13 December 2007

Is interlinking sites on the same server bad?

Many companies own many different websites. For example a publishing company may own 20 different sites for its 20 magazines. Now what's to stop them putting a link to each site in the footer of each site?

What's the effect on SEO of doing this?

I’ve looked into this linking issue and there are hundreds of conflicting views about the effects of it. I can’t find anything that says it’s either bad or good.

This forum covers both interlinking sides of the argument and leads me to the following conclusions:

  • Google will treat links between sites from the same server like internal links – some weight, not much.
  • From a usability perspective it would NOT make sense to include links to your unrelated sites in the footer.
  • From a usability perspective it WOULD make sense to include links to your related sites in the footer.
  • Spamdexing (linking lots of sites purely for SEO) is punished.
  • If you design for the user you won’t be punished.

Example
If a publishing company has a site for accountants it would make no sense whatsoever from the user's point of view to link in the footer to their site aimed at 10 year olds.

However if they were to link to a site for human resource professionals in the footer of the accountancy site it may make more sense.

Conclusion
If you think about this subject from Google's point of view why would they want to punish someone who's genuinely trying to give the user a good web experience and also encourage visits between related sites?

Link your relevant sites together, it will help your SEO as much as internal linking will (ignore internal linking at your peril), however don't do anything EVER that will not benefit your users, confuse them or send them to places they don't want to go.

Remember all those passwords and user names

So many websites, so many passwords, how do you remember them? Regularly clicking the 'forgot your password' link is my favourite.

I have to have a log in name and passwords for well over 20 sites such as email, social networking, ebanking, travelcard, supermarket loyalty cards, eshopping, YouTube, Wikipedia, the list goes on.

I regularly forget on logging in what password I've used or what user name i was forced to call myself as a result of all the obvious ones being used up when i registered.

The extent of this problem is highlighted by the fact that i can point you to an article on this subject from no less than 8 years ago. This article ends with the conclusion that we're stuck with remembering multiple user names and passwords until finger scanners are routine on computers.

Finger scanners! I admit i have seen laptops with these gadgets but it's still going to be 2050, flying cars and robots before every computer has finger scanners.

Add to this that web professionals 'recommend' using different passwords for different accounts as well as non-word passwords including symbols and numbers to avoid hacking.

So what to do? Well I've had a little look and come up with some options, listed in order of best to worst.

  1. Remember them! - This is what i do. Admittedly i forget my passwords as often as I drink tea but then every site has a 'forgot your password' link.
    Disadvantages: You might have the memory of a goldfish
  2. Write relevant passwords - For each site you use create a password formula. For example, the site name backwards followed by your dog's date of birth and all o's and i's replaced with 0's and 1's. ie. Facebook - k00becaf0308 There are far cleverer formulas out there.
    Disadvantages: Break the formula and someone has access to all your sites. Your formula is so clever you confuse yourself.
  3. Use cookies - Both Firefox and IE will store your passwords as cookies so that when you revisit a site you're automatically logged in.
    Disadvantages: Because you end up having to go through the log in process less, when the time comes when you have to log in (such as when on a different computer) you've completely forgotten your user name and password.
  4. Password managers - I don't like the idea of storing passwords as you just need someone to hack the password manager and 'bang' you've lost everything but according to this Simple Website Guide article there are some safe options.
    Disadvantages: Lose all your passwords at once.
  5. Use your browser's in-built password manager - A bit more advanced than cookies, Firefox will keep your passwords in its own password manager. IE probably does this too.
    Disadvantages: Same as cookies and password manager.
  6. Write them down - The most foolish of options but according to 'Orlick', apparently they'll be fine if you lock the paper away in a safe.
    Disadvantages: Anyone finding the piece of paper has access. For example someone breaks into your house steals the safe and can assume your online identity immediately.
  7. Create a new identity - Change your name, home address, date of birth and all personal details to create a new online persona. Use 'password' for all your passwords and when someone steals your identity, who cares? It's not yours anyway.
    Disadvantages: None, it's foolproof.

From this point on i will be known only as Miss Penelope Smallbone.

Update, 8th Feb 2008: Tech giants Microsoft, IBM, Google and Yahoo have joined the board of the Open ID Foundation which aims to streamline login systems across the web.

Saturday 8 December 2007

7 top tips to avoid email spam, phishing and fraud

As the web gets more sophisticated so does phishing (fraudsters trying to gain your personal information through masquerading as a trusted source).

One of my colleagues recently received the below spam/phishing email:
Date: Thu, 6 Dec 2007 19:18:58 +0800
From: Mars.zhou@netinchina.org.cn
To:
Subject: Domain names of Shedshow (to CEO)

Dear CEO,

We are the domain name registration organization in China, which mainly deal with international company's in china. We have something important need to confirm with your company.

On the Dec5, 2007, we received an application formally. One company named "Jufeng Holdings Limited" wanted to register following

Domain names:

shedshow.cn
shedshow.com.cn
shedshow.com.hk
shedshow.com.tw
shedshow.hk
shedshow.mobi
shedshow.net
shedshow.net.cn
shedshow.org.cn
shedshow.tw

Internet brand keyword:

shedshow

through our body.

After our initial examination, we found that the keywords and domain names applied for registration are as same as your company's name and trademark. These days we are dealing with it. If you do not know this company, we doubt that they have other aims to buy these domain names. Now we have not finished the registration of Jufeng company yet, in order to deal with this issue better, Please contact us by telephone or email as soon as possible.

Best Regards,

Mars zhou

China Net Technology Limited
Tel:+(852)-3059-3057
Fax:+(852)-3059-3080
Email: Mars.zhou@netinchina.org.cn

Web: http://www.netinchina.org.cn
A quick web search on some of the sentences within this email revealed other people who'd received this and replied, in many cases with quite shocking results (read the article comments). This forum also linked to in the above article features more people who've encountered this particular scam.

But what if you don't realise it's spam? In fact before this email was brought to my attention one of my colleagues had replied (any further emails i receive from these scammers i will be ignoring and deleting).

It's very easy to get duped. So, 7 top tips to avoid being scammed:
  1. Do you know the company / person emailing you?
    • If you answer 'no' to this question then this is where you should question the email's credibility.
  2. Do some research - the first hit i found on Google for "China Net Technology Limited scam" was somebody who'd received the same email.
  3. Does the email ask you to take action / spend money? - if 'yes', beware
  4. Can all the information they've included in the email be gained without knowing you? - if 'yes', beware
  5. Speak to people you know - if the email talks about domain names then contact your domain provider. If they ask for bank details contact your bank (using the number you know, not the number that may be in the scam email). If they ask to confirm your Paypal details contact Paypal (again not from links in the spam email but via the Paypal website).
  6. Beware lookalikes - It's very easy to make something look genuine online, for example a scammer could buy lloydstsb.org (as opposed to the real lloydstsb.com) to pretend to be your bank.
  7. Calm down - it may seem obvious but a genuine bank request or a genuine domain enquiry won't ask for immediate response and won't do so buy email, more likely than not they'll go through more official channels and post a letter to your home address or alert you when you log in to your ebanking or domain account (again using the URL you know NOT one in an email).
Related posts
Spammers target web nerds with Homer's email address

Monday 3 December 2007

Can social networking sites afford to bank on future success?

Facebook is playing a dangerous game holding off going public for a 'couple of years'.

The speed with which Facebook quickly became part of our lives (I knew nothing of Facebook this time last year) surely is a good indication of how the same thing can happen, and i'm pretty sure WILL happen when the next big thing comes along.

And it's a brave man at Microsoft who paid £117m for just a 1.6% stake in Facebook. Remember Friends Reunited? One of the biggest sites in social networking, it's now being forgotten and finding it's methods old fashioned less than two years after it was bought (entirely) for 120m. If something bigger and better does come along then Facebook may start wishing they went public at the height of their powers and before that valuation of £7.3bn starts looking steep.

There's nothing to currently suggest Facebook is waning in popularity (although I check my Facebook profile a lot less than i did 6 months ago) but if i had £117m to spend on social networking i'd be looking at the future of social networking, and i don't think that's going to be Facebook.

The internet is becoming more and more personalised, iGoogle gives you your own search home page, MySpace show no signs of being a flash in the pan with it's own brand of 'let the user decide what's best' social networking, social bookmarking / RSS / news aggregators and blogging lets users pick and choose their own news and opinion. Marketing emails are addressed to your name, and offer you products that they know you have an interest in, if they don't you hit delete. Even the spam i get now is personalised, "Dear Ed, would you like a 9 inch...".

Unless facebook starts to provide more flexibility to users on everything from what their home page looks like to who and what can sign up they are going to start leaking users to sites such as ning.com.

Ning is a 'network of networks', allowing users to create their own social network and surpassed the 100,000 social networks figure a couple of months back. I'd put good money on Ning receiving a large amount of investment soon and i wouldn't be surprised if that company's name began with 'Goo' and ended with 'gle'.

Now this is just one vision of the future, there are plenty more ideas in the ether, most probably on the desktops of university students with an interest in open source.

Just don't spend your £117m of investment without doing a bit of research.

TIP for CEOs with wads of cash: What social networking tools are your children using?

(Update: I've just read this business article online which sounds exactly like my article! It's either great minds thinking alike or plagiarism of the highest order.)

Related posts
Stop poking me, I'm bored of Facebook
Everyone's bored of social networking
YouTube, Facebook, BBC and Reuters discuss social media