How a browser extension leaks Google history to Amazon

When I was looking up information on a product on Google, I found shortly afterward that Amazon knew about my Google search and put the product I was looking at in my "Recently Viewed" slot when I loaded up the retail site.

This cross-site data leakage was due to the way the Invisible Hand extension works on Google's Chrome browser. The same issue happens on Internet Explorer when Invisible Hand is installed. Firefox is immune.

What Invisible Hand does--which is extremely useful--is compare prices of products you're looking at on the Web against multiple other sites. It operates in the background and remains completely out of the user's way until it finds useful data to display. To do its background research, it has your computer look up pricing data on stores like Amazon, Wal-Mart, Best Buy, and others. When it does those look-ups on Chrome or IE, these target sites see your query as human browsing behavior. While Amazon appears to be the only one that actually uses the data on its storefront, showing you your "last viewed" item, all the other sites that Invisible Hand checks essentially get the same information: what you are shopping for, anywhere on the Web.

Firefox has a feature that allows background HTTP requests to be done in isolation ("sandboxed") from open browser tabs, which prevents target sites from using cookies created during the background look-ups to be used by browser tabs that the user is running directly.

Although this behavior may end up being useful to users in some cases, I consider it a serious privacy breach. I don't want Amazon or any other store to know what I'm doing on Google or on other stores, and I'll wager few users do. I'll leave the nightmare scenarios as exercises for the reader; I came up with several involving spouses and gifts (for people other than the spouses), medical supplies, behavior that reveals sexual preference, and so on.

Why so leaky?

After isolating the cause of this leakage, I spoke to Robin Landy, the founder of Invisible Hand. He told me that what I was seeing is a function of the way Chrome handles background Web requests, which is what Invisible relies on to gather data. Google Chrome and Internet Explorer do not allow "sandboxed HTTP requests." When you're using Chrome or IE with the Invisible Hand plug-in, each look-up ends up creating a cookie in your browser; retail sites like Amazon use that (and other information) to create a custom page for you.

Ironically, Invisible Hand's architecture ensures that Invisible Hand itself doesn't see your shopping data or benefit from this cross-site data sharing in any way. The IH extension works locally, on users' computers. Invisible Hand, the company, does not collect your browsing behavior or know its users identities. It doesn't even require sign-up to use.

Another irony: I would trust Invisible Hand with this data more than I would the several retail sites that it gathers data from, and who are now getting users' behavior data in the process. Invisible Hand is just one company, with a CEO that I found earnest and approachable, and its financial motives are pure. It literally makes money when its users save money. It has no vested interest in mining data further--unlike the retail sites whose pricing data it scrapes.

A source at Google looked into this and told me that this is an issue that the Chrome developers are now interested in addressing. (They should study Firefox.) I was also reminded that extensions can do as much on your computer as executable apps and should only be installed when absolutely trusted. Invisible Hand remains a "featured" extension for Chrome as of this writing.

The fixes

Users of the Invisible Hand extension have a few options to make it a little less of a privacy concern. By default, the extension disables itself if you use Incognito or Private browsing modes. Also, a configuration option turns it off for Google searches; although it will still exhibit data leaking between stores (for example, if you look at an item on BestBuy.com, Amazon will show that item as "recently viewed"). And, most importantly, the data leakage does not occur on Firefox.

Invisible Hand itself at one point considered a different architecture that would shield users from the leakage problem, by running the price look-ups on its servers instead of on users' computers. Landy told me that the performance trade-offs were unacceptable.

To close, interactions among browsers, sites, and extensions are complex and can potentially lead to cross-site data leaks, even when all the companies involved are ones you trust. Users are especially reminded that services that operate in the background on your behalf may share data that you are accustomed to thinking of as private and isolated. See Blippy, for example. I have seen other examples of this and will be following up.

Top-of-page

Ecommerce Content: Writing a Good Privacy Policy

A website privacy policy is an important piece of content that every business site, including ecommerce websites, needs to provide site visitors. A small business owner should establish a professional privacy policy that relates to customer information and make that document readily available online. Not only can this prevent you from being entangled in legal woes, but it will also help you to boost consumer confidence and to increase conversions.

Getting Started: What is a Privacy Policy?

The privacy policy appears as a clickable link on your site that takes your site visitors to a page that you provide. This page is statement that details what kinds of personal information you will collect from users visiting your website, who you will share the information you collect with, and how you will use and store that information.

How to Get a Privacy Policy

In 2009, a survey by TRUSTe showed that fifty-six percent of small business owners had no privacy policy in place. The study also revealed that one-third of small businesses admitted that they "Cut-and-pasted" a privacy policy from another business website to their own. Copying a privacy policy is something you should not do, for many reasons other than the obvious copyright infringement.

Not only could it damage your small business reputation, but a privacy policy is designed to protect and inform your site visitors. Rather than protect users, when you copy and paste a privacy policy from another source, you are creating a risky situation for your site visitors.

The best rule of thumb is to invest in a privacy policy like you would any business requirement. The optimal solution would be to pay legal the fees and hire a lawyer to draft a privacy policy document for your business. The problem of course, is that not all small businesses can afford to do this. Another option would be to take advantage of in-house knowledge and draft the document yourself, and then have it verified and finalized by a lawyer to help lower legal expenses.

Another option is to use an online service that offers a Privacy Policy Generator, such as the professional services offered by reputable companies, like TRUSTe. The service you choose should be verified to ensure industry compliance that is based on your own business practices. Look for a service that will scan your website and any other business documents you provide, and then generate a privacy policy that is tailored to your business.

A Privacy Policy Check List

If you choose the do-it-yourself (DIY) route, there are a number of things that need to be disclosed to your site visitors in the document. The following check list offers eight topics you should cover in your privacy policy:

• Tell users why you are collecting this information and describe how your business will use the information collected.
• Specify what information you collect about a user and state what portion, if any, is personally identifiable.
• Explain your data collection process. For example, let people know if the website sets cookies or maintains weblogs. Also inform people how long you will store the information.
• If you run third-party ads or services that may collect user data, be sure to mention it in your document and link to the third-party provider's own privacy policy.
• Ensure that people can consent to the information collection (e.g. note it on a sign-up form or other collection page) and also ensure they can opt-out without hindering their site experience.
• The Children's Online Privacy Protection Act (COPPA) determines what information is collected from children online and how the information can be used. Make sure that your privacy policy strictly adheres to those guidelines.
• Provide contact details right in the document for people who might have a question or concern about your privacy policy.
• State any applicable laws used to govern your policy (e.g. the Privacy Act).

Top-of-page

Scribd Ditches Flash for HTML5

The online publishing site makes what it calls a "bet-the-company" move off of Adobe's software in favor of HTML5 standard.

Score one for Apple and the rest of the HTML5 crowd after Scribd, a popular social publishing site, announced it was abandoning Adobe System's Flash software for the HTML5, a move that Apple CEO Steve Jobs says will become all too common in the months and years ahead.

As DevX reports, the war of words and applications between Apple and Adobe continues to escalate, forcing developers, enterprise companies and consumers to make tough choices to access the latest multimedia apps and content.

While Scribd executives acknowledge that Flash is "a terrific technology," it still presents problems for some online publishers because it requires putting content in a separate application for posting on the Web.

This latest salvo figures to be a controversial and contentious battle of wills and developer allegiance for the foreseeable future.

There's a bit more momentum behind Steve Jobs's insistence that Adobe Flash isn't keeping up with the times.

The Apple (NASDAQ: AAPL) CEO's controversial decision to keep Adobe's Flash software off the iPhone and iPad resulted in criticism that the company was unfairly restricting developers from using it to create programs for the device. But Jobs fired back with a number of claims -- disputed by Adobe -- that he said motivated Apple's move.

Now Scribd, a popular social publishing site, has announced its abandoning Flash after three years of development using Adobe's (NASDAQ: ADBE) popular software in favor of HTML5.

Jobs said earlier that, like Google (NASDAQ: GOOG) and others, Apple is betting on the emerging HTML5 standard for Web content development. The difference is Google and other HTML5 supporters like Microsoft (NASDAQ: MSFT) also continue to work with Adobe and support Flash.

Top-of-page

Yahoo Messenger Users Targeted By Clever Worm

A new and particularly virulent worm weaseled its way into the Yahoo Messenger community this week, infecting an unknown number of users after tricking them into clicking on a link masquerading as "foto" or "fotos" from someone in their contact list.

According to a Symantec blog posting, after a user clicks the link, the default browser is redirected to the worm executable, which is also disguised with a misleading name that somewhat resembles a Facebook or MySpace page where someone would expect to find personal photos.

Once the program is executed, the worm copies itself to %WinDir%infocard.exe, then it adds itself to the Windows Firewall List, stops the Windows Updates service and looks for the Yahoo Messenger application on the users' PC.

At this point, the worm then sends out links to the worm to everyone on the user's contact list and begins to download and execute other malicious files.

"We recommend Yahoo Messenger users to be especially careful with what types of files they are opening, and be cautious with links received even from well-known and trusted contacts," Symantec advised in its posting. "Many times, becoming a victim can be avoided just by asking the contact who sent the link whether it's real or not."

This isn't the first time a worm or other type of targeted malware has used Messenger or other instant messaging platforms to implant spam-spewing code or infiltrate personal data reservoirs.

Earlier this year, CIOs at more than 500 companies flatly stated that social networking sites, such as Facebook and Twitter, as well as instant messaging clients, are the largest threats to their companies' data.

Yahoo officials said they were aware of the scam and as of Thursday were still working to address the problem.

"Very recently we learned of an issue where some users have received spam messages in Yahoo Messenger from their contact list," Thyaga Vasudevan, a product manager for Yahoo Messenger, wrote in a blog posting. "Yahoo Messenger has quickly worked to resolve the situation."

Symantec (NASDAQ: SYMC) said this worm is affecting an unknown number of users running Windows 98, Windows 95, Windows XP, Windows Me, Windows Vista, Windows NT, Windows Server 2003 and Windows 2000 operating systems.

Top-of-page

Microsoft Introduces Office Mobile 2010

Not only are PC users getting the new version of Office, users of Windows Mobile 6.5 get a phone-friendly version of Office as a free upgrade.

Microsoft has on occasion been accused of letting its mobile efforts lag, but it's not letting any grass grow under its feet this time. In conjunction with the release of Office 2010 for PC users, Microsoft is making the mobile version of Office 2010 available for smartphones running Windows Mobile 6.5. Enterprise Mobile Today has all the details.

After a public beta release late last year, Office Mobile 2010 officially debuts today, along with the release of the full desktop version of Microsoft Office 2010, bringing updated versions of core Microsoft productivity tools such as Word, Excel and PowerPoint to the mobile computing workforce.

The one caveat to Microsoft's (NASDAQ: MSFT) Office Mobile 2010, however, is that it is available at the Windows Phone Marketplace as a free upgrade for Windows Mobile 6.5 users. This means it's news for the vast legacy base of Windows Mobile clients but may not be so noteworthy for those holding out for Microsoft's new mobile platform, Windows Phone 7, which is widely expected to boast a slick Office Hub interface that includes document management and SharePoint features.

Top-of-page

W3C Releases New Standard for XML Processes

A lot has happened since 1998 when the World Wide Web Consortium (W3C) published its first standard for XML, the Extensible Markup Language. Soon after, they standardized a few more XML core operations like validation, query, transformation and linking.

This week, 12 years after its first standardization, the W3C announced a spec for managing XML-rich processes such as business processes used in enterprise environments.

Standard Framework for XML Processes

The specification XProc: An XML Pipeline Language provides a standard framework for composing XML processes, by leveraging existing technologies widely adopted in the enterprise setting. Such leverage allows for automated streamlining, sequencing and management of complex computations involving XML.

Considered to be a mainstay of enterprise computing that is used to store, transform, and exchange large amount and types of information, the business processes involved are often modeled as a series of operations, each of which includes XML input or output.

Long story short, XML helps companies manage lots of data processes while ensuring that quality controls are met.

Yet, as business processes combine and build on these core operations, there has not been a standard way to describe such sequences. Alternative approaches have been developed, but are not easily shared nor accessible.

How XProc Can be Useful

With Xproc, developers now have a standard way to describe how to combine processes to accomplish any particular task. XProc can be used to sequence the following set of operations: (1) given a news ticker feed (2) whenever a company is mentioned, use a web service to contact a stock exchange then (3) insert current share prices into the feed and (4) insert background information about the company that has been extracted from a database.

As well, the XML feed could be presented in several ways to multiple users including for print or with an interactive form so that people can purchase shares online. Because XProc descriptions are in XML, people can use readily available XML tools to generate, transform, and validate them.

Overall, the W3C has once again helped to produce a standard that allows for developers to create interoperability and streamline the XML process. XProc is supported by a test suite that covers all of the required and optional steps of the language as well as all the static and dynamic errors.Learn more at http://xproc.org.

Top-of-page

Google to stop selling smartphone online

SAN FRANCISCO (Reuters) - Google Inc is closing its 4-month-old online cell phone store, abandoning an ambitious plan by the Web search leader to redefine wireless retailing.

Google said on Friday it will stop selling its Nexus One smartphone through its online Web store and will instead work with partners to sell the device through retail outlets.

"It's clear that many customers like a hands-on experience before buying a phone," Google Engineering Vice President Andy Rubin wrote on the company's official blog announcing the change on Friday.

Rubin acknowledged that Google's online mobile phone Web store had not lived up to expectations, never growing beyond a "niche channel for early adopters."

The move comes shortly after Sprint Nextel and Verizon both scrapped plans to support the Nexus One phone that Google sold online and represents a significant scaling back of Google's ambitions in the wireless industry, said BGC Financial analyst Colin Gillis.

"They clearly have retreated from the model of revolutionizing the method in which we acquire our smartphones," Gillis said.

Still, analysts noted that Google's challenges with its online phone store come as the search giant is making gains against Apple Inc and Research in Motion in the smartphone market with its Android software.

A dozen handset makers offer devices that feature Google's Android smartphone operating system and more than 65,000 Android-based devices are shipped everyday, according to Google.

A report by NPD Group released earlier this week said that Android became the second most popular smartphone operating system in the United States during the first quarter, behind Research in Motion, and displacing Apple's popular iPhone for the first time. Apple has disputed the study's findings.

"There's clearly an appetite, and there's clearly traction in the Android device area," said RBC Capital Markets analyst Ross Sandler.

For Google, which generated nearly $24 billion in revenue last year, primarily from online advertising, making sure that it has a strong presence in the fast-growing smartphone sector is critical.

"Google's entire philosophy around mobile is they want to make sure that they're the default search engine as users transition from PCs to mobile for Web browsing. That's the overall strategy," said Sandler.

But Google's plans to carve out a larger role for itself in the broader wireless industry were less successful.

Google opened its Web store in January, offering the sleek Nexus One handset as the first of what it promised would be many more devices available for sale.

The Nexus One, which Google designed in close collaboration with HTC, was available for $179 with a two-year contract from Deutsche Telekom's T-Mobile USA, or $529 without a service plan.

In an interview at the time, Google's Rubin said that by selling the phone directly to consumers, Google would be able to cut out extra retailing costs and ultimately deliver phones with lower price tags.

"There's a lot of people in the value chain who don't need to be there," said Rubin. "And then prices can go down, iteration can happen quicker, distribution can be wider."

But BGC's Gillis said Google's plans posed a threat to the established wireless carriers which have traditionally controlled handset sales through their retail stores.

"Part of that equation could have turned the carriers into commodity pipe offerings," said Gillis.

Google said in January that a version of the Nexus One that works on the Verizon Wireless network, a joint venture of Verizon Communications and Vodafone Group Plc, would be available in the United States in the spring; and in March Sprint announced its own plans to support the Nexus One. But in recent weeks, both companies have said they will not offer the Nexus One phone after all.

The fact that Google did not heavily promote the Nexus One, skipping the television advertisements common in the mobile phone industry, may have limited its sales. Analysts estimate that Google sold 150,000 to 200,000 Nexus One phones during the first quarter. By contrast, Apple sold more than one million iPhones in the first three months of its availability in 2007.

Google said on Friday that once the Nexus One smartphone becomes available at retail stores, Google will stop selling handsets via the Web store. Google said it will use the online store as a "window" to showcase Android phone available globally.

"We believe that the changes we're announcing today will help get more phones to more people quicker, which is good for the entire Android ecosystem: users, partners and also Google," Rubin wrote on Friday.

Shares of Google fell 0.66 percent to close at $507.53 on Nasdaq in an overall weaker market.

(Reporting by Alexei Oreskovic; Editing by John Wallace, Gerald E. McCormick and Richard Chang)

Top-of-page

Linux Kernel Debuts With New Filesystems

Linux 2.6.34 kernel arrives with new filesystems in tow for the open source operating system, including the distributed Ceph and LogFS, geared toward flash media devices.

Why would a new filesystem in the latest Linux kernel be named after a class of mollusks that includes things like octopuses and squid? Because Ceph, as the new distributed filesystem included in the latest Linux kernel is known, can manage petabytes of storage by tapping into multiple storage nodes, conjuring, perhaps, the image of the tentacles of its namesake creatures.

But the new Linux 2.6.34 kernel is about a lot more than abstract squid analogies. Linux Planet reports on the new kernel, which in addition to Ceph, introduces another new filesystem dubbed LogFS, which supports flash-memory-based devices.

The Linux 2.6.34 kernel is now available, delivering new filesystems to the open source operating system.

Among the big new items included in the 2.6.34 release is the Ceph distributed filesystem and LogFS, a filesystem geared toward flash media devices. The update comes as the second major Linux kernel development of 2010 and follows the Linux 2.6.33 kernel release by just under three months.

"Generally what I'm excited about is the whole improvement in things that we see in the filesystem area," Markus Rex, director of open platform solutions at Novell, told InternetNews.com. "I think when I look at the proliferation of storage and the sheer volume of terabytes that people have at their disposal, filesystem technology in Linux is on a very good track toward leveraging the space and capabilities of new storage technologies."

Top-of-page

Browser data can be used to track surfers

It is possible to identify individual surfers using information about cookies and plug-ins that browser software leaves on websites, a report has claimed.

Privacy group the Electronic Frontier Foundation (EFF) has claimed that most browser software leaves identifiable traces that can be used to tell what individuals have been doing online.

Web browsers have "subtle but measurable variations" that mean they can be identified as individuals in the same way that cameras and typewriters can be, according to the report's author, Peter Eckersley.

This means that it is possible to identify individual surfers' "fingerprints" from evidence such as cookies, plug-ins and data about the operating system they are using.

The EFF said that 84 per cent of the configuration combinations it collected from volunteers visiting a specially created website were unique.

"Several companies are already selling products that claim to use browser fingerprinting to help websites identify users and their online activities. This experiment is an important reality check, showing just how powerful these tracking mechanisms are," Eckersley said.

Even more worryingly, the report cites "anecdotal" evidence that the information is being used for analytic and authentication purposes.

Who is watching you on the web?

The EFF called on surfers to "insist that new privacy protections be built into the browsers themselves" as it was very difficult to reconfigure a browser to limit the information it shares with the websites it visits.

The report also said that though people surfing the web on mobile devices are harder to track through fingerprinting methods, there are other ways of finding out what they've been doing online.

"iPhone and Android browsers are significantly more uniform and harder to fingerprint than desktop browsers; for the time being, these smartphones do not have the variety of plug-ins seen on desktop systems. Sadly, iPhones and Androids lack good cookie control options like session-cookies-only or blacklists, so their users are eminently trackable by non-fingerprint means," the report states.

Top-of-page

Yahoo To Acquire Associated Content

Yahoo reported that it has signed a definitive agreement to purchase Associated Content, which calls itself "the people's media company." The acquisition gives Yahoo an army of some 380,000 freelancers to provide a new source of content.

Associated Content consolidates material from freelancers who are typically paid $5 and up for providing online content. Yahoo indicated it will consolidate AC to attract more viewers and advertisers. Yahoo didn't disclose financial details of the acquisition, but various media reports placed the deal between $90 million and $100 million.

Luke Beatty, AC founder and president, noted that the AC platform delivers content on more than 60,000 topics. Founded in 2004 in Denver, AC said it receives more than 16 million unique users a month, according to online market researcher comScore; more than 50,000 content pieces a month are examined by its editorial staff.

"Combining our world-class editorial team with Associated Content's makes this a game-changer," said Yahoo CEO Carol Bartz in a statement. "Together, we'll create more content around what we know our users care about, and open up new and creative avenues for advertisers to engage with consumers across our network."

Currently aimed at U.S. viewers, the AC material will likely be scaled to global users, Yahoo indicated.

One interesting side story of the deal is that AOL CEO Tim Armstrong was an early investor in AC. Armstrong now is leading AOL into the world of independently produced online information material. AOL's Seed.com and Patch.com -- targeting local news -- could end up competing with AC. Patrick Keane, AC's CEO, and Armstrong previously worked at Google. Other early investors in AC included Canaan Partners and Softbank Capital.

AC's approach of offering information ranging from how-to help and consumer experience to travel and medical advice is, in many ways, a more sophisticated manifestation of the online content experience that began years ago with Compuserve and other online content providers.

Top-of-page

Metasploit 3.4 Debuts With New Java Tools

Metasploit has rolled out version 3.4 of the open source vulnerability testing framework, boasting new technologies for trying out Java and brute-force exploits.

Metasploit greeted the security world this week with version 3.4 of the open source vulnerability testing framework. The latest iteration now boasts a larger portfolio of exploits, along with new technologies for testing Java and brute-force security flaws.

Rapid7, the principal commercial sponsor supporting Metasploit, has also rolled out a commercial version it's calling Metasploit Express 3.4.

One of the key components of the Metasploit 3.4 release is Meterpreter, which offers sophisticated exploit automation capabilities. Datamation takes a look.

The Metasploit open source vulnerability testing framework is out this week with a new release boosting its exploit count and adding new Java, brute force and exploit automation technologies.

Alongside the new Metasploit 3.4 release, Rapid7, the lead commercial vendor behind the project, is releasing a commercial version dubbed Metasploit Express 3.4, offering a new user interface and enhancements aimed at improving ease of use. Metasploit Express was first announced at the end of April and hits general availability this week with the 3.4 release.

Top-of-page

Red Hat Taking Deltacloud Commercial

Open source vendor is bringing its year-old deltacloud project to commercialization as it expands its virtualization offerings and develops a cloud management engine.

Red Hat is on a mission to harmonize the numerous cloud environments that can give administrators headaches.

Open source vendor Red Hat betting on a year-old open source effort that it hopes will further open up the cloud.

Red Hat's deltacloud project started last year as a way of enabling and managing a heterogeneous cloud virtualization infrastructure. Now, deltacloud is on a path to commercialization as part of a set of new virtualization products from Red Hat. The potential payoff for Red Hat is that deltacloud will be positioned as an open source approach to managing nearly any type of cloud virtualization technology.

Top-of-page

Managing Zend Framework Layouts

One immediate benefit developers stand to gain from adopting the Zend Framework is a complete resolution for managing website layouts and pages. Gone is the need to devise strategies for important tasks such as managing the code repeatedly used throughout the site to carry out special formatting actions. Instead, you can just embrace the framework's conventions and move on to the next battle.

Many PHP developers employ an approach involving managing page headers and footers in separate files and then using require() statements to assemble the page. While this approach may be fine for simple sites, it quickly becomes a burden as the site grows in complexity. The Zend Framework greatly improves upon this approach by utilizing a single template file (known as the layout), which is dynamically wrapped around the site's pages.

In his PHPBuilder.com article, Jason Gilmore introduces some of the fundamental concepts behind managing layouts within your Zend Framework-driven layouts.

Top-of-page

Yahoo tries to find a place on the map

NEW YORK--When you ignore the map, sometimes you take a wrong turn. That's what Yahoo CEO Carol Bartz admitted her company did a few years ago when it stopped devoting significant engineering resources to its Yahoo Maps product.

Bartz held a press conference Monday with Nokia CEO Olli-Pekka Kallasvuo to announce a partnership that will bring Yahoo's e-mail and messenger services to Nokia's Ovi service and Nokia's Navteq mapping service to Yahoo. While the story on the surface is that Yahoo's gradually shedding its properties that have fallen behind, handing over the reins of its mapping service to a partner company much as it did with search and Microsoft, the more interesting dimension to the relationship is Yahoo's attempt to play catch-up in all things "geo"-related--fast.

"Location should not be seen as a destination. It's a new dimension of the Internet," Kallasvuo said in the press conference, which was held in a Nasdaq-owned space above Times Square and its famed hordes of camer-clutching, geographically disoriented tourists.

"People take photos today and they're geo-tagged," Bartz added. "Location has just become such a common part of everything."

Indeed. In the time that Yahoo let Yahoo Maps lie fallow, we saw the emergence of, to name a few, Google Latitude, a dozen or so location-based networking start-ups, the near ubiquity of GPS-enabled mobile handsets, AOL's ambitious attempt to redefine local news reporting with Patch.com, and Google's botched multimillion-dollar bid for business reviews site Yelp.

Bartz admitted that "we're definitely behind in maps" and that "we just didn't put the amount of engineering resources on it that the company should have", something that the company seems to consider a major fault as local services began to form, like Kallasvuo had put it, a dimension of digital media that was of growing importance. In the meantime there were some catch-up attempts: Yahoo launched a location-sharing service, Fire Eagle, as a sort of experiment. It didn't really catch on. More recently, it was rumored to have been willing to cough up as much as US$125 million to acquire the year-old Foursquare.

At least judging by Bartz and Kallasvuo's preliminary pitch, the Nokia mapping partnership will be very noticeable across many Yahoo properties, but they're not saying exactly how yet. "I want to overemphasize local," Bartz said. "The ability to do local performance advertising is really on our radar screen...(and) because mapping is combined with other things you're doing, as you're moving through other Yahoo services, maps will just be part of that service."

The straightforward interpretation of Yahoo's deal with Nokia--that it's trying to focus its internal resources on the goal of becoming a powerful content and media company--is true, too. The company just acquired Associated Content, and has been hiring prominent journalists in-house away from the likes of Gawker Media and Politico. But it's also obvious that Yahoo believes a stronger focus on location-based services will cure some of its (many) ills.

Top-of-page

Facebook faces U-turn on privacy

Facebook is poised to make a U-turn on its privacy practices following a backlash from users who believe that the site reveals too much of their personal information.

In recent days, senior staff have held crisis talks in reaction to complaints about the way the site's settings protect a user's private information.

They believe that at best, the settings are too complicated to use, and at worst, they are designed to open up a person's details without them realising it. Recent technical glitches that exposed yet more personal data have compounded the issue.

Facebook may now be forced to pull back from encouraging users to share more about themselves in public. A senior Facebook executive, Tim Sparapani, broke cover on the issue, saying: "We've heard from our users that we have got a little bit complex. I think we are going to work on that." On Thursday, a Facebook spokeswoman said the company was "listening to our users".

Privacy groups and regulators around the world have criticised Facebook in recent days for its practices, piling pressure on the service, which has almost 500 million users worldwide.

Sources suggested that a change to Facebook's privacy settings is imminent, possibly even by this weekend or early next week. Changes could include making all profiles private by default, unless users specifically choose to open up their information.

This would be a big reversal for the site, in particular for its 26-year-old chief executive and founder Mark Zuckerberg, who is known to have overruled those employees who argued that Facebook should make user data more private.

Thousands of offended users have mobilised in protest against the site, forming a group that has dubbed May 31 "Quit Facebook Day".

The privacy issue is not unique to Facebook, and other technology companies have suggested that the rise of social networking has led people to reveal too much about themselves online. Google's co-founder Larry Page pointed to instances when people have lost their jobs after potential employers found embarrassing details on their profiles.

"The thing about social networking is that there really is a ton of data that is being made public that didn't used to be," he said. "That has changed society, and it does cause harm."

Vincent McAviney, 21, a student at Durham University said: "I'm at a Uni where a lot of people have gone on to do things in public life and I know people who some day may go on to be a leading scientist or doctor. They think, 'There are things here that will come back to me in the future.'

"People are deleting their walls [personal messageboards] because they worry what people will write in it. You won't check it for a day and you can't delete it and everyone sees it. The thought that you can't delete anything on Facebook is scary."

The problems began in December last year, when Facebook changed its default privacy settings to allow anyone to see profile information, unless users specifically opted out. Facebook took this a step further last month, when it opened up Facebook data to third-party websites, in a move Mr Zuckerberg described as heading towards "a web where the default is social".

The European Commission has called the changes "unacceptable". Critics, meanwhile, said Facebook's privacy policy was too opaque. They point out that that Facebook's policy has 50 different settings, 170 different options and runs to 5,830 words - making it longer than the US Constitution. Facebook argues that the multiple options give users the maximum control over their settings.

Top-of-page

Google aims to offer internet on your TV

Google is set to move into the living room with a computer operating system that will bring the internet to home televisions.

The company is working with the chipmaker Intel and Sony, the electronics giant, to introduce Google TV this week at a conference for 3,000 Google software developers in San Francisco.

The aim is to get them to create new and innovative applications in the same way that outside developers have created new software programs for smartphones.The system will be based on its Android platform, which was developed 18 months ago for mobile phones. There are already more than 50,000 applications available for Android.

The aim now is to put the web on to televisions via a new generation of television sets and set-top boxes, further blurring the line between home entertainment and computing.

The partners are developing technology that will make it as easy for television users to search the web as for computer users, with access to social networks such as Twitter or Facebook and to movies and TV shows on web video sites such as YouTube or Hulu.com. Some existing televisions and set-top boxes offer access to web content, but the choice of sites is limited.

Google, by embedding its software into televisions, can control internet access on yet another category of devices. By offering its Chrome web browser on the Android system, Google will be able to ensure that its services, especially its search and advertising technologies, will bring in more profits.

Google hopes to connect the service with its nascent TV ad-brokering business, allowing it to target advertisements to individual households based on search and viewing data. The search giant recently invested in Invidi Technologies, a New York-based technology company that is developing "addressable" TV ads. Addressable ads are supposed to target specific viewers, using data from set-top boxes, in the same way that online ads can be directed at web users based on their internet activities.

Intel and Sony are working in partnership with Google in an attempt to find new markets. Intel is contributing a customised version of its Atom chip for the devices. Last week Intel executives said it would be aiming to get its microprocessors into "smart TV" products, which could offer such features as advanced television guides, personal content libraries and search.

Intel's chief executive Paul Otellini predicted that the melding of the internet and the television set would be as big a step change as the move from black and white to colour. "Intel is opening new doors and segments," Tom Kilroy, the company's senior vice-president of sales and marketing, said.

It is thought that Logitech, a specialist electronics peripherals company, is developing a TV remote control device with a tiny keyboard to allow users to enter search terms and use the internet on the television.

Many TV set-makers already offer the internet in some form on integrated systems or through set-top boxes via cable or satellite. Yahoo! has been pushing its Connected TV widgets platform, which gives users access to certain websites such as eBay and Facebook and provides movies and TV shows streamed over the internet. But the market has yet to take off.

Google has been testing the new technology with Dish Network in the United States, which has 14 million subscribers for its satellite TV service. The service being developed integrates the company's programming with a search service, making it easier for consumers to find and watch the shows they want.

Top-of-page

Open Source Dynamic Languages Draw to Clouds

New study finds creators of dynamic language are increasingly taking a good look at cloud-based deployments.

The latest group to consider moving to the clouds are developer behind open source dynamic languages. That includes languages like PHP, Perl, Ruby and Java. So what will be different about cloud deployments compared to standard installations? Developer.com takes a look.

The cloud isn't just for network administrators looking for scale, it's also a key development area for developers building applications with open source dynamic languages.

According to a poll conducted by analyst firm Redmonk and sponsored by dynamic language vendor ActiveState, over half of the developers surveyed have deployment plans for cloud applications within the next 12 months. Those cloud deployments are likely to be a hybrid of both public and private cloud platforms, according to 37 percent of respondents.

Top-of-page

Google Unveils Storage for Developers, Heads-up Amazon

Of course, right when we hint at Google's lack of storage options, the company goes and announces Google Storage for Developers. The RESTful cloud service is another layer of the Web giant's storage and networking infrastructure, and competes directly with Amazon S3.

"Using this RESTful API, developers can easily connect their applications to fast, reliable storage replicated across several US data centers," said Jessie Jiang of the Google Storage for Developers team.

Other features include:

• SSL support
• Multiple auhentication methods
• Access controls for sharing with individuals and groups
• Read-after-wirte data consistency support
• Web-based interface for storage management

Presently, the service is only available by invitation. Early testers get 100GB of storage space and 300 GB per month in data-transfer bandwidth for free. Beyond that, Google will reportedly charge through a utility-computing model, meaning the more customers use, they more they pay.

Fees include US$ .07 per gigabyte per month, US$ .10 per gigabyte for uploading data, and US$ .15 to US$ .30 per gigabyte for downloading data. There's also a fee for the number of requests - US$ .01 per 1000 PUT, POST or LIST requests and US$ .01 per 10,000 requests using GET or HEAD.

Who's Cheaper?

Because both companies have a pay-as-you-go structure, it's hard to say whether Amazon or Google will save you more money. Although, it's worth it to mention that Amazon's costs drop at higher rates of usage.

Perhaps all this competition will inspire both companies to drop their prices even further. After all, Amazon just added another tier to their S3 storage - Reduced Redundancy Storage - that costs a measly US$ .10 per gigabyte. Designed specifically for non-critical data, the service utilizes less replication, and therefore fewer storage resources.

Meanwhile, Google offers things that Amazon doesn't, such as BigQuery API, a tool designed to explore the history of your data, and the Prediction API for access to Google's machine-learning algorithms. According to Google, the latter can help users make real-time decisions "such as recommending products, assessing user sentiment from blogs and tweets, routing messages or assessing suspicious activities."

Top-of-page

Windows 7 Poised for Enterprise Takeoff

New study from Forrester Research finds impressive early adoption of Microsoft's Windows 7 in its first six months on the market, suggesting that a major enterprise refresh is coming.

Across the tech industry, vendors have been eagerly anticipating the enterprise refresh, that happy time when IT buyers feel confident enough with the state of the economy to begin opening their wallets and replacing old systems and software.

Looking only at early sales of Windows 7, Forrester Research is projecting that the next major corporate IT refresh is not far off. What gives the analysts that confidence? Looking at early uptake of Windows 7, they found that the operating system is already in much wider use than was Vista at a comparable period after its release.

Datamation takes a look at Forrester's thoughts on Windows 7 and bullish projection for IT buyers.

A new study on corporate adoption of Windows 7 shows that the new operating system has already made serious inroads on the enterprise desktop -- signaling that the start of corporate deployments en masse is not far off.

The report, issued by analyst firm Forrester Research, found that only six months after its October launch, Microsoft's (NASDAQ: MSFT) Windows 7 was already running on 7.4 percent of some 90,000 PCs that visited Forrester's site.

Top-of-page

5 Basic Things to Consider Before Moving Your Startup to the Cloud

Although by no means a new technology, cloud computing retains the buzz as one of the latest innovative - and potentially transformative - elements of the industry. But there remains quite a bit of confusion about what exactly is meant by cloud computing, often making the question of whether or not your startup should be in the cloud difficult to answer.

Should you move (or launch) your startup into the cloud? Proponents of cloud computing will likely tell you unequivocally "yes." more entrenched IT forces may respond with an unequivocal "no."

Cloud Computing: Quick Definitions

There are three main categories of cloud computing.

Software as a Service (Saas): the most common use of the cloud, SaaS is also known as "software on demand." rather than downloading and running software locally, customers access the software via the Internet.

Platform as a Service (PaaS): As the name suggests, PaaS involves the delivery of a computer platform, with the ability to develop and deploy websites and services via the Internet.

Infrastructure as a service (IaaS): IaaS provides all the basic computing building blocks, but is the most complex choice. This does allow you build your platform and your services.

Five Things to Consider Before Moving to the Cloud

Your Needs: Just as you would have to assess your computing needs out of the cloud, moving to the cloud requires some planning. Do you need a provider that offers a lot of flexibility? What are your performance and availability expectations? Will you need additional support and services?

Your Budget Although you will save money by avoiding hardware investment, hosting for the cloud is not necessarily cheaper. As the cloud treats computing like a utility, you are billed as such: depending on your usage.

Scalability and Flexibility Although cloud computing makes scaling easier, the ability to launch new, larger servers (or shrink to smaller instances)

Security may be one of the main arguments naysayers make against the cloud, with fears that co-location in the cloud is more of a threat than co-located hardware in the server room.

Backup Nothing is foolproof, and simply because you're in the cloud does not mean you should forgo backups.

Despite the promise that cloud computing holds, you shouldn't go into the decision naively (just as, hopefully, you wouldn't make the same decision to buy a bunch of hardware without thorough research).

Top-of-page

A Multilingual Web Goes Live

Multilingual Web content has been around for years. Now Web domain names in non-Latin languages are finally arriving--including Arabic addresses launched in Saudi Arabia, Egypt, and the United Arab Emirates earlier this month. Cyrillic, launched in Russia last Thursday, and soon Chinese-easing Web access for hundreds of millions of people around the world.

"This is the biggest change in the Internet in 40 years," says Tina Dam, senior director of international domain names for the Internet Corporation for Assigned Names and Numbers, or ICANN, which is working on implementing 21 international applications for domain names in 11 languages. "You should have seen the Russian celebration of this, it was so emotional. Suddenly their own language can be used."

The first complete Cyrillic address is http://?????????.?/, meaning "president.rf" for the office of the president of the Russian federation. While the "http://" part remains in Latin characters, users will not have to type them to reach their destination.

As the change opens up the Internet, it also potentially opens up new security issues, though ICANN says it has tried to anticipate and prevent them. Web addresses formerly based only on 37 characters--A though Z, the 10 numerical digits, and the dash symbol--can now use 90,000 characters from several languages, many of these being Chinese characters. And just as a capital "O" and a zero look similar, various characters within other languages do, too.

Some security experts say that the plethora of new address possibilities could give phishers--scammers who use phony websites to trick people into handing over personal information--ways to create links that appear to be from recognized addresses. As a result, ICANN has already set a rule that any one address must only draw from one language. So while the Russian letters for C, V, and E, for example, are visually indistinguishable from their Latin counterparts, nobody will be able to create a hybrid address to exploit this. E-mail is not fully functional yet with the international domain names, but the technical protocols are being tested.

"One of the biggest principles of the Internet is the uniqueness principle," Dam says. "Computers will know the difference. But if people can't see the difference and don't know what address we are clicking on, we will have a break in the uniqueness principle."

Strictly speaking, multilanguage domain names have been possible for a decade. But, crucially, this was not true of the top-level domain--such as ".com" and ".gov," or country names like ".cn" for China or ".ru" for Russia--until recent weeks. Since few people used hybrid domain names in non-Latin languages over the past decade, the real security tests lie ahead.

Meanwhile, the software industry has some catching up to do. One example: it is common in many applications and e-mails for Latin-based Web addresses to automatically become highlighted in blue as a hyperlink. But this doesn't always happen with the new non-Latin addresses, because commonly used software does not recognize the new multilingual top-level domains for what they are. The major Web browsers, however, have all been updated.

Top-of-page

Microsoft Open Sources Outlook Tools

Software giant releases File Format Software Development Kit (SDK) and the PST Data Structure View Tool to allow developers to build applications that run on its Outlook e-mail client.

Microsoft hasn't always been known as a champion of open source software development, but the company is now inviting developers to build programs that will run on top of its Outlook e-mail client.

Microsoft has released two new tools, the File Format Software Development Kit (SDK) and the PST Data Structure View Tool, that will enable developers to create applications to perform tasks such as extracting photos from e-mail folders and uploading data to the cloud.

Microsoft is taking more steps to make it easier for enterprise and independent developers to create software that runs on top of its Outlook e-mail file format, releasing a pair of associated tools as open source.

The move follows on Microsoft's (NASDAQ: MSFT) recent public release of the data formats used for its Outlook e-mail client personal folders.

Top-of-page

PHP Remains Strong Despite Security Flaws

Over the course of May, the PHP community was hit with a barrage of more than 60 security issues. The security assault was all part of the Month of PHP Security (MOPS) effort, which disclosed the flaws.

But even after so many identified security issues in MOPS, PHP experts argue that the language is not necessarily insecure.

"Since none of the issues found were deemed as critical security issues, we don't consider any of them zero-day flaws," Andi Gutmans, CEO of PHP vendor Zend, told InternetNews.com.

Gutmans added that the vast majority of the flaws reported in PHP itself belong to a class of issues that requires local access to the server for the bug to be exploited. That would entail a scenario in which a developer is attacking his own server, which would have to be configured to permit access to run custom code.

"PHP was not designed to protect against such scenarios, and while it does some best-effort attempts to protect against casual hacking attempts, it doesn't pretend to promise bulletproof protection against untrusted developers with code access," Gutmans said. "As such, it's likely there are dozens of other similar issues in PHP, perhaps even more, and while we do consider them bugs, we don't consider them as critical security issues."

Rather, as a way to protect against privilege elevation, he recommends ensuring that security is properly configured at the operating-system level.

Among the reported MOPS issues are some that may be considered items that developer best practices can help to eliminate.

"PHP, like all development languages, is only as secure as the code people write in it," Gutmans said. "The main important thing developers have to know is that when they deploy a Web application -- whether it's written in PHP or in any other language -- they're deploying into a hostile world. It's therefore important for everyone to get security training."

His firm, Zend, is trying to help in the usage of secure PHP code through training and tutorials. It also provides templates for users of the IDE Zend Studio.

The most recent PHP release is PHP 5.3.2, which was a maintenance and bug fix update for PHP 5.3. Gutmans noted that future versions of PHP will contain fixes for most of the bugs found by MOPS, as well as many other unrelated fixes.

Overall Gutmans sees the PHP community as having made strides in security in recent years, though setting expectations remains critical.

"People should not expect PHP to be able to enforce security boundaries on a developer that has permissions to run custom PHP code," he said. "It's an inherently flawed scenario, and it's the wrong layer to protect in. People must rely on properly-configured OS-level permissions for securing against untrusted developers."

He also had kind words for the MOPS effort, which he praised for elevating the profile of PHP security throughout the community.

"The MOPS project does the PHP community a very positive service by raising awareness to security amongst PHP developers -- which is exactly what we think is the number one way to improve the track record of PHP security, especially PHP applications," Gutmans said. "In addition, the MOPS responsibly alerted the PHP project ahead of time regarding all the PHP-related issues, and presumably also alerted the various applications affected ahead of time too -- so we definitely view it as a positive event."

Top-of-page

AOL eyeing new search deal

AOL CEO Tim Armstrong said on Thursday that the company has started the process of meeting with Google and others over who will power the site's search engine going forward.

The company's current deal with Google is set to expire and Armstrong said AOL has spent the last six months evaluating what it needs out of the next search deal and has begun to meet with potential partners, presumably Google and Microsoft.

He didn't go into specifics, but said the company is focused on the longer-term economics of the deal. "I don't know whether there will be an upfront payment," he said, speaking at the D: All Things Digital conference here.

He also positioned AOL's search business as even more valuable than just its few points of market share, trying to position AOL's searchers as more valuable and engaged.

Armstrong said the company also sees a lot of value in the AOL brand, even if those in the tech industry tend to see it as one in decline. Armstrong said AOL has a "warm fuzzy feeling" in the broad consumer market as "the brand that put people online".

A lot of the work, Armstrong said, is about changing the company's culture, which he said was more like a bunch of individuals playing their own golf game as opposed to a team united against a tough opponent.

Part of the reason the company did a voluntary separation program as opposed to layoffs, he said, was to try to make the company filled with people who are ready to work hard.

"Turning this company around is not going to be easy," he said. "It is not going to be eight hour days. The culture is about 60 percent of the way to where I hope it will be one day."

Asked about AOL's future, Armstrong pointed to Warren Buffet's analogy that companies are like cigars. At a minimum, Armstrong said AOL has a few good puffs left. However, he said he is focused on making sure the company can actually crank out new cigars.

Top-of-page

If You're Online, You're Working for Google

Millions use purportedly free Google services all the time whether it's checking your Gmail account or printing out directions. But these handy tools aren't really free.

Google's made billions off its search and advertising business, providing the online masses with the roadmap and tools they need to navigate the Internet. Everything from e-mail and directions to news feeds and free videos are synonymous with its brand.

But Datamation has the lowdown on something most of us don't even consider: Google's getting a ton of critical information—sometimes illegally—from all of us to expand its online empire into new and even more lucrative markets. And it's getting all this valuable data for free.

Google took plenty of heat when it was revealed that its Street View service was, according to co-founder Sergey Brin, "accidentally" collecting tons of data from Internet users' Wi-Fi networks.

Giving Google the benefit of the doubt, even if it wasn't intending to capture the contents of users' Internet traffic, it surely was doing a fine and definitely intended job of correlating these individual Wi-Fi networks to specific locations to help it build a database enhances or substitutes for GPS location.

All this free information, be it from CAPTCHAs that help Google's scanning systems better identify words to sell books or images of your home, is enriching the company that's pocketing billions every quarter.

Everybody knows that Google offers lots of free services. Many are ad-supported. Others aren't. They're just free products that we can all use as a kind of publicly provisioned resource.

That's how most of us see Google. But guess what? That's how Google sees you, too.

You may or may not be a Google user. But Google is definitely using you.

Top-of-page

Facebook founder predicts personalised sites are the future

Personalised websites will be the future of the internet as people willingly share more of their information, Mark Zuckerberg predicted as he was grilled over Facebook’s approach to privacy.

The 26-year-old Facebook co-founder and chief executive had sweat running down his face as he faced questioning on stage at the ‘All Things D’ conference over a tide of protests about the service’s complex privacy controls and usage of its users’ private information.

He said Facebook was based on a certain level of sharing and that some basic information needed to be public and available for all to see so that users could discover one another.

"There’s some serendipity that can only happen if you are sharing," he said.

Last week Facebook overhauled its privacy controls to fend off escalating anger that it is betraying the trust of its 500 million users. The company unveiled a redesigned privacy settings page and “significantly reduced” the amount of information that is always visible to everyone.

The world’s biggest online social networking service also said that it is giving users more control over how outside applications or websites access information at the service. Facebook last month announced “instant personalisation” that tailors other websites to users’ Facebook profiles.

Despite the concerns, Mr Zuckerberg predicted that in a few years’ time thousands of websites and services would be linked to consumers’ profiles and preferences, following the trend that Facebook has started.

People would share more information and expect to see services, advertising and websites that were targeted at them, he said. "Things are going to be designed around people," he added.

"The world is moving this direction where things are going to be designed more around people and that's going to be a really powerful direction," he said.

He admitted that Facebook had made mistakes but he added that sometimes there were protests about new features which turned into some of the most popular aspects of Facebook, such as news feeds.

It was a matter of getting the balance right between introducing new experiences for users and giving them control, he said. "The privacy concerns people have - over time they will get more comfortable," he added.

Mr Zuckerberg was hot under the stage lights and was forced to remove his sweatshirt. He revealed that the black hoody had the company motto printed inside it: "Making the world more open and connected."

He said that he did not see Facebook as a successful company yet, despite billion-dollar revenues and valuations of more than $15 billion. "Maybe I’m in denial. I really think we’re just a lot closer to the beginning than the end," he said.

The company only had 1,000 employees and was still growing fast. For example, only one person was running the instant messaging feature on the site - the second most popular short messaging system on the internet.

He said that expected the company to slow down and “do less crazy stuff”. "I hope we don’t," he added.

Top-of-page

IBM Offers Secure Application Design Tools

New security offerings will deal with security issues during the application development process rather than after the app is done.

In the application development processor, security often comes at the end of the cycle. All too often, it came at the very end, once design, development and testing were completed. The result was often apps that were insecure and difficult if not impossible to secure. So IBM is taking a new approach and adding the security portion of an app during development. The result should be more secure apps from the start, reports Datamation.

IBM is enhancing its portfolio of application-development security technologies and services this week, offering improved access, source-code analysis and security-assessment services.

The new releases from IBM (NYSE: IBM) include the AppScan Source Code Edition, Tivoli Access Manager and a services capability for source code assessment. With the product rollout, IBM is expanding its efforts to enable enterprises to secure both applications and access.

Top-of-page

Search Engine Indexing For Deep Web Pages

Google, MSN and Yahoo! are the most used search engines, so being found by them is really important for all web pages. However, there are a growing number of pages that can't be indexed by search engines and stay invisible to other surfers, despite the fact that they contain a lot of relevant content.

This "invisible" part of the Web is actually a large percentage of the total number of pages on the Internet. In fact, one could consider the World Wide Web to be like a gigantic iceberg whose emerged surface is the only part that can be seen.

The challenge for webmasters is to help search engines index all the pages in a website.

Why Some Content Does Not Get Indexed By Search Engines

There can be many reasons behind this:

• Websites that are too bulky to be completely indexed: Some websites have millions of pages but just a small percentage are indexed by search engines because of the depth of the site.
• Pages are protected by the webmaster: Files like "robots.text" and robots "noindex" or "nocache" meta tags in the HTML code of a web page can prevent search engines accessing the content.
• Pages with dynamic content: Pages that are the result of a submitted query and consequently do not have a static URL can be impossible for search engines to find, since the spiders cannot replicate the query submission carried out by human beings.
• Password protected pages: Many websites limit access to some pages of the websites or require a password. Pages that can only be accessed after entering a password cannot be reached by search engine spiders.
• Isolated / floating pages: Generally search engines follow links to the index page on a site and then crawl from there to other pages by following links. Search engine spiders will therefore have more difficulties seeing a page that is not linked to from any other page.
• Pages with only JavaScript or Flash-based content cannot be easily indexed.

Making Invisible Content Visible

A good site search facility is perhaps the best tool a webmaster can use to help users find content on a site. There are many way to get all the website content indexed by search engines. The most important is to put links to invisible pages on pages that are already indexed.

Thinking of the database structure is important. Many databases are visible but contain links to deeper pages. Providing users access to the database content, typically in the form of an online catalogue, is a great idea. Users can then conduct "manual" searches to find specific information or products.

Archives often contain many pages that are not usually indexed by search engines.

Specialized search engines, directories or portal such as Google Scholar, Complete Planet, Google Book Search, Pipl, Infomine etc can be used to get content indexed on many search databases that the traditional search engines would ignore.

Other practical tips that can increase the number of pages indexed are:

• Creating a comprehensive HTML sitemap with links to main pages or sections, which will in turn link to other pages.
• Coding the entire site in HTML and converting formats like pdf, word, excel. Where that is not possible (e.g. in videos, music etc), transcribing the information as supplementary text, so that search engines will be able to know what the content is and index / rank it at the place it deserves.
• Obtaining deep links from other relevant websites to the invisible pages.
• Bookmarking the deep / invisible pages on social bookmarking sites like del.icio.us, Google Bookmarks and Yahoo! MyWeb.

Top-of-page

Meet PRADO, the Component-based PHP Development Framework

Add PRADO to the list of PHP frameworks you should try. PRADO is a component-based and event-driven Web programming framework for PHP 5. A PRADO component represents a combination of a PHP class, an HTML template and a specification file (in XML). PRADO components are combined to form larger components or form complete PRADO pages.

Developing PRADO Web applications involves instantiating pre-built and application-specific component types, configuring them by setting their properties, responding to their events by writing handler functions, and composing them into application tasks.

PRADO provides the following benefits to Web application developers:

• Reusability: Code that follows the PRADO component protocol is highly reusable.
• Ease of use: Creating and using components are extremely easy.
• Robustness: Developers can code in terms of objects, methods and properties instead of URLs and query parameters.
• Performance: PRADO uses a cache technique to ensure the performance of applications based on it.
• Team integration: PRADO enables the separation of content and presentation.

Top-of-page

Google kills background images on home page

Fourteen hours into a 24-hour experiment with background imagery, Google's home page is once again stark white.

Design guru Marissa Mayer confirmed that Google was ending the experiment early due to what she called a "bug," which erased a link underneath the search bar on google.com that explained why Google's famously spartan home page had taken on a colorful look. Apparently many searchers on Google.com Thursday morning missed the company's blog post Wednesday night, and were confused and annoyed at the change, turning "remove google background" into the seventh-most-popular search on Google Thursday.

Last week Google announced that it would begin providing its users with the option of setting their own background image behind the home page, but last night it forced an image to appear for all users signed into a Google account to highlight the feature. That didn't sit well with many grown used to Google's clean white design, especially when Google's explanation of why it was forcing this look vanished from the home page.

It also gave fans of Microsoft's Bing search engine a chance to crow, given that one of Bing's most noticeable features is a striking background image behind Bing.com that contains links to searches about the image.

Top-of-page

China Falling in Domain Name Standings

Demand for Internet addresses continues to grow in 2010, though it's not uniform across all Top Level Domains (TLD).

According to a new report from VeriSign, the first quarter closed with a total of more than 193 million registered domain names. The Q1 tally represents an increase of 6 percent, or 11 million domain names, over the first quarter of 2009.

A year ago, the .cn county code Top Level Domain (ccTLD) for China was gaining fast and looked like it might overtake .com. In 2010, that's not quite the case, as overall demand for ccTLD registrations slowed, and VeriSign is reporting that .cn was actually on the decline.

According to VeriSign's report, the first quarter saw .cn slip from second place behind only .com to fourth place. In descending order, VeriSign's top 10 list of TLDs in the first quarter was: .com, .de, .net, .cn, uk, .org, .info, .nl, .eu and .ru.

The firm explained the decline in the .cn domain as a byproduct of new policies to help ensure that domains are legitimate.

"Many of these are low-priced promotional names that have now come up for renewal at a higher price," Pat Kane, vice president of naming services at VeriSign, told InternetNews.com. "The .cn registration decline was also based on the CNNIC (China Internet Network Information Center) registry's implementation of the real names directive from the Chinese government primarily around verifiable 'whois' data."

While .cn registrations declined, VeriSign reported that .com and .net registration hit 99.3 million names in the first quarter, an increase of 7 percent on a year-over-year basis. The first quarter of 2010 also marked a significant milestone for .com as the domain celebrated its 25th anniversary.

".com has been a platform for Internet innovation over the past 25 years, and we expect .com will continue to play a central role for the innovators, entrepreneurs and companies who will shape the Internet over the next 25 years," Kane said.

The first quarter of 2010 also marked a new traffic milestone for VeriSign in terms of DNS (define) query volumes. VeriSign manages the root name servers for the Internet and has been actively expanding their capacity.

In November 2009, VeriSign CTO Ken Silva said that his company had expanded its capacity tenfold. VeriSign is now engaged in a 10-year, $300 million effort to expand its capacity even further with Project Apollo.

During the first quarter of 2010, DNS query load hit a peak of 63.2 billion queries per day, a 43 percent increase over the first quarter of 2009.

"That is the highest peak we've seen, and we expect that to continue to rise in the future," Kane said.

He added that DNS query load growth is being driven by the increasing number of users on the Internet, as well as new Internet applications and technologies that tap the DNS infrastructure.

"Over the next three years alone, it's projected that the Internet will see the number of users increase by 500 million to 2.2 billion worldwide, and devices accessing the Internet increase from 1.6 billion devices to 2.7 billion devices," Kane said.

One of the other items that will impact DNS volume in the future could be the shift to the IPv6 (define) addressing structure. With IPv6, more address space will be available over the current IPv4 address space, which is nearing exhaustion.

"While the deployment of IPv6 has not resulted in a significant increase in DNS queries, we expect that IPv6 will be one of the many factors that drive innovation throughout the Internet and thus will drive DNS query growth in the future," Kane said.

Top-of-page

Adobe and KickApps Make Flash-Based Media Delivery Easy

If KickApps failed to catch your attention before, perhaps their partnership with Adobe will do the trick. The combination of these social media and creative technologies has yielded the Open Source Media Framework (OSMF) App Studio, a cloud-based, drag-and-drop media player solution.

A New Era of Flash

Essentially, the OSMF App Studio opens up the dev doors by making it simple to create Flash-based experiences with elementary functions like drag-and-drop. This invites everyone, even non-programmers, to be a part of the creation process.

As for the seasoned programmer, the studio allows the composition of visual designs and piecing together of a wide range of components and third-party services without the headache that often comes with writing code.

"The OSMF App Studio offers a tremendous opportunity for Web publishers of all sizes to efficiently create custom media players that can be embedded on a website or shared virally across the Internet," said Doug Mack, vice president and general manager, Digital Imaging and Rich Media Solutions at Adobe.

Flash? Really?

Considering the Apple vs. Adobe debacle, it's interesting that KickApps went for a Flash-based solution.

As software programmer Chipp Walters puts it, Apple's latest developer agreement "shuts out Flash, as well as Titanium, Unity3D, Ansca, MonoTouch, RevMobile and others. Can you imagine working so hard for months and man-years on an iPhone development platform to have Apple yank it because they can, and because Steve Jobs has a vendetta against Adobe?”

But Alex Blu, CEO of KickApps, stands by his decision. “Adobe’s Flash is an invaluable de facto standard that makes dealing with the multitude of browsers, devices and operating systems easy," he said.

Top-of-page

Ruby on Rails 3 Release Candidate Coming Soon

When Ruby on Rails and Merb merged at the end of 2008 -- a boon for Ruby on Rails development, the plan was to unify development of Ruby on Rails (RoR) 3 and have it out by the end of 2009. Fast forward 18 months and RoR 3 is still in development, but a release candidate is set for this week.

With the RoR 3 release, the open source development framework is being overhauled. Most notably, the Merb framework -- and its dependency management capabilities -- are being merged into Rails. So, Rails developers can look forward more modularity and scalability, and greater power compared to the current RoR 2 framework.

For his DevX article, InternetNews.com's Sean Michael Kerner spoke with Yehuda Katz, a member of the Ruby on Rails core team and Rails framework architect at Engine Yard, to get the inside story about what's in store for the new release and what's taking so long. Katz indicates that the release candidate (RC) for Rails 3 is coming soon.

Top-of-page

Most Americans Don't Know Net Connection Speed

Though many say they're happy with their Internet speeds, most don't actually know what they're supposed to be getting from their ISP.

Despite its early role in shaping the Internet, the U.S. consistently remains in the spotlight for having slower average broadband rates than a number of other countries. And with so many of the advanced Internet services thought to be coming soon requiring, ever-increasing amounts of bandwidth, it's little wonder that policymakers are studying how to tackle the problem of slow U.S. Internet access.

The issue, along with occasional complaints from users, has also prompted questions about whether most Americans are getting what they paid for from their broadband provider.

But as it turns out, most U.S. residents don't know how fast their Internet connection is, and thus far, many don't seem to mind. Datamation takes a look.

While most Americans are generally satisfied with their broadband service, four out of five don't know how fast their connection is, according to a new survey by the Federal Communications Commission.

That uncertainty adds to the confusion that already shrouds the FCC's efforts to obtain reliable data about the actual upload and download speeds ISPs deliver to subscribers, which can vary significantly from the advertised rates.

Top-of-page

Wordpress 3 Jazzes Up Open Source Content Management

Wordpress, one of the most popular blogging applications, is out this week with a major update. Wordpress 3.0 includes 1,217 bug fixes and a long list of new features developed with the efforts of 218 contributors.

WordPress is available as an open source download that anyone can setup and install on their own server as well as on a hosted platform at WordPress.com. According to Google (NASDAQ: GOOG), WordPress.com is the 12th most visited site in the world, with 120 million unique visitors in April.

With the WordPress 3.0 release, the open source effort is continuing to move beyond its basic blogging system and is now including more content-management capabilities. Among the biggest changes in WordPress 3.0 is the addition of multisite capability, allowing users to deploy a single WordPress installation across multiple sites, though there are some limitations.

The multisite capability is not enabled by default and requires users to manually edit the "wp-config.php" file to start the feature. Multisite is also restricted to providing site addresses within the main domain of the site in which WordPress 3 is installed.

The WordPress codex help system notes that users will have a choice between subdomains (site1.example.com and site2.example.com) and Subdirectories (example.com/site1 and example.com/site2) for their multisite addresses.

From a management perspective, there is now a grand unified updater in WordPress 3.0, enabling users to do bulk updates for plugins and themes. In previous releases of WordPress, users had to manually update plugins and themes individually.

For the actual sites, WordPress 3 provides a number of new customization features, including the ability to display custom background and header images. From a site-navigation perspective, there are also new custom menu features. Users can now create a navigation menu that includes links to a category, page, post or external URL.

With the new Custom Post type, users can also move beyond the traditional WordPress taxonomy of blog posts and content pages. A WordPress 3 installation can now have any type of navigation naming, than taking it beyond a basic blogging platform and bringing it more in step with a traditional content management system.

WordPress founder Matt Mullenweg noted in a blog post that the immediate focus moving forward is not a WordPress 3.1 release. Instead, the WordPress development team is now going to try to improve things around the broader user experience of WordPress.

"The growth of the community has been breathtaking, including over 10.3 million downloads of version 2.9, but so much of our effort has been focused on the core software it hasn't left much time for anything else," Mullenweg wrote.

Mullenweg added that development efforts will look at improving the theme and plugin directories, forum and mailing lists, among other items.

"The goal of the teams isn't going to be to make things perfect all at once, just better than they are today," Mullenweg wrote. "We think this investment of time will give us a much stronger infrastructure to grow WordPress.org for the many tens of millions of users that will join us during the 3.X release cycle."

Top-of-page

MongoDB Delivers NoSQL Flexibility and Scalability to Developers

One of the most popular open source NoSQL solutions is MongoDB, a solution which was released only last year yet is already seeing widespread adoption within enterprises such as github, The New York Times, and etsy. MongoDB stores data using a data structure which is "schemaless."

The rise of MongoDB and the NoSQL database in general has promoted a radical new approach to data management, which is already replacing the use of relational databases in surprising places. NoSQL is a generic term for a database that does away with the notion of a formally defined schema and instead relies upon some other management approach such as a key-value store. These alternative approaches strive to provide developers with levels of flexibility, availability, and scalability not easily attainable using traditional relational databases.

Already in production use within mammoth online enterprises such as Amazon.com (Dynamo), Facebook (see Cassandra), and Google (see BigTable), the NoSQL movement is playing a major role in the operation of today's Web, let alone the Web of tomorrow.

Top-of-page

Solid Growth Seen for Health Care IT Sector

Key contributor to revenue growth will be the government's push to electronically store patients' medical records.

It's a time of big changes for the health care industry as it transitions from paper-based antiquated record-keeping to digital storage of patient's records as well as administrative and other medical-related information.

Some of the biggest names in technology, including Google (NASDAQ: GOOG), IBM (NYSE: IBM) and Microsoft (NASDAQ:MSFT), have introduced and continue to develop solutions designed to make medical records more accessible to patient's during their hospital visits and more portable as they change providers.

CIO Update reports on why the latest revenue projections for health care IT look strong.

Businesses selling hardware, software and IT services to the health care sector will be in great fiscal shape for the next four to five years, according to technology consulting and analytics provider Compass Intelligence.

The latest data predicts total health care IT revenue will eclipse $73.1 billion this year and grow at a compound annual growth rate (CAGR) of 4.5 percent a year in the next five years, bringing total IT spending by hospitals, doctor's offices, medical centers and health care organizations to more than $85 billion by 2014.

Top-of-page

Previous

Next