Nov
30th
Nov
17th
Okay so that’s a little harsh… it’s probably not even their faults. Well, yes it is.
I’ve noticed a TON of “Internet Marketing Gurus” coming up with their next “big idea” to “completely take the net by storm” creating ways to build up their Email lists at ANY COST.
The most recent would be a guy we all know very well. He’s launched one of the biggest, most successful products we’ve known in the Internet Marketing world this year. And now he’s doing it again… shoot - I was even promoting it until I read this part:
USA Members: SSN or Tax ID No: We can not and WILL NOT pay you ANY commissions unless you enter all the information. It is required for tax reporting purposes. (NOTE: You must enter 123-45-6789 for your SSN if you are not a US Citizen) - You may substitute EIN for SSN.
If the fields below are left blank we will not pay you. US Members that willfully place a false SSN number in that field may be committing tax fraud as this number is reported to the US gov’t as income paid by us to your PayPal address. Make sure your Country is Filled in too.
Now that’s all fine and dandy… until I realized it was NOT a Secure Network.
How can someone who brags and boasts about creating a MILLION DOLLAR PRODUCT (within weeks) not go out and Protect those who MADE HIM RICH by purchasing a f$%king $100 SSL Certificate?
Maybe I’m venting a little too much but in my opinion — that’s just DUMB. PERIOD.
I’m not calling him Dumb - I’m calling his actions dumb… in case anyone tries turning this around on me. Now I have contacted this man via his “Reply Center” and hopefully they fix that. But letting your members get their Personal Information stolen because you were TOO CHEAP to purchase an SSL Certificate REALLY makes me question your integrity and knowledge of the Internet.
The bottom line is: HOW CAN YOU SAY YOU’RE ANY TYPE OF INTERNET EXPERT IF YOU DON’T EVEN HAVE THE BASIC KNOWLEDGE OF INTERNET SECURITY? MY MOTHER EVEN KNOWS ABOUT HACKERS, SSL Certificates and Stolen Identities but YOU DON’T? Mr. Internet Marketing ‘Genius’?
Oct
11th
So I’ve had my Treo 650 for like 2 weeks now and I’m still lovin’ it. I’ve had some issues with it as far as Playing Songs, learning how to use some functions, etc. but overall It’s by far the best phone I’ve ever used. It’s amazing how much you can do with this phone! You can even watch Live TV on it!
Sep
28th
There’s been alot of speculation over MySpace’s “facts” and ‘figures’ since the buyout in late 2005 but now we’ve got another blogger who wants to Debunk the Myth of Myspace.com’s 100 Million users.
I, for one, agree completely with the debunking. I’ve always stated “100 Million Accounts” rather than users when speaking about MySpace.com
Sep
15th
I’ve been pretty busy lately with a new Product I’m working on. I’ve been hitting the old books, taking notes, purchasing other similar products for comparison, looking them over, watching my bank account slowly go down (lol!), etc, etc. I can’t even talk about the Product as too many crooks will try to jump on… you know how that goes… but…
Aug
31st
Category: Advertising, My Life, PHP, business, comedy, google, hacking, news, programming, reviews, seo, web 2.0 |
Leave a Comment
I won’t lie… I wanted to purchase one of those GREAT SOUNDING Packages for “AdSense Ready” Websites with 30,000 Articles, ready to go for anybody for only $99.00! Sound too good to be true?
If you thought it did - you are dead on. Made For AdSense website companies who sell these packages are overselling these products like crazy, but lying to you in their sales pitch. Each company stresses that they “DO NOT” Oversell their packages, yet they OBVIOUSLY DO! Everywhere I go I see the same trashy websites with the same overly used garbage articles. And the poor saps who purchase these packages might make $10 back, if they’re lucky enough not to get banned by Google… who is coming down on these MFA Sites.
Aug
29th
So most of you know by now about the AOL Search Data Leak… I was reading a blog today (I would link to it but I accidently closed the tab and can’t remember the link - sorry to the guy/girl who owns that blog!) and I found a link to this result showing a guy searching for some rather “unusual” information. I hope it didn’t turn out to be as bad as it looks!???
Aug
15th
I’ve been big on Security over the past 6 months or so and I’ve pretty much adopted the Chris Shiflett method of securing User Passwords. It just seems to work for me mentally and physically - meaning I don’t feel stressed out about Passwords being stolen as easily.
Example:
$clean = array();
$clean['username'] = $_POST['username'];
$clean['password'] = $_POST['password'];
$salt = ‘CLENARD’;
$password = $salt . md5($clean['password'] . $salt);
?>
Of course that’s a simple example and one that Chris Shiflett explains in several examples but it’s pretty similar to what I’ve been using.
How do you secure your passwords? How do you filter your Data? I’m no PHP Expert and never claimed to be… but I love hearing how others secure their passwords. I used to use SHA1 because people claimed md5 reverse engineering was easy to do, which I no longer believe. I’ve tried many “engines” to test MD5 hashes and only one password actually worked out of hundreds I’ve tried. 
Aug
10th
I found an interesting article on BusinessWeek.com talking about Microsoft at the BHC in Las Vegas. Looks like they’re finally getting real with themselves and asking Hackers to crack their new Operating System : Vista. Unfortunately I will never trust Microsoft Vista in the first year of its life, no matter what vulnerabilities they fix. Here’s the full article below from BusinessWeek.com’s Article titled “Heading off the Hackers”
File it under the category of “be careful what you wish for.” In early August at the Black Hat Conference, an annual meeting of computer security experts in Las Vegas, Microsoft (MSFT) handed out 3,000 test copies of its new operating system, Windows Vista, and challenged attendees to help spot security glitches. A short time later, Joanna Rutkowska obliged. In a packed ballroom at Caesar’s Palace (HET), the 25-year-old Polish programming whiz delivered a devastating presentation in how to hack an earlier but similar test version of Vista. Before a crowd of fellow researchers and hackers, she bypassed security measures and implanted a potentially undetectable piece of malicious code called “Blue Pill.” The presentation, titled “Subverting Vista Kernel for Fun and Profit,” was rewarded with a hearty round of applause.
The exercise wasn’t much fun for Microsoft security mavens. They put on a brave face: “We’ll take a look and see if there are ways we can mitigate it,” says Stephen Toulouse, program manager for Microsoft’s 650-member Security Response Center. But Rutkowska’s demo was the latest reminder of how difficult it will be for Microsoft to make the new version of its flagship product truly secure.
Microsoft went to full battle stations over PC security four and a half years ago, when Chairman William H. Gates III acknowledged in a memo to his staff that the plague of viruses and worms afflicting Windows and other products had gotten out of hand and something drastic had to be done. Henceforth, Gates decreed, security would be the top priority. All programming was temporarily halted as Microsoft embarked on an effort to make its products safe.
FEAR OF A BLACK HAT. Soon we’ll know if the delay was worth it. The business version of Windows Vista will arrive late this year, with a consumer version due in early 2007. Vista is Microsoft’s first new PC operating system in five years and the first version of its flagship product to get a full security makeover. Hackers are expected to probe Vista relentlessly for vulnerabilities after final versions come out. But already there are signs that Microsoft may fall short of Gates’s goal—at a time when it’s facing pressure from a resurgent Apple Computer (AAPL), which suffers few security problems.
For Rutkowska, the Black Hat Conference was just another day at the office. She works for Singapore-based COSEINC, specializing in technologies used by hackers to cloak their activities. Her job is to anticipate the moves of criminals. “I see this as a continuous process, an endless game of chess, where nobody can really ultimately win. It’s essential, then, to enjoy the game itself,” says Rutkowska. She says she has always been a “white hat” programmer and never created malicious code like “black hat” hackers do.
Toulouse points out that revelations such as Rutkowska’s are exactly why Microsoft engages in a running conversation with security folks: “We realize we don’t know everything. These people hold the keys to making our products more secure.”
SPOTTING FLAWS. Indeed, independent security researchers are fast becoming the tech industry’s first line of defense against viruses and other hacks. They typically get paid for staging test attacks on company computing systems and gain bragging rights by spotting flaws and showing how to exploit them. “You’d rather have the vaccine from researchers than a malicious attacker giving you the real disease,” says Phil Zimmermann, a security pioneer.
Microsoft had received only a smattering of feedback from other Black Hat attendees as of press time. But reviews are trickling in from established security companies, with mixed appraisals. Symantec (SYMC) recently issued two white papers analyzing Vista’s strengths and weaknesses. “Overall, it’s very solid,” says Vincent Weafer, senior director at Symantec Security Response. Still, he warns that the need to make Vista compatible with applications written for earlier versions of Windows “creates some holes.” Bruce Schneier, chief technology officer for consultancy Counterpane Internet Security, is less charitable: “It’s more complex than the last one, and complexity is the worst enemy of security. If you want security, buy a boat, not a cruise ship.”
Even Microsoft admits that Vista won’t be perfectly safe. “You can’t get the code 100% right,” says Toulouse. He points out, however, that Windows Server 2003 was more secure than Windows Server 2000, thanks to an extra year of security work tacked onto the end of the development process. Toulouse believes Vista will do even better.
We’ll see. A few days after the Black Hat Conference wrapped up, Rutkowska was back at her desk in Warsaw coming up with new ways to bedevil Microsoft. And you can bet that others will work just as hard, with less noble intentions.
Aug
10th
I’ve been thinking about Black Hat Hackers (crackers) and the things they’re capable of and even my own experiences with “crackers”. In California alot of cities have adopted a law called “Street Terrorism” which usually means “there may not be two or more members of a certain Gang that can walk the streets together”. This law was passed in Los Angeles and Long Beach during the 1990’s for 18th Street and seemed to work, for the most part. Atleast in those cities eyes… they ended up arresting a ton of 18th Street Members, whether they were up to no good or not.
So, why wouldn’t there be some sort of Online Terrorist law? A Law that could be enforced in any country at any time if known crackers communicate with each other? Wouldn’t this help enforce other laws a little easier? I’m sure some countries wouldn’t adopt the law but I’m sure adding to broken laws could push an “anti-crackers” movement throughout the Webmaster Community.
Sure, there’s some “good crackers” but I’m still not sure what’s good about them? I think everybody that can develop on the web has pushed the envelope at one time or another - but those who constantly push the law should get more than what they are currently getting.
Don’t get me wrong… there’s a ton of great “Hackers” out there along with great stories (Kevin Mitnick for example) but there are some who are just a little too close to the borderline of “bad”. Bad being: Those who “let you know a certain directory has its Permissions set too high” or even letting you know that “Hey, check out your site…you weren’t filtering SQL data good enough”, bad.
I think Governments should push “Online Terrorism” as a law and see how it goes. Maybe I’m missing something - maybe there already is such a law I’ve yet to hear about? Either way - they should make it more obvious if there is such a law and more Governments should enforce this law. I’m tired of seeing Companies, especially SMALL companies, invest all that time and energy into their Business only to have to worry about the “online thugs” come in and destroy their hard work.
