John Andrews is a Competitive Webmaster and Search Engine Optimization Consultant in Seattle, Washington. This is John Andrews blog on issues of interest to the SEO community and competitive webmasters. Want to know more?

johnon.com  Competitive Web & SEO
November 5th, 2009 by john andrews

The Federal Website is the New Sacred Cow

A few years ago I was involved in some IT grants from the US government. I was in awe… of the incredible corruption I witnessed. It wasn’t “China style” cash bribes, but rather relationship corruption. Political stuff, where knowing someone got you access, and keeping a strong relationship (by whatever means available) got you continued success. I just called it corruption… I’ll explain why.

At one point, shortly before I left that world out of disgust, I reviewed a $600,000 contract renewal for maintenance of a small database that almost no one used (relatively speaking). Not a large, complicated Oracle database. Not a secure, sensitive database. A simple information database (in a 3 or 4G database language) that had simply gone too long without smart management oversight. No one wanted to touch it. Even the IT guy who built it and maintained it didn’t like working with it, but he apparently didn’t have other job prospects that paid this well. The project had no real career-building value. It was not part of any project that would succeed, nor did it enjoy a high profile. It was simply there, and no one wanted to be the person who decided to stop funding it. The renewal proposal was about the same as it was at last renewal, plus a little more, and came to around $600,000.

That’s nearly a million dollars of your tax money, to fund a seriously second rate (I checked) self-taught IT guy working on something like one single Microsoft Access database, which was used successfully by probably a hundred people each year (mostly because those hundred didn’t otherwise know how to find the data in one place). As a taxpayer, I bet you didn’t know you paid for that.

As I thought about asking specifics about why this was nearly $600,000 and whether it was needed or not, another project came across my desk with a higher priority. It was also a database — this one written in scripts for an IBM AS/400 mainframe system. The database was noted to be essential. It contained vendor contact information, going back nearly 20 years. It was large and not a real database, but a set of scripts. The mainframe was being retired, and the proposal was to either re code the information into a new, modern “database” or fund the maintenance of a dedicated legacy AS/400. The recoding project was estimated at tens of thousands of dollars to get started with a requirements review, with no certainty of the actual total costs. The legacy mainframe was budgeted in the $150k range, plus annual maintenance overhead. Not a ton of money, but not insignificant.

As an IT guy I knew the only correct answer was a re coding, and that a re coding should only be considered after a careful review of the data and it’s value. Over a few months time I successfully navigated the politics and gained access to the “essential data” (in other words, I kept my job while the mainframe guy was eventually forced to retire). I loaded the data into Excel and examined it. Of the hundreds and hundreds of vendor contacts, only 11 were current. Eleven.

In short, much to do about nothing. And that process took about 4 months, plus 20 minutes for me to use Excel.

I was told that the $600,000 contract went through, and the project would be re-examined at some future date. I subsequently learned that databases (at that time… late 1990’s) were the Sacred Cows within government agencies. They were difficult to control, acknowledged as valuable, and sensitive — databases could be “corrupted”, could be “tainted”, could be “infiltrated” or “ms-appropriated”. All great scary important government words, which meant dollars could be safely assigned to databases, with little credible challenge. Databases were technology, and technology was sexy. Databases were large (or could be easily made to be large), which meant they provided a basis for justifying new, faster computers every year. Database administrators in the real world commanded large salaries, so self-taught pseudo DBA’s working for the government could get a decent fraction of a high salary by association. Database administration was also dynamic, which meant training budgets could be justified.

I honestly believe that I would have been able to show that the $600,000 database was almost as equally useless as the 11 vendor database, had I been given a chance. But of course I wasn’t given that chance. I was given a grant of my own instead.

In 2009 we enjoy the ramp up of the age of the government web site. We’ve already seen one web site project approved for over $18 million dollars… and it’s a web site to tell the taxpaying American public specifically how the government is spending our tax money.

We’ve seen several independent consumer-facing web sites launched by the government, each with a unique style, on unique technology platforms, published by different agencies. I can only assume each of these has a maintenance contract as well. And is counting “hits” to justify renewal in the next round of funding. I can only expect that pseudo “branding experts” are preparing the language that will be used to justify intangible asset value as well, a new Sacred Cow for a new age. I don’t recall the Federal Register ever having to package itself as a consumer-friendly magazine, but apparently our new government in Washington thinks government-funded webmasters are the solution to satisfying the public’s need for accountability. What a scam.

And the latest scam is this joke of a web site from the Federal Trade Commission (FTC), apparently intended to help consumers understand that credit reports that cost $14.95 per month are not actually free. You paid for that web site, and you’ll pay for the maintenance. You’ll pay for a junior web specialist to get Dreamweaver training, you’ll pay for her associate to take an “intro to marketing” course, and you’ll pay for her supervisor to get “how to manage technical creatives” training.  Or you’ll pay a web company a few hundred thousand dollars to do it all for you (with a maintenance contract going out a few years). All for the very important purpose of…. what exactly?

Exactly. To translate caveat emptor into modern American English, on a web page that no one will read. Unless it ranks at the top of Google. Which it won’t do unless Google forces it there, since it is so poorly crafted. And even in the #1 spot, would it convert? Look for the call to action. Can’t find it.. wait.. no, I thought that was it but no… oh okay I see it… um, yeah that’s probably it. I’ll have to try before I know for sure. It clicks thru to yet another government website (ftccomplaintassistant.gov). Now where’s the “submit a complaint” call to action? Hmm… let me try and find it.

I’d be surprised if the entire process enjoys a goal success rate of 3%.
And if you think I’m exaggerating, go to the site and follow thru to file a complaint. I decided to file mine against the FTC, for misrepresenting themselves as a non-profit entity protecting the American consumer. I was going to focus my complaint on the concept of personal inurement… the use of a non-profit entity to enrich the lives of those operating it, such as through good paying jobs and job perks. I know it doesn’t apply to government web sites, but I wanted to do it anyway so the complaint would sit for years in someone’s “how do we count this one” pile.

I didn’t get far. The web site’s “file a complaint” form forces virtually all of the complaint fulfillment process back on you, the submitter, via a process filled with pick lists and forms to properly classify and categorize your complaint. Almost everything I wanted to pick was not classified, and required I choose “other”. Even the “credit reporting agencies” or “credit reports” issue was not listed as a popular topic. I bet the drop out rate for that feedback form is in the high 80% range, which would be astonishing for a site catering to already pissed off complainers.

But the FTC’s management doesn’t care about that metric. They care about the ones I was asked to grade via a “user feedback form” commissioned through very much for-profit vendor Forsee Results, which sent me a “random feedback” survey. They wanted to know exactly how satisfied I was with things like  the FTC complaint form’s “visual appeal”, “balance of graphics and text”, and “number of clicks it takes”.

Exactly. More spending to justify more spending. Or, in other words, we’re stock piling expensive hay to keep feeding the new sacred cows we outsiders call “web sites”.

★★ Click to Share!    Digg this     Create a del.icio.us Bookmark     Add to Newsvine
October 6th, 2009 by john andrews

Keas.com – another bad domain name

Another variant of Health Vault, and another bad domain name. This time it’s keas.com, an online medical records play from Adam Bosworth, who left his position as head of the Google Health team. Of Bosworth’s choice of domain name, The New York Times says: “The name “kea” refers to a species of alpine parrot, which he spotted on the South Island of New Zealand

The name of an alpine parrot? From New Zealand? A homonym of “keys”? Confusingly similar to the car company Kia? Or does it mean “Killed In Action”?

I can imagine the excuses made at pitch meetings.. it’s short, and we need a short name so people can remember it. Or It was “available”. Or perhaps even “we’re a startup.. we’ll re-brand later” which is always my favorite. Rebrand later? Are you serious? And then there’s the “our exit startegy is to be bought by some big company or conglomerate, and they won’t care about the name“. Or maybe “we’re not really independent, but just set up that way so that we could do things that big established companies would not be allowed to do. Like a skunkfarm. So the name didn’t matter“.

Not to be overly critical of just the domainname,  this play seems to be all about locking up a community and keeping them away from searching for themselves. Rather than rely on healthcare search marketing, the business of reaching consumers who need need specific health information by appearing prominantly before them when they search Google or Bing, this play is about locking the consumer into a medical records database system. Once your data is in there, they own you. It will know everything about you. It will know you are 47, overweight, diabetic, and that you play fantasy football 7 hours a day on the weekends. From there, it can pretty much predict the rest (including your liklihood of drawing on health insurance coverage in the near term, mid term, long term).

It’s backed by both Google and Microsoft, so far (according to the report)… those same players who were so widely criticized when they tried to lock up medical records last time. Criticized because, well, their initiatives are completely driven by profit and corporate power, while our governments remain almost completely inert on the front of “helping people because they need help and it’s the right thing to do (and also cause we took their tax money)“.

Keas. Not a herd of small Korean cars… not those little metal things you use to start your big American car. It’s your interface to your medical records, sponsored by the companies that want to know everything about you. In order to help you. Sure.

Is it time to revive the concept of domain name consultant?

★★ Click to Share!    Digg this     Create a del.icio.us Bookmark     Add to Newsvine
September 30th, 2009 by john andrews

Rocky Mountain Bank Security

Last week Rocky Mountain Bank (according to reports) emailed, unencrypted, social security numbers and personal financial data on 1300+ customers, to the wrong address (link below):

The e-mail, sent by an employee of Jackson, Wyo.-based Rocky Mountain Bank on August 12, contained names, addresses, Social Security numbers, and loan information of more than 1,300 bank customers.

From court documents (PDF):

The confidential information includes names, addresses, tax identification numbers,3 and loan information for each of the 1,325 customer accounts.

That email, with the customers’ information, went to a gmail address. A frantic skirmish ensued, with Rocky Mountain Bank actually getting a court order to force Google to lock the email address. That part got the attention of the tech community, but what about the part about Rocky Mountain Bank leaking customer social security numbers? Why wasn’t that part sensational? And the part about Rocky Mountain Bank filing a request to seal the court order, on the grounds that it was not good for the bank, with an assertion that the confidential information may not have been actually “disclosed”:

Plaintiff argues that if its complaint and motion papers are not filed under seal, all of its customers may learn of the inadvertent disclosure. Plaintiff further argues that publication of the disclosure before it determines whether the Gmail account is active or dormant will unnecessarily create panic among all of its customers and result in a surge of inquiry from its customers. In his declaration, Mark Hendrickson, states that “until there is a determination that the Confidential Customer Information was in fact disclosed and/or misused, the Bank cannot advise its customers on whether there was an improper disclosure.”

It gets worse. Now that Rocky Mountain Bank (of Jackson, Wyoming) has confirmation from Google that the owner of the gmail account had not yet read the email, we are asked to accept that all is well in Rocky Mountain Bank Security Land:

“As a result, no customer data of any sort has been viewed or used by any inappropriate user during this data lapse,” Martinez wrote. “Rocky Mountain Bank acted to protect its customer’s confidential information. That objective was accomplished. The matter is now closed and the TRO (temporary restraining order) entered on September 23, 2009 is now vacated.”

Seriously? Unencrypted emails are stored on numerous servers on their way to their destination. An email sent from Rocky Mountain Bank in Wyoming to a Gmail account, is not “secure” along the way. Just because Google says the email has not been read via the gmail account, does not mean the email has not been copied, stored, archived, or even read on numerous cooperating servers in the public path between Rocky Mountain Bank and Google’s GMail servers. I don’t even trust that Google’s determination is accurate. Without details, who knows if the email and been read and marked as unread? Or forwarded? Or accessed outside of the web interface? Has anyone looked to see just what Google specifically examined? Or is Rocky Mountain Bank just hoping we’ll all forget this “mistake”?

Not to mention the tougher questions. Is it standard Rocky Mountain Bank procedure to email confidential customer data unencrypted, every day? Is it only when they realize they sent it to the wrong address, that it becomes news?

I expect a name change for Rocky Mountain Bank in the near future, for Reputation Management purposes, but really… when will we start demanding more from our banks and their inept managers and executives?

★★ Click to Share!    Digg this     Create a del.icio.us Bookmark     Add to Newsvine

Competitive Webmaster

Wonder how to be more competitive at some aspect of the web? Submit your thoughts.

SEO Secret

Not Post Secret

Click HERE



about


John Andrews is a mobile web professional and competitive search engine optimzer (SEO). He's been quietly earning top rank for websites since 1997. About John

navigation

blogroll

categories

comments policy

archives

credits

Recent Posts: ★ SEO Industry Growth, Widespread Failure, and SEO Industry Challenge ★ Do you want to WIN, or just “Be the Winner”? ★ 503: GONE ★ Cloud Storage ★ Identity Poetry for Marketers ★ PR is where the Money Is ★ Google is an Addict ★ When there are no Jobs ★ Google Stifles Innovation, starts Strangling Itself ★ Flying the SEO Helicopter ★ Penguin 2.0 Forewarning Propaganda? ★ Dedicated Class “C” IP addresses for SEO ★ New Domain Extensions (gTLDs) Could Change Everything ★ Kapost Review ★ Aaron Von Frankenstein ★ 2013 is The Year of the Proxy ★ Preparing for the Google Apocalypse ★ Rank #1 in Google for Your Name (for a fee) ★ Pseudo-Random Thoughts on Search ★ Twitter, Facebook, Google Plus, or a Blog ★ The BlueGlass Conference Opportunity ★ Google Execs Take a Break from Marissa Mayer, Lend Her to Yahoo! ★ Google SEO Guidelines ★ Reasons your Post-Penguin Link Building Sucks ★ Painful Example of Google’s Capricious Do Not Care Attitude 

Subscribe

☆ about

John Andrews is a mobile web professional and competitive search engine optimzer (SEO). He's been quietly earning top rank for websites since 1997. About John

☆ navigation

  • John Andrews and Competitive Webmastering
  • E-mail Contact Form
  • What does Creativity have to do with SEO?
  • How to Kill Someone Else’s AdSense Account: 10 Steps
  • Invitation to Twitter Followers
  • …unrelated: another good movie “Clean” with Maggie Cheung
  • …unrelated: My Hundred Dollar Mouse
  • Competitive Thinking
  • Free SEO for NYPHP PHP Talk Members
  • Smart People
  • Disclosure Statement
  • Google Sponsored SPAM
  • Blog Post ideas
  • X-Cart SEO: How to SEO the X Cart Shopping Cart
  • IncrediBill.blogspot.com
  • the nastiest bloke in seo
  • Seattle Domainers Conference
  • Import large file into MySQL : use SOURCE command
  • Vanetine’s Day Gift Ideas: Chocolate Fragrance!
  • SEM Rush Keyword Research
  • ☆ blogroll

  • Bellingham SEO
  • Domain Name Consultant
  • Hans Cave Diving in Mexico
  • Healthcare Search Marketing
  • John Andrews
  • John Andrews SEO
  • SEMPDX Interview
  • SEO Quiz
  • SEO Trophy Phrases
  • SMX Search Marketing Expo
  • T.R.A.F.F.I.C. East 2007
  • TOR
  • ☆ categories

    Competition (39)
    Competitive Intelligence (15)
    Competitive Webmastering (547)
    Webmasters to Watch (4)
    domainers (63)
    Oprah (1)
    photography (3)
    Privacy (16)
    Public Relations (187)
    SEO (398)
    Client vs. SEO (2)
    Link Building (3)
    Search Engines vs. SEO (1)
    SEO SECRETS (11)
    SEO vs. SEO (1)
    ThreadWatch Watching (5)
    Silliness (24)
    Social Media (7)
    society (31)
    Uncategorized (23)

    ☆ archives

  • November 2014
  • September 2014
  • December 2013
  • October 2013
  • September 2013
  • August 2013
  • May 2013
  • April 2013
  • March 2013
  • February 2013
  • January 2013
  • November 2012
  • September 2012
  • August 2012
  • July 2012
  • June 2012
  • April 2012
  • March 2012
  • February 2012
  • January 2012
  • November 2011
  • October 2011
  • September 2011
  • July 2011
  • May 2011
  • April 2011
  • March 2011
  • January 2011
  • December 2010
  • November 2010
  • October 2010
  • September 2010
  • August 2010
  • July 2010
  • June 2010
  • May 2010
  • April 2010
  • March 2010
  • February 2010
  • January 2010
  • December 2009
  • November 2009
  • October 2009
  • September 2009
  • August 2009
  • July 2009
  • June 2009
  • May 2009
  • April 2009
  • March 2009
  • February 2009
  • January 2009
  • December 2008
  • November 2008
  • October 2008
  • September 2008
  • August 2008
  • July 2008
  • June 2008
  • May 2008
  • April 2008
  • March 2008
  • February 2008
  • January 2008
  • December 2007
  • November 2007
  • October 2007
  • September 2007
  • August 2007
  • July 2007
  • June 2007
  • May 2007
  • April 2007
  • March 2007
  • February 2007
  • January 2007
  • December 2006
  • November 2006
  • October 2006
  • September 2006
  • August 2006
  • July 2006