Posts tagged need
Need a Beer? KegDroid Has Got You Covered!
May 1st
Do you love beer? Do you love Android? Meet KegDroid, a revolutionary new way to get your beer! Designed by a Google employee, KegDroid’s design lets you select and order your beer at the click of a button and then dispenses your favorite brew.
View full post on Search Engine Watch – Latest
Why Link Builders Need To Do More Than Just Build Links
May 1st
In the past few months, link building as we’ve known it has been totally shaken up by three major events: Google anounced that they were changing how they view links (nicely recapped here:) Pandamonium! Certain large blog networks were devalued and webmasters started to receive warnings about…
Please visit Search Engine Land for the full article.
View full post on Search Engine Land: News & Info About SEO, PPC, SEM, Search Engines & Search Marketing
The CISPA Amendments We Really Need
Apr 26th
The goal of CISPA, the Cyber Intelligence Sharing and Protection Act – the latest cybersecurity legislation pending in the House of Representatives – seemed so simple in the beginning: From time to time, security companies need to provide information about possible threats to government authorities so they can take action. When you write that idea down on a napkin, it makes sense. When you base legislation on what you wrote on the napkin, it becomes the next target of the Internet rights lobby.
The problem is that we live in an era when almost any system that can be exploited will be. The Internet is one example. The law is another.
You can’t disagree with what the napkin version of CISPA implies: Government alone cannot provide information security. When it’s put that way, everyone could get behind it. There are plenty of political ideas that, when presented as cleansed, bleached and distilled bullet points, immediately garner broad public support. The challenge lies with implementing these bullet points in a system that can’t be exploited. If SOPA taught us anything, it’s that anyone can exploit a system.
First, Shut Down Everything
The problem with CISPA’s original draft is that it would establish policies in a way that invites exploits. Any network admin will tell you that the best network access policies are implemented as restrictions with exceptions. You turn off all access, and then you create a whitelist of specific identities or functions that may bypass that roadblock. And then you establish a comprehensive audit trail around that bypass.
Yesterday evening in The Atlantic, Alexander Furnas made the point that CISPA is bad policy, at least insofar as it was originally crafted. He’s right in ways he didn’t get around to enumerating. While the basic principles of its author, House Intelligence Committee Chairman Mike Rogers, R-Mich., may be laudable, CISPA wasn’t built for the Information Age. Specifically, it sets up a channel for security agencies and security companies to talk about stuff that may (a very interesting word in this context) apply to cybersecurity.
This sharing of cybersecurity-related information between private and public agencies may entail the disclosure of personally identifiable data, or information that can be combined with such data to reveal other hidden characteristics (using what software vendors refer to as analytics).
Yes, there needs to be a way to accept that this sort of issue will crop up when information is being shared, and to excuse it so that every security issue doesn’t end up being resolved (or not) in a courtroom.
No, No, No “Notwithstanding”
But it is no longer good policy to simply legislate that certain information that may fall within a certain context may be shared; that anything that violates privacy may be excused; and that, worst of all, any law that says such violations may not happen may be overlooked.
That’s the danger of the clause that, even after Rogers’ first set of amendments last week (PDF here), remains in play – the one that begins, “Notwithstanding any other provision of law.” But many of the advocacy groups that seized on this clause did so in such melodramatic and apocalyptic terms as to invite reasonable people to defend it.
Yet there really is a problem with a policy that says, “Ignore everything else and treat this as paramount.” That’s not the type of exception that good information systems policy requires – the kind that creates a limited way around a blanket restriction. Instead, it is a weakening of links in the legal chain, and any weak link is likely to be exploited.
One fear is that such an exploit will come from rights holders who argue that compromising the security of a network in order to commit copyright violation is a threat to the nation’s economy and thus, by extension, to national security.
When you distill an idea to its basic bullet points, it’s harder to disagree with it. That’s why TV political ads are 30 seconds long instead of 30 minutes.
In reality, though, the theft of intellectual property is a legal matter, and should not be treated as a “cyber threat.” So the second set of Rogers bill amendments is quite welcome. They help define terms and refine the context of the discussion.
For example, the revised Definitions Amendment (PDF here) redefines “cyber threat information” using phrases such as: “information directly pertaining to… a threat to the integrity, confidentiality, or availability of a system or network of a government or private entity, or any information stored on, processed on, or transiting such a system or network.” Granularity is good.
A CISPA Whitelist
Now for the next step: a new set of recommended CISPA amendments. Rephrase the new policy the way a good admin would: as a prohibition against the distribution, without court order or lawful mandate, between private entities and government security services, of any information that may be used to identify or characterize a U.S. citizen. Start with a blank slate.
From there, use the classifications in the latest Definitions Amendment as exceptions. Stipulate that these are the circumstances in which exceptions must be made to protect vital national security interests.
Then, establish an audit trail. State that all transactions must be registered, and the log of those registries may be obtained by public request, pending the approval of a judge.
The danger is that this ideal may be boiled down to its bullet points to garner opposition:
- Government must not be open.
- The free flow of information is dead.
- People don’t have the right to know what’s being shared about them without a judge’s approval.
With the master’s touch of a political activist, almost any beneficial idea may be spun to sound fascist.
My 30-second rebuttal: We do need something like CISPA, but the privacy of American citizens and the national security of the United States are too important to be left to intentionally vague regulations and legislation. That’s the wrong kind of openness. With each set of CISPA amendments, however, a viable solution is coming closer.
Scott M. Fulton, III is the author of this document and is solely responsible for his content. He will appear live on NTN24 (DIRECTV 418) Friday, April 27, at 12:30 EST/9:30 PST to talk CISPA with Monica Fonseca.
Stock images by Shutterstock.
View full post on ReadWriteWeb
What Web Users Need to Know About SPDY
Apr 19th
Slowly but surely, SPDY (“speedy”) is becoming more widely used. The Google-backed protocol, a modification to HTTP, is designed to help reduce latency and bolster security. Even if you don’t manage a Web server yourself, you should know about SPDY and what it offers to you – and the Web at large.
SPDY has been in development for a couple of years, but a few things will start to accelerate its deployment.
First, Google has put out a SPDY module for Apache, which will make it much easier for organizations to deploy SPDY. Nginx is expected to have an implementation by end of May. That covers a huge chunk of the server market already.
Second, SPDY should be on by default in Firefox 13, and Chrome (and Chromium) already supports SPDY. Which means that organizations have more incentive than ever to start turning on SPDY.
What SPDY Is, and What It Offers
SPDY is a two-layer HTTP-compatible protocol. To break that down into more manageable terms, SPDY is like HTTP, but with additional features designed for today’s Web. The “upper” layer provides HTTP’s request and response semantics, while the “lower” layer manages encoding and sending the data.
The lower layer of SPDY provides a number of benefits over standard HTTP. Namely, it sends fewer packets, uses fewer TCP connections and uses the TCP connections it makes more effectively.
A single SPDY session allows concurrent HTTP requests to run over a single TCP/IP session. As Patrick McManus writes in SPDY: What I Like About You, it’s great for high-latency environments “because a resource never needs to be queued on either the client or the server for any reason other than network congestion limits.”
SPDY cuts down on the number of TCP handshakes required, and it cuts down on packet loss and bufferbloat. Says McManus, “SPDY’s parallelism, by virtue of being on a single TCP stream, leverages one busy shared congestion control block instead of dealing with 36 independent tiny ones. Because the stream is much busier it rarely has to guess at how much to send (you only need to guess when you’re idle, SPDY is more likely to be getting active feedback), if it should drop a packet it reacts to that loss much better via the various fast recovery mechanisms of TCP, and when it is competing for bandwidth at a choke point it is much more responsive to the signals of other streams – reducing the over buffering problem.”
There’s currently a lot of redundancy and bandwidth wasted in HTTP headers. SPDY compresses HTTP headers, which means that fewer bytes have to be transmitted between client and server.
All that adds up to serious performance improvements. According to Google’s initial whitepaper on SPDY, you could see “a speedup over HTTP of 27% – 60% in page load time over plain TCP (without SSL), and 39% – 55% over SSL.”
Security
In addition to better performance, SPDY is also more secure. Despite the best efforts of the Electronic Frontier Foundation (EFF) and others, we’re a long ways away from HTTPS Everywhere – which means that most Web traffic is still sent unencrypted.
That will be a thing of the past with SPDY. Current implementations of SPDY mandate SSL, which isn’t universally liked but seems the best way to nudge the Web forward to encrypting traffic most of the time.
Push and Hint
Finally, SPDY adds two new mechanisms that will also help speed up the Web. Server Push and Server Hints.
Just what it sounds like, Server Push will send resources to clients without being asked. If you request a Web page URL, for example, SPDY might also decide to send down images associated with the page even if they’ve not been requested yet. Note that there’s a potential downside here, since servers could wind up sending redundant or unneeded content.
Server Hints doesn’t send the content, but it does send the URL so that the client can decide if it needs it. If the content isn’t cached, a browser or other SPDY client can then make the request a bit faster than it might have otherwise.
Getting SPDY
The only, or at least the major, problem with SPDY? You need SPDY support on two ends to make it work. You need a browser that supports SPDY, and Web servers that are delivering content using SPDY. If you’re one of millions using Chrome, you already have SPDY support. If you’re using Firefox, SPDY support will be the default with Firefox 13. Note that Firefox 11 already supports SPDY; you just have to turn it on manually. It’s unclear when other browsers will support SPDY, but it may be awhile before you see SPDY in Internet Explorer or Safari.
Very few websites support SPDY at the moment. Google, of course, has been rolling out SPDY. Twitter is also offering SPDY. But it’s going to be some time before most users see the effects of SPDY across all or even most of the sites they visit. But the odds are good that you’ll start seeing a significant benefit from SPDY before you’re using IPv6 at home.
View full post on ReadWriteWeb
Four Things You Need To Know About Search Retargeting
Apr 18th
In two very short years, search retargeting has been created, tweaked and matured to the point where most serious marketers already have it on their media plans or are considering it for a 2012 test. In short, search retargeting finds those individuals who have searched for a term that matters to…
Please visit Search Engine Land for the full article.
View full post on Search Engine Land: News & Info About SEO, PPC, SEM, Search Engines & Search Marketing
We Need Internet Access on Mars
Apr 17th
Today’s theme is the interplanetary Web. We’ve reached the point where saying “the Worldwide Web” sounds goofy, and www. in a URL looks outdated. It’s still accurate, though. The Internet feels infinite, but it’s still limited to our one planet.
Not for long, though. There’s a conference this week bringing 20 spacefaring nations together to discuss technical standards and engineering challenges for designing the interplanetary Web.
And we may actually need interplanetary Internet access someday. There’s amazing new time-lapse video of Earth and the International Space Station, proving that our species actually has the mind and muscle to get off our world.
But the biggest off-world story today is the end of an era. The space shuttle Discovery has been ferried atop its 747 chariot to the Smithsonian in D.C. Lots of people paused in their days to take pictures.
The Atlantic Video has an Instagram shot that proves the instant-nostalgia value of those photo filters.
Drew Breunig responded to that shot with a deep interpretation.
“Riding on the back of a jet is perhaps the most mundane task the Space Shuttle ever performed (until it sits in the Smithsonian). But by doing so in casual view of a major population center during a (beautiful) work day it will become a viral hit, stoking nostalgia for our late age of discovery after we cut it’s budget.”
One of our favorite galleries is from Joel Housman, who went down to the Mall with heavy duty hardware and took some awesome close-ups.
But one of the most fitting, understated goodbyes to the shuttle is this video from Spaceflight Now, which frames its departure in a no-nonsense, NASA way.
What stories blew your minds today? Share them in the comments below, and we may feature them tomorrow.
Lead image credit: Alex Lutkus/ESA via KurzweilAI
First space shuttle photo: The Atlantic Video
Second space shuttle photo: Joel Housman
View full post on ReadWriteWeb
What You Need to Know About CISPA
Apr 16th
Battle lines are being drawn over the Cyber Intelligence Sharing and Protection Act of 2011 (CISPA). It’s a bill that would make it easier for private companies and the U.S. government to share user information concerning possible cyber threats. Microsoft, Facebook and a host of other technology companies are supporting the bill, but many digital rights groups fear that CISPA is another version of the Stop Online Privacy Act… but worse.
What Is CISPA?
CISPA is different from SOPA and PIPA in that it’s not primarily about piracy or privacy issues. Instead, it’s intended to help fight cyber attacks.
But the bills share similarities that raise red flags with digital rights advocates. Foremost, the language of CISPA is vague, broad and leaves much open for interpretation.
CISPA would amend a current law that defines how cyber threat intelligence information is used between the U.S. intelligence community and the private sector. Currently, that’s often difficult or prohibited. CISPA would remove that firewall.
It would be a two-way street, where the intelligence community could give private entities information (with proper security clearance) and would allow companies to voluntarily share information with the government. The bill does not say that companies must share information with the government.
The procedural elements are not what makes the bill concerning. The issue is how things in the bill are defined. This is where the vagueness comes in.
- Cybersecurity Provider: “A non-governmental entity that provides goods or services intended to be used for cybersecurity purposes.”
- Cybersecurity Purpose, Cybersecurity System, Cyber Threat Information: “[An entity] designed or employed to ensure the integrity, confidentiality, or availability of, or safeguard, a system or network, including protecting a system or network from:
Efforts to degrade, disrupt, or destroy such system or network; or theft or misappropriation of private or government information, intellectual property, or personally identifiable information.
What are “goods and services intended to be used for cybersecurity purposes?” A Facebook status update was never “intended” to be used for cybersecurity purposes. Yet, under this law, a Facebook status update could be seen in a variety of ways. The wording of the definitions leaves it open for the government to request information from Facebook (or any other digital information service) over the smallest of updates.
Who Supports CISPA?
The bill is sponsored by two representatives:
- Rep. Mike Rogers, chairman of the Permanent Select Committee on Intelligence. His office wrote the bill.
- Rep. Dutch Ruppersberger, ranking member of the Permanent Select Committee on Intelligence, as well as a member on the Subcommittee on Emerging Threats and Capabilities.
- The bill is cosponsored by 106 representatives. See the full list here.
- In addition, CISPA has a letter of approval from 28 large technology corporations and organizations. That includes Microsoft, Facebook, Intel, IBM, Oracle, Symantec, Verizon, AT&T and CTIA.
Who Opposes CISPA?
- There is a competing bill in the House of Representatives sponsored by Rep. Dan Lungren (R-Calif.) titled, “Promoting and Enhancing Cybersecurity and Information Sharing Effectiveness Act” (the PRECISE Act). The Center for Democracy and Technology opposes CISPA but supports Lungren’s bill.
- Civic organization Avaaz.org has collected more than 600,000 online petitions opposing CISPA. The Electronic Frontier Foundation published a paragraph on its site titled, “Don’t Let Congress Use ‘Cybersecurity’ Fears to Erode Digital Rights.” The Constitution Project’s Virginia Sloan sent an open letter to “editorial page editors and writers” urging them to scrutinize CISPA.
- Hacker group Anonymous also opposes CISPA and has launched attacks against corporations that have stated support of the bill.
Does It Stand a Chance?
From a legislative perspective, CISPA is in a stronger place than SOPA ever was. It enjoys bipartisan sponsorship from Rep. Mike Rogers (R-Mich.) and Rep. Dutch Ruppersberger (D-Md.) and has 106 cosponsors in the House of Representatives, including the likes of Darrell Issa and Michelle Bachmann. Issa, as many will recall, was a staunch opponent to SOPA and holds influence as the chairman of the Oversight and Government Reform Committee.
What’s Next?
CISPA made it through a Congressional committee in December with a 17-1 vote. It is currently being amended before going to a vote before the full House of Representatives on April 23.
The CDT, EFF, Demand Progress and the American Civil Liberties Union will launch a week-long campaign next week ahead of the voting on CISPA to protest the bill and educate citizens, and persuade them to contact their members of Congress to voice their concerns.
We will see if the anti-CISPA fervor reaches the level of the protests against SOPA and PIPA, but with some of the biggest technology companies supporting the bill, widespread blackouts are not likely.
View full post on ReadWriteWeb
3 Things You Need to Know About Google’s Earnings Call
Apr 12th
Google reported earnings from the first quarter of 2012 today, and it looks like the Mountain View company is running as strong as ever – or at least stronger than at the end of last year. Revenues for the first three months of the year came in at $10.65 billion, an increase of 24% from the first quarter of 2011. Google is still a one-trick pony when it comes to earning money, with 96% percent of its revenue coming from company-owned websites or network partner sites. Advertising is still the name of the game for Google.
View full post on ReadWriteWeb
When Do Startups Need In-House IT Help?
Apr 11th
An ill-timed technology meltdown can be catastrophic for a vulnerable startup. Perhaps you are about to blast an email marketing message, or just trying to find an important file. And then it happens: frozen computers, corrupted files, wireless blackouts.
Whatever it is, it needs to be fixed fast.
That much is easy to figure out. Much harder to answer is what’s the best, most efficient way to prevent and cure these kinds of potential catastrophes.
Sponsor
Technology meltdowns are not just a theoretical concern. I know, because my own startup has been hit with them. I had one standing at the Geek Squad counter in my local Best Buy. On another occasion, I stumbled sobbing through a Walmart in Fergus Falls, Minn., at midnight – thousands of miles from home – because I somehow broke my laptop, and faced two looming deadlines.
Your company’s meltdowns will be different, but all startups are vulnerable one way or another.
Most startups have the ability to fix the small stuff, either on their own, with the help of expert friends or colleagues, or with a quick call to a local IT consultant. But at some point, you risk running out of either answers or time. Even if you’re a star coder, as your business grows there will come a moment when you’re going to need IT help on a full-time basis.
But how do you know when that moment comes – when is the right time to stop outsourcing your tech support needs and actually hire an in-house IT person?
I put that question to Greg Marks, an IT consultant and software specialist at O’Neil Software, based in Irvine, Calif., who has talked me through many an IT crisis. Marks suggests that you first consider the size of your company. He says, “Getting to 20 systems is usually a common breaking point when companies have to move IT staff in-house.”
Of course, the type of business you’re building and the nature of your IT needs will also influence that decision. As Marks explains, “Companies that rely on having a Web-based presence to get their messages out or sell products online likely have a greater need for an in-house IT person. If their websites go down, then they are essentially shut down. Having an IT person on staff constantly maintaining the network and site is vital because it prevents problems and allows for faster resolution of issues.” Also, he adds, “If your data is critical to your business, then it is worth having an IT person on-site to maintain all your hardware and software, as well as ensure that the systems are always backed up.”
Make sure to stay on top of how your IT is functioning. “Too often companies only [worry about] IT during startup,” warns Marks, “and then never engage with the outside contractor again, or don’t consider bringing someone in-house until a major crisis hits.” At that point, Marks says, it may be too late. “I have seen firsthand companies lose key databases and years of information because in-house IT services were never considered, or the IT person that they contracted with had no vested interest in the organization.”
Create an IT plan now, before a crisis hits… or your promising startup might never really get off the ground.
Image courtesy of Shutterstock.com.
View full post on ReadWriteWeb
5 Things the Experts Say You Need to Know About the Facebook-Instagram Merger
Apr 10th
Depending on which hastily pasted-together analysis you believe, Facebook’s $1 billion acquisition Monday is reason enough to close your Instagram account, and Facebook is going to ruin Instagram. We’re not buying it, so instead we spent Monday interviewing a dozen experts for their thoughts and opinions on the deal.
All agreed that the deal is big, but only time will tell how big. In the meantime, they gave us five areas to watch, as the Instagram acquisition may very well shift how Facebook views content and serve as an acknowledgment that the Web is becoming increasingly visual.
Sponsor
“What’s the deal worth, by normal analysis, not pie-in-the-sky valuations? Zero! Or next to zero. But so was Youtube before Google bought it and flipped it into a money-making magnet.” – Bert Martinez
“It will take months to know what it means for Facebook. The price is eye-popping, but then, so is Facebook’s expected valuation. What’s ultimately important is, did Facebook CEO Mark Zuckerberg see this acquisition as an opportunity or a necessity?” said Brad Allen, investor relations expert at KC Associates. “The acquisition coming in front of Facebook’s IPO looks defensive. If the social media juggernaut is going to be able to justify its heady valuation, it needs to be the only rocket ride available for traders to jump on.”
While there are concerns with any acquisition of this magnitude, the people in the know seem to be cautiously optimistic that this deal will benefit three sets of stakeholders: Facebook investors, Facebook users and Instagram users. What follows is a summary of insight we received in interviews with more than a dozen social media experts and investors Monday.
Subtle Shift: Facebook Sees Future in Content Creation
The biggest hidden message in Facebook’s move Monday is acknowledging it has not paid enough attention to the content-creation side of social, according to Matthew Siegel, co-founder of Indaba Music, a musician collaboration and marketing platform.
“Before Instagram, Facebook was used exclusively to share content – it didn’t provide tools to actually create content (with the exception of typed status updates). It left creation to others – notably Zynga for games, native camera applications for photos, and record labels/Spotify for music,” Siegel said. “The Instagram acquisition signals Facebook’s recognition that it is important to have a hand in the creation of content… I may spend two minutes shooting and reshooting a photo that my wife is finally happy with, but only four seconds posting that photo to Facebook.”
Instagram Addresses Concerns About Facebook’s Mobile Strategy
Considering that Instagram secured funding just last week based on a valuation of $500 million, there are valid concerns that Facebook may be overpaying for Instagram by paying $1 billion. But there are two reasons why people who will buy shares in next month’s initial public offering of Facebook should be encouraged.
First, as we noted yesterday, it shows Facebook is willing to find new revenue streams, even as user growth slows and its advertising strategy flounders. But it also addresses one of the biggest concerns raised by potential investors: Facebook’s ability to grow in mobile.
“Instagram is the most popular mobile-only social network and the overall sixth most-used iOS app, reaching 10% of all iPhones,” said Guy Rosen, CEO of Onavo, an app download service. “Considering mobile is Facebook’s biggest challenge, as clearly laid out in their S-1, acquiring the breakout mobile-only social network is a natural move.”
Facebook is Acknowledging a Shift to the Visual Web
Michael Downing, founder and CEO of social video service Tout sees the acquisition as a reaction to services like Pinterest. Indeed, Mark Zuckerberg has previously signaled that he likes the Pinterest model of site design.
“In a general sense, this acquisition on the heels of the dramatic growth of Pinterest in the last few months is a massive reflection of just how fast the Social-Stream is becoming visual in nature, meaning evolving social engagement driven purely around visual media, not text – and just how valuable that will inevitably be to every major participant in the social media landscape,” Downing said. “This is a huge endorsement of the shift to the visual web and visual conversation in a social media framework.”
Facebook is Still Facebook, Instagram is Still Instagram
Yesterday’s headlines made a big deal about the value of the deal, but keep in mind that Facebook is projected to be worth more than $100 billion following its IPO. Jason Cieslak, managing director at branding firm Siegel+Gale, thinks it’s a good deal for both companies, but not as massive as yesterday’s flood of headlines might suggest.
“There is a cautionary tale in this space where this has been done before: Flickr being acquired by Yahoo, and even HP’s purchase of Snapfish,” Cieslak said. “I think it is safe to say that neither acquisition was a massive impact for both companies. Nice, but not transformational.”
All That Said, This Deal May be Worthless
Keep in mind that Facebook is paying $1 billion for a company with no business plan and that was valued at $15 million just one year ago. Money isn’t everything – Instagram has, after all, created a product that people love and, more importantly, encourages them to engage, create and share content.
But money is something given that Facebook will reportedly have its IPO next month. Marketing consultant Bert Martinez doesn’t expect the deal to impact Facebook’s IPO one way or another and says an Instagram merger was inevitable, given the company has been courted by both Facebook and Google in recent months.
“What’s the deal worth, by normal analysis, not pie-in-the-sky valuations? Zero! Or next to zero,” Martinez said. “But so was Youtube before Google bought it and flipped it into a money-making magnet.”
Image courtesy of Dan Frommer.
View full post on ReadWriteWeb
