John Andrews is a Competitive Webmaster and Search Engine Optimization Consultant in Seattle, Washington. This is John Andrews blog on issues of interest to the SEO community and competitive webmasters. Want to know more?

johnon.com  Competitive Web & SEO
July 10th, 2006 by john andrews

Google Competitive Intel – for free

It can be very interesting (and entertaining) to watch experts at competitive intelligence at work. Especially when they are racing to compete with each other. Why, it practically makes CI a spectator sport!

Seriously, when the target is Google, any new info rapidly becomes the target of competitive intel research by some of the most skilled Internet technologists on the planet. Today it was GDrive and “Project Platypus”. It reads like a cse study in modern Competitive Intelligence. Watch how the geeks tear into it, open your mouth, and say “whaaaaaaaaawww”..

Corsin Camichel runs a small script against writely, an online editor that Google purchased, and which some believe is a cornerstone of a larger Google MSOffice-like program. The script simply hits the domain with different sorts of default pages, looking for responses. Such probing can reveal the technologies inuse behind the scenes, e.g. index.php reveals PHP. Assuming they are not obfuscating.

He gets a response that appears to be a start page for something called “Platypus“, an online storage system. We all know about Google’s plans for GDrive due to a “info leak” some months ago. Could Platypus be GDrive?

Within hours the geek community, via that thread and others, contributes research efforts into CI on this project. Platypus is the name of a solid state storage company in New Hampshire (makes perfect sense… Google would go for a space-tech soluton like that, due to the shear volume of data and need for speed). Hey, here’s a quote from Google’s CEO that

“it costs less money and it is more efficient to use DRAM as storage as opposed to hard disks.”

So did Google by Platypus? No, wikipedia shows it went under in 2002. Hmmm….

So the eager online blogger-geeks review source code and whois and track down an employee at Google, and a phone number. Someone calls, and there is a vacation message. Innocent enough, yet in that message, he suggests that callers interested in Topic A call person X, and for Platypus issues, call person Y. Wow. So person Y, (David Braginsky) has a blog. His blog from 2004 says he moved to Google to become product techlead on a project at Google. The same guy posts this bit about privacy:

Wondering why so many people are complaining about GMail. Big deal, a computer scans your message and offers you ads. Privacy for privacy’s sake just seems silly.

Wow. So if he’s working on GDrive, surely he’s been drinking the Kool aid. Anyway, the open source competitive intelligence work continues… they find a product manager at Google behind a related domain, some internal server names at google that hint at Platypus being in use internally for employees. There is also a blog reporting from Google Analysts day in March, describing the Google GDrive effort.

At this point (what, 8 hour sinto the day?) the publicity and credit issues surrounding this “find” have taken over. The geeks seem more interested in getting link love and noteriety than finding out any more about Gdrive, so I suppose this is where the CI pros kick into gear (if they’ve even heard of it yet). That looks to me like a nice jump start provided by the Open Source Competitive Inteligence community.

Funny how Google AdSense is primary behind their desire to learn this stuff…and Google search referrals.
For those who enjoy wathcing and learning from this stuff, checkout the anti-spam forums. Those guys are top-notch researchers, and they post every detail of thier investigations into spammers, tracking whois, breaking down email headers, etc. They are usually very happy to disclose every private detail they find about spammers. Very, very educational.

★★ Click to Share!    Digg this     Create a del.icio.us Bookmark     Add to Newsvine
July 9th, 2006 by john andrews

How easy is Black Hat SEO?

Let’s say you learn of a Drupal security flaw. Let’s say it permits an unauthorized SQL injection. Let’s say you figure out how to insert a backlink into the Drupal link list using that exploit.

Drupal is a popular Open Source content management system, in use on hundreds of thousands of websites. Itis very good, and very flexible. It is free, but installation and configuration (customization) may cost a few thousdand dollars in consulting fees. Basically, it is free of licensing fees but a real, commercially used product.

So you go to Google, and search “password and instructions will be sent to this e-mail address, so make”, and you find a list of 167,000 URLs of Druapl sites. Then you hit each of the first 1000 of those with your exploit URL .. one at a time… from a free or cheap web hosting account. And then you hit a different Google datacenter for another 1,000 sites.

Or, you could have narrowed your search for on-theme websites (more valuable back links?) by adding a keyword to that Google search such as “seo”. That way you only get the best sites for your back link spam.

How long do you have to act on one of these newly-discovered security vulnerabilities? Many months, as many of the webmasters do not patch or update their Drupal installations once they are deployed. I can’t blame them too much, because once you have customized the installation there is often plenty of work required following any update process.

Often a patch can easily be applied directly to only that part of the Drupal system that was flawed. However, application developers who deploy Drupal for their clients don’t often see direct patching as economically beneficial to them, so they may try and bundle the patch in with some other unfinished (and billable) work for the client. No sale, no patch. In fact, many clients don’t even know they are running Drupal. They paid a consultant for a CMS, and got one that worked.

Spam is not rocket science. Consequently, spamming can be stopped by some simple (albeit tedious) attention to detail. Usually, we are too lazy. Do we therefore deserve to be spammed?

★★ Click to Share!    Digg this     Create a del.icio.us Bookmark     Add to Newsvine
July 8th, 2006 by john andrews

Coca-Cola Secret Formula is a Reminder

This week Coke and Pepsi cooperated in an investigation that led to the FBI arresting 3 alleged conspirators. They allegedly conspired to sell secret Coke information to Pepsi. One of them worked for Coca-Cola in an administrative role. The news is big, because the payout was in the millions. The finer print reveals that the conspirators actually only sought $10,000. It was the FBI that handed over $30k in cash and then offered to pay out millions for more, in order to string them along and catch them. It worked.

So aside from the reports of scammers seeking millions for Coca-Cola secrets, the truth is it was scammers seeking $10k (and willing to accept $5,000, according to the Times report) for high-level Coca-Cola secrets. That’s $5,000 cash for risking felony prison time. For three people.

A sober reminder of the value of information, and the value of cash. That information may have been worth millions; we will never know. It certainly has a very high perceived value, or the FBI scam and news reports would not be so effective. Was a felony prison risk worth one-third of a $5,000 payout? That’s $1666.67

Would your secretary walk off the job and take trade secrets with her for a $1700 cash “incentive”? What about your freelance programmer?

I have personally witnessed freelance programmers offer to re-use code developed for prior clients, with complete disregard for confidentiality/non-disclosure agreements. Based on my experience, I understand it to be part of the economics of freelance work.

One of the reasons freelancers can afford to accept work at competitive rates (especially those competing against offshore coders) is the latent value of the developed code. Latent for them, that is. The clients may very well appreciate the value of the proprietary information (just as Coke and Pepsi did in this espionage case), but does the hired consultant? Not unless there is an avenue to monetize that latent value. Your code, resting on their hard drives and archive CDs long after you have terminated your engagement, is of potential value to them. And the channel for monetizing it is the sales pitch – telling a prospective client about their prior experience developing for others.

So let’s say I approach the freelance coder that you just used for an assignment, and I offer.. oh, say $1700, for them to build me the same thing they built you. Would they take it? Would you ever know? What if all I wanted was the information? They wouldn’t even have to build me anything.
So how would I know what freelancer you hired? Exactly. And how would I know about your project? Exactly. It really is that easy.

★★ Click to Share!    Digg this     Create a del.icio.us Bookmark     Add to Newsvine

Competitive Webmaster

Wonder how to be more competitive at some aspect of the web? Submit your thoughts.

SEO Secret

Not Post Secret

Click HERE



about


John Andrews is a mobile web professional and competitive search engine optimzer (SEO). He's been quietly earning top rank for websites since 1997. About John

navigation

blogroll

categories

comments policy

archives

credits

Recent Posts: ★ SEO Industry Growth, Widespread Failure, and SEO Industry Challenge ★ Do you want to WIN, or just “Be the Winner”? ★ 503: GONE ★ Cloud Storage ★ Identity Poetry for Marketers ★ PR is where the Money Is ★ Google is an Addict ★ When there are no Jobs ★ Google Stifles Innovation, starts Strangling Itself ★ Flying the SEO Helicopter ★ Penguin 2.0 Forewarning Propaganda? ★ Dedicated Class “C” IP addresses for SEO ★ New Domain Extensions (gTLDs) Could Change Everything ★ Kapost Review ★ Aaron Von Frankenstein ★ 2013 is The Year of the Proxy ★ Preparing for the Google Apocalypse ★ Rank #1 in Google for Your Name (for a fee) ★ Pseudo-Random Thoughts on Search ★ Twitter, Facebook, Google Plus, or a Blog ★ The BlueGlass Conference Opportunity ★ Google Execs Take a Break from Marissa Mayer, Lend Her to Yahoo! ★ Google SEO Guidelines ★ Reasons your Post-Penguin Link Building Sucks ★ Painful Example of Google’s Capricious Do Not Care Attitude 

Subscribe

☆ about

John Andrews is a mobile web professional and competitive search engine optimzer (SEO). He's been quietly earning top rank for websites since 1997. About John

☆ navigation

  • John Andrews and Competitive Webmastering
  • E-mail Contact Form
  • What does Creativity have to do with SEO?
  • How to Kill Someone Else’s AdSense Account: 10 Steps
  • Invitation to Twitter Followers
  • …unrelated: another good movie “Clean” with Maggie Cheung
  • …unrelated: My Hundred Dollar Mouse
  • Competitive Thinking
  • Free SEO for NYPHP PHP Talk Members
  • Smart People
  • Disclosure Statement
  • Google Sponsored SPAM
  • Blog Post ideas
  • X-Cart SEO: How to SEO the X Cart Shopping Cart
  • IncrediBill.blogspot.com
  • the nastiest bloke in seo
  • Seattle Domainers Conference
  • Import large file into MySQL : use SOURCE command
  • Vanetine’s Day Gift Ideas: Chocolate Fragrance!
  • SEM Rush Keyword Research
  • ☆ blogroll

  • Bellingham SEO
  • Domain Name Consultant
  • Hans Cave Diving in Mexico
  • Healthcare Search Marketing
  • John Andrews
  • John Andrews SEO
  • SEMPDX Interview
  • SEO Quiz
  • SEO Trophy Phrases
  • SMX Search Marketing Expo
  • T.R.A.F.F.I.C. East 2007
  • TOR
  • ☆ categories

    Competition (39)
    Competitive Intelligence (15)
    Competitive Webmastering (547)
    Webmasters to Watch (4)
    domainers (63)
    Oprah (1)
    photography (3)
    Privacy (16)
    Public Relations (187)
    SEO (398)
    Client vs. SEO (2)
    Link Building (3)
    Search Engines vs. SEO (1)
    SEO SECRETS (11)
    SEO vs. SEO (1)
    ThreadWatch Watching (5)
    Silliness (24)
    Social Media (7)
    society (31)
    Uncategorized (23)

    ☆ archives

  • November 2014
  • September 2014
  • December 2013
  • October 2013
  • September 2013
  • August 2013
  • May 2013
  • April 2013
  • March 2013
  • February 2013
  • January 2013
  • November 2012
  • September 2012
  • August 2012
  • July 2012
  • June 2012
  • April 2012
  • March 2012
  • February 2012
  • January 2012
  • November 2011
  • October 2011
  • September 2011
  • July 2011
  • May 2011
  • April 2011
  • March 2011
  • January 2011
  • December 2010
  • November 2010
  • October 2010
  • September 2010
  • August 2010
  • July 2010
  • June 2010
  • May 2010
  • April 2010
  • March 2010
  • February 2010
  • January 2010
  • December 2009
  • November 2009
  • October 2009
  • September 2009
  • August 2009
  • July 2009
  • June 2009
  • May 2009
  • April 2009
  • March 2009
  • February 2009
  • January 2009
  • December 2008
  • November 2008
  • October 2008
  • September 2008
  • August 2008
  • July 2008
  • June 2008
  • May 2008
  • April 2008
  • March 2008
  • February 2008
  • January 2008
  • December 2007
  • November 2007
  • October 2007
  • September 2007
  • August 2007
  • July 2007
  • June 2007
  • May 2007
  • April 2007
  • March 2007
  • February 2007
  • January 2007
  • December 2006
  • November 2006
  • October 2006
  • September 2006
  • August 2006
  • July 2006