scams.... I get 'em too

[ADDENDUM, 2009.01.09: There is another scam out there which attempts to get you to pay more for your domain, and possibly transfer it to a different domain registrar. It usually comes in the form of a postal mail from a very official sounding name, like National Domain Protectors or US Domain Registry Keepers. I've uploaded an example a client sent me, below and to left.]

CLICK IMAGE TO ENLARGE











[END ADDENDUM, 2009.01.09]
# # # #


Several CDLLC clients have called in the past two weeks and inquired about the following email scare/scam. What follows is basically a fear-based attempt to lead a business owner to believe s/he is missing out on the "land grab" phase.

If there is enough interest, I will elaborate on the value and/or potential detriment to your business from having multiple domain names, and I can write a brief summary of how copyright, trademark, establishment of first use, etc, are interpreted by law on the internet. Post a comment if you are interested.


# # #

From: Alex.Tao
Sent: Saturday, November 29, 2008 1:29 AM
To: Crockett Dunn
Subject: crockettdunn for domain name

Dear crockettdunn:
We are Shanghai Chooke Network Information Technology Co., Ltd, which is the domain name register center in China.I have something need to confirm with you.
We have received an application formally,one company named "Yunda (China) Investment Co.,Ltd" applies for the domain names(www.crockettdunn.cn www.crockettdunn.com.cn etc.) ,and the Internet keyword(crockettdunn) on the internet November 28, 2008. We need to know the opinion of your company because the domain names and keyword may relate to the copyright of brand name on internet.
we would like to get the affirmation of your company,please contact us by telephone or email as soon as possible.

Kind Regards,
Alex.Tao
Tel: +86-21-62416070
Fax: +86-21-62597835
Email:alex.tao@chooke.cn
Shanghai Chooke Network Information Technology Co., Ltd
website:www.chooke.cn

Search Enginge Marketing (SEM) and Optimization (SEO)

Any of you remember when Yahoo was one single web page? Back then, everything was a web page- no "sites" or "portals." Just everyone and some companies had a nifty "Home Page."

Back then, I held the #1 Yahoo/Alta-Vista result for "Crockett," because my Duke University Home Page was entitled, "Crockett... Crockett? Crockett!" This apparently tipped me just over the edge to beat out Crockett, TX.

Now let's fast forward. Anybody out there remember what a Google Dance was? Google Dance was the industry nickname for the exciting day when Google revised its search algorithm and updated its index- your big shot at getting a higher ranking! The time to test the results of your latest search engine marketing efforts! Everyone races to the computer as their cell phone alerts go off. "Google Dance! Google Dance!"

Google used to dance its dance very 6 months or so. Then it was 3. Then it was 1. Then things were happening every few weeks. And bi-monthly. Then suddenly, Google started dancing one day and never stopped! A constant updating, it seems.

The funny thing is how quickly we accept, expect, then DEMAND such new, improved technology. Case and point:

CDLLC is in the process of an aggressive search engine marketing campaign for a major e-commerce site (1MM+ products). The scope of such a campaign is too extensive for this blog, so let's only focus on the Google part.

• We optimize the page content for maximum relevance and therefore maximum rank in Google Search.
• All office and warehouse locations are entered into Google Maps with the maximum amount of relevant information.
• Google Local Business Center is utilized in a manner similar to Google Maps
• A standard-compliant XML site map is generated, and Google is notified
• And most important to this particular business's objectives, ALL products are entered into Google Products (formerly Froogle).

The way this works on the back-end is very similar to the site map. A standards-compliant XML file is generated, called a "Google Base Feed." An ftp account is procured from Google, and the base feed is and uploaded and registered. Smaller sites can enter one item at a time, or upload from their web browser, but once you get into the 100s of thousands, the FTP upload is required.

All of that said (hopefully some CDLLC clients benefited from that free tutorial), again, it is interesting how quickly we accept, expect, then DEMAND such new, improved technology. The aforementioned, promised case and point is as follows. Below is an excerpt from the Google Base Help Forum:

POST#1: Nov 17, 7:06 pm
Hello,
We've been
experiencing delays in the processing of your data feeds. As a result, items
remain in the 'Published...searchable soon'status for longer than normal and are
taking longer to appear inGoogle Baseand Google Product Search results.
While
we work on fixing this issue, you do not need to re-upload yourfeed. Once the
delays are resolved, your feed will process as usual.I'll be posting back to
this thread once I have status updates toreport.
Thank you guys so much for
your patience.
-The Google Base Guy

POST #2: Wed, 19 Nov 2008 10:01:16 -0800
(PST)
Hi,
This is a quick update to let you know that the issue
regarding itemsremaining in the "Published...searchable soon" status has
beenresolved. However, the issue regarding feed processing delayscontinues to
affect larger feed files. On a positive note, smallerfeeds under 1 MB are no
longer affected by the current processingdelays and you should see your feeds
processing as usual.
Thanks again for your patience and I will get back to
you with moreupdates.
-The Google Base Guy

This has me seriously frustrated. "You mean I have to wait 24 HOURS to see whether my feed was successfully processed???"

Oh, how greedy we get, just years after we used to accept a 6 month delay to see the results of our updates.

I'm pretty sure there's a lesson in humanity in here somewhere.

Crockett

Announcing new Sungard EXP Web Users Blog- The More Brains The Better!

New Blog here, http://sungardexpweb.blogspot.com/

Announcing the Sungard EXP Web 5.x User Forum, a place to discuss a piece of software- a Content Management System (CMS)- which CDLLC uses to deploy some of its clients' web-based applications.

EXP Web, along with its predecessor Octane, are powerful, robust, Enterprise-Leve, functionality-packed application suites. With this power and complexity, naturally comes loads of questions from eager new users.

My hope is that this forum will serve as means for us to help one another answer these questions.

***Please respond by comment post if you would like to become a contributing author, and someone will contact you with further information. ***

trust and the internet business relationship

Dear client, prospect, vendor, partner, team-member, or casual web surfer:

At CDLLC, we constantly strive to keep everyone in the family satisfied, and in the process, each client places a lot of trust in CDLLC, for which we are very grateful.

We also understand that it can be quite nerve-wracking to be that new client, putting your trust in us to take care of you and your business. And we appreciate the pain of the adjustment process you (new customer) have been brave enough to undertake.

During this adjustment, communications struggles and trust issues inevitably pop up. "Did I get short-changed?" "Have I received what what I paid for?" This is perfectly understandable, as the same thing occurs with any new partnership involving the purchase of extremely complex systems, where there is conceivably lots of room for "smoke-and-mirrors" type price gouging.

This 'internet anxiety,' can reach a point where a you (new client) might even begin to doubt the honesty and ethics of CDLLC. We COMPLETELY understand this, and have in fact been in the same position ourselves, with our first vendors way back when the commercial internet took off about a decade ago.

Why is this so anxiety provoking?

Well, one explanation is because the INTERNET, e-commerce, e-transactions, this whole hyper-speed information revolution: it's a new frontier: WEIRD NEW STUFF!

In the words of a wise associate, "it's still the wild west out there."

Even the powerhouses of cyberspace stumble at times with the loosey-goosey, constantly hyper-speed-evolving nature of business on the internet.

Below is listed a handful of examples, for the purpose of hopefully reassuring you (precious new customer), that we play by the same rules as the Microsofts, Amazons, and Yahoos of the internet...

1. http://valleywag.com/5037267/netflix-crash-caused-by-botched-oracle-upgrade: systems crash, and rollback procedures are not always simple. Ask NetFlix.
2. http://www.out-law.com/page-4049: things expire, the show-no-weakness corporation gets a little egg on the face (oops! Microsoft lost their domain name ownership)
3. http://news.cnet.com/Good-Samaritan-squashes-Hotmail-lapse/2100-1023_3-234907.html: oops take 2, Microsoft lost their domain ownership again
4. http://www.sslshopper.com/article-ssl-certificate-renewal-even-google-forgets.html:
   oops take 3, Google's secure certificate expired!

The take-away from this mini-dissertation is as follows:

Business will always be business: people trading with people. The medium through which transactions occur may change (pony express, telegraph, telephone, email, web forms, instant e-stock trades), and this is always unfamiliar and intimidating.

However, these new transaction media all have one thing in common: they are engineered, created, and used by people. And with these people, the same rules of business still apply.

At the end of the day, it's all about the age-old mutually-beneficial trust relationships between two parties- perhaps corporate entities. Let us not forget: those big corporations are owned by people, too, just like you and me.

A special thank you to all of our clients who entrust us to protect their business in the wild west of the internet.

"HELP!!!! My Internet/Email is Broken!!"

"My Internet is Broken," is perhaps the most common tech support request experienced by Information Technology professionals since the emergence of AOL, Mindspring, and Earthlink.

AOL and Mindspring/Earthlink came along and offered the previously super-nerd-accessible-only INTERNET to the masses. There were two major results:

1. This accelerated internet usage to the point where we are today. What was previously referred to as the "information revolution," (analogous to the industrial revolution), is now more of an, "interconnected collaboration revolution."



2. An explosion in the size of the IT support industry
   

The top two support requests for new users typically are either, (1) my email is broken, or (2) my internet is broken.

CDLLC clients, being curious and of above average intelligence, routinely ask me how the internet works.

In response, we suggest a tool that provides a tiny glimpse behind the scenes of what we all take for granted as "the internet," and, "email."

Having said that, I am pleased to offer the following tool to CDLLC clients who desire a peek behind the curtains...

BEHOLD:

Visual IP Trace

***note, there is a free trial available if you click the "HOME" link on the top of the page after following the URL.

Download it here.

.

the CDLLC ALLIANCE

Crockett Dunn, LLC, has spent years seeking out the very best people in every field related to web-based information technology:

View Larger Map

What is a "Cult-Neutral" Consultant, and why does everyone keep telling me to get one?

The CDLLC Alliance consists entirely of Cult-Neutral Consultants.

huh?

Think of Vendor Neutral consultants- they have no motivation to sell you THEIR single product. Vendor Neutral consultants can properly align their objectives with your business goals.

So here is the deal about Culure Neutral Consultants: All great businesses- ranging from Google, to Yahoo, W. L. Gore & Associates, Inc. (Goretex), Microsoft, Apple, Adobe, all the way to Hilton and McDonalds- have unique, highly effective, deeply engrained, corporate cultures based on mutal trust and team building exercises.

At CDLLC, we celebrate individuality. It has been found that when we allow each team member to do things as s/he pleases- let each member "shine"- a very natural, collaborative, interdependant and synergistic system begins to form.... a self-organizing system, like in nature.

The fun thing about being Culture-Neutral, or a cult-neutral consultant, is that CDLLC's team gets to join its client''s teams for jusst a little while, and enjoy the richness of your company's unique corporate culture (While, of course, solving your IT problems, whatever they may be: typically making your www properties, including intranets, extranets, and portals, better.)

That's the joy in it. How can a consultant burn out if s/he never settles? CDLLC's team members find joy not only in constant stimulation, but also satisfaction from producing highly effective, high-quality work: whether it be streamlining your businsess processes, hooking up a web-commerce system to your existing inventory/fulfillment systems, establishing and secure, password-protected, employees-only intranet, complete with central document repository and user/group-based security (for example, "sales group" might not need to access the documents belonging to "budget committee.") Anything that allows us to make your business better is our pleasure.... whatever the task, CDLLC members take great pride and derive much joy from servicing you well.

Anyway I love this stuff. Anyone interested in a shot at joining the cult-free team, contact jobs@cdllc.la.

Anyone who needs to figure out how to derive value, even if not by direct sales, or measure ROI from their website, contact info@crockettdunn.com.

What's SQL Injection? Some new drug or something?

In a nutshell, "SQL injection" is a way to hack into a website, break it, or otherwise make a big mess of it. SQL is a database language, that uses statements like INSERT, DELETE, and UPDATE.

Think of SQL injection as analogous to Microsoft's buffer overflow problems (you know those windows updates that you get at 3AM every morning- a lot of 'em fix Microsoft's failure to properly handle buffer overflows) .

So both buffer overflow and SQLinjection happen when you put a bunch of extra stuff into a URL in your address bar, in such a way that it gets dumped onto the server and actually runs the words you put in the URL.

For example, http://crockettdunn.blogspot.com/?andDeleteAllOfCrockettsBlog

Obviously it's not that simple, but that's the idea.

"But Crockett," you ask, "why do I care about SQL injection?"

See below:
from the article, link to article: http://msdn.microsoft.com/en-us/library/ms998271.aspx:

See SQL injection attacks on the rise During the past few months, SQL injection
attacks have been used to break into hundreds of thousands of Web sites powered
by Microsoft's Internet Information Server (IIS) and SQL Server. The attacks
pass unauthorized SQL queries to backend database servers, where they perform
any of number of actions, such as deleting entire databases or tables and
modifying various types stored data, including text and HTML.Microsoft, SANS, Shadow
Server, Trend
Micro, F-Secure, and
numerous other organizations have written about the ongoing problem, which has
been occurring since at least last March. In a nutshell, the bad guys are
exploiting flaws in ASP.NET applications to inject unwanted HTML code into
database records. That HTML eventually winds up in Web pages. When you browse to
the page, the HTML code tries to exploit security vulnerabilities in browsers
and related tools to install a variety of malware onto your PC.These attacks are
possible because of security bugs in various ASP.NET-based applications.
Apparently, many developers have overlooked the need to properly sanitize input
supplied by Web users.For example, a Web form might ask people to enter their
name and e-mail address to sign up for a newsletter. Along with that
information, a hacker could add some special characters and a valid SQL query
statement. If that input isn't properly sanitized before it's sent to the SQL
server, the server might be tricked into executing the query supplied by the bad
guy.The solution is to audit your Web applications to make sure they sanitize
user-supplied input. Microsoft's article
entitled "How To: Protect From SQL Injection in ASP.NET" explains the required
steps.

The Importance of the "Soft-Launch"

It is an essential part of the software development cycle to have REAL-LIFE, BUSINESS UESER, BETA TESTERS use the newly deployed web applications as part of a "soft-launch."

Experienced software architects and developers, you already know this truth: non-technical users, or even highly technical user that were not involved in the software development process, ALWAYS interact with the UI in ways that the developers failed to anticipate. Examples include typing ENTER vs. clicking submit, alternate paths and entry points to the web app, bookmarking a page requiring session state.... the list goes on.

It has been my experience that there exists a POWERFUL temptation for clients to complete testing in-house, in the hopes that the web application will be "perfect" upon release to their users.

Big no-no. Triple no-no-no.

I don't have enough toes and fingers on which to count the instances of "emergencies" that have resulted from client staff and developer testing only.

More later...