Hot on the heals of the recent Google unsecured Webcams search news comes in via email@example.com of an even more serious security breach made available by search engine queries.
The latest discovery is that you can search for export processes language changelog phpmyadmin at Yahoo and return a list of open, vulnerable MySQL database servers.
In the wrong hands, and with a little advanced search knowledge that query can be tweaked to find ecom sites and all manner of havoc wreaked.
Yahoo! have been alerted, but at the moment the vulnerability is still easily found. This is not Yahoo's fault of course, this is a problem with the hugely poplular Open Source MySQL database and the way in which it has been deployed on some websites. The search just hightlights those servers able to be manipulated.
You can do the same search on Google, but it's less accessible as you have to add filter=0 to the end of the url string.
ADDED: Testing 1,2,3....
I've just tested this on a staged install by a friend and can assert that it works well. I was able to delete tables and access data very simply.
Essentially it is about using proper English in adverts and dropping slang.
IN the haphazard world of instant messaging and dashed-off e-mail messages, where "kk" isn't a typographical mistake but just the latest bit of Internet slang (it stands for kays, or O.K.), does anyone really care about style and grammar anymore?
Google does. Taking the stance that unorthodox usage and punctuation and slang create a less straightforward searching experience, Google's AdWords division, which is responsible for the contextual ads that appear alongside search results, insists on standard English and punctilious punctuation. Cater to teenagers hooked on text messaging? This is a world with no "dealz 4 u." To those who say, "Grammar schmammar, this is advertising, after all," Google might suggest: "Schmammar is not a word. Try 'Forget about grammar' instead."
Full details from HBX Networks but picked up from Web Pro News
We do realize that GMail is an invitation-only service, in a beta-test state of development. Nevertheless, many people rely upon GMail heavily, and many more people are forced to communicate with GMail users, because of this reliance. These people should expect their communications to be vulnerable to interception, at least until GMail corrects the issue. And the appearance of this issue, at the user level, probably indicates a failure in GMail's code review and/or quality assurance standards, which may result in other, similar errors. We did not explore GMail for additional such errors, but based upon the nature of this one, we are confident that such exploration would bear interesting fruit. (Note to GMail's development teams: we are available for hire! Cheaply! ;-P)
I'm sure this will be fixed very quickly but will things like this knock the share price?
Google unveils search product for small businesses
Google have unveiled the Google Mini, a $5000 Google in a box solution for small/med companies that comprises of a hardware and software bundle for searching corporate intranets. It also has some enhanced features to limit access and montitor usage - not much is available on this yet so drop any links in the comments when and if you find them :)
late on Wednesday unveiled the "Mini," a new hardware product aimed at helping small businesses add search to their public Web sites and giving employees more tools to find information quickly on internal networks.
Google gets a small percentage of its revenue from its Google Search Appliance, which is priced from $32,000 to more than $500,000 and is sold mainly to big companies looking to search company Web sites and intranets.
The Web search leader aims to extend its reach with the Mini, which has fewer bells and whistles and sells for just under $5,000. For example, it can search 50,000 documents compared with the 15 million that can be handled by Google's top-end Search Appliance.
From this L A Times story
Google may have more to worry about. Peter Sealey, co- director of UC Berkeley's Center for Marketing & Technology, said small-business owners might not appreciate the diminutive name when they ponder making a $5,000 purchase.
"I'd much rather give it a little more dignity," he said. "The only worse name would have been Google Lite."
Universities get free ticket to Opera
Opera who recently launched a new version of their browser with voice capabilities have always, imo, had a great browser technology. There are just so many nice things one can say about Opera, i gave up using it when the UI changed in 7.0 (i think) because i just couldnt get my head around the new layout and way it worked, but, it's still a top grade bit of kit.
However, they have also had, probably the stupidest basic biz plan for a browser know to geek. To want to charge me $50 to get rid of the ads is, again IMO, bloody outrageous. I wouldnt pay for it on general principle, but then when Firefox started getting just a bit dangerous i switched and have never looked back.
The University Play
So, now we have Opera giving their browser away free to universities (they used to charge $1 a license) in a bid to keep up with the awesome growth of Firefox seen in recent months following their now infamous open source ad in NYT.
Is it too little too late?
Maybe not. MIT, Harvard and Oxford have, according to the press release, opened their arms to the norwegian underdog. With tech savvy soap dodgers using Opera they may yet having something significant to say in the ongoing browser wars.
Hello, anybody home....?
Now all Opera have to do is to look at the success (and im sure it'll be a smash) of this little move and work out a way to drop the stupid ads and give their lovely tool away for free. - There has to be another, if not several dozen ways to make Opera profitable without resorting to embedded ads surely...
The U.S. Securities and Exchange Commission is probing possible links between Montreal-based Internet company Mamma.com Inc. and Irving Kott, a legendary Canadian stock promoter with a long history of run-ins with the law.
A Mamma.com executive confirmed yesterday that the SEC requested information last year on any connections to Mr. Kott -- past or present -- and the company has complied.
Worker sacked over blog comments
..think before you blog
The BBC reports an Edinburgh man (who worked for Waterstones, a large UK chain of booksellers) has lost his job over comments made about his employer in a blog.
Mr Gordon went on to say that he would occasionally mention his work life online, coining phrases such as "Bastardstone's" and referring to his manager as "Evil Boss".
if I had wished to do that then I would have been running less satirical and far more biting comments on a rather more regular basis, rather than commenting from time to time about a bad day at work, a grumpy manager or the like.
He is apparently currently appealing his dismissal
Your employer could be reading your blog now. Happily, apart from the wife, I do not have an employer.
Busythumbs Opens Community Forum
The boys at BusyThumbs.com have been busy, not only have the launched a moblogging blog recently but yesterday launched a full on forum for mobile discussion - including a whole bunch of categories for mobile hardware support, moblogging questions and general discussion of mobile.
If you're into that stuff, it's a neat site and well looked after by it's small team of admins - i'm helping them a little bit with their community efforts so if you moblog, or wanna talk mobile tech, you'll find me over at the forum hanging out with the devs :-)
How does MS leapfrog Google and dominate search and Phase 2?
Bill Gates had the vision to see every PC would need an operating system and elected to get a piece of every pc sold w/ DOS/windows. Let the Hardware guys decide what else to put on the pc and how to market it. Find out how Microsoft could beat Google by following the title link for the full post.
The future of web technologies in the mobile revolution First of all, I want
Pay attention at the back! If you aren't reading all you can on mobile, at some point in the next couple of years you're going to be seriously on the back foot with this stuff - Anita Wilhelm at MG says it's ok, that our skills will be in high demand, but bugger that, i dont want to do the W word for someone else, i want to build neat applications for phones...
If I were a web dev, I wouldn't worry too much about being out of work. In the next few years there is going to be so much going on to make all the different platforms talk, sync, and share data... (and who knows how that will happen)... that your skills will probably be in higher demand than ever. This revolution is not going to do away with web technologies. It's just going to change how they work. It's going to change what they are used for, and who is using them... meaning more work for you to do.
Revolution and change doesn't mean destruction of something old. It usually just means reshifting it, refurbishing, rebuilding... and making it more appropriate.
Im still trying to work out the essential skill set for mobile, any thoughts?
Is Ask Jeeves Behind Browser HiJackers?
The Little Engine that Could - Infect your Computer!
My mate Roger points out on his blog, threadlinked above, that Ask Jeeves is behind some particularly nasty spyware - namely:
Smiley Central, and
Ask Jeeves last year acquired a company called myway and mywebsearch. Their toolbar products are referred to by many as spyware. In fact, if you search on Google for MywebSearch, most of the results are websites telling you how to remove the mywebsearch toolbar.
Does Ask Jeeves Profit from Annoying Pest Products?
Well, the answer depends on how you define the word pest. In addition to the MyWay and MyWebSearch products, Ask Jeeves is also profiting from the Smiley Central and Cursor Mania products. According to the PC Hell website, these products are identified as pests by the AdAware and SpyBot Search & Destroy anti-spyware products and are reported to be removed, along with browser hijackers and known spyware programs. If you read the removal instructions on the PC Hell website it will become very clear that they are extremely difficult to get rid of.
So Jeeves, how come? - wanna let us all know why you're promoting, and for all appearances profiting from nasty spyware programs?
News comes in via threadwatch member ThomasB that Google may be filtering out subdomains - like myspammykeyword.mydomain.com
Go ahead and check, we dont need to do the specifics, you all know which SERPS we're talking about here - in the US results but NOT the .de results, the subdomains that have been dominating those serps have gone - finsihed.
Firefox at 4.6%
Business Week article shows
According to a survey released Jan. 12 by research firm WebSideStory, Mozilla's free Firefox browser has grabbed a 4.6% share in the two months since it was released and seems well on the way to its stated goal of 10%.
Microsoft's Internet Explorer has slipped 4.9 percentage points over the past six months, to 90.6%, the lowest in three years.
Chitika, who launched back in November last year have just released details of their new Blog program BlogContext
Chitika is an aggregated contextual ad network currently partnered with FindWhat, Espotting, Shopping.com and Commision Junction and a few others.
This from the press release:
In real-time, BlogContext intelligently selects the most relevant ad for the content from the over 500,000 ads in Chitika's network. It adapts as the content of the blog changes, ensuring timely and related advertising. The ads are displayed to the user regardless of how the blog content is being viewed. Alden DoRosario, Co-Founder and CTO for Chitika points out, "Bloggers publish their content on their website, but in reality, they receive most of their viewership through feed technologies such as RSS or Atom. The unique value that BlogContext brings is that the contextual text-based ads are also distributed as a part of these feeds, significantly increasing revenue potential."
Ads are In Feeds Also...
According to Chitika the ads will be seen however a blog is viewed. This from co-founder Alden DoRosario:
"Bloggers publish their content on their website, but in reality, they receive most of their viewership through feed technologies such as RSS or Atom. The unique value that BlogContext brings is that the contextual text-based ads are also distributed as a part of these feeds, significantly increasing revenue potential.
I'm early in the process of going digital re household music (video next on the list) and while it seems easy ~and relatively inexpensive~ to do either portable ipod-ish music AND entertainment server-based home theatre surround sound, the middle ground seems to be kind of barren.
What about a dumb-as-a-brick shelf stereo system? There are some parts of the house where I only want to slap in a sd card and hit the PLAY button and could care less about having the media center UI. Also, getting rid of the fan and disk noise would be a big plus in a study or bedroom installation. K.I.S.S. still is the best OS of all.
Having the Zen Micro jacked into an Extigy external Soundblaster card (with remote) and 5.1 CMSS digital speakers seems like the only way to go right now but, man, that's a bit of overkill don't you think?
As most search marketers know, you can do some very useful things with a good scraping script - from simple stuff to check out your competitors in bulk without alerting the search engines to well, just about anything.
Mostly scrapers are used for decidedly dark seo tactics, and thanks to Daniel Brandt who is currently in bed with Andrew Orlowski in a parnoid frenzy over at the Register you can be a search spammer too!
Way to go daniel, that's a really bright idea mate....