Beware Tabnabbing Phishing Attacks

Beware Tabnabbing, a New Type of Phishing Attack
Wow. The number of ways you can be fooled into giving up your private logins through a web browser keeps growing.

Adam Engst at Tidbits.com describes the attack using your browser history (you do purge it often, right)? See a demo at StartPanic.com and read more at Krebson Security.

The lesson: keep your browser history clean, do not sign into any secure site from a tab left open, and block as many 3rd-party ads as you can with AdBlock for FireFox. And wait for Firefox to fix this bug in accessing global history.

Regarding Flash, Apple is disingenuous

The war of wits and accusations heats up:

If Flash is to be consigned to the recycle bin, then what technology will replace its amazing animation capabilities? Apple is disingenuous in only focusing on the video-playing aspects of HTML 5.

In other news: SEO — Forget PAGE RANK: Google tells us to forget about it.

iPad or iAd

iPad Mania! But wait… we can sell ads!

Interesting what a blog at Fortune says about the new iAd’s potential:

Jobs pitch: Apple will provide the tools, sell and host the ads, give developers 60% of the revenue and by the time the service debuts this summer, offer a billion impressions a day to one of the world’s most valuable demographics.

Did you see Apple’s presentation? Streamed here.

Essay: How “going viral” works by OK Go

This essay by the creative musical band OK Go has a well-written description of how “going viral” works. Here’s a quote from the original article:

Embedded videos — those hosted by YouTube but streamed on blogs and other Web sites — don’t generate any revenue for record companies, so EMI disabled the embedding feature. Now we can’t post the YouTube versions of our videos on our own site, nor can our fans post them on theirs. If you want to watch them, you have to do so on YouTube.

But this isn’t how the Internet works. Viral content doesn’t spread just from primary sources like YouTube or Flickr. Blogs, Web sites and video aggregators serve as cultural curators, daily collecting the items that will interest their audiences the most. By ignoring the power of these tastemakers, our record company is cutting off its nose to spite its face.

The numbers are shocking: When EMI disabled the embedding feature, views of our treadmill video dropped 90 percent, from about 10,000 per day to just over 1,000. Our last royalty statement from the label, which covered six months of streams, shows a whopping $27.77 credit to our account.

It’s a good read; check it out, and consider how your website’s content can be embedded in other sites and blogs, and whether it’s worthy of being shared.

Check out the band’s website at www.okgo.net

OK GO promo poster
OG GO promo poster

 

Consumer privacy eroded by Flash cookies

Do you know about “Flash cookies” and consumer privacy? This Demystified blog has an excellent exposé… see also:

A pilot study of the use of ‘Flash cookies’ by popular websites.

We find that more than 50% of the sites in our sample are using flash cookies to store information about the user. Some are using it to ‘respawn’ or re-instantiate HTTP cookies deleted by the user. Flash cookies often share the same values as HTTP cookies, and are even used on government websites to assign unique values to users. Privacy policies rarely disclose the presence of Flash cookies, and user controls for effectuating privacy preferences are lacking.

http://billmullins.blogspot.com/2009/09/lso-flash-cookies-serious-attack-on.html

There is a major advantage for an advertiser to employ Flash cookies, not the least of which is; they are virtually unknown to the average user. Equally as important from an advertisers perspective is; they remain active on a system even after the user has cleared cookies and privacy settings.

To call this a deceptive practice would be a major understatement. Crooked, immoral, fraudulent, illegal, are just some of the words that come to mind.

There are tools to help you delete these unwanted sneaky cookies… for Firefox, use BetterPrivacy.

When Wisdom of the Crowd gets manipulated

When “Wisdom of the Crowds ” gets manipulated

YELP!, you’re in deep trouble. There’s growing momentum for a class-action lawsuit against the review website. And Yelp co-founder Jeremy Stoppelman is dismissive of complaints. It adds up to a major blow for hubris.

The lawsuit alleges that Yelp runs an extortion scheme in which the company’s employees call businesses demanding monthly payments, in the guise of “advertising contracts,” in exchange for removing or modifying negative reviews appearing on the website. The plaintiff, a veterinary hospital in Long Beach, California, asked that Yelp remove a false and defamatory review from the website. In response, as set forth in the lawsuit, Yelp refused to take down the review. Instead, the company’s sales representatives repeatedly contacted the hospital and demanded a roughly $300 per-month payment in exchange for hiding or removing the negative review. Similar examples of Yelp’s unscrupulous sales practices have been widely documented in the press, including in The Wall Street Journal, The San Jose Mercury, and a series of articles recently appearing in The East Bay Express.

Source: http://yelpclassaction.wordpress.com/2010/02/23/yelplawsuit/

and read more at BusinessWeek. The article quotes how “Yelp’s revenue comes from restaurants, hotels, and other businesses that typically pay $300 a month to advertise on the site, which 25 million people visit each month, according to research service Compete. It’s a promising model.”

This is why our GrapeMojo.com will never sell ads on its website — if the subjects of your content (wine lovers, makers and sellers, in our case) are also its primary source of advertising, the conflicts of interest are bound to appear.

Email-to-SMS addresses for USA carriers

We had reason to look up the email-to-sms addresses for the major USA carriers; here they are:
T-Mobile: phonenumber@tmomail.net
Virgin Mobile: phonenumber@vmobl.com
Cingular: phonenumber@cingularme.com
Sprint: phonenumber@messaging.sprintpcs.com
Verizon: phonenumber@vtext.com
Nextel: phonenumber@messaging.nextel.com

Why HTML 5 is not a Flash Killer

Why HTML 5 is not a Flash Killer… or, said another way, why Flash is not going to die.

If you’ve been wondering if Adobe’s multimedia format Flash is in jeopardy (more importantly, whether you should still use it on your website) because of the lack of support from Apple (on the iPhone and iPad), read this good Wired article.

HTML 5’s video embed capability is not ready to replace the Flash swf format. More reading here.