Brook Schaaf crunches the numbers from an extensive siteadvisor study evaluating the safety of search engine results. MSN fared the best in returning safe results while ask.com was the worse (disclaimer: I own stock in Ask, Google and Yahoo) . Google? In the middle of the pack.

Since the end of February I’ve been using the Firefox extension for siteadvisor [hmm siteadvisor review] and like its easy red, gray, yellow and green color scheme for the safety of sites. Whenever I see red (unsafe), yellow (alert) or gray (no results found) I will rethink whether I want to visit the website or not. With the extension you can see the siteadvisor results proactively at the end of each search result. Very handy.

Another interesting part of the siteadvisor unsafe search results study that Brook also highlights: “Sponsored results were two to four times more likely than natural results to return something unsafe.” How’s that for instilling advertiser confidence?

Sterling wisely pointed out that the data is only as good as the submitters. From what I’ve seen after using this service daily for a couple months, the submitters and siteadvisor’s algos are pretty good at sniffing the trash. Siteadvisor is becoming my favorite Firefox browser condom.

Didn’t I just talk about not trusting most third party stats vendors (IE. Alexa) a couple posts ago? Check this screenshot out:

For those who don’t use Wordpress this is one of the sidebars in the admin area (default) which shows recent link activity reported by Technorati. You can click thru on the “more” part and be taken to Technorati most recent links to your blog.

Spammers and sploggers eating up their index? Momentary glitch? Thing is I’ve seen this happen several times before. I wrote about how abysmal Pubsub’s stats were here. Don’t get me wrong I think Technorati is atop the pile for what they do but this is simply more evidence that you can’t put too much stock in the numbers they — or any other third party tracking service — provide. And I certainly wouldn’t base any strong opinions or doom prophecies based upon them. They do provide a somewhat useful service and can be helpful sometimes, but their accuracy is seriously in question. I feel for them trying to police against the sploggers and spammers and it’s that a main reason nobody has bought their company yet.

I’ll take the Apache logs over any third party information when accuracy truly matters.

Windows Live Expo sounds like an event by the title and it’s actually more of a Craigslist-type site.

Expo is like the classified ads of your local newspaper. It uses geotargeting from you IP to figure out approximately where you (your host/ISP) is located and by default provide you with listings in a 50 mile radius. For example, pictured above, you’ll see it selects a 50 mile radius from Seattle for me.

If you are looking to buy or sell, find a roomate, hold an event like a garage sale, Expo could be of interest. Sign in with your .NET Passport and then edit your profile to include a profile and picture and link to your website. I would recommend getting in early to these things, even if you aren’t sure how much you’ll actually use it, just so you can claim your name. I was happy to see my name wasn’t taken (yes, sometimes it is).

Posting rules
It is free to post a listing as of this writing. Here are the rules (full code of contact here):

* Do not post or e-mail content that incites, advocates, or expresses pornography, obscenity, vulgarity, profanity, hatred, bigotry, racism, or gratuitous violence.
* Do not misrepresent the source of anything you post, including impersonation of another individual or entity.
* Do not post hateful or harassing content.
* Unsolicited commercial advertising, phishing, and affiliate marketing is prohibited.
* Do not post content or e-mail content that is intended to harm or exploit minors in any way.

Posting categories include: autos, events, housing, jobs, merchandise, people, pets and services. If you select ’services’ then subcategories will be available for: child care, commercial services, household services and commercial services. I chose commercial services and then the following sub categories were available: available, wanted, swap, free, recommended.

This got me thinking: what would be considered ‘commercial advertising’? If it was a commercial service offering a free service say like an insurance agency that offered free comparison quotes, would this be considered unsolicited commercial advertising or would this fit under the commercial free service? I realize this is stretching things, but where are the lines in the sand here?

Searching through the commercial services cateogory under “free” “available” results in listing like this one for AJAX training: http://expo.live.com/ViewListing.aspx?lId=4829

Notice how it’s not really ‘free’, but actually $599 USD per person for a 21 day course on how to learn AJAX. So is this a “cool listing” or should this be marked thumbs down as: “Help us keep the site suitable for everyone and report abuse by clicking here.”

I haven’t spent much time on these type sites but there seems to be a gray area with netiquette about how business related activities should be handled on posting to sites like these. I realize the whole “is it spam or not” thing is kind of vague sometimes. Would appreciate any feedback on my questions above from folks experienced with classified ad sites in general or of course anybody on the Expo team.

Naming gripe
If only they could drop the whole pretentious Windows Live part and just run with the title: Expo they’d be better off marketing-wise. I’m not the first to mention this, I’ve heard this in several other places. I think people are tired of Microsoft running branding amok: .NET. Windows, Live, yadda, yadda. The logo would be good enough. Also, what does Windows really have to do with Expo when I can access Expo from my Mac? (Rhetorical)

Good, good, gooooooood, good vibe-rations
Is it just me or is Microsoft coming out with more betas recently? AdCenter (and soon a rumored contextual ads for webmasters called ContentAds), Live.com, Office Live, Street view. Despite none of these being final products, it might be time to revise my thinking that they aren’t ’shipping’ as much as they should/could. Certainly a positive trend to see. Keep this up, Microsoft.

Recently a guy trying to win an SEO contest literally dialed up Robert Scoble and begged for a link to his site. Scoble decided to be a nice guy and link up the site since he doesn’t get many phone calls like these. And in his blog entry Scoble pointed out that he doesn’t want to get many phone calls begging for links heretofore, so put the phone down (I’m joking).

Besides the fact that generally speaking these type of SEO contests leave a bad taste in my mouth, I took a look at the guy’s site and noticed he had an infringing copy of Paul Neave’s Flash version of Pacman which Namco had asked Neave to take down. How did I know about this? Am I just a Namco cop? No, awhile back I enjoyed playing Neave’s Pacman on another website (and held the high score too) and was bummed to hear that he didn’t get the rights to use any of the licensed images/sounds/characters from Namco. A port of a game I liked turned out to be illegal. It is the best Flash version of PacMan out there, bar none (that I’ve played anyway, anybody seen better?), and Pacman is one of my favorite games of all time. Namco should have worked something out with Neave, but that’s another post for another day.

[Aside: similar infringement is happening with one of the GoogleModules by someone named Kim Schultz who fit this unlicensed, unauthorized game inside a Google module, claiming it was “freely available on the web” when in fact it isn’t according to Namco and the game’s creator, see here: “… due to legal constraints surrounding its misuse of Namco’s trademark and copyright. Sorry about that.”]

Anyway, the main concern wasn’t Pacman, it was the SEO contest. I pointed my questions out about these SEO contests — are they cool? — to Scoble thinking he might be willing to approach the MSN Search team and get their feedback. Still no word on that one, but it’s the weekend so maybe he’ll ask next week. Being I’m one of the recent Search Champs, I probably should just ask myself (and maybe will do just that). Also, I thought he might want to know what he was linking to. The guy quickly took down the DMCA violating Pacman and refuted my concerns about the SEO contest being any sort of blackhat activity.

I remain curious about how the search engines treat these SEO contests. When they are for nonsense words like the contest in question, I can’t see them doing much harm, but when they target common terms like backgammon (different contest), it makes me wonder. These SEO efforts in some contest could knock down the legitimate results for these keywords and thus degrade the search results experience.

In a later comment, another one of the SEO contestants poked fun at my comment by writing:

Creativity is the opposite to writing comments about trademark issues for old pacman games that´s no one intrested in hearing. Lol

Of course I can see the smiley and lol and realize this individual isn’t that serious, but the “oh it’s no big deal” nervous laughter is ironic. My comments weren’t intended as some pedantic rant. I’m starting to believe that this is how more and more people really feel about copyrighted content on the internet these days.

Although I loathe to side with the MPAA or RIAA on anything, because I think they have been bleeding consumers and artists dry, they do have something at least partly right: some people act like all content on the web should be and is in the public domain.

This is why a copyright message is pretty much meaningless as a deterrent on the web. Take Perfect 10 vs. Google recently and you have the splog effect piling up on people. I spent some time in the comments of that recent post trying to explain the case which on its face sounds like Perfect 10 is trying to stop indexing of the web (they’re not).

Solutions?
So how does this end? If each publisher — each webmaster — can be more responsible, myself included, by carefully examining what we are linking to will that make a difference? Given the current environment, I don’t think so.

When you link to a site and then they change or redirect the page you linked to and point to something you would not have linked to (like some illegal content, or redirected to an unrelated affiliate program, etc). This is the part of the web that is broken and always has been, that linked in content can be changed or disappear literally overnight. I’ve complained about mainstream news sites doing this frequently to bloggers. Just go back into your favorite blogger’s archives and you are bound to find dozens of broken links.

Which unless the blogger does a good job of restating what is in the link instead of just pointing to it means broken context. Then you have the search engines pointing to the blogger because the original content is broken and all is left is broken context.

Broken context.

Yes, caches do help and maybe that’s the direction the real next iteration and advancement of the web will move. The current web 2.0 crop (argh, I said a dirty word) isn’t doing anything about this problem, but it’s a big one I see that needs solving (and I freely admit not having one). I’ve written about this before but I believe this fundamental flaw in the internet will continue to become increasingly significant if some sort of larger caching scheme doesn’t come into play. Some fallback position that will cause every link that’s changed to revert to a cached copy instead of the new/redirected destination, thus maintaining the original intention of third party links.

The old cliche you are what you eat, doesn’t apply here. Neither does you are what you link — because links can and do change. And so we’re left with: you aren’t what you link.

As a means of preparing content for tomorrow today, bloggers especially might want to make sure they create posts which don’t rely too heavily on the content they link to, otherwise a lot of their content in the years to come will be worthless. And the search engines that are filled with links to their blog entries? Worthless too.

Any smart readers have a solution to this issue? Or do you think I’m making it a bigger issue than it really is? Just look at the term “permalinks” for blogs. Ask yourself, seriously, are they really permanent? How can anything be permanent on the web? Misnomers everywhere.

Related posts
May 27, 2005: When 3rd Party Links are Changed and Broken
Feb 2, 2006: Dynamic links are newspaper’s weapon against unwelcomed deep linking

I think every comment moderation section needs a brief, but helpful guide for identifying comment spam, so let’s see if we can put our collective brains together and come up with a list, here’s seven sure signs:

1. Blame the name (with ego stroke): I love reading your blog, well said, you really know what you are talking about and my name is adobe acrobat
2. Hyphen horny: this-is-my-keyword-loaded-viagra-domain.com.
3. Unrelated nonsense: My comment has absolutely nothing to do with what you are talking about — insert unrelated link — but I thought you might like to know my long rambling and completely incomprehensible run on sentence that doesn’t make any sense but seems to fill some word limit to look like it is, or perhaps might be, genuine.
4. Keyword diarrhea : some, keywords , separated, by, commas, over, and, over, and over, and over, and maybe over again and sometimes over without using commas over.
5. Programming run amok: comment that just says: array (this is what happens when you try to echo an array in PHP)
6. Hyperlink frenzy: Just nothing but hyperlinks. Doh!
7. Comment good, URL spam: The comment itself seems legitimate and on topic, but uh oh, look at where their URL leads — spam hell.

Have more sure signs it is comment spam to add to the list?

Longtime readers and perhaps very perceptive new readers will figure out that I’m fairly cynical about people online. I don’t believe most of what people say on messageboards and if I’m burned by trusting somebody online one time, that’s usually enough. After meeting somebody from online offline I tend to be much more trusting. Bloggers who don’t tell me anything about who they are or what they are up to fit into the instantly suspicious category.

Sorry, there are just too many phonies online. Call me internet battle scarred. I’ve seen too many good people scammed by some loser. I’ve seen fake charity drives, fake help somebody out that is dying when they aren’t really dying, fake, fake, fake.

With this in mind, that’s why I’m not surprised to see this alleged activity this morning about Nvidia via BoingBoing:

Nvidia stands accused of hiring online actors to create dozens of personae in online forums, where they won gamers’ trust by talking about subjects unrelated to Nvidia’s products, and then splurged in an orgy of sock-puppet boosterism of Nvidia’s stuff.

What seems odd to me about this is that Nvidia already has good graphics cards, so why would they need to be out shilling their product further? There are really only two major graphic cards companies: ATI and Nvidia, at least as far as home/small business graphic card purchases. I’ve had trouble getting Nvidia graphic cards working with Linux but been overall pretty happy with them in Windows systems.

If this allegation turns out to be true, I could maybe understand this aggressive marketing activity if there were dozens of graphic cards company, but is that business really this cutthroat that Nvidia would need to do something like this?

In 2006, can’t trust what some stranger on a messageboard says to be without ulterior motives. This would be a total non-issue if these alleged shills had simply disclaimed their affiliation in their tagline or profiles or better yet: both.

Hey, I’m concerned about Kama Sutra too. Nothing like getting down with the ancient indian text on sex.

My wife just leaned over and said: “Apparently there is a new virus going around. Am I gonna get this one?”

Bummer, different Kama Sutra!

Somehow she became a victim of the last one, that Zotob monstrosity that just booted and rebooted Windows 2000 machines.

We try as a general rule not to cover viruses that often on Hmm because I think that only feeds the pain. Plus I think most Hmm readers are pretty savvy about this type stuff and won’t be prey to these bastards. However, if you haven’t already been bombarded with the Kama Sutra news this morning and are still curious about what that other Kama Sutra that you don’t want to catch see Lifehacker for details

As always, be careful out there fellow netizens.

Scoble is concerned about how hard it is to find email contacts for bloggers. He mentioned this awhile back and at that time I updated my picture on the homepage of this blog with office telephone number, Skype and email address. I’m somewhat curious what blogger he is having such a hard time communicating with that doesn’t have any sort of trivially searched preferred contact method?

Must admit that I rarely find trouble contacting people online. Readers, do you have trouble contacting people online?

I think part of the problem with Robert’s analogy is he seems to assume everybody prefers email as their primary contact method. I sure don’t and have said so several times. Therefore, I don’t make the assumption others prefer that method of contact either. This isn’t the same as saying: don’t ever email me, so please don’t be confused, it’s just that those who send to any public accessible email address are more likely not to receive a response. Better, more reliable, less time consuming ways of contacting me have been posted several times and I continue to encourage folks whom don’t have my non-public direct email addresses (which more than likely guarantee a response) to use those preferred alternate contact methods.

In this post on April 1, 2005 I laid out my primary preference in contact methods and email was last on the list and here nearly a year later it still is last on the list:

Email. This our the least preferred method of contact and actually, due to the volume of email received daily, doesn’t reliably guarantee a response. If it’s important then I would suggest using one of the other four methods [comment/trackback to blog, call, skype or IRC]. With this in mind, my email address is listed on our business contact page.

We are a small developer shop. There is me, one part time accounting person and another part time person, and that’s all for managing many different commercial and non-commercial websites. We don’t want to expand beyond this amount of help at this time and in order to manage this tiny group (where me, myself and I are the primary employees) time spent on tasks needs to be — and is — carefully managed.

Our business contact page has been on the web since 1999 and my public business contact email hasn’t changed during that time. Of course that has become one of my most spammed email addresses and biggest time liabilities (FU spammers). Anybody I talk to via the other four methods above almost without exception receives a different email address with the caveat: “please do not put this email on any list, this is my direct email address.” My direct email addresses get much more response activity than the public ones.

Still, I’ve had to change direct email addresses several times because people have failed to honor this request and put me on lists anyway. And sometimes I’ve given the email out to a list where it was promised it would not be published and it still was published anyway at a later date in time .. and once it was published the spam was not far behind. Argh.

We are using multiple methods of spam filtering and I remain disappointed by the number of false positives that these methods result. I’ve found it’s more reliable telling people to call, comment on the blogs, Skype or use IRC as opposed to sending email (to our non-direct email addresses). Ironically, I once had great difficulty contacting Scoble via email. His response? He never received the emails.

As readers know, I just got back from Search Champs and yesterday decided to send email to the coordinator — from what I thought was a whitelisted email address — and Microsoft’s filters bounced with the message:

your e-mail was rejected by an anti-spam content filter on gateway (IP redacted). Reasons for rejection may be: obscene language, graphics, or spam-like characteristics. Removing these may let the e-mail through the filter.> (in reply to end of DATA command)

My email contained a detailed list of recommendations for MSN Search.

[sigh]

Enough of my email challenges, how about you? How do you handle contact email for your online presence? Do you publish your email, unobfuscated? Do you do business with the public and find that filtering costs you business?

Two years ago at the World Economic Forum in Switzerland Bill Gates was reported as predicting that spam would be dead in two years, then one year ago I pointed out that 80% of experts said his prediction was unrealistic. Yesterday, Todd Bishop from the Seattle PI points out that the time is up and — surprise, surprise, not — the prediction came up short.

Although some media reports interpreted Gates’ 2004 World Economic Forum comments as portending the absolute death of spam, the Microsoft chairman tried to adjust expectations in subsequent interviews, saying that spam would still exist, but be much less common.

Let me get this right, the truth is that Bill Gates never really predicted the death of spam, he predicted the reduction of spam? Ahh yes, much easier prediction. This all sounds very Clintonesque to me. What is the meaning of getting rid of spam? How is this determined? The Seattle PI post makes it clear that the definition of reducing spam is in the eye — and technical aptitude — of the beholder.

To be fair, Microsoft and others over the last couple years have put the hammer to several larger spammers legally and monetarily and have made improvements on their Hotmail service in spam filtering, so there was some movement toward Gates’ vision. For those still feeling the spam pain, in February 2004, I posted 9 user email survival tips that are still fairly relevant.

We also found out in December 2004 that Bill Gates received about 4 million emails a year, down from the Steve Ballmer erroneous estimation of 1.4 billion emails per year.

In February 2004 Gates also predicted the death of the password. Though he gave no timetable on that prediction, Gates said: “There is no doubt that over time, people are going to rely less and less on passwords. People use the same password on different systems, they write them down and they just don’t meet the challenge for anything you really want to secure.”

Wrong again.

At least in my case, I’m still using the same password management system I was using two years ago on every computer except for my Tablet PC which has biometric (fingerprint) security built-in, but even there it is required to drag and drop a key on the password field to tell the OmniPass system to remember the password. And what if the OmniPass system gets corrupted somehow? I still would need to know what passwords are there. Though the biometric system has been pretty good, it hasn’t worked flawlessly. Strangely, sometimes the system boots up and Omnipass doesn’t run so I need to type in passwords manually anyway.

The password zombie still walks among us.

Bottom line: marginal improvement on the the spam front in two years and needing to track and remember passwords with some system are still in every day use. In Gates defense, he has also been quoted as saying that his predictions don’t always come true as quickly as he’d like. Bingo.

I hope I’m not hiding my total disgust for any company that hides crap on our computers. What Sony BMG did with the whole rootkit stuff was the kind of activity you expect from something that slithers through the grass. Now, Symantec joins their reptillian cousin having to acknowledge the existence of a rootkit-type feature in Norton SystemWorks.

The anti-virus vendor acknowledged that it was deliberately hiding a directory from Windows APIs as a feature to stop customers from accidentally deleting files but, prompted by warnings from security experts, the company shipped a SystemWorks update to eliminate the risk.

If we can’t trust the anti-spyware, anti-virus vendors who are charging us for definition updates and their software than who do we trust? Sheesh, this news is only good for security professionals who help discover this type of garbage and alert the rest of us to who’s spiking the punch.