If you have been following the story of AT&T being hacked, you are aware of how a hacker group known as Goatse Security (GS) was able to retrieve 114,000 iPad users’ emails via a security exploit. After reading of the latest news I felt compelled to share my comments on the story, possibly just as a way to vent on my frustrations of the entire issue.

The Good

There were many positive aspects to the developing story on both ends.

• GS let A&T know of the exploit, giving them a chance to fix the issue.
• GS only informed the plugin after AT&T has patched the issue.
• GS only informed a single journalist.
• The issue has been fixed.
• Despite them raiding the group leader’s house for this (the bad), they did allegedly find drugs including cocaine, ecstasy, LSD, and schedule 2 and 3 pharmaceuticals in addition to some other terrible discriminatory beliefs.

The Bad

Also known as “The Frustrating”…

• GS should not have released the exploit to the public until AT&T had done so. Regardless of how long AT&T delayed letting it become known most corporations have a lot of red tape so it takes a while to get anything moving.
• That said, AT&T should have let everyone know of the issue at least a day or two after, not a week.
• As far as I can tell, the only felony charges agains the leader of the hacker group is for drug possession. It is frustrating that he was even raided, because this was a white-hat hacker and not someone using the emails for malicious purposes (despite what AT&T said).
• AT&T receives help from a hacker group and then turns around and defames them, yet in doing so also gives them more publicity.
• GS should not try to play the “patriotism” card because that just makes you seem guilty.

Comment

There are burdensome issues on both ends. Despite society becoming more and more in the cloud and accepting technology as a necessity for the future of business, people still think “hacker” is an expletive. Actually a hacker by definition is simply a programmer that likes to code and tinker away with technology (commonly confused with a “cracker”). In this case it seems more like AT&T is just trying to pass blame and make it seem like the exploit was something created by the Goatse, instead of simply being discovered.

As always, a few bad apples give the entire industry a bad name. But I feel like this is not an instance that should be the case. I feel like for the most part Goatse did the generally “right” thing, yet AT&T rebutted with an atom bomb. Maybe one day we’ll all be able to get along…a day when maybe corporations will give hacker groups incentives (monetary and publicity) for discovering issues like these, instead of jail time.

Oh, and the Ugly

I was appalled to see a tweet promoting purchasing Twitter followers the other day. There are a few sites out there that I won’t even link to because I don’t even want to give them the publicity. Laides and gentlemen, this type of product is the newest generation of “Snake Oil”. It is just another business with poor ethics looking to take your money and provide little-to-no value in return.

The allure is that you can go from 0 followers to 5,000 followers overnight which will make you look “legit” so other people follow you. As with everything in society, we’re looking for that quick fix that will solve all of our problems. Be warned however, that this completely negates the concept of Twitter. Twitter is about having a voice that can be heard by people all over the world. For businesses it provides an avenue for getting the word out to your loyal customers quickly and efficiently. So why not pay to have 5,000 people follow you instantly?

They’re Not Real People

Think about where they get these thousands of people from. If you have a new product, what could possibly be done to have 5,000 people instantly start following you? The answer is nothing - it is not possible. Simply put these followers are either (a) a group of people that are paid to follow whoever the company asks them to, or (b) fake accounts. In fact I wouldn’t be surprised if these accounts even had more than a dozen tweets. And if you attempt to direct message one of the accounts, you may be waiting until your business is in the ground before you receive a reply.

You’re Not Building Your Brand

Great, now you have a few thousand followers that care nothing of your product. So instead of 100 loyal customers following you, you have a few thousand followers that really don’t even know anything about your business. You are tweeting upon deaf ears. Large successful corporations were not built overnight so don’t expect your company to just jump into social marketing all of a sudden, have be a powerhouse in the twittersphere.

Twitter is about communicating with those who care. Sharing ideas and concepts, promoting interesting products and sites, or finding similarly interested parties that you may be able to learn from. It is not just some bulletin board that you throw up a message about “great new product for $19.99” and wait for everyone to start throwing money at you. It is about gaining the trust of real followers that have followed you because they share an interest in your company or cause.

A Better Way to Spend Your Money

Instead of paying $200 for a number that has no significance, give that $200 to a Web developer that can add a box to your home page to list your recent tweets. Upgrade your blog to include some social media icons. Set up a Facebook page or something to that effect. Or donate it to a cause so that your customers learn that you actually care about things other than money and profits.

You simply cannot buy customer loyalty. You never could and you never will be able to. So please think twice before falling victim to one of these schemes that preys upon customers by using technical jargon and buzz words to make you think “I need this service if we are to be successful”.

• Internet Explorer 6 finally nearing extinction http://bit.ly/906Bqw #

Internet Explorer is a four-letter word in any Web developer’s dictionary. Between the sluggishness, CSS compatibility issues, and lack for JavaScript development tools the beloved Microsfot Web browser has give us quite the headache. With the upcoming release of IE9 many of us hoped for a product from Microsoft that would mimic our other favorite browsers giving us the peace of mind to develop for one unified environment and not worry about quirks, conditional comments and other hacks. But alas, we will have to keep hoping.

According to Freeciv.net, IE9 will not support HTML5’s best features at all - no canvas element, embedded video/audio, CSS3, storage or geolocation. In fact it sounds like IE9 is more of an IE8.1.

IE9 Platform Preview Results

I was tired of reading the compatibility results of others’ IE9 browsers and looking at them as piece-meal so I went ahead and installed IE9 in a VM and included my results from html5test.com below. As expected: barely any support.

How Lack of Standards Compatibility Affects Us All

Increased Cost

Lagging browser standards means you either have to use older technology (Flash instead of embedded video) or write dedicated code for alternative browsers. Using older technology is usually not as efficient and can take more time to develop. More code equals more cost. Also the quality-assurance process will take longer since it is another browser version without full support to test against.

Decreased Developer Moral

When you can’t use new technology such as HTML5 on a client project because you have to support IE you become frustrated and decide, “I will learn HTML5 when IE supports it since my clients will require IE support anyway”. This statement makes sense to many people since the reality is that you could learn something that you can use today (like a new library or framework) and wait until you are able to leverage HTML5 technology on all projects. But in the meantime you have to listen to everyone talk about how wonderful HTML5/CSS3 is on their projects where they do not require support for IE.

A Longer Wait for Client HTML5 Acceptance

People are still using IE6 even though it is no longer supported by many major Web sites. If IE10 is to fully support HTML5 we may be long into 2012 before we can comfortably develop sites fully in HTML5 without dedicated IE fixes. Yes, we can surely educate our clients about browser statistics and that most people use Firefox now, but you can’t completely ignore 30% of the browser market share.

Conclusion

So just as we were all getting excited about using our HTML5 skills in the next client project it looks like we’ll have to table that hope for another time. I’m pretty disappointed IE9 won’t support just about everything that is exciting about HTML5 and CSS3, so I’ll just continue promoting Google Chrome in the meantime.

Anytime a new trend catches on malicious attackers are sure to be close by, mimicking the trend to capture unsuspecting users. Now that the Facebook “Like” Button is popping up on more sites around the internet, phishing attacks are going to start popping up here and there. How would Like Button Phishing work? Click “Read the rest” to see an example…

Click here to read more »

• Google rolls out encrypted Web search option http://bit.ly/94HKr0 #
• Google's Font API allows you to embed non-standard fonts - for FREE! http://bit.ly/9jjU1h #

With a backlash in the community against Facebook’s never ending privacy issues, one group of developers has decided to put their foot down and create an open-source decentralized Facebook alternative, Diaspora.

Diaspora promises to deliver a self-hosted social networking system that gives you full control of your privacy settings and content delivery without putting your trust in a for-profit corporation like Facebook. Many are excited with the concept as being able to host your own software gives you a piece of mind in many ways, and also allows you to decide what, and when, anything changes on the site.

What They Have Going for Them

• Funding of over $200k (their initial startup goal was $10k).
• A huge backing in the community already (including the BBC, New York Times and Gizmodo).
• Making the application open-source was extremely wise.
• Their project mission is “less evil” than Zuckerberg/Facebook. They have an attitude of more control, decentralization and are more focused on returning control to the end-user and not just using your information for financial gains.
• Watch their introduction video. They are obviously not video producers and are not wasting money on appearing like some type of corporate conglomerate. I love their transparency in the project and their goals.

Hurdles to Overcome

• Some users on Facebook will not see any benefit in paying for your own hosting for a product they “already have”. Diaspora did mention there will be a free hosted service similar to WordPress.com, but I think there will be some difficulty in getting this group of Facebook users to start over on a new service.
• eWeek poses some great arguments as to why people won’t leave Facebook.
• The decision to use Ruby/Rails. Right now the number of Ruby/Rails Web hosts are not as countless as shared PHP hosts. Also there are not as many Ruby developers as PHP developers in the open-source community. Regardless, I don’t think this will be a major factor, but I can’t see as many people contributing to the project as a PHP-based project like WordPress.

Hitting Home

Anybody that knows me is aware of my disdain for Mark Zuckerberg (Facebook co-founder). His background is extremely unethical including hacking competitor sites, using Facebook passwords to log in to users’ email accounts, and a slew of questionable privacy policy changes. Can you imagine if Steve Jobs (Apple) or Eric E. Schmidt (Google) were to do this? Despite these pending felony charges we continue to use/support Zuckerberg’s product (myself included) because a formidable alternative simply doesn’t exist. And if you want to be anyone in the community, you need to have a strong social network.

So when I heard of Diaspora it really peaked my interest. I completely agree with the idea that publication of personal information should be decentralized and controlled by the individual. I with the Diaspora developers the best of luck, and will be sure to get a build installed and running as soon as it is available.

• Embed fonts on a web page without Flash - http://bit.ly/9VJAsy #
• Very humorous web design / development comic - http://bit.ly/aP7HRm #

• White House Releases Open Source Drupal Code http://bit.ly/ao65xi #

• Web users spend 69% of their time viewing the left half of a page http://bit.ly/9vQ2lp #