March 2005 Archives

Urchin has announced today that it is to be acquired by Google. "Google plans to offer Urchin to advertisers and web site owners to enable them to increase their advertising return on investment and make their web sites more effective. " What exactly does that mean? Well, it's probably a little early to say with certainty, but I would presume that they intend to use Urchin's analytics technology to provide more detailed stats to adwords and adsense users. What the PR doesn't say is whether we can expect any big changes in terms of the Urchin software itself. Only time will tell I suppose, but it could be a very interesting development. Not only will Google be powering the search, but also the stats that show the search....

I finally took the plunge today and got milter-ahead working. I had been meaning to do something about it for ages, but didn't have a spare redhat machine to test it on. What does it do? The concept behind the milter is very simple. At the start of the SMTP transaction the milter connects with the destination mail server to see if the recipient is valid. If the recipient is valid or the mail server accepts mail for it (which is not always the same thing) then the SMTP transaction continues. If, on the other hand, the destination mail server rejects the recipient then the transaction stops there. It also caches the results, so you don't have to make a connection for each and every mail. Why is this useful? If you are using a gateway for multiple mail servers the milter reduces load and bandwidth on both the gateway and the receiving mail server. Some "older" domains can get hit with dictionary attacks several times a day, so the milter can reduce the load on your MailScanner processes significantly.

Upgrading Sugar CRM should not be a painful process, but it can be, as I found out. Unlike some of the older releases the current stable version does not include either an upgrade option or any instructions on doing it, while the documentation link points to the wrong place. Fortunately I had taken a backup of my entire DB before I started, so it wasn't too bad :) In any case if you want to avoid this kind of headaches: 1 - Take a backup of your Sugar CRM database 2 - Go here 3. Read the instructions 4. Grab the correct .sql file 5. Import it: mysql -uusername -ppassword database< 2.5-2.5.1_open_db_upgrade.sql Edit to taste 6 Run the installer for the latest version Make sure you DO NOT create new tables or drop any existing ones Login as the "admin" user. You'll be prompted to run a couple of upgrades via the admin panel to finalise the install.

Mort posted a link to a very handy little firefox addon. Based on Tidy (which I mentioned recently) the extension checks sites for valid HTML as you browse. If there are any errors or warnings an icon in the corner subtly alerts you to them. Double-clicking on the icon brings up a screen with a lot more detail. It's a very nice little addition, though I don't understand why the developer hasn't put it in the official firefox extensions' repository.

Bank of Ireland's online banking service, 365 online, has been targetted in one of the latest rounds of phishing attacks. Compared to other attacks, such as the paypal one I mentioned recently, this one is quite rudimentary, but could be effective against some people. The initial email uses the BOI logo and phone number and calls upon users to login immediately as there has been "a security breach": The email links to what looks vaguely like the real BOI site: Where users are asked to provide their PIN etc. Of course the address bar gives it away: While another page they put up is full of grammatical errors and cultural faux pas: Note the incorrect plural of the nouns and the request for a Zip code. The site being used by the scammers is hosted by an Italian ISP. Update: BOI have made an announcement about this phishing attack and the Italian site has been taken offline. I got a rather amusing email from their IT department telling me what I already knew. I might post it later.

Eircom have announced today that they will be offering "one of the fastest speeds in Europe for entry level or standard Broadband" Their entry-level product will move to 1Mb, while business users will be able to get up to 4 Mb. The one thing there is no mention of in the press release is whether they will be making any improvements to upload speed. It's all very well being able to download at 2 Mb/sec, but being able to get something close to that speed upstream would make a real difference. The other question is whether their resellers, such as Netsource, have any intention of following suit... Only time will tell.....

I'm trying to get some nice charts in flash together for a little side project of mine. The problem I am trying to overcome is that the chart production code requires xml-like data input to do the graphing. At present I only have the data in html files, so I need to convert them to xml or strip the data from them and push it out into xml. After googling a bit I came across a very simple solution on the IBM developer site. Simply passing a couple of parameters to "tidy" you can produce XHTML from legacy HTML files: tidy -asxhtml -numeric < file.html > file.xml You can find out more about tidy or grab a copy here. The next step will be to remove the extra code from the generated file and leave just the data for the graphs.

SugarForge has been launched to help developers working on new modules and extensions for SugarCRM. The site uses gforge and provides the same kind of functions available on SourceForge Over the last few months the number of users and developers who have shown an interest in SugarCRM has grown exponentially, so the foundation of a dedicated community for developers is a fantastic step. The number of projects listed on SugarForge is quite small at present, but I'm sure it will grow over time.

If you know your meta tags or are involved in SEO you probably remember the debacle around the MS Smart Tags. The tags were another "brilliant" idea from Gates & Co to "improve" the user experience through the auto-insertion of links/content into websites when view using IE. Fortunately MS offered an "opt out" clause via a meta tag and eventually shelved the idea (more or less). Meanwhile "back on the ranch" Google has grown to conquer and dominate the search engine market - and possibly a number of other related markets. It has done all this whilst maintaining its "squeaky clean" corporate image. No matter what Google has done nobody seems to think of them as an "evil" corporation. Google is constantly toying with new and exciting ways to manage knowledge and its related data, in every imaginable format. Its use of technology has changed the way we view things, read news, advertise and even organise our files. This perception may change. The latest version of the Google Toolbar for Internet Explorer adds a new, and quite disturbing, feature "autolink". The change log for toolbar refers to it innocently as " AutoLink feature to turn street addresses into links to online maps". It fails to mention what it can do to other content. The addresses are only the starting point. ISBN are converted to links to amazon, while other content "hooks" are pushed towards other partner companies. Of course it is possible to argue that this "enriches" the end user experience. But does it? Where do you draw the line between enriching an end user's experience and perverting the web author's content? We spend money on Google adwords to drive traffic to our site and increase sales (obviously). What happens when Google sign a deal with one of our competitors? Will keywords and phrases related to our core business be morphed into links to a 3rd party? That would be perverse. For other types of companies this kind of modification could spell financial disaster, as Scott Granneman, Steve Rubel and others demonstrate. In typical web fashion people have already found ways of circumventing the perversion. So will Google be able to maintain its "squeaky clean" image? Only time and the public's opinion will truly decide. Personally I feel quite disappointed, but maybe I was being too naive.

Martin pointed me at a rather handy set of scripts for generating the regex for spam assassin custom rules: CMOScript I haven't had any success with the custom rule I was trying to generate, but that's more likely due to me than the scripts :)

I grabbed a copy of it this evening just to see if it was any good. So far I am impressed. It seems to be able to find emails a lot faster than Outlook, which isn't much of a surprise. The only thing I can't see anyway of choosing which elements to search through: Maybe I'm missing an option, but if I want to find an email quickly and even respond to it the integration seems excellent - except I may end up looking through a lot of other stuff first.... It does support firefox and they also provide an API/SDK for developers who want to add support for other application types. For example, there is a Trillian plugin available. It's been indexing my hard drives for the last couple of hours and the results so far are proving interesting. When I do a Google search it shows me local results as well as the web ones. Very tasty!

According to an article in yesterday's Sunday Tribune the Dept. of Justice is hoping to outsource speed traps to a private company. Considering the problems that already exist with the points system how can outsourcing improve matters for the public?

I just noticed the "invite a friend" option in my adsense account this morning. The only thing is that there is no incentive for me to do it, which is a pity. Most other programs offer some kind of incentive, be it a onetime commission or a recurring payment. Why doesn't Google?

Since I've got Wordpress MU working pretty well and will be making further improvements over the next couple of days people can now sign up for a free blog over on IrishBlogs.com. At the moment the accounts are directory based, but we should be able to convert them to subdomains without too much difficulty And before anyone thinks of it - I know the site looks ugly at the moment.

I finally got wordpress multi-user working "sanely". I think I was too addled during the week to get a grip on what I was actually doing! So far I've got it working with:

• Autosignup
• Reasonably formatted welcome email
• Custom default links

What I need to resolve relatively quickly is the URL being sent in the welcome email. At the moment it's sending out the wrong URL completely, but I'm sure it can't be that hard to rectify

We seem to get one or two of these emails a week, possibly more. They are usually very well crafted and unless you actually read (and understand) mail headers it is easy to see how someone could be duped by them. The one we got this morning is below: It looks and feels like a genuine Paypal email, until you look at the headers or the HTML source. The scammers have, of course, gone to great lengths to make sure that a cursory glance will not reveal anything "strange", so they use a mouseover link in the email to display what looks like a genuine link to the paypal site. So what happens if you are duped into visiting this site? In this instance the site was called paypol.biz After you get past the front page you are asked to agree to a number of legal statements and then passed onto this page: where they ask you not only for your credit card details, but also your bank details, social security number and more. With this kind of detail the scammer would have little difficulty in gaining access to your credit card and other sources of funds.

According to an article on Wired the US government is going to stop registration of .us domains via proxy (anonymous) services. There are, of course, privacy and freedom of speech issues involved, but one thing the article doesn't mention is spam. The number of .us domains that are abused by spammers and MLM / pyramid schemes is disturbing, yet no mention of this was made.

One of the things I've noticed is that highly intelligent people get confused by 'net concepts very easily. Although they have no difficulty in dealing with complex philosophy they seem completely baffled by the basic concepts surrounding domains and the way the 'net works (or doesn't). The other evening I was trying to explain to a client the concept of a domain alias and he got completely confused until I gave him the example of his own domains. The client in question is extremely intelligent, but the concept was too foreign for him to grasp immediately. Another client couldn't understand why eNom were sending emails to them to verify domain contact details. The email states clearly the who and the why, but the client could not comprehend the underlying concepts. In these situations trying to find a good clear example that they can relate to can be a challenge.

I was messing about with IrishBlogs the other week and I didn't get round to setting up a "proper" backend, so it was quite "open" to attack. The amount of comment spam that the blog has attracted in its short lifespan is truly impressive, though obviously for all the wrong reasons.