Foundstone, a subsidiary of McAffe publishes software called SiteDigger. The publishers describes it’s purpose:
SiteDigger 2.0 searches Google’s cache to look for vulnerabilities, errors, configuration issues, proprietary information, and interesting security nuggets on web sites.
The package is free for the download and all you need is a Google API key to run it. Obviously, if you’re responsible for any web site, the first thing you’re going to do is download this thing and run it against your site. The first thing you’re going to do if you’re trying to break into a site is download this tool and run it against a site you want to hit. I’m not sure which side the makers of this software fall, especially after seeing that they describe exploits as "nuggets," a word usually associated with gold and something traded in by prospectors for currency.
The release and publicity of such a tool brings up an interesting ethical conundrum. If the software gets into the wrong hands, it could actually assist someone in breaking into a site. If it’s used by those responsible for security, it could help secure a site by pointing out holes that may have been overlooked.
I would be remiss if I didn’t pile on to the hubub about Amazon’s new Yellow Pages search over on the A9 site. John Battelle’s got the scoop on how it was put together.
In short, Manber and co. (urged on by Jeff Bezos, who Manber says was "very involved") strapped GPS-enabled digital video camera-cum-terabyte server rigs to the top of a bunch of SUVs, then drove them around the commercial areas of major US metropolitan areas, recording what then became composite still pictures of entire cities, one address at a time. A9 took more than 20 million images of 14 million+ businesses across ten cities (more are coming soon), then created a local search application they call Block View.
Of course I see other benefits as well for my friends and family overseas. Wondering what Telegraph Avenue in Berkeley looks like these days? Take a stroll starting at Amoeba Records and click on the image to scroll either up towards the University or down towards Ashby. Notice Amazon still need to get photos of the other side of the street so you can’t see Moe’s yet but the listing tells you it’s still there.
It was a big weekend for Tyler. He finally got the hang of riding his bicycle without training wheels. If you look closely at the picture to the left, you can see that both training wheels are off the ground. He was besides himself when he started to get rolling – laughing to himself like a crazy man, “I’m doing it! I’m doing it!” He quickly got the hang of it and now realizes that the faster he goes, the easier it is to balance. He zips up and down the block like a demon on wheels and I can no longer keep up just by running. Looks like we’ll be riding together more often!
I was up in Napa for two days at the New Communications Forum, a conference about bloggers for PR professionals. While up there I learned from someone that the place to go is not the French Laundry ("overrated") but the Greystone which is the West Coast campus for the Culinary Institute of America.
One of these days I’ll organize my life so I can actually try these places rather than eat over-poached fish and oily salmon at a conference luncheon!
Ok. Last post about the NewComm conference. Andy Lark, formally a VP of Marketing at Sun, is now out on his own as a speaker, evangelist, and consultant for firms that are looking for someone to help them with their blogging strategy.
Shameless plug: Andy is on TypePad on an account that he started while still at Sun. Sun has their own blogging infrastructure so when chided by Sun execs for not having his blog running on a Sun product, he shot back that what he wrote on his blog was his and he wanted to have the right to take the content (and more importantly, the domain, links, and comments) with him when if he ever left Sun.
Andy gave an inspirational talk about the benefits of blogging for corporations, particularly those in charge of interpreting the corporate voice for the public (that would be Public Relations). The best summary of his talk that I could find (I’m sure there will be more in the coming days) was by Jeremy Wright.
UPDATE: You can download a copy of his 82-slide presentation here.
Just got back from two days at the New Communications Forum which was an interesting mix of old hand bloggers meeting with PR professionals to talk about the impact of blogging on the art of Public Relations. Lots of interest as everyone understands the potential of this new medium but we all realize that we’re grasping for a way to measure it in a way that it maps to the usual methods of getting the word out.
The Kryptonite/Bic pen scandal cost the company $10 million in just 10 days because they had to replace over 100,000 locks. That’s almost half of their $25 million annual sales.
stripes and checks don’t mix (inside joke with Stowe Boyd)
"blogerrific" – an new adjective coined by Tom Foremski to describe something that’s been improved with either RSS or blogging technology, i.e. the new, improved C|Net that now accepts Trackbacks.
"The days when you could control the message are over. Now the best you can hope to do is influence the conversation," says Shel Holtz. I would add, this is why companies need to participate in the blogosphere with an active blog. If a person runs into a room at a party going full tilt, they are not going to have a hard time getting anyone to listen to them if they just stand at the transom shouting. They need to mingle and get to know people first.
the concept of "darkspots" on corporate websites. FedEx has one – it’s a blank area reserved on their top page for where they might put a tab to announce updates on a labor dispute that might impact shipping schedules. The area is kept free so that the tab can be put in place at a moments notice without disrupting the layout and design of the page.
it’s always great to see your company’s product being used in realtime to update the conference’s web site
My favorite take away from the two days is Elizabeth Albrycht’s snappy answer to the "What’s the ROI on blogging," question. Nail down and measure the "Investment" so that you can properly frame and measure the "Return." If someone is investing time into posting a company blog, think of the time they are saving by not having to call or email everyone individually to maintain that a connection. Think also of all the new conversations that get started as a result of that post.
ROI is going to be a hot topic as blogging gets evaluated as a tool for the corporation. What the industry needs is a new metric by which influence can be measured over time as corporate blogs are launched – it’s not page views, it’s not quite RSS subscribers either – we need a way to measure topic "buzz" and site "authority" – there’s a business opportunity there for someone.
No lie here, click the screen shot on the left – the 12th most popular RSS feed on My Yahoo is Taquitos.net
Let’s see, Techbargins.com. . . check, CNET News.com, ok, that seems right. Wired News, yes, I’ll take that. Braingle brain teasers – yep that might be fun . . . and – Taquitos.net? It’s even more popular than the NYT Business section! Either the geeks or the MyYahoo readers are eating way too many Doritos!
I consider myself pretty culturally sensitive but this one’s too good to pass up. At a local Cambodian restaurant which we frequent I spotted this poster up on the wall. This is absolutely no comment on the quality of their food nor what it may do to you as you digest it but one has to wonder the reaction of English-speaking tourists in Cambodia when asked if they want to view the “Krap Dance”
I’m here at the New Communications Forum conference up in Napa, now in the second session on "Corporate Blogging" and so far Bob Lutz’s General Motors Blog, Fast Lane has been mentioned at least five times as a blog that’s been done right and an example to study and follow.
– it has an authoritative yet human voice. Bob Lutz is the Vice Chairman of General Motors speaking directly to his customers. – comments and trackbacks are enabled. – it has an RSS feed – it runs on Movable Type