Invasion of privacy online

I know I’m not the only one having trouble with the rapidly increasing assault on my privacy while I use the Internet. It’s getting downright creepy.

A couple of weeks ago I was looking at a weekender bag on Roots. The next day it was featured in an ad on another site I was browsing.

“Hey look – there’s the bag I want!” I said. “That’s so funny it’s in an ad!”

A few days later it wasn’t very funny anymore. The Roots bag began to stalk me as I moved from site to site, regardless of the site I was on. It got to the point where I really didn’t want the bag anymore because it was so popular and over-exposed.

Of course, that wasn’t really the case at all. Roots had left a little script behind on my own computer in the first place. This “cookie” continued to neatly insert the image of the bag at every opportunity it could find over the next few days. They obviously weren’t going to let me forget about it.

I soon noticed my Facebook ads were getting rather pointed as well. A certain (ahem) health product I had been researching began popping up in numerous guises – and from a variety of companies – in the right side column. I assured myself that of course no one else knew the topic of my search – unless they happened to use my computer. But tonight while on Facebook I noticed the names of two people I do know, who must have clicked on an Ikea ad in Facebook. Or perhaps they visited www.ikea.ca and picked up a third-party cookie (scripts placed on other websites to track your browsing information).

No offense to Cate and Brian, but I really don’t want to know that! I don’t want ANYONE to know if I visited Ikea, and I don’t want to know who else did!

It’s not that there’s anything wrong with Ikea, and I’ve long ago given up the idea of personal privacy in many aspects of my life. There’s just something very doppelganger about these little scripts tip-toeing around after me and other people I know, and waving to everyone else to announce everything we do. It’s… weird. It’s also completely relentless.

Recently a friend posted an article from the San Francisco Chronicle about social reader apps. It outlines how Facebook’s idea of “frictionless sharing” has grown. “No activity is too big or too small to share,” Facebook claims. I guess that includes my search for a small nameless health product. (Heck – wait a minute – you’ve probably already know what it was!)

And the whole thing is utterly pervasive. The Washington Post Social Reader gets your name, profile picture, gender, user ID, friends list, the networks you’ve joined and anything you’ve posted publicly. Under the default setting, it can also post every article you read through the app, the people you’ve “liked” and more. Yahoo’s social reader gets most of that, plus your e-mail address, birthday and permission to post the videos you watch. Google has dedicated itself to capturing every site you visit and letting your friends know if you “plussed” it. In 2011, Google Buzz drew criticism for violating user privacy because it automatically allowed Gmail users’ contacts to view their other contacts. In February this year, Google announced it will now combine user data across all of its services – including search, Gmail, YouTube, Google+ and Google Docs.

How can these companies proceed as if nothing is wrong?! A post on Venture Beat confirms the worst: One in every 10 US consumers has now been victimized by identity theft. Online public data can be used to predict the full 9-digit social security numbers of nearly 5 million people. More than 900,000 sites employ Facebook “Like” buttons, feeding yet more information directly into Facebook. Both Google and Facebook are currently facing 20 years of privacy audits, but they keep rolling out information I really don’t want to know, and show no signs of slowing down.

I digress. I am currently online at a news site that is displaying ads for malware, dog heartworm medicine and bicycle panniers – all topics I’ve researched in the past couple of days. While it is heartening to know that Google slowly “fades” cookies from its history of me over two or three weeks, I have a feeling this says more about Google not wanting to get too bunged up with data about my searches than it does about giving me some breathing room.

Logging off here.

Malware: Case of a Malicious URL

Last week I was showing a site to a client when my spam blocker, Avast, opened the red warning window shown below.

The original client has a beautiful website that showcases her artwork. A couple of years ago we created a WordPress blog as an add-on to the basic html site. She was on her way to a residency in Europe and blogged about her work for several months. Although the blog is no longer active in the sense that she continues to add to it, it is a valuable photo archive and journal of her experiences.

It was surprising to us that she had been hacked since the blog is not active at this time. Some searching through the source code soon led us to the answer. The blog section of her site had acquired a patch of javascript that had been inserted by a wandering bot into the source code near the top. This javascript re-directed anyone who connected to her blog to go instead to a spam site. This type of “malware” directs visitors elsewhere when you type the URL or click on a link to an URL.

The javascript code itself was not contagious from one site to another, and my own Avast program recognized it as malware, as did the Norton anti-virus program of the other visitor. But the loud alarm and red flag of the spam blocker would doubtless scare off anyone from further exploring her blog. We quickly removed the offending code and her site is back to normal.

This type of “infection” generally occurs when you don’t have the most recent version of WordPress. WordPress updates its own platform on a regular basis and there are pros and cons to updating it yourself – see our earlier article on WordPress updates. Talk to your developer on a regular basis and ask him or her to check your current version of WordPress and see if any updates are recommended. Although we encourage all clients to let us perform a major update once a year, there is a strong case for updating sooner. WordPress is the platform on which your entire site rests. It is constantly releasing new versions to patch security leaks in earlier versions. If you don’t perform major updates on a regular basis, you are leaving your site wide open to this kind of nasty behaviour. And if you don’t host with a company that does regular backups, you risk losing everything if a more aggressive attack gets through.

Facebook facts March 2012

Map of Facebook usage world-wide in late 2010. The numbers have almost doubled since that time.

1 in every 13 people on earth is on Facebook
http://www.youtube.com/watch?v=68VP0wxyGsQ

1 out of 5 views of all web pages is a Facebook page.
http://www.thesocialmediatoday.com/facebook-2012-some-interesting-facts-infographics/

51% of Canadians are on Facebook.
http://www.socialbakers.com/facebook-statistics/canada

71% of American are on Facebook
http://www.drewsmarketingminute.com/2011/03/facebook-user-statistics-infographic.html

70% of Facebook users are from outside the United States
http://www.youtube.com/watch?v=68VP0wxyGsQ

The majority of all content on Facebook is created by only 20% of all Facebook users.
http://www.jeffkorhan.com/2012/02/facebook-facts-business.html

Facebook plays a role in 1 out of 5 divorces.
http://www.baselinemag.com/c/a/Intelligence/25-Fast-Facts-on-Facebook-764721/

The average Facebook user has 130 friends
http://www.youtube.com/watch?v=68VP0wxyGsQ

One in 10 pets had its own Facebook page by July last year.
http://www.telegraph.co.uk/technology/social-media/8633183/One-in-ten-pets-is-on-Facebook.html

A Facebook link is added to 10,000 new websites every day.
http://www.youtube.com/watch?v=68VP0wxyGsQ

Facebook can be more addictive than cigarettes or alcohol
http://i2mag.com/facebook-addiction-disorder-new-social-disease-that-bites-many-other-every-second/

With over 800 million users, Facebook is the third largest country in the world.
http://ansonalex.com/infographics/12-interesting-computer-facts-for-2012-infographic/

The Facebook population is three times that of the United States.
http://mashable.com/2012/01/10/facebook-profile-safety/

Facebook is a prime target for cybercrime.
http://mashable.com/2012/01/10/facebook-profile-safety/

You can be #1 on Google – Myth #2

YOU CAN BE #1 ON GOOGLE.

Maybe. A very, very, very remote maybe. And it is definitely not something that anyone can promise you. Here’s how it works.

If someone types a search term into Google and if a match for that term is found on your site, Google will continue to scan your site and evaluate more than 200 factors in less than a second.

These factors can include:
– who links to you
– what their status is (ie if a university or bank links to your site, their link will be more valuable than a link from a small company site)
– who you link to and how relevant their own content is to your content
– how long your site has been online
– if it has been sufficiently optimized with meta data for search engines during the entire time it has been online
– how much traffic your site gets compared to other sites with the same search term
– if your content contains a complex enough mix of key words and phrases
– if you have at least 250 words of content on each page, the text is not repeated elsewhere, and the phrasing is original
– if your content is completely original and can’t be found on any other site (Google can tell in a split second)
– if your site has a large number of pages with a mix of information, pictures and tables (Google likes a mix)
– if the search phrase is used a sufficient number of times throughout your website but not TOO many times
– if Google can find verification codes, xml sitemaps and analytics for your site (these are missing on most sites, which will give you an advantage if they’re done right)

And these are only 12 of 200 other factors that Google weighs in relation to the content of your site. Many are unknown and never revealed. It’s even more staggering to think that this happens in less than a second.

While Google is forming an impression of your site, they are simultaneously scanning hundreds of thousands of other sites containing the same search term for the same 200 factors – and deciding where you fit in comparison to the other sites.

Their findings are further filtered through the searcher’s geographic location. Companies with sites closest to the visitor will be displayed first. The findings are also filtered by the searcher’s own previous searches, site visits and the sites their friends and coworkers have visited (the latter depending on the masses of history Google has been collecting about their online activities for years).

Finally you have your ranking in the list. Will you come up on page one if you are high in the ranking? Probably not… the first page of Google results only has 15 places. The first 3-10 are usually a combination of paid ads and Google Places listings. Which means that the chances of your site showing in the remaining spaces on the first page – called “organic” results – were just cut in half for most search terms.

Companies that guarantee results on page 1 of Google generally use link-mining methods that Google does not approve of. “Guaranteed SEO” people sell monthly accounts. You pay them to create hundreds of back links to your site every month (link farming), which can sometimes work to temporarily put you on page 1. But Google will gradually drop your site in their ranking – or remove it – and the back links will have to be re-submitted. Which means you’ll be paying for the same work over and over.

What does a web developer do all day?

A client commented a few weeks ago that I am “way into my work”, which is probably true. I’m holding a lot of stuff in my head at once.

Some people might think that web developers build one site at a time. That would be so nice. But that absolutely does not ever happen. There are normal, regular delays in our work flow as we wait for client approvals or materials. And the average day involves juggling a wide variety of tasks and issues as we work on very different kinds of problems.

I like to start the day by getting all the little things done first. If you’ve sent me a small request to add or remove some content, I’ll probably do that first. Next come the status reports as I talk to Jr. and Sr. Tech about our current projects. We have a quick consult to decide what we’ll each be doing, then separate for a while.

Today I didn’t have any clients come over because it’s Friday. I try to keep the day clear because there are usually a lot of small jobs to be finished up for the weekend. This morning I started with a couple of phone call “meetings”. The first was a review of a brand new site for a small school in downtown Vancouver that we finished two days ago. Normally I like to present the results in person but we’ve been working on this particular site without meeting the client. The client and I went through each page on the phone while I made notes of the additions and revisions. I left him with a to-do list of things to send me by email, then updated our work schedule for the day as well as his invoice, and sent him a copy. Since I was into the Invoice folder, I sent out a couple of others while I was there, and wrote a couple of reminder emails.

The second phone call came from a long-standing client, a wonderful man with a great sense of humour. He likes to send the text and photos for his company’s blog and have me assemble them. I’d been receiving content from him all week and had organized it into folders. There were a lot of images but he had nicely zipped them up for us. We discussed the next three blog posts, then I spent a couple of hours creating the first one and sending it to him for his approval. I worked in Photoshop to size theimages, then created new pages in Dreamweaver, and added and edited and tested the copy. One of the blogs was about a recent auction at the Vancouver Art Gallery. It was a good read with beautiful photos. Meanwhile Sr. Tech was working on an online shop he’s added to a site, and answering the other phone.

After finishing up the post, I answered a few more emails then made an apologetic phone call to some realtors who came to see us last week. Their real estate website was originally built using a ready-made WordPress theme. It had gone through a great deal of additional modifications, including some plugins for real estate sites, and there were some problems with it. The dilemma now facing us was whether to push forward (because the site was very workable in most ways) or not to push forward (because we were bound to run into more snags picking up where the other developer had left off). We spent a lot of extra time trying to come to a decision and finally had to recommend a new build instead.

At this point I discovered some of the pictures I made yesterday for an online colouring book were “leaking”. This website has been a long-term project for an annual festival in Vancouver that hopefully will launch in the next two weeks. We’ve been adding fun widgets and games to the site to make it entertaining and to build excitement for the June event. It looks like I didn’t completely “close” some of the lines in the colouring images, so when an area was “painted” with colour, it flooded the adjacent section. Back to Photoshop to open the offending images, close the lines, crunch them through the software we bought to make the colouring program, and upload them again.

Time to check with Sr. Tech about the sites he’s working on. He’s been fielding requests from new clients so we go over the issues and concerns and make some decisions. We’ve launched a new site for a Zen Buddhist retreat in Pennsylvania this week, and a few questions have come back about the slide show I built on Wednesday. I work on this until we’re happy with it, then it’s time for my lunch time bike ride. It’s raining heavily and miserable, so we opt for some take-out sushi instead.

After lunch I review a small job for a folk band who would like to add a WordPress guestbook plugin, have us update their menu to include the new Guestbook for their visitors to sign, and add a bright green “star” shape linking to the guestbook from the homepage. Unfortunately the star image has to be uploaded through the back end and the link has to be hard-coded to the guest page URL. Meanwhile, the guestbook needs to match a sample site they sent. After spending some time identifying a couple of plugins that look good, I make the star and put the plugins aside to discuss with the others.

Next I tackled the search engine optimization on a site we built for an author. It needed a couple more hours of work to complete. I worked hand in hand with Google ad word tools to identify suitable phrases and add them to the code, then loaded an XML site map.

As I was finishing, I took a phone call from someone who needs to configure her email client to receive emails sent via the server for her site. Unfortunately we don’t actually do this work, although we will type out the information and send it to her. After being “blamed” several times for problems that were out of our control, we had to make the hard decision that we won’t help anyone install software or configure emails or register for a host. (Having said that, Sr. Tech is opening a can of worms again by offering hosting through Kits Media. He has gone to a great deal of trouble to set this up and is patiently waiting for me to create a nice interface for it.)

Next came a series of emails back and forth with a client who is thinking about compressing some of the videos uploaded earlier to their financial company’s website. We discussed using an Adobe compressor and building a Flash player, or loading them to Youtube and grabbing the embed code. After checking their Google Analytics, I discovered that only 6% of their clients are using an iPhone or iPad (which doesn’t display Flash), so their market demographics are not a problem. I recommended the Youtube solution however because she’ll be able upload and compress more videos in the future, and I can show her how to grab the embed code and add them to her pages. This is working out well because we re-built this site last year so she can manage a lot of their own updates. I spend some time on Youtube to create a ghost account, upload the videos and make them private, so only I can find them or get the embed code.

Suddenly an avalanche of emails – it’s Preview time. Every two months since 1989 I’ve written 10 or 12 art reviews of local shows for a small gallery magazine. I start making folders to receive all the emails and images that will come in the next 24 hours.

Hard on the heels of the gallery information comes a late afternoon email from an accountant client. His site is also ready to go live and he’s spent the week reviewing the pages. His email has a list of changes which I read over and let him know I’ll start working on them. His review is extremely detailed and organized. It consists mostly of text replacements with a couple of PDF links. Lovely! It looks like we can get him online and looking good by Monday. I sort out the tasks to be done and get started on it.

Now it’s time for a stretch, a cup of tea, and a quick review of what we need to do next. TGIF!