Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - BoL

Pages: [1] 2 3 4
1
Traffic / History of Search Engines Posts
« on: June 05, 2018, 10:00:01 AM »
Plenty of you I'm sure have read those mega long blog posts that cover the general timeline of search engine evolution, I remember reading some but never bothered to bookmark or remember who wrote them, they just seemed cool to read at the time. They tended to be written by SEOs who'd seen the day to day news and gradual changes implemented.

I'm interested in one that covers the general timeline of engines, mainly Google and how the real estate for organic has shrank, and how privacy has been eroded.

It'll be used by someone whose relatively inexperienced that can muster some context and facts from those articles

Do you recall any good ones (in the context of they covered the points you felt were most important)? Might need to check the wayback machine if it's older but relevant.


2
Web Development / Language Detection / Template Extraction
« on: May 18, 2018, 08:54:59 PM »
I'm in need of two tools or at least some inspiration for best practice

1st is detecting languages used on web page, as some tests show that lang attributes are accurate 80% of the time, so something more robust that actually looks at the content. I'm aware of a technique that looks at two-three character combos which apparently works well, also perhaps popular words from each language. Anyone seen an implementation (with code or explanation) that works well?

2nd is somewhat related, evaluating 1 or more web pages from a domain and being able to detect the main content area of a page. Seen anything that claims to work well (code or explanation would be great)

3
Quote
In an official statement Thursday, the European Commission announced it will cancel all 300,000 domains under the .eu top-level domain that have a UK registrant, following Britain's eventual departure from the European Union

https://www.theregister.co.uk/2018/03/29/eu_dumps_300000_ukowned_domains_into_brexit_bin/

So hopefully there's no UK registrants of .EU domains with a prominent domain...

Best comment:
Quote
It's adi.eu to all that, then?

4
Water Cooler / Google's shortfalls laid bare
« on: December 20, 2016, 07:31:28 PM »
http://www.bbc.co.uk/news/technology-38379453

Quote
Google has said it is "thinking deeply" about ways to improve search, after criticism over how some results - including ones discussing the Holocaust - were ranked.



If they'd stuck to showing 10 blue links and ads maybe it wouldn't be so bad...

5
Water Cooler / Distributed Card Hacking
« on: December 05, 2016, 08:56:25 PM »
http://www.bbc.co.uk/news/technology-38207974

Quote
Starting with just the first six digits of a card, the system guessed the remaining details and tried the combinations on many sites at the same time.

Sounds pretty clever, basically they are exploiting validation much in the same way messages about "wrong username" or "wrong password" instead of "wrong username or password" messages divulge TMI for login data.

From the paper linked to in the article

Quote
Moreover, if  individual merchants we re  trying to improve their security by  adding more payment fields  to  be verified on their site , they  potentia lly  inadvertently weaken the whole  system by creating an opportunity to guess the value  of another  field , as  explained later in the article

Quote
vulnerabilities described in this article apply to cards that do not enforce centralised checks across transactions from different sites. Our experiments were conducted using Visa and MasterCard only. Whereas MasterCard’s centralised network detects the guessing attack after fewer than 10 attempts (even when those attempts were distributed across multi ple websites) , Visa ’s payment ecosystem does not prevent the attack ( see Section VI. D ). Because Visa is the most popular payment network in the world, the discovered vulnerabilities greatly affect the entire global online payments system.

Quote
Guessing an expiry date takes at most 60 attempts(banks typically issue cards that are valid for up to 60 months), and subsequently,guessing the 3-digit CVV2 takes fewer than 1,000 attempts. Hence, expiry date and CVV2 are guaranteed to be obtained within 60 + 1,000 = 1,060 guesses.

Paper: http://eprint.ncl.ac.uk/file_store/production/230123/19180242-D02E-47AC-BDB3-73C22D6E1FDB.pdf

6
http://www.geek.com/microsoft/guy-tricks-windows-tech-support-scammers-into-installing-ransomware-1665967/

Quote
Ivan Kwiatkowski knows plenty about how these shenanigans go down, and unfortunately for the would-be scammer on the other end of the remote connection he also knows a fair bit about social malware. Kwiatkowski played along, allowing a scammer named Dileep to connect to his virtual machine — which he’d intentionally left vulnerable —  and played dumb while various DOS commands were run to make him think his machine was riddled with malware.

7
Web Development / WebHostingTalk Hacked
« on: July 09, 2016, 11:33:48 AM »
Their database for sale, I don't think they've announced this anywhere yet.

http://www.webhostingtalk.com/showthread.php?t=1584028&p=9726227#post9726227

Since we're all experienced here I'm sure we'd have used different passwords there if signed up already ;)

From the offer:
Quote
On TheRealDeal website, a vendor with a solid reputation is offering the Mac-Forums database for ~$775.00, which includes 291,214 accounts.

The Hot Scripts database, with more than a million users, is currently going for ~$1,900.00.

The Web Hosting Talk database, with 498,321 users, is also available for ~$1,900.00.

8
Hardware & Technology / Update your webmin/virtualmin
« on: May 26, 2016, 11:18:55 AM »
Quote
There's a security bug in Authentic Theme shipped with Webmin devel versions 1.794 and 1.795; if you use any other theme, you're not vulnerable; and if you're running a non-devel version (1.790) you're not vulnerable. We'd audited Authentic for security issues before adding it to the default Webmin package a few months ago, but a new feature got added to the theme recently without proper code review.

https://www.lowendtalk.com/discussion/comment/1704132/#Comment_1704132

Since it's the kind of bug that could end up getting your entire server owned, best patch it if it applies to you.

Apparently it's being used in the wild and the devs have just been brought up to speed on it.

9
rm -rf

http://www.independent.co.uk/life-style/gadgets-and-tech/news/man-accidentally-deletes-his-entire-company-with-one-line-of-bad-code-a6984256.html

The beauty/horror of it is he was using something called Ansible, which is used as an extra layer in managing multiple servers. Not so convenient when it deletes absolutely everything on all your servers!

11
Hardware & Technology / Namecheap's "Move your domain day"
« on: February 03, 2016, 12:26:48 AM »
https://www.namecheap.com/campaigns/2016/mydd.aspx

I believe the tl;dr is "transfer your domain for $3.98", limit of 50 domains... though they're headlining it as donating some of the proceeds to the EFF.

12
http://siliconprairienews.com/2015/11/par-acquired-by-gosocial-for-12-million/

Quote
Global social media marketing company GoSocial has acquired PAR Program for $12 million. PAR Program was founded by Jeremy “ShoeMoney” Schoemaker in late 2012. This is Schoemaker’s 4th company sale in the last 7 years.

Unfortunately, no pictures in the article.

13
Hardware & Technology / IPv6
« on: October 14, 2015, 05:59:00 PM »
Are your sites/software configured for IPv6 yet?

https://www.google.com/intl/en/ipv6/statistics.html

In the past couple of months ARIN had ran out of IPv4 addresses to allocate, and maybe/not they will reclaim ranges from people not using them.

I've never paid much attention to configuring things with IPv6 in mind, but really should.

I think by default Apache/nginx will listen on port 80 for both IP versions.

15
Water Cooler / Google automation gone wrong
« on: June 30, 2015, 11:10:27 PM »
Tags a dark-skinned couple as 'gorillas' with its image recogniition algo
http://arstechnica.co.uk/business/2015/06/google-dev-apologizes-after-photos-app-tags-black-people-as-gorillas/

Bit of a faux pas for their ideology surely! It reminded me of how they've failed continuously with 'social'.

Pages: [1] 2 3 4