Archive for October 2011

Facebook Immune System   6 comments

Facebook has an extraordinary security infrastructure known as the Facebook Immune System  to fight spam and other cyber-scams.

The Facebook Immune System (FIS), has a massive defence network and has considerably reduced spam. It took time for FIS to evolve into an all seeing set of algorithms that monitors every photo posted to the network, every status update and every click made by everyone of it’s users.There are about 25 billion of these “read and write actions” everyday. Facebook’s defence system is one of the largest in existence.

It protects against scams by invoking artificially intelligent software to detect suspicious patterns of behaviour. The system can learn in real time and is able to take action without human intervention.

Some months ago there was a notable attack on Facebook. Several users were duped into copying computer code into their browser’s address bar. The code commandeered the person’s Facebook account and stated sending chat messages to their friends, along with a link where the friends could get their own free ipad. Friends who clicked on the link went to a site that encouraged them to paste the same code into their browsers. These type of attacks can generate millions of messages per minute.

Users are less likely to fall for a similar tactic when using email, because a message would have to sent by a stranger. It’s easier to exploit trust relationships in social networks.

To handle such attacks FIS has generated a signature to differentiate between spam and legitimate messages. The links in spam messages that contain keywords like “free” and the IP addresses of the computers sending the messages.

Spammers use multiple machines for the purpose of switching IP addresses, and use link redirection services to change links in real time. FIS checks to see which messages are marked as spam by users and blocked the messages with similar keywords in the text. The system developed a signature that can detect spam within seconds of an attack.

Any defence based on patterns of known behaviour, FIS is vulnerable to new strategies not known to it. “Socialbots” -software that can pose as a human and control a Facebook account can exploit and elude this defence system. The bots send friend requests to random users. Then they send requests to friends of people they had connected with. The number of accepted requests will increase considerably.

Facebook’s privacy settings allow users to conceal personal information from public view. Since socialbots pose as friends, they are able to extract thousands of email addresses and physical addresses from users’ profiles. This information could be used to launch phishing attacks or aid in identity theft.

Social bots behave differently to people that enter Facebook for the first time because they have no real-world  friends to connect with.

Social Media and SEO   19 comments

As people interested in growing website traffic, it is important that we understand social media and SEO. SEO is the one that, through time and understanding, will bring you the most traffic, most consistently. But social media can do some surprising things for your business.

The main way that SEO and social media intersect is in the area of links. Social media sites have them, and SEO needs them. You can use social networks such as Facebook and Twitter to generate inbound links from popular, high-TrustRank websites. You could use social media campaigns to attract links from news sites, social bookmarking sites, and popular blogs.

Social networks like Facebook, YouTube, and Twitter represent the masses. And while a single link or status update on one of these social networks has no significance, there is great power in numbers. If you post a link to a video you took, and it strikes a chord in the average person, she will share it with her friends, who will share it with their friends, and so on. If you are the creator of a piece of content that goes viral, your website can get links rained upon it. This is why social media is a powerful complement in the world of SEO. In the future, SEO and social media will evolve together to incorporate our profiles, preferences, and relationships into search results.

The flow of information: Traditionally, the most powerful ways of getting exposure have been advertisements, press, and word of mouth. Although these tools have always been the backbone of marketing, the rise of social media websites has opened up a whole new world of possibilities for online marketers.

In the past,you might see an ad in a magazine, stare at it for a few seconds, and then either remember it or forget about it. Now the same company might place an ad on Facebook. Recognizing the company, you might click Like underneath the ad, indicating your acceptance of the brand. The next day, because of that “like,” you might get a status update showing you a YouTube video that the company made as part of a campaign for a new product. Finding the video interesting, you might then post it on your friend’s profile page. His 1,000 friends might then see it, and 3 of them might post it on their friends’ profile pages. An additional 2 of your friend’s friends might tweet about it, exposing it to their 800 combined followers. One of those peoples’ followers might then submit it to a social bookmarking site such as Digg, where the best content of the day gets posted on the home page. If enough people voted for this video, it would hit the front page of Digg, get 150,000 additional views and 550 comments, and even more sharing would occur. Because of the Digg exposure, 15 blogs might repost the video, including a major outlet that gets millions of visitors per month. And on goes the sharing. That entire journey started with just one click.

The significant event, SEO-wise, in that story was the part where the blogs reposted the video to their sites. If 15 blogs repost a video, that’s 15 links to a single web page. In this case, the web page hosting the content was on YouTube, but it could easily have been hosted on your website. As you know from earlier chapters, acquiring a link can be pretty tough in an age when most webmasters understand the value of linking.

Social Location Marketing   1 comment

Social location marketing has the ability to impact the purchase decision cycle at all points—brand awareness, brand elevation, brand consideration and purchase. The concept of the purchase decision cycle is best defined as the continuous loop through which customers become aware, consider, select and finally reconsider purchases.

In the pre-social media market place, the purchase decision cycle involved much less influence from strangers. Purchasers were influenced by a closer network of people. Purchasers were also unable to take part in the level of comparison shopping that they are able to do now. With the advent of the internet the travel requirement declined but it still took time to visit all the websites and make notes on which product had which features and which site was offering the best prices.

Price comparison sites quickly became popular with members posting coupon codes and special offers as they became aware of them. Social media took all of this to the next level. Twitter and Facebook users can post a question and receive hundreds of responses about the best deals, perhaps even getting responses directly from brands themselves.

What differentiates social location sharing from much of the rest of social media marketing is that it is specific to allocation. It happens as someone becomes or is in the process of becoming a customer,visitor, or user. When users check in at a specific location, they are publicly declaring an affinity with that location. Wittingly or unwittingly, they are making the statement that they use this location as part of their lives. Whether it is a grocery store, a clothing shop, a restaurant, or a hair salon, the effect is the same. They are telling the people in their networks, all of whom they have selected to share with, that this is a place they go to.

Perhaps at times they want to promote a local business because of the great service they have received from them. They believe that by announcing this location and its great service, they are helping to promote and prolong the business. All of these motivators can be leveraged by marketers and all have their place within the purchase decision cycle.

Brand Awareness: Making the target audience aware of the existence of the brand. This is traditionally something that is associated with advertising, but in the current environment of a society that is more “word of mouth aware,” getting existing customers to be your advertisers/advocates is a much more common effort. Social location sharing tools are
most definitely achieving that. These tools broadcast the fact that the user is not only grocery shopping but is shopping at a specific grocery store.

Brand Elevation: Making the target audience aware of a brand is not usually enough to trigger a purchase. Rather, having made the target audience aware of the brand, the next step is to move the brand into the consideration stage of the purchase decision cycle. To do that, the brand needs to position itself as a better choice than its competitors. Again,
social location sharing tools play their part here. Having an advocate in the form of a social location sharer share her decision to make a purchase at a location immediately aids that business in providing a reason why it is different from its competitors.

Consideration: This stage can be immediately before purchase or can be several months, even years ahead of purchase. Much of this depends on the immediate need of the purchaser, the price point of the product or service, and the amount of information available. A customer looking to buy a pair of jeans is unlikely to spend the same amount of time in the consideration phase as a customer buying a new car or even a home. However, social location sharing tools can and do play a part in all these decisions. Users checking in at the Apple store, for example, are stating a preference for a particular brand, but they are also stating a preference for a particular type of technology.

Purchase: Checking in at the time of purchase, and announcing that a purchase has been made, is obviously the most powerful use of these tools. Each of the tools allows for this in different ways, but at the most basic users can tag their check-in and in doing so start a conversation on other platforms such as Twitter.

Multiple Commerce Sites   Leave a comment

From a business point of view are multiple commerce sites critical to a company. In some cases multiple sites can improve profits but is not critical to the business. On the other hand, in many situations multiple sites are an essential part of a company’s commerce business.

Suppose a company that has a profitable business selling a particular product.  The company may generate additional revenue if it created sites targeted to different kinds of needs of the people using the product. However, each additional
site would require additional effort to administer it, such as designing the site, creating the content, and deciding which products it should have. Each site would also carry some cost. Perhaps the company’s owners are perfectly happy with their current business, and are not interested in the additional costs and complexities, even if they could generate some extra income from extra sites.

By contrast, in many business scenarios, multiple sites are critical to successful online commerce. Suppose a company sells to both businesses and individual shoppers. The requirements of business purchasing are different from customer shopping. The checkout process, presentation of products, registration of customers are all different in business-to-business (B2B) compared to business-to-customer (B2C). If a company insists on a single site dedicated to both B2B and B2C markets, either the consumers or business customers will find it complicated to use the site.

Multiple Geographies: Selling in more than one country presents challenges that are difficult to meet with a single site because each country has unique market conditions, culture, and regulations. These country-specific conditions can affect not only the choice of products and the pricing, but also other aspects such as the presentation of the site and advertising. Each country site is designed so that the language, currency, advertising, and even products all correspond to the country’s needs.

Pricing: Even if the products sold in all the countries are the same, chances are that prices will be different. For example, if the USA price is $49.99, and the conversion rate to Canadian dollars is $1US = $1.22280CAN, by simple conversion the price would end up at $24.44. However, it is unlikely that in Canada the product will be priced that way, since this converted price looks uneven, ending with 44 cents rather than the usual 99 cents. Also, the business would probably want some stability in pricing so that it does not change with every currency fluctuation. The price also needs to reflect local costs. In this case, the Canadian price might be $25.99, to make sure that the price is both stable and profitable in the Canadian market.

Another factor that affects pricing is local competition. In our example, if this same product has more competition in Great Britain, the price there might be significantly lower than in the USA.

Taxes: In the US with 50 states and thousands of counties, tax rules are quite complex and vary by such factors as where the product is shipped from, where it is going, and what kind of product it is. In some cases there are additional fees, which are similar to taxes, imposed by local governments, such as recycling or disposal fees.

In other countries taxes are imposed by the national and provincial governments and are also calculated as an additional charge for the product.

Shipping: Typically on a site, buyers choose the shipping method that they want to use for the items they buy. Depending on the item and the shipping method, the buyers might need to pay different shipping charges.

Several shipping companies operate worldwide, such as UPS and Federal Express. Many shipping providers are unique to their locations, such as each country’s national postal service.

A seller might have a warehouse in one country that serves many other countries. In this case, the shipping provider would not depend on the country of the site, but only on the location of the warehouse. To make this situation more complicated, some providers might also drop-ship their orders directly from their suppliers, while some locations allow B2B customers to pick up items directly from the warehouse using their own trucks.

Even for the same products and the same shipping provider, each country can have different shipping charges. In addition, within each country there might be a unique shipping tax that must also be calculated and presented to buyers on the seller’s site.

Language: The most obvious difference in catalog display among different countries is language. In some countries, all information on the site should be shown in a single language, such as French in France or Japanese in Japan. In other countries, however, customers might need to choose their language or preference. Examples of this are Canada, where sites often give a choice of French or English, or Belgium, where Dutch and French are the languages that can be selected. Even within what is described as a single language, there can be significant variations. In many ways, U.S. English is different from UK English.

Products: Language is not the only thing that distinguishes product catalogs in different countries. It is common that some products are available only in restricted parts of the world and are not even shown in other countries.

Product catalog differences can also happen due to companies rolling out products slowly in different parts of the world, where some products are made available in various countries on a different schedule. This difference is typical in the movie industry.

Variations in products can also be due to local regulations. For example, in some states in the United States, you can legally buy a radar detector that helps speeders avoid being caught by police. In Canada, however, this product is illegal and should not be shown on a commerce site.

Page Layout: Aside from product, language, and price differences, often the sites created for different countries can look similar, with identical flow and page layout. However, there are also cultural differences between different parts of the world that can cause country sites to have different layouts. For example, in North America usually the home page of a site fits most of the information on one screen, requiring little scrolling. The tendency is for customers to click on various links to browse through the site to get to the products or the areas they are looking for. On the other hand, in
China you often find sites where the home page is long, so customers can find many products by scrolling down the page.

Another consideration for page layout is that it must be designed to suit the written form of the language. For example, most Western European countries can use the same page layout because their alphabets look similar. However, the page layout must be adjusted in China or Japan, where the characters are not alphabetic, and the translations might not fit into the layout designed for use with Latin-based languages that are written left-to-right.

Legal Differences: Privacy is one such consideration. Different countries have set up completely different privacy rules, potentially affecting such factors as how the company can make use of customer datafor its own advertising. In addition, most sites have a privacy statement that must reflect the regulations of the country where the site operates.For example, in the countries within the European Union, the privacy rules are governed by the EU Directive on Data Protection. This directive governs the storage and processing of personal data, and the liabilities and sanctions that would be invoked if a European company does not comply with the rules.

Technology Developments and Trends   4 comments

Emerging technology developments and trends can create a tumbling mash-up of hard-to-understand products and services, from web-connected printers to robots that represent you in meetings.

Smart Browser: All browsers from Internet Explorer to Mozilla Firefox to Safari now host ambitious third party software tools that latch on quickly onto existing browser software. Now once unimaginable services run natively on web tools. Check out design tools like Aviary (aviary.com), complex collaboration systems like Usekit (usekit.com) and communication tools such as Follow-up Robot (curecrm.com).

All this new browser software will make it tougher for businesses to develop code that works across all browsers and the fast moving extension market. The debugging of web based products and services will get very complex.

Apps for Appliances: Apps, like the ones on mobile phones, are spreading to TVs, washers and fridges. Check out TV apps Vizio offers on its sets that enable Netflix, Flickr and Twitter.

Touch revolution (touchrev.com) has a Google Android OS based modules that turn a microwave oven into an app ready web ready device.

Talking to a Computer: Microsoft and other companies now support some sort of voice-activated software.  Test drive Naturally Speaking (nuance.com)

PC-Less Desktop Imaging: With printers now a commodity, desktop imaging eventually will free itself from being tethered to a PC. The big mover here is, yet again, Google. The giant is rolling out cloud-based printing that will not need a connected computer. You can expect everything from smartphones to positional devices to be able to easily communicate with web-connected printers.

3D Peripheral: Products like Space Controller (3d-mouse-for-cad.com) and SpacePilot Pro from 3Dconnexion (3d
connexion.com) are offering computer controllers that put depth access in the hands of CAD artists and engineers.
Why it matters: These systems will lower the barrier to entry for creating and developing 3-D content.

Ultraportable Office: There’s nothing like a cutting-edge technology that combines another cutting-edge technology to give you that buy-one-get-one-free sort of feel. Portable hot spots that let small groups collaborate quickly are now available in units like the MiFi 2200 from Verizon Wireless (verizon wireless.com). In addition to giving you a nice productivity boost on the road, portable Wi-Fi is creating an ad hoc network of mobile Wi-Fi coverage.

Next time you need to log in, look around in your Wi-Fi software—a local portable hot spot might be nearby.

Videoconferencing for Everyone: If Skype has a bonus, it’s that it has banished the videoconferencing taboo. Now many vendors are making low-cost video appliances that even tiny firms can use, with development in this area only to increase. Although these units won’t rival those cute Cisco commercials for quality, videoconferencing can be helpful in your firm. And you can’t beat the price. The Vialta Beamer FX video phone (vialta.com).

Everything goes Automatic: As crazy as it sounds, web-delivered, automatic decision-making will quietly creep into the basic fabric of your business. Expect smarter versions of everything from spell checkers to complex decision engines to show up in web office tools and business software. Try out Google’s recently acquired Aardvark answers product (vark
.com), which uses Google Chat to automatically match a person who has a question with a person who has an answer.

Projectable PC Interface:  Projectable computer interfaces have long been stubbornly “just around the corner.” Projectable keyboards and other controllers aren’t yet up to full business-class capabilities, but when a unit like the one from Light Blue Optics (lightblueoptics.com) finds its way into smartphones, it will offer a new, simple way for road warriors to communicate on the go.

Smarter Delivery Van: Technologies like Ford’s Sync Traffic Direction and Information (fordvehicles.com/sync) and Rand McNally’s IntelliRoute (trucking .randmcnally.com) make the idea of sending a man and a van to wander around town unsupervised about as smart as using carrier pigeons. And commercial vehicles are set to get smarter still: FedEx is preparing to deploy electric delivery vans. And startups like Boulder Electric Vehicles (boulderev.com) will make such technology available to most any small business.

Making Inventory Talk: If it’s good enough for Wal-Mart, it’s good enough for you. Low-cost RFID (radio frequency identifier) devices from companies like RF*IDI (activerfidtracking.com/rfidi/) will offer tagging and tracking solutions even your small business can afford. Wondering where your stuff went is like worrying about Y2K.

Virtual Self: Be at that meeting without actually having to attend. Anybot the robot avatar (anybot.com) will use telepresence technology to let you attend meetings virtually by rolling into conferences and transmitting information so that you don’t have to be there to get the job done.

Flexible Display: It will be years before flexible screens make it into your office, but not so for getting them into your point-of-sale displays. Flexible, high-quality displays from companies like Atlanta’s NanoLumens (nanolumens.com) are making big, bright screens that can be mounted on rounded surfaces. That means any old column can work as a pricing display or marketing surface.

Coupons,Deals and location   5 comments

As competition is heating up online deals and coupons are getting easier to find. To compete, online businesses are offering free shipping on some online orders and even special parking space. Bigger online businesses are offering coupons and other incentives to encourage customers to spend more.

Mobile deals easier than ever to get it on, too.  Discounts are popping on packaging and displays: all you need is a smart phone to scan the codes. Some smart phone apps even use GPS technology to determine customer location  to send deal alerts when they are near the store.

Coupon sites and Apps: The biggest selection of coupon sites are found online. Sites such as Coupons.com and SmartSource.com usually have up to 100 deals at any time, compared with no more than 30 coupons in newspaper circulars. They also have new mobile versions that let you scroll through offers and pick the coupons the customers want from their phone without downloading special  software or apps. More stores and manufacturers are loading their websites and smart-phone apps with great deals, tracks items and prices from the latest store circulars, then cross-references all possible manufacturers’ coupons with the circulars and shows the bottom line for each item. These apps track down coupons in real time. When the customer creates the shopping list, items that have online coupons are highlighted.


Handheld Scanners:
are used for ringing up products while shopping. Customers using this device get extra discounts based on where they are in the store. Another way to get more discounts by looking for kiosks in front of stores. Scan the loyalty card and offers are loaded directly onto the customer’s card. The discounts are applied at checkout when the products are bought.

Store Sites: There are  dozens of sites and apps for finding and managing coupons. Customers  check websites  and circulars  for list builders and downloadable apps of stores where they shop weekly. And ask stores whether it accepts  other stores coupons.

Loyalty cards: Customers can download coupons from a retailers website to a card. Instead of sorting coupons at checkout, they only need to swipe out their loyalty card. Loyalty cards help retailers track customers spending habits, information they use to gauge which coupons and deals to offer.

Groupon offers subscribers deals through their store loyalty cards. The discount is taken off at checkout, so no coupon printing is required. The have money-back deals if customers buy a minimum number of products from a single manufacturer and use a store loyalty card.

Social Network offers: Customers can use Foursquare on their phone to get deal alerts when driving near a store. Others use Facebook to post coupons as well as specials at the store closest to their Zip code.

QR codes: Another way companies are linking customers to savings is through quick response codes  or QR codes. They appear as bar codes on products or store displays. The deals can be accessed by scanning them with an app loaded smart phone.

Security Leaks   5 comments

Companies are taking measures to protect their systems from security leaks that can make them vulnerable to external attacks.

Unauthorized Smartphones On Wi-Fi Networks: Smartphones create some of the greatest risks for enterprise security, mostly because they’re so common and because some employees just can’t resist using personal devices in the office.

The danger is that cell phones are tri-homed devices — Bluetooth, Wi-Fi and GSM wireless. If you use a device like a smartphone that spans multiple wireless spectrums, “someone in a parking lot could use a Bluetooth sniper rifle that can read Bluetooth from a mile away, connect to a smartphone, then connect to a corporate wireless network. Bluetooth thus becomes an open portal that allows hackers to access Wi-Fi and therefore the corporate network.

Only approved devices should access the network. And that access should be based on MAC addresses, which are unique codes that are tied to specific devices, making them more traceable.

Another tactic is to use network access control to make sure whoever is connecting is, in fact, authorized to connect. In an ideal world, companies should also separate guest access Wi-Fi networks from important corporate networks.

Open Ports on a Network Printer: Printers have had telephone lines for faxes for several years, and some are now Wi-Fi enabled or support 3G wireless connectivity. Hackers can break into corporate networks through these ports. A more nefarious trick is to capture images of all printouts in order to steal sensitive business information.

The best way to deal with this problem is to disable the wireless options on printers altogether.Make sure all ports are blocked for any unauthorized access.

Custom Web Applications With Bad Code: One common trick is to tap into the xp_cmdshell routine on a server, which an inexperienced programmer or systems administrator might leave wide open for attack. Hackers can use that opening to gain full access to a database, which provides an entryway to data and a quick back door to networks.

Small coding errors, such as a failure to use proper safeguards when calling a remote file from an application, provide a
way for hackers to add their own embedded code. A company can also be open to attack if it has a blog with a trackback feature (to report on links to its posts) but doesn’t sanitize stored URLs to prevent unauthorized database queries.

The obvious fix to this problem is to avoid using freebie PHP scripts, blog add-ons and other code that might be suspect. If such software is needed, security monitoring tools can detect vulnerabilities even in small PHP scripts.

Social Network Spoofing: Facebook and Twitter users can be fooled into divulging sensitive information. Usually, these types of attacks are subtle and not easily traced. Someone claiming to be, say, a employer, contacts an employee, and the employee believes that the caller is, in fact, a employer and doesn’t attempt to verify his credentials.

Companies should use e-mail verification systems that validate senders’ identities by generating return messages that ask senders to confirm their credentials.

Downloading Illegal Movies and Music: In a large company, it’s not uncommon to find employees using peer-to-peer systems to download pirated files or setting up their own servers to distribute software. The P2P ports should be completely shut down at all perimeters and ideally at the company’s endpoints. P2P programs can be stopped through [whitelists or blacklists] and filters on the enterprise servers. Injecting hostile code into P2P files is not difficult. organization.  A technique called “resource isolation” that controls which applications users are allowed to access based on permission rights.

SMS Spoofs and Malware Infections: Hackers can use SMS text messages to contact employees in direct attempts to get them to divulge sensitive information like network log-in credentials and business intelligence, but they can also use text messages to install malware on a phone.

An attacker can send an invisible text message to the infected phone telling it to place a call and turn on the microphone. That would be an effective tactic if, for example, the phone’s owner were in a meeting and the attacker wanted to eavesdrop.

it’s possible to filter SMS activity, but that’s usually handled by the wireless carrier because SMS isn’t IPbased and therefore isn’t usually controlled by company administrators. The best option is to work with carriers to make sure that they’re using malware-blocking software and SMS filters to prevent those kinds of attacks. Creating smartphone usage policies that encourage or require the use of only company-sanctioned or company-provided phones and service plans can reduce the risk.

%d bloggers like this: