websense

Hopefully you’ve been wondering where I’ve been for the last few weeks. As you are probably aware there was a global cyber attack a few weeks ago and millions of sites were affected.

Apparently some evil folks with not enough to keep them occupied found ways to put malicious code onto literally millions of websites. For the most part, this code was spammers trying creative ways to get links to their products or services (to mainly reputable sites whose owners have apparently employed more black hat SEOs – You’d think they’d learn after the whole Overstock/JC Penny fiasco). So, TKG has taken opportunity to greatly improve network security and believe that we have eliminated the threat entirely (at least for us and our clients).

(The following is from the email TKG sent out to clients, letting them know the steps we had taken.)
Here are the steps we’ve taken to ramp up security: (Warning: what follows is a bunch of geek-speak. For those not fluent in “geek,” the short version is that we did a bunch of stuff to make our websites much more secure):
• Put more stringent restrictions on FTP access to the server resources
• Tightened security on “open source” site management (WordPress, Joomla, XCART, OSCommerce)
• Implemented site-by-site security screens for current sites
• Performed file system audits to ensure file access is reduced to it’s most common operational denominator
• Performed data audits to ensure sensitive data is not being maintained on our database system
• Implemented server side application firewalls that evaluate and eliminate known threats
• Changed procedures for incoming site transfers to include audits on all of the above (TKG created sites were already secure)

The TKG blogs, being WordPress blogs, were among the sites affected. And as we say so often around here, TKG’s sites and blogs are like the cobbler’s children – they wait to get new “shoes” until after all client work has been taken care of.

WordPress has holes in it’s programming, and if you know how to work around the programming, you can spam the living daylights out of a blog with Trackbacks and spammy comments. When we got Websense and the other blogs back up, they were immediately SLAMMED with tons of spam – some of which was not family friendly, if you know what I mean. So, we took the blogs down again, added some of our own tweaks to “harden” the blogs and now we should be back in action!

Glad to be back! What have you been up to?

The following comes from an article found on Law.com – it pertains to a court case that is vitally relevant to my business, as well as clients of TKG. I wish I could post the whole article, because I feel that it is written better than I could, to make sure the legal aspects are represented – but I’ll give it my best shot. To read the entire article (which I recommend), I have provided a link:

http://www.law.com/jsp/cc/PubArticleCC.jsp?id=1202486373422&Web_Host_Liable_for_Contributory_Infringement
Sheri Qualters All Articles
The National Law Journal

So here’s the basic rundown: A web hosting and SEO firm in South Carolina called Bright Builders hosts a site and provides SEO services for a counterfeit golf club company. The fake golf club company openly states on it’s site that they make and sell the best fake Cleveland Golf clubs on the internet. Cleveland Golf gets wind of this and sues. Judge decides a verdict against Bright Builders (the web hosting company) to the tune of $770,750!!!!!!! The fake golf club guys get a jury return of a mere $28,250 statutory damages verdict.

A lawyer (Finnerty) in the case maintains that hosting a web site is the same as being a landlord –
“A Web-hosting company’s obligation is similar to that of a landlord’s, he said. A landlord doesn’t have the obligation to act as an investigator against his tenants to find out they are doing anything illegal, but once they knew or should have known, they have to act,” Finnerty said. “How is that any different online?”

Basically stating that a Web hosting company has a minimal obligation to know what they are hosting, as a landlord has a minimal obligation to know whom he is renting an apartment. If the hosting company or SEO provider discovers something remiss, or flat out illegal, they are obliged to report it.

I guess that’s just basic common sense. I don’t know that I want to get hit with a monetary judgment because I wasn’t aware of what a client had on a Web site TKG is hosting or does SEO for. I think for the most part, we are fairly familiar with all of our clients and would notice something going on. In this particular case, it was clear and obvious that Bright Builders knew what was up, and just didn’t do anything about it. TKG has always upheld the highest Web standards, and hopefully, this would never be an issue. That being said, we host hundreds of Web sites, and a few are just hosted here, we haven’t touched them other than to host.

As law catches up to technology, we’re going to see more and more of these cases. Judges are going to have to try and use existing law as a precedent, as in the landlord example. Or they are going to be setting landmark precedents. Hopefully, these types of cases will be decided justly, and won’t impinge on the freedom of the Web.

What are your thoughts on this case? Do you think the hosting company should have been liable for damages, or do you think it’s a crock? I think I am in the middle on this one. If they were aware of the situation, then yeah, they are liable, but I don’t see how they are more liable than the actual site owners. That one baffles me a little. What say you?

The LinkedIn Blog announced a new feature this week called “LinkedIn Today”- an industry specific news feed based on what your connections are reading.

It’s a pretty cool idea, and can probably help you get the news that is relevant to you. The way it works is fairly obvious, the news stories shared the most often by your connections, coworkers and peers will be presented to you in an industry specific. If you follow more than one industry, as many would want to, clients’ industries, others that affect your business, etc. then the top five news stories that affect the industries you follow will be highlighted.

From the LinkedIn Blog, “By following industries, you can get the relevant news on your Front Page and in the top navigation. We’ll also send you a weekly email of the top industry headlines across all of the industries you follow. And, no matter how many industries you follow, we will only send you one news email per week.”

They also have apps for your phone of course. If you are pretty busy, and don’t want to wade through all the regular news to try and get the industry specific news you are looking for, this could be a beneficial tool. Aren’t we getting lazy? Too many clicks through a news site, just pipe the news I want right to me and forget the rest! In any case, you can do just that now, on your LinkedIn profile. Kinda cool, sort of a one stop for the business community, which I am sure is the whole point.

I think LinkedIn is a great tool. I think this could make it even more useful, unless it clutters up a good thing. We’ll see how it pans out.
If you want to read more about it, check out the LinkedIn Blog post, or watch the video below, originally posted on the LinkedIn Blog.

My heart goes out to all those who lost a loved one in Japan this weekend, and our thoughts and prayers are with the survivors.
Hopefully the radiation from the nuclear plant will not have an ill affect, and the clean up process will go quickly. God be with you, Japan.

In light of the devastating effects of this earthquake and tsunami, many people would like to make donations to help out. Amazingly, there are already scammers making calls and taking donations. Please, if you want to donate to help the people of Japan, call yourself, or go to a trusted site. Don’t make a donation to anyone who calls you on the phone, and be very careful when using a website. Be sure you are actually in the right place, these scammers like to change the spelling of the url very slightly so that you don’t notice, and make a nice little donation to them, rather than your intended recipient.

In an effort to be helpful, here are a couple of organizations taking donations – these places are legit.
Catholic Charities
Mercy Corps

Please keep the people of Japan in your prayers. They are in for a long haul – it’s not going to be easy.

A new Apple program for small business is about to be launched. I think it’s not getting much press because of the release of the iPad2, but this is worth mentioning to the many small business owners out there who need to upgrade their computer equipment. This program is for small business owners who are upgrading equipment, or purchasing a new Mac. The program is a service contract. For $500 a year for up to 5 machines, and $99 for each additional machine, “The program has an Apple store work with businesses to set up all new Macs within “24 hours,” will move any data from a previous computer to your new Mac and also install any software purchased through Apple.”
Read more: http://smallbusiness.foxbusiness.com/technology-web/2011/03/08/apple-launches-joint-venture-program-small-business/#ixzz1GGsgAqkD

This is a great idea, and I really think it will serve the small business community well. We’ve often had clients who want a website, and in the process of developing the site and teaching them how to use it, we discover that computers and technical stuff just aren’t their forte. This would be a perfect fit, and really, a great price for this type of service. For the small business owner that doesn’t have a need to keep an IT staff, or can’t afford to, this is a great option.
If you want to read more about it, check out the link above, or visit your local Apple store.