Search Engine Optimization and Marketing for E-commerce

Google vs. China: Lax security led to hacks

by Andrew Kagan 14. January 2010 03:12

As more information was released into the nature of the attacks by Chinese cyberwarriors against U.S. companies, the "smoking email" appears to be lax security procedures on the part of Google, but more importantly on the part of the companies that were successfully attacked (only two are known at this time).

Google quietly started forcing all access to Gmail to be rerouted over secure (SSL) connections it became apparent that Gmail accounts were compromised in order to discover users' corporate account information. As is all too often with webmail accounts, users fail to realize that the entire contents of an email viewed over webmail is easy to intercept at any point ("hop") between the webmailserver and the client. The convenience of webmail far outweighs the security concerns...until now. For the record, most corporate webmail systems, e.g. Outlook Web Access, use secure communications between the server and client for this reason.

Encrypted connections between the Gmail server and client would provide a much higher level of protecting the data in the emails, but it takes a performance toll on Gmail servers that Google probably wanted to avoid. Gmail users had the option of securing communications between them and Gmail's servers, but few took advantage of it.

Of greater concern is the actual cyber attacks, which used a vulnerability in Adobe Reader (the "zero day" vulnerability) to embed a trojan in a PDF, which when downloaded to a user's computer was activated when the PDF was scanned by Windows' Indexing Service. Apparently this vulnerability was used to compromise corporate computers, leading to the security breaches cited recently. Google admitted that at least 32 companies had been attacked...but likely the numbers are much higher.

But the tragedy here is that the vulnerability was announced 9 months ago, prompting both Microsoft and Adobe to release security patches shortly thereafter. It is likely that the companies were attacked more recently, having left these vulnerabilities unpatched, as is so often the case...pity the IT directors who will soon be posting their resumes on Linked In.



Google's Chinese Human Rights accounts hacked, blame hackers

by Andrew Kagan 12. January 2010 16:43

Google reported an attack tonite against accounts of known human rights activists in China, and said that in response to these attacks, it would close down it's chinese-language portal. Tellingly, Google claimed the accounts were not hacked due to any inherent weakness in it's website, but rather the break-ins were achieved through phishing attacks that led to Gmail accounts being compromised through key-capture or other methods on the Gmail-user's computers.

Google's taking a political stance to what is likely Chinese-government censorship and manipulation is telling in and of itself, in light of the Obama Administration's recent deference to, and dissing by, the Chinese gov't in terms of trade relationships and environmental issues.

Is Google picking up the mantle of defending the free dissemination of information throughout the world via the internet? Or does this boil down to a trade dispute over access fees and censorship in the Chinese market? It remains to be seen.


Google Caffeine close to launch

by Andrew Kagan 10. January 2010 10:24

Google's new search indexing algorithms, colloquially referred to as "Caffeine", are slowly being rolled out to Google's datacenters around the world. This is causing sudden shifts in SERP rank and much anxiety among SEOs. Over the past 6 months, Google had been testing the new search engine over the past 6 months, but it seems to be rolling it out in earnest since January 6.

Not Your Cup of Tea?

According Matt Cutts of Google, Caffeine is a complete rewrite of much of Google's indexing system, in an effort to make it more responsive and more accurate. It will better incorporate results from more real-time sources such as facebook and Twitter, but it will also perform more filtering of duplicative content to make the first page results more meaningful. 

Without delving too far into the semantics of Matt Cutts' blog...he did say that he "went off caffeine" for the month of December...should we read into that statement? 

Preliminary keyword tests have shown that the results can differ significantly from existing rankings, leaving SEOs scratching their heads on how to respond. But this early "Google Dance" should settle down and allow for better SEO assessments, and hopefully marginalize certain greyhad techniques that are still somewhat effective at beating the SERP algorithms.


Beware the perils of Google's Cache!

by Andrew Kagan 5. January 2010 10:57's bad enough being hacked, but having it rubbed in your face on Google is never fun. One of our favorite long-time Google-sitemap-building tools,, with 1st position in SERPs for "sitemap builder", apparently was hacked by Silent...and while the site has been repaired (somewhat), Google is still caching the hacked meta data and returning it in search results:


This illustrates how security and search rank go hand-in-hand...the better your SEO, the more damage can occur to your brand through a security breach.

What to do if you're hacked!

The fastest way to repair this damage would be to force an update of the sitemap using Webmaster Tools, and use the "Remove URL" request in Webmaster Tools to request the cache be updated (see below):

Google's Webmaster Tools is your friend in this case, and removal requests are read by a human, so the damage can hopefully be minimized if caught early enough.


Hacks | Security

Google's Halloween Easter Egg

by Andrew Kagan 31. October 2009 09:43

The ever-changing Google homepage logo took a sweet turn on Halloween, starting off with the last "e" being replaced by a piece of wrapped candy. Subsequent clicks on the logo revealed the following progression, from the logo spelled out in candy, to a whole lot of candy, and finally to a tummy-ache's worth of candy.



Word of the Day: Fritter

by Andrew Kagan 15. October 2009 11:11

SPPro's word of the day: Fritter
Pronunciation: \ˈfri-tər\
Function: noun
corporate tweeting seeking to promote products or services while masquerading as pithy communication
Example: Pepsi's fritter sought to convince tweens its new lo-cal cola is a hip alternative mini-Cokes.



2012 contest was hacked

by Andrew Kagan 12. October 2009 14:14

The new armageddon film by Roland Emmerich "2012" opens tomorrow, and they've been running a Flash-based promotional game on the dedicated website To win the game you need to answer about 20 questions in a given time period, and your winning score will be added to a leader board. The game allowed you post your score to Facebook. Having successfully navigated the game in a respectable 1 minute and 4 seconds, I went to the leaderboard to compare my score with others. Here's the current leaderboard:

It would be pretty much impossible to post a time of less than 20 seconds, so my guess is "RSV" found a way to bypass the Flash interface and post answers using the known set of questions (it looks like there are about 50 questions in all). If anyone figured out the hack I'd love to hear about it.



Yahoo officially rejects use of META Keywords tag

by Andrew Kagan 10. October 2009 11:00

Following up on Google's announcement a few weeks ago that it gave zero relevance to the META Keywords tag in it's search engine rankings, #2 SE Yahoo announced at SMX East this past week in NYC that it, too, gave no relevance to this deprecated tag.
Of the three major search engine databases, only Inktomi (which was purchased by Yahoo in 2002) had continued to use this META tag in it's search rankings, although it's relevance was vastly diminished over time. 
In an open Q&A session during the conference, Cris Pierry, senior director of search at Yahoo, announced that support for the META Keywords tag in Yahoo's search engine in fact had ended several months ago.
Google has always maintained that it never supported the keywords tag, but made the official announcement recently to dispel lingering rumors about it. AltaVista officially dropped support of the tag in 2002.
Besides Yahoo, the Inktomi engine had provided ranking to MSN, AOL and others over the years. Microsoft shifted to it's own Bing search engine earlier this year, and the #3 search provider has already announced that it grants no relevance to the keywords tag.
Still, many SEO's are clinging to the belief that somewhere out there the keywords tag may still have relevance, but to expend any effort on using this tag is just a waste of time at this point, and a waste of client money that could be better spent on multivariate testing of pages to improve search engine rank.
Another argument defending use of keywords is that it provides additional keyword variant matching that might not be incorporated into the content of the page...but this argument fails if the META data is disregarded entirely. A better approach would be to identify the keyword variants with greatest value and incorporate them into the page content...this is completely white-hat and when written properly will boost the relevance of the page.

Tags: , , , , ,


It's official...Google Ignores the Keywords META Tag

by Andrew Kagan 21. September 2009 11:31

Google officially announced today that it does not use the META Keywords tag at all in its search rankings. While it certainly did use this META tag earlier in the search engine wars 5-10 years ago, the tag has lost all relevance (to Google) because of rampant spamming and abuse of this tag.

The META Keywords tag was part of the "essential" hidden META data that search engines originally relied on when indexing pages. It provided a shortcut repository in which to list all the search words a webmaster felt were relevant to the webpage they appeared on. Like all META data, the keywords were embedded in the HEAD area of the webpage and were invisible to everyone except the search engines themselves.

META Keywords had significant value before search engines had the capacity to read, parse and index the entire content of every page they visited. For a time, it was believed that properly crafted keywords added to the overall relevance and ranking of a page, when they were in close agreement with the page content itself, but Google is slamming the door on that notion moving forward.

Google hastened to clarify that not all META data is "bad" or "ignored", and took pains to remind everyone that they still use the "Description" META tag in search results, when it is the best content summary of the page itself. A good META description is still very important to SEO, because when properly written and displayed in search results, it provides additional information to the user that may influence their likelihood of clicking through on a link. Without this description, you are leaving it up to the search engine to try to find the sentence that best synopsizes the page, and the results are usually poor when this happens.

So, from the horse's mouth, don't bother with the Keywords META tag, and focus your SEO skills on the Description tag instead.



Server Location matters for TLD and Local placement (Google)

by Andrew Kagan 8. June 2009 08:14

Google's Matt Cutts posted a video reply recently on whether a server's physical location affects search does!

Matt pointed out that in the early days of Google (ca. 2000) the only locational reference used was the TLD (top-level domain) of a website, so if your URL ended in ".FR" then it was assumed your website was franco-centric and would be more relevant than a website ending in ".UK". 

The explosion of TLDs of late makes it harder to pinpoint relevance based on URL, so Google is also using the IP address (and parent NetBlock) of the server to identify it's a server located in France will receive more weight for french queries than a server located elsewhere. How much this contributes to overall rank is debatable, but likely it's more important for local search results.

So if you have a web presence in multiple countries, it might make sense to locate servers locally to your markets...certainly it might improve the latency of queries (although again, it would depend on the ISP). There are also IPPs that offer hosting on multiple netblocks in specific territories to achieve the same effect.

Tags: , , ,


Powered by BlogEngine.NET
Theme by Mads Kristensen updated by Search Partner Pro