ronald a. richardson » google

Important Internet Organizations Hacked by the Devil

Ronald — Thu, 05 Feb 2009 20:11:53 +0000

Ace Smith asked:

According to researchers, Turkish hackers were able to vandalize international organizations’ official site that works to supervise the important routing infrastructure and control domains of the Internet.

The group named themselves as “NetDevilz”. They managed to momentarily reroute visitors to the web sites for ICANN (Internet Corporation for Assigned Names and Numbers) and IANA (Internet Assigned Numbers Authority).

The researchers at zone-h.org, an organization that gather evidence of attacks which includes page vandalism and reroutes, stated that visitors who were visiting iana-servers.com, icann.com, iana.com, internetassignednumbersauthority.com and icann.net were redirected to an illegitimate website. The zone-h.org were able to get a snapshot of the bogus site and it has this statement written on it “You think that you control the domains but you don’t! Everybody knows wrong. We control the domains including ICANN! Don’t you believe us? haha (Lovable Turkish hackers group)”

IANA is the organization that is responsible in supervising DNS root zone and allocating DNS operators for the top-level domains of the Internet like .org and .com. DNS (Domain Name System) translates the URLs and domains like google.com into an IP address which is an important element of the traffic-guiding infrastructure of the Web.

ICANN supervises IANA and assigns IP address space and controls the top-level domain naming system of the Web.

Maybe, not coincidental to the vandalism, just recently ICANN was in the news voting to relax the rules in allocating and controlling top-level domains. Voting to relax the rules means that organization and other companies can ultimately take control of their own domains. For instance, ebay.com can take control of the .ebay domain and Google can run the .google domain.

Dancho Danchev posted in his blog, a Bulgarian security researcher that the hackers were also able to redirect the visitors of the site Photobucket Inc. into a German hosting service Atspace.com they redirected and used similar IP address, specifically 82.197.131.106, to redirect ICANN and IANA traffic. Some of the defacements done to the sites are still active at the moment. Photobucket still has not releases any official statement but Atspace.com already did.

The spokesman for ICANN was contacted and he was informed about the hack but he stated that he was not aware of it and will not comment until he find out more about the attack.

Zone-H has already sent an email to NetDevilz hacking group asking them on how they were able to hack the domain names. But as expected they decline to reply, so speculations are taking place that states vulnerability of cross-site request forgery or cross-site scripting.

Caffeinated Content

Website Hacking Prevention Measures

Ronald — Sun, 01 Feb 2009 06:35:00 +0000

Kevin Sinclair asked:

Website creation is a very popular activity on the internet. As more and more people discover the many possibilities of having their own website, more of these pages are being created on the internet. It is essential that a website is created in more than just a way that is attractive to visitors. It should also be protected in such a way that there is a higher level of security. There are many individuals who actually spend a majority of their time hacking various websites online. In this article, you will learn about the importance of website hacking prevention measures.

Website hackers use numerous kinds of computer programming languages in order to break down the security on websites on the internet. The most popular computer programming language that can be invaded is that which uses XXS. This is a cross scripting type of computer language that is often used to cross websites. When creating your online website, it is essential that you ensure that all fields and other areas of the website are properly protected from the potential hacker.

Many website owners have a special area on their website where they attempt to gather personal information from the visitors. This may include gathering an email address, an address, and other types of information. It is important that this part of the website is properly protected from hackers. Not only can this type of hacking jeopardize your website, but it can also jeopardize the personal information that your visitors enter on the website. It is important for you to make sure that this part of your website is properly encrypted by HTML.

Many website hackers engage in a practice that is commonly referred to as “Google Hacking”. Individuals who use this type of hacking often attempt to discover information about a particular website that is listed on Google by searching for information that is normally considered to be unauthorized. They will attempt to retrieve information that pertains to the tracking tools that are often used by website owners. This information, when in the wrong hands, can actually jeopardize your website.

Individuals who gain access to information on a website through Google hacking techniques may get access to the following information:

- The cache of the website

- Various types of files that are listed on the website

- The link that is used to promote the website

- The intitle and the inurl may also be accessed

Many website owners create their website in such a way that they can access the information across many platforms. However, this can prove to be a danger when it comes to website hackers. By using Google hacking techniques, the pages that are on the website can be easily hacked because the pages are often available for editing purposes. If there is a query made into the search engine, these pages can easily be accessed. If a hacker accesses this information, they can do virtually anything to your website pages. This can prove to cause you financial loss. This is especially true if the hacker places information on your website that can hurt your reputation.

Luckily, there are many techniques that website owners can use to prevent the possibility of hacking. First, the data that you use to compile your website pages should never be allowed to sit on a server. This information should be saved locally. This means that it should be saved to your computer. In turn, you should make sure that the computer is protected by a password that contains alphanumeric characters. This way, if someone attempts to access your computer system remotely, they will be unable to do so.

You should also ensure that the password that you use to make changes to your website is also secure. When saving the documents that are part of your website, it is important that you create them in such a way that others are unable to access this information. Many tips for this include integrating a “disallow” function on the website and attached to all the documents. By taking these steps, and being aware of what the dangers are when you do not, you are sure to prevent the possibility of hackers.

Caffeinated Content

Using Trends to Drive Traffic – Joomla Hack Vs. Wordpress Hack

Ronald — Sun, 01 Feb 2009 03:54:10 +0000

Jj Kennedy asked:

Although I usually post on topics related to business strategy or marketing, a few weeks back I posted an article about my experience of getting hacked and a related tutorial on how I went about recovering from my Joomla site hack.

Apparently I wasn’t alone. In the ensuing weeks, it has become my most visited post and has encouraged more people to sign up for my feed than any other article I have written.

That got me thinking about the power of trends and how I might go about using what people are already searching for to grab peoples attention.

Paris and Britney can help you…maybe

This article is not about recovering from your site getting hacked. Instead is about trends, how to find out what they are, and how to take advantage of them to help drive visitors to your site.

To track what is hot (no Paris pun intended), I usually use Google Trends.

http://www.google.com/trends

This is a free service and allows you to compare different search terms for relative search volume, where these searches come from, and for more popular terms, they also link relevant news articles to search volume peaks.

I have never been a trend marketer

It’s not that I can’t or that I find it morally offensive. The simple fact is that I have never been particularly hip, trendy, or ahead of the curve on the newest fad. I tend to stick to long term marketing strategies with tried and true metric analysis. My method is similar to how I invest. I don’t day trade and I prefer to plan on the 10% long-term average rather than looking at my portfolio every day (Thank god since my balance is in the crapper over the last year) It’s not sexy, it’s not hip, but it has worked in every business I have run and made me a millionaire in the process. That’s cool enough in my book.

But I also realize that blogging is a new game. Especially for me. I have only been doing this for a few months, so I am also in the experimentation stage. I am starting to understand that there may be real marketing value in occasionally chasing after the shiny new firetruck to roll down the street.

Here is how I use trends to drive traffic:

OK. My own stats prove that waaaay more people are searching for help on recovering for a site hack than they are for advice on how to build a solid marketing strategy. I get it. I’m sad, but I get it. So, assuming I am going to hop on the trend band wagon, how do I decide what trend to follow, and how do I incorporate it into my area of expertise?

Here is what I did:

I know my site got hacked.

I know that people are interested in the topic

I know that I have sites that use both Joomla! And Wordpress

I know that both types of sites have similar weaknesses

So I pulled out my trusty google trend search and compared the search volume for “wordpress hack” and “joomla hack” What I found was that Joomla was searched a bit more often and there seemed to be a spike back in Q3 of 2008. Because there was not much news coverage on the events, there were no links tied to the spikes, but if you search some other topics: For example Bush vs Obama, you will see that there are usually specific events tied to peaks and valleys.

So how does this help me?

Well for starters, it lets me know that Joomla seems to be searched for a little bit more often than Wordpress, especially in Q3 of ’08 for some reason. At that point, I might want to try to dig into the details further by seeing what actually happened during that time period.

What I was hoping to see was a huge difference in popularity which would give me a clear cut direction on which topic to focus on.

For example: In the case below, if I wanted to find some way to incorporate a train-wreck whore into my article, the choice is pretty clear. Paris is the slut of choice.

So going back to my Joomla Hack Vs Wordpress Hack, my plan is to create a tutorial for BOTH now that I have this information. Since there is no clear cut winner, but both have a decent amount of search traffic, I might as well proceed with a tutorial that can help visitors deal with the pain in the ass of a hack on either platform.

The second thing I plan to do is what you are reading right now. That is – write an article in my area of expertise that ties in poplar search terms with my content. Now there is the danger of this article being completely irrelevant to those searching, and that is a real risk. But the relative small amount of time it takes to create an article, and my own results proving that people will sign up for my marketing and strategy feed based on a technical tutorial seem to be proving me wrong. My stats will ultimately prove this one way or another.

Isn’t this another “Punch the Monkey” banner?

In case you haven’t seen it 10 million times already, the “punch the monkey” banner is a slick and clever banner ad featuring a monkey that scrolls back and forth and you have to use your mouse to “punch” it with a giant boxing glove. This click then takes you to whatever website the banner is pointed to. This banner has been used on everything from dating sites to mortgage brokers. Granted the click through rate is HUGE (everybody loves to punch a monkey apparently) but there is usually zero relevance to the final site and whatever goal the site owner had for your visit is rarely fulfilled. (Would you submit a mortgage application from this banner?) Granted some miniscule percentage of the population may be looking to refinance their home at the time, but chances are, most clicks are wasted.

The key to using trends to help boost your marketing is to actually offer something related to the hot keyword. In my example, I DO have content on my site that teaches someone how to recover from a site attack. In addition, many of the people suffering from the same attacks I had are also small business owners, bloggers, and marketing folks that could benefit from seemingly unrelated content on my site.

As a funny closing note, I also have proof that complete irrelevance will NOT boost sign-ups. It goes like this: When I first started my blog I wrote an article called “The Jennifer Lopez Model vs. the Dolly Parton Model vs. the Kim Kardashian Model.” At that point I wasn’t concerned at all about driving traffic to my site and in no way was trying to use those name searches to drive visitors to my site. The goal was simply to be clever (The article is about different marketing approaches…big back end, big front end, big front and back end) I still think it’s funny, but that’s me.

Anyway, lots of people enjoyed the article, but I can tell you that it’s also the highest abandon rate page on the entire site. That tells me that many of the visitors were in no way interested in what I had to say..and rightfully so.

The key is relevance. You CAN make popular search terms relevant to your content. You CAN make strategic decisions based on trend results. You just need to be smart about how you do it.

As always, I’d love to hear what you think or comments on your own experiences using trends as a diving board. I’m usually pretty solid in my ideas on what works, but in this case, I’m just throwing crap on the wall to see what sticks. I’ve been proven wrong plenty of times before. I have no issues with it happening again.

Caffeinated Content

Textecution aiming to prevent texting while driving

Ronald — Tue, 23 Dec 2008 14:27:27 +0000

A newly released app for the G1 is trying to prevent users from texting while driving, simply put Textecution “completely disables texting while the car is in motion.” The app uses the built-in GPS and deactivates the SMS
capability when the phone is moving faster than 10MPH, and then once the speed goes back under 10MPH the SMS will be unlocked and available within a few seconds. It was also noted that the parent (or administrator) can grant exceptions if needed. Such an example would be if the user happened to be on another moving vehicle such as a bus or train. Of course, this would also limit their use even when they are not driving, even a passenger in a car would be traveling faster than 10MPH.

It is hard to deny that texting while driving is dangerous, I would even say it could be worse on a touchscreen device where you cannot feel your way around the keys. I also applaud eLYK Innovation for coming up with such a unique app, however there seems to be a pretty simple flaw — there is nothing stopping a crafty teen, or employee from simply deleting the app from their handset.

The developers have acknowledged the ease of which the user could simply delete the app, and are considering making that harder to do in future versions. Bottom line, these seems like a nice idea, and many help some people, but overall there seems to be plenty of times where someone could be moving faster than 10MPH and not need their texting ability disabled.

Textecution is available for download from www.textecution.com and retails for $9.95.
(I think it should be free)

Google Chrome

Ronald — Thu, 04 Sep 2008 00:58:41 +0000

Google, just released a BETA of their new web browser. I’ve just downloaded it, and I like it so far. This may become the default browser for Verdis if it is ever released for linux. Here’s what Google had to say:

At Google, we have a saying: “launch early and iterate.” While this approach is usually limited to our engineers, it apparently applies to our mailroom as well! As you may have read in the blogosphere, we hit “send” a bit early on a comic book introducing our new open source browser, Google Chrome. As we believe in access to information for everyone, we’ve now made the comic publicly available — you can find it here. We will be launching the beta version of Google Chrome tomorrow in more than 100 countries.

So why are we launching Google Chrome? Because we believe we can add value for users and, at the same time, help drive innovation on the web.

All of us at Google spend much of our time working inside a browser. We search, chat, email and collaborate in a browser. And in our spare time, we shop, bank, read news and keep in touch with friends — all using a browser. Because we spend so much time online, we began seriously thinking about what kind of browser could exist if we started from scratch and built on the best elements out there. We realized that the web had evolved from mainly simple text pages to rich, interactive applications and that we needed to completely rethink the browser. What we really needed was not just a browser, but also a modern platform for web pages and applications, and that’s what we set out to build.

On the surface, we designed a browser window that is streamlined and simple. To most people, it isn’t the browser that matters. It’s only a tool to run the important stuff — the pages, sites and applications that make up the web. Like the classic Google homepage, Google Chrome is clean and fast. It gets out of your way and gets you where you want to go.

Under the hood, we were able to build the foundation of a browser that runs today’s complex web applications much better. By keeping each tab in an isolated “sandbox”, we were able to prevent one tab from crashing another and provide improved protection from rogue sites. We improved speed and responsiveness across the board. We also built a more powerful JavaScript engine, V8, to power the next generation of web applications that aren’t even possible in today’s browsers.

This is just the beginning — Google Chrome is far from done. We’re releasing this beta for Windows to start the broader discussion and hear from you as quickly as possible. We’re hard at work building versions for Mac and Linux too, and will continue to make it even faster and more robust.

We owe a great debt to many open source projects, and we’re committed to continuing on their path. We’ve used components from Apple’s WebKit and Mozilla’s Firefox, among others — and in that spirit, we are making all of our code open source as well. We hope to collaborate with the entire community to help drive the web forward.

The web gets better with more options and innovation. Google Chrome is another option, and we hope it contributes to making the web even better.

New SDK Released! 0.9 Beta now available.

Ronald — Thu, 28 Aug 2008 01:20:06 +0000

Google has FINALLY released a new public SDK. Google’s Dan Morrill writes:

I’m pretty happy today, for two reasons. First, I’m happy because I get to let everyone know that we’re releasing a beta SDK. You can read about the new Android 0.9 SDK beta at the Android Developers’ Site, or if you want to get straight to the bits, you can visit the download page. Once you’ve got it, be sure to visit our Developer Forum if you have any questions.

[...]

you’re probably wondering what’s actually new in the SDK. Well, you should read the Release Notes, the Change Overview and the API Delta Report for all the details, but here are a few highlights:

* First and most obviously, the new Home screen is included, along with a ton of UI changes for 1.0.
* Some new applications are included: an Alarm Clock, Calculator, Camera, Music player, Picture viewer, and Messaging (for SMS/MMS conversations.)
* Several new development tools were added, such as a graphical preview for XML layouts for users of Eclipse, and a tool for constructing 9-patch images.
* Since we’ve got a new Home screen application now, we thought the now-obsolete version from the M5 early-look SDK might be helpful to developers, so its source is included as a sample.
* A number of new APIs are fleshed out and improved, and others are now close to their final forms for 1.0.
* Tons of bugs were fixed, of course. (If you had problems with the MediaPlayer, try it now!)

Android developers have been (not so) patiently awaiting for this release! Get porting!