SitePoint Podcast #22: Bing’s Boondoggles

Episode 22 of The SitePoint Podcast is now available! This week your hosts are Stephan Segraves (@ssegraves), Brad Williams (@williamsba) and Kevin Yank (@sentience).

Listen in your Browser

Play this episode directly in your browser! Just click the orange “play” button below:

Download this Episode

You can also download this episode as a standalone MP3 file. Here’s the link:

Subscribe to the Podcast

The SitePoint Podcast is on iTunes! Add the SitePoint Podcast to your iTunes player. Or, if you don’t use iTunes, you can subscribe to the feed directly.

Episode Summary

Here are the topics covered in this episode:

1-800-FLOWERS on FaceBook

PayPal Outage Affects the Web

Criminal Prosecution over P2P.com Domain Theft

Microsoft to Take Over Yahoo! Search

Host Spotlights:

Show Transcript

Kevin: The SitePoint Podcast episode 22, for Friday, August 7th, 2009: “Bing’s Boondoggles”.

Kevin: Hi, there and welcome back to the SitePoint Podcast – news, opinion, and fresh thinking for web developers and designers. I’m your host, Kevin Yank coming to you from SitePoint headquarters in Melbourne, Australia and I’m joined by my panel of co-hosts.

Brad: Brad Williams from WebDevStudios.

Patrick: Patrick O’Keefe of the iFroggy Network.

Stephan: And Stephan Segraves from Houston, Texas.

Kevin: It’s time once again for the SitePoint podcast and this week we’re without Patrick. Patrick is traveling. His jet-setting lifestyle keeps us without him this week but Brad and Stephan as usual joining me.

In this episode we’ll be talking about the PayPal outage that affected much of the Web in the past week, a first prosecution under criminal charges for domain name theft, and finally, the deal everyone is talking about, the Microsoft-Yahoo! search deal but first, this episode, we have Facebook.

Stephan: 1-800-Flowers.com has put an application into Facebook that accepts credit cards and delivers flowers, I guess. They teamed up with an app developer named Alvenda, and they’ve created an application within Facebook to take flower orders within Facebook.

Kevin: This developer is famous for doing Facebook apps, is that…

Stephan: I think that’s correct, yeah; I haven’t really looked into him but that’s, from the brief look at their web site, yeah, they’re big Facebook apps.

Kevin: So rather than going to 1-800-Flowers.com to order flowers for your loved one, you can just do it inside Facebook. You don’t have to leave the walled garden, which has bushes full of flowers I assume these days.

Stephan: It’s hard not to laugh, right?

Kevin: So, it’s looking like Facebook is becoming a web within the Web. As much as possible, you don’t have to leave Facebook to do anything on the web. I assume they decided they could sell more flowers this way. I suppose instead of buying virtual flowers on Facebook, you can buy the real thing now.

Brad: I can really see this taken off. I think a lot ecommerce sites are going to start looking at 1-800-Flowers is doing and start asking their IT department why they’re not doing?

Kevin: Right.

Brad: Why they’re not offering their items up for sale on Facebook?

Kevin: It certainly – you have to go for those mainstream products for now I think. I can’t imagine SitePoint opening a bookstore within Facebook in the very near future. It’s a strange, strange thing but, yeah look, it’s got to make sense for them.

Stephan: If the back end is focused in one general place then I guess it’s okay but it just seems there’s too much to keep up with now, right? We’ve kind of gone this natural progression of – we’ve gotten rid of the phone number, 1-800-Flowers, you don’t call anymore. You go to 1-800-Flowers.com and now you go to Facebook to go to 1-800-Flowers.com. It’s like, when you go to 1-800-Flowers.com now are you going to have another web site within in to go to Facebook. I don’t know, at what point do we stop?

Kevin: I’m trying to figure out what the Facebook short URL for this is. Yeah, it’s facebook.com/1800flowers. They’ve taken the dashes out of it now.

Brad: Yeah, a cool application I could see this maybe morphing into is if you were able to maybe somehow suggest products to your friends and say, “hey, look at this basket of flowers. I thought you might like it,” and then they could take that recommendation and purchase it. I could see it kind of evolving in that. I think this is – it’s very early on that web sites are starting to do this, but I could easily see this evolving until this completely hooks into the entire social graph and allows you to kind of share your products throughout your friends, through recommendations and feedback.

Kevin: Clearly it’s a land grab because when they had their phone number, they were one of, I assume, many places you could call to get flowers delivered and so then they moved to the Web because they were cutting edge, and if you were a web user, they became, for a short time, maybe the only well-known place you could go online for flowers and now that market is getting crowded so they move into Facebook, and now they’re the only real flower retailer on Facebook. So it seems like 1-800-Flowers.com is not about competing on the grounds of having the best flowers, it’s about competing on the grounds of being the only ones in a particular space offering flowers. So it’s convenience that they’re competing on.

Stephan: Yeah, I think you’re absolutely right and they’re going after the crowd that hangs out on Facebook all the time. I never get on Facebook really anymore so this service is useless to me but I know people that can spend hours a day on it and so maybe this is useful, I don’t know.

Kevin: Well, there are 2371 fans on Facebook who I guess think this is a good thing. That’s how many fans 1-800-Flowers have on Facebook.

Thinking from a user perspective, what makes people happy to work within a walled garden like Facebook I suppose are the built-in services that come with it. When you’re on Facebook, everything you do is connected to the people you know, is within an interface that you’re familiar with. If the Web had been designed with those facilities, those conveniences from day one, Facebook and sites like it probably would not have had a business and we now see Open Standards trying to catch up on these fronts. You see open standards like OpenID coming along trying to bring features like having your social graph with you everywhere, having one login to take with you everywhere, these conveniences that you can get today within Facebook, the standards are trying to catch up so that you have them everywhere you go on the Web and if this is successful then eventually, the Facebooks of the world will become obsolete and they’ll have to evolve to provide the next level of convenience that the raw Web can’t provide.

It’s is easy to scoff at this but I think 1-800-Flowers is making a smart move. I’m not sure I would recommend them as the best flower outlet on the Web. It probably just be the only one on Facebook right now. So ladies – or gentlemen – if you receive a bouquet of flowers with 1-800-Flowers sticker on it, just realize that the people who got it for you cared more about convenience than about the quality of the flowers you’re receiving.

Stephan: It brings up a good question though, because if you surf for 1-800-Flowers on Facebook, you get “1-800-Flowers Sucks” as the group.

Kevin: Oh, that’s good.

Stephan: So where does this go because how do you control how your search results are in Facebook? So at least a whole different set of issues, right?

Kevin: Yeah, that’s the Web baby.

Stephan: So yeah, I’m going off on a tangent, here…

Kevin: You have the problem with Google, I guess.

Stephan: Yeah.

Kevin: Speaking of conveniences that we’ve gotten used to, PayPal had a big outage this week, right Brad?

Brad: Yeah, PayPal had a nice epic fail earlier in the week and they actually had a site and API-wide outage. From all the reports I’ve read, it looks like it lasted about an hour, even though initial reports were saying two hours, but the PayPal.com and their entire payment processing API were dead in the water which essentially means any web site that accepted PayPal as the form of payment would no longer allow that because the PayPal API was dead, which is obviously a huge, very, very big black eye for eBay, which is the owner, parent company of PayPal. But now the real question is, is eBay liable for the lost sales that happened during that hour or two hours of outage that they had.

Kevin: Well, I know SitePoint would have been affected by this. We were all asleep at the time here in Australia, so we did not see this happening real time, but yeah, we would have lost some sales overnight.

Stephan: How do brick and mortar stores when their credit card processors go out, do they hold the processor liable for this, does anyone know?

Kevin: I don’t think so. I think they just apologize and take cash for an hour so. I definitely…

Brad: Or I think they can also call and do the transaction over the phone with the processing company.

Stephan: Gotcha. So it would be a little harder in this case.

Brad: Yeah, in this case, and it’s also probably hard exactly how much was lost. You can obviously track how many people landed on your page, but how do you know how many of those people would actually have clicked that final ‘send payment’ button or whatever it may have been. I’m sure they can estimate they think they might have been lost but I think the exact amount is probably going be near impossible.

Kevin: Right. How long has it been since you guys have seen one of those when you go to a shop, and either it’s an old shop or they don’t have a phone line and they bring out the big imprint machine and they clonk it down on the desk and they take an imprint of your credit card.

Brad: I don’t even want to pay after I see one of those things. Having my credit card information actually on a piece of paper underneath someone’s counter is a little bit scary, these days.

Kevin: Well, I suppose the digital equivalent would be if PayPal outages or payment system outages online were a regular thing, people would design their ecommerce services so that they would check if the service is up and if it wasn’t, they would do the equivalent of taking an imprint, which I guess would be taking your credit card details and storing them on the merchant’s server rather than immediately passing them on to the credit card provider which is usually what is required when you get a merchant account online. I’m not sure I’d be happy with that. I know a lot of people wouldn’t.

Stephan: No, that’s was like, it’s a big no-no. I don’t want to be liable for people’s credit card information. If they track it back to me that someone hacked my server, I’m responsible for whatever charges happened on their card. I don’t want that.

Brad: It’s possible to do that and I actually think that’s how Amazon works; when you put an order at the Amazon, it accepts your order and then emails you an hour later saying it was successfully placed or whatever. The problem with doing that with PayPal is that web sites at no point ask for your PayPal information. If you run an ecommerce site, you don’t ask for the user’s PayPal username and password, you redirect them to PayPal.com and they provide it directly to PayPal, which is a little different from a credit card transaction. So there is actually, there would be no way to do an offline PayPal payment; they would have to come back at a later date and send that payment in.

Kevin: You know, these outages for the hour that they’re going on, people get really upset and they make grand statements that they’re going to start a class action suit to reclaim the lost funds but as soon as it passes, it seems to be business as usual very quickly. Do you think anything will come out of this?

Brad: I would doubt it. I think you’re right, when it first happens in the heat of the storm, everyone is up in arms about it but then it does blow over. Like I said, I think it’s really going to be hard for them to be able to determine what was lost on a per web site basis. I think they could estimate it but I don’t think they could have a solid number and without an actual solid number, what are they to do? So I can’t imagine anything would come out of it.

Stephan: I’m interested to know how many web sites failed gracefully.

Kevin: Yeah, exactly. If this was a regular thing, we would be designing our web sites to fail gracefully in a case like this. Maybe you can’t take their credit card details but you could take their order and then once PayPal comes back up, send them an email saying click here to pay for that order.

Stephan: Yeah, or you call them or you email them saying here’s a link to complete your order, please… we apologize for the inconvenience… or something. I’m interested in how many web sites would have done that and worked up to the point of purchase.

Kevin: Our next story has to do with a domain name theft. Certainly not the first domain name theft that’s taken place on the web. Reading this story, you’d think one happens every day, but this is the first one that’s made it into a criminal court case in the US.

In a great, big story at DomainNameNews.com, you can read the whole history of this case in which P2P.com – and let’s be clear, it’s not the site but the domain name – as far as I can tell, a site has not existed under this domain name at least for the past few years. I was poking around in the Web Archive a bit to see if a web site of interest had ever existed on this domain but as usual, the Web Archive was a little slow and I wasn’t able to get that answer but it looks like this once belonged to a company called Port to Print, Inc. and was sold in 2005 to some domain name investors; people who buy domains at hopefully a cheap price and then when a market exists for that name, they then sell it for a much higher price. So that was bought in 2005, and somewhere between then and now, was stolen out of their GoDaddy.com account and resold on eBay. And apparently, this is something that happens quite a bit. According to the story, the highest profile case of domain name theft was the domain Sex.com which was stolen and never recovered as far as I could tell and criminal case never brought to bear on that situation. But this time things are different, right?

Stephan: It’s kind of good to know though. I don’t really even know where to stand on this because it brings in a question, if you’re legitimately doing this, how hard is it for someone to make a legal claim against you? If you’re legally trading a domain or something, and someone steps in and says I own that or something, and there’s no paper trail, then how hard is it for them to have a real argument against it.

Kevin: Yeah, there are several gray areas here. I think this is pretty cut and dry at this point. There is evidence that the domain was in one GoDaddy account and was transferred to another and that the target account that it was transferred into was held in either the account or the whois information that was associated with it was a fake name. It was the first name of the guy who stole it or who allegedly stole it and his wife’s maiden name – so it was held in a fake name – and this guy who did the stealing was implicated in several other domain name theft cases, which apparently GoDaddy was aware of at least a week before the theft occurred. But GoDaddy have washed their hands of responsibility in this case because the way that the theft happened was that the thief broke into the GoDaddy account of the person who lost the domain. He got into the person’s AOL email account using, I assume, usual social engineering approaches to guessing a password and from there, was able to retrieve the password to the GoDaddy account and from there was able to transfer the domain. He also, in the process, decided to falsify some PayPal receipts going back and forth between his email account and the victim in the case that were sort of showing, if legitimate, these receipts would have indicated that the domain was transferred in a normal sale, but those documents have been shown to be fake now. It’s a huge story but what it comes down to for me, the question for me is, should GoDaddy be liable in a case where someone’s GoDaddy account is hacked into and then their domains are transferred to another GoDaddy account?

Brad: I don’t really think they should be. Ultimately, this boils down to the email account that was hacked and had the email account not been hacked, then he wouldn’t have been able to gain access to his GoDaddy account. It’s just like any other service; if someone would hack your email and gain access to, say, your Amazon account, they go on there and do a bunch of one-click purchases of some really large items, is it Amazon’s fault that they broke into your account from your email? I don’t think it should be, or I don’t think it would be.

Kevin: We have talked about password security in recent episodes and I think this just highlights that single point of failure that your email account can be that almost any web site that you have a password on will let you retrieve that password through your email address so if you only have one account that has a unique password, that has a strong password with letters and numbers and maybe even punctuation marks in it, it should be your email account and not only should your password be strong, but the security questions that some of these sites let you set up to retrieve your password if you forget it, you need to lie in the answers to those questions.

If it asks you your first pet’s name, make something up, because that’s information that someone might be able to get about you online, if they put their minds to it. Certainly, mother’s maiden name I’ve seen, father’s middle name – those kind of things, you really need to lie about them and have like these fictitious answers for those questions that just live in your head but are very memorable to you.

Stephan: Maybe we just need to get rid of that stuff and come up with a better way?

Kevin: Okay, any suggestions?

Stephan: No. I’m great at pointing out the problem, but no solutions.

Brad: What’s kind of odd about this is, I use GoDaddy for all my domain names and no matter what you do on GoDaddy, if you make an account change, any kind of change, they send you an email, to the email that’s on the domain. So I’m almost willing to bet that the original owner of P2P.com probably set up an email on that domain that he didn’t frequently check and he probably was emailed that this domain is being transferred to this other GoDaddy account. Since he didn’t check that email, he probably had no idea until it was too late.

Kevin: If that email went into the hacked AOL account, the attacker could just delete it immediately. But yeah, brr … messy, messy business. So the case was put to rest in New Jersey several years ago due to lack of evidence supposedly, and the victims in the case continued gathering evidence on their own building a civil case and then just this year, a new district attorney came in, in New Jersey, and resurrected that criminal case based on all of this new evidence that’s been found over the years. So the attacker – the thief in this case – was taken into custody, his computers seized, he’s now been released on a $60,000 bond but he is now facing criminal court. If you want to keep up with this story, certainly be sure to visit DomainNameNews.com and certainly if he’s found either innocent and guilty and we hear about it, we’ll let you know here on the podcast but finger’s crossed, this goes in a useful direction to the many people who lose domains that are a little less valuable than P2P.com.

Kevin: Just in the past week, Microsoft and Yahoo! announced that going forward, the Yahoo! search engine’s results will be powered entirely by Microsoft and the Microsoft Bing search engine and the ads that you see in the search engine will also be provided by Microsoft.

This has been a long time coming. The two companies have been backwards and forwarding for a while, it looked like Microsoft was going to buy Yahoo! outright, but now it seems that Microsoft is just going to take over their search engine. Really, this is how Google got its start. Before anyone knew about Google.com was displaying search results through someone else’s search engine, it might have been AOL, can anyone remember?

Stephan: I don’t remember. I think it was AOL.

Kevin: Well, for the sake of argument let’s say it was AOL. And the users of AOL got used to seeing the ‘Powered by Google’ logo at the bottom and eventually when Google launched it’s own site, they knew and trusted it and found it provided a slicker, simpler user interface for searches and everyone migrated and the rest as they say is history.

So has Bing set themselves up to be the next big search engine by taking over Yahoo!?

Stephan: Or is it just a death knell for Yahoo!?

Kevin: Hmmm… there is that.

Stephan: I don’t know. I’ve used Bing a few times now for like my normal searching during the day and it’s actually a pretty decent search engine. I don’t like the name. I don’t like the layout of the site but it comes back with some very relevant results so maybe it is, I will have to see where Google goes. I think Google has turned themselves into kind of a powerhouse as far as applications on the Web go.

Kevin: Yeah, well certainly, there are other things that Yahoo! does; Delicious and Flickr are ones that would probably be very familiar to our audience but they have a really popular finance web site. They have a lot of sort of media outlet sites that they linked to from the Yahoo! front page a lot and these sites tend to have masses of traffic to them and I guess, if they’re no longer having to compete in the search engine space, they may be able to reinvest what money they have left into these other services but I guess the Yahoo! brand has always, for many web users meant a search engine first and if they’re losing that, they’re going to have to figure out a way to redefine their brand.

Brad: It’s like an article said, Yahoo! is now a portal and there’s no ifs, ands, or buts about it, it’s not confused with a search engine at all. It’s an entertainment portal, especially the new AOL, minus the original content which is I don’t necessarily think a compliment.

Kevin: Well, speaking of Bing by the way, I just noticed when I was researching this story, their front page of Bing.com, it used to be just a search box and a pretty picture. It seems like they’ve started to put mouse overs on those pretty pictures. If you go to Bing.com and move your mouse around, you’ll see these little shaded boxes that pop up and give you bits of trivia about the picture. I actually find it kind of distracting. I guess if you wanted to go to a site and randomly read some stuff a pretty picture every day, Bing.com would be a good site to do that but this is supposed to be a search engine, people. I don’t want to go to my search engine wanting to search for something in a moment and be distracted by a little box, read it and then go, “Oh, what was it I was here to search for again? Oh, crap I’ve forgotten.”

This seems to be a step in the wrong direction. Like Google won because they had a distraction-free search box page, and already, it’s been less than six months since Bing has launched and they’re already falling prey to the temptation to add boondoggles to their homepage so they’re going to be distracting and annoying.

Stephan: So, does anyone know if people still use Yahoo! Mail? Does anyone out there still use Yahoo! Mail?

Kevin: Yahoo! Mail is huge. It is by far the most dominant of the web mail services. It has a much bigger user base than either Hotmail or Gmail.

Stephan: Okay, I was just wondering because it seems to me like that’s what Yahoo! has left besides the portal and that’s kind of like that is the last standing point for Yahoo! to make their final stand I guess.

Kevin: Right.

Brad: Maybe this frees up the resources they need to actually focus on taking that stuff to the next level as well…

Stephan: It could be.

Kevin: Exactly.

Brad: … messing around with search that they were obviously going to beat on for how many years.

Kevin: If Yahoo! had never been in the search business and they were just this company that had the dominant position in web based mail, that’s not a bad company, right?

Stephan: No.

Kevin: We wouldn’t think too badly of them if that’s what Yahoo! had been all along. According to the SitePoint story though, they had been spending $200,000,000 in search engine technology development cost every year. So that’s a bit of money freed up.

Stephan: What were they doing? Sending search monkeys to the moon?

Kevin: Well, one thing for developers is that Yahoo! had a really good search API. If you wanted to query search engine results from an application or from your web site, Yahoo! seem to provide actually one of, if not the best APIs to do that and so a lot of developers I think are going to be scrambling in the wake of this announcement because what does this mean for that API? I can only guess that the API will be supported going forward but the results that will be returning will be coming from Bing, which is not so bad but if the API does get decommissioned, there are going to be some developers that are inconvenienced.

Whether you’re a developer using their search API or you just rely on search engine traffic to get people to your site, this deal means that you should be taking a much harder look at Bing because as soon as Microsoft takes over providing search engine results to Yahoo!, they will be 30% of US search queries. If you can think of a browser like, say, Firefox that has managed to capture 30% roughly of browser use, you immediately take Firefox seriously when they have numbers like that and you start making sure that your site works in Firefox.

By the same token, whatever search engine optimization you do, I think now is the time to start taking Bing seriously and making sure that the optimization work you do not only gives good results on Google but also has you showing up fairly high on Bing.

Brad: I could just picture all the SEO experts kind of running around frantically trying to learn exactly how Bing works and indexes their sites now.

Kevin: Yeah. Exactly. Bing, it’s not all new; it’s been MSN search before that and I can imagine they probably did a bit of tweaking to their algorithms to launch Bing but really it’s been a while for a while but yeah, no one has had a reason to take them this seriously until today.

If you’re webmaster – and if you’re listening to this podcast I’d hope that you were – go to bing.com/toolbox because this is the Bing tool box web site that has – you can submit your new site to Bing so that it gets indexed if you don’t have any links from anywhere else yet. Although, links from other places are pretty easy to come by these days. You just tweet about your new site and chances are the search engines will find it. You can submit your site, you can submit a site map and verify that your whole site is being indexed successfully and you can also get an API IDs so you can play with the new Bing 2.0 API. If your application relies on the Yahoo! API, that might be a wise move just in case that service gets shut down.

Will any of you guys be switching back to Yahoo! as a result of this?

Brad: No, not likely.

Kevin: Lke I said, I used Bing for a month after they launched just so that I could say I had done it and I had given it a fair shake but yeah, this home page change has become really distracting to me and I have had to switch back so for what that’s worth, take note.

Let’s bring the show to its usual ending these days, guys, with our host spotlights. Stephan, what have you got for us?

Stephan: I was looking up the broadband.gov initiative. I think it’s pretty interesting. If anyone has any interest in the FCC and the broadband movement in United States to bring out a national broadband plan. If you go to broadband.gov, they have workshops going on right now in DC where you can sit in and listen to different topics about broadband and what the plans are going forward. So if you really want to be informed and really want to learn more about it, definitely to the web site and check it out.

Kevin: Brad?

Brad: Yeah, my host spotlight this week is actually a bbPress theme project that is going on on the SitePoint Forums and it’s actually created and run by one of the mentors, Ryan Hellier.

For those of you not familiar, bbPress is basically an open source message board system and it’s developed by the same… or I should say started by the same company that also started WordPress. So it’s basically the WordPress version of a message board. And theme project is going on where the SitePoint community is going to all lend a hand in developing this new theme and it’s going to be not only design a UI look, but it’s also going to have some really cool functionality, almost like plug-in functionality behind the scenes attached to it. So it’s not just for design, there will also be some programming aspects. But I’ll have a link in show notes to take you right to the thread with all the project information.

Kevin: I was surprised just how ugly bbPress is.

Brad: Yeah, it’s not the prettiest. The default theme is fairly old too. The bbPress project has really ramped up over the past year and finally passed that version 1.0 mark earlier this year. So there’s been a lot more of a focus on it than in years past so it’s definitely growing and the user base is growing and it’s time to get some more themes out there for it, so this project is a great way to help that cause.

Kevin: Great. We forget how ugly WordPress used to be, then they had their big 2.0 re-skin and followed by another re-skin after that and it’s really looking gorgeous these days. I think the visual appeal of the backend sells a lot of people on WordPress these days and so having a really high quality theme for bbPress will hopefully make the same difference. It’s one of the few web forums these days that has sort of a modern front end code. I know the SitePoint forums are based on vBulletin and as a result, it’s one of the least standards compliant areas of sitepoint.com and there’s not a lot we can do about that as long as we’re on vBulletin.

So if standards compliant markup is important to you have the luxury of setting up a new forum and being able to choose your software, bbPress has that strength going for it.

Kevin: And my host spotlight this week is Sequel Pro and you can go to sequelpro.com. I think we’re used to spelling sequel, S-Q-L in this business but this is the full word, S-E-Q-U-E-LPRO.com. it’s a MySQL front end application for the Mac.

So if you’re used to using phpMyAdmin or something like that to administer your MySQL server on your web host or whatever it may be, Sequel Pro provides a much sleeker user interface for doing that, for building queries. As you edit complicated SQL query, it syntax-highlights that code, it auto completes keywords in SQL, as well as your database, table, and column names and provides a really nice interface for browsing both the structure and the content of you database server. And what’s really good is it’s completely free. This is open source GPL software for the Mac.

It’s gorgeous, as I mentioned, and the big thing for me is the next major version, which has a release candidate available now if you go to their blog, you can download the release candidate of the next version, the big feature for me is that it doesn’t require a direct connection to your MySQL server. It’s one thing to use one of these front ends on your development server when you have direct access to that server on your Intranet. To query you live server that’s on your hosting account, usually for security reasons, you can’t get a direct connection to that server, you need to shell in to your web host and then connect to MySQL. And so the next version of Sequel Pro will be able to do what’s called SSH tunneling, which means it will be able to log in to your hosting shell account transparently and connect to your MySQL server there. So it’ll provide this beautiful front end transparently, even to servers that are protected behind a shell account. So I really recommend it. Sequelpro.com.

Stephan: Have you tried Querious, Kevin?

Kevin: Querious, yeah it’s another one sort of in this area, I have not tried Querious.

Stephan: Yeah. I was just wondering. I use Sequel Pro as well and I’ve downloaded Qurius but haven’t used it yet, so I was just wondering.

Kevin: Yeah, if you’re looking for the best one, do check them both out but my pick this week is Sequel Pro.

So that brings our show to an end. Let’s go around the table, guys.

Brad: I’m Brad Williams from webdevstudios.com and you can find me on Twitter @williamsba.

Stephan: And I’m Stephan Segraves and you can find me at @ssegraves on Twitter.

Kevin: And I’m Kevin Yank, you can find me @sentience on Twitter. Visit us at sitepoint.com/podcast to leave comments on this show and subscribe to receive every show automatically.

Email us at podcast@sitepoint.com with your questions and comments for us and we’ll read them out on the show and answer them. Also, be sure to let us know what you think of our weekly schedule with interviews every second week.

The SitePoint podcast is produced by Carl Longnecker and as always, I’m Kevin Yank. Thanks for listening. Buh-bye.

Thanks for listening! Feel free to let us know how we’re doing, or to continue the discussion, using the comments field below.

Free book: Jump Start HTML5 Basics

Grab a free copy of one our latest ebooks! Packed with hints and tips on HTML5's most powerful new features.

  • Adam Strong

    Thanks for the coverage of the important p2p.com domain theft case. You brought up many good points on the podcast. The most important being password security. The biggest vulnerability with many domain registrars is the fact that email accounts have a huge amount of vulnerability especially at free service providers or large ISPs. Registrars like Name.com and Fabulous.com have taken the security precautions a step further by implementing a keyfob which provides access passwords to only the holder of the fob.

    A couple other points I thought I’d mention.
    In the Sex.com case, the domain was actually stolen and eventually returned to the rightful owner. It was then sold in 2006 for an estimated $12-14 million. No criminal charges were ever made against Kremen for the actual theft but that case made an important distinction that domains can be treated as property .. . at least in the state of California. The story is fascinating and even more complicated and in-depth. The thief in that case is a real “piece of work”. The Sex.com book by Kieren McCarthy is highly recommended reading for any uber-domain nerd ;)

    To Stephan’s question about “how hard is it for someone to make a legal claim against you?” It’s very complicated and there really is no “proof of ownership” or “title” when dealing with domains. Make sure that when you do a transaction for a large sum that you use a reputable escrow service and if the domain price is high, cover your bases with a sales contract. In the Express.com case http://www.internetlibrary.com/cases/lib_case496.cfm the party that bought the stolen domain had to return the domain to the rightful owners and was out all the money that they paid. This is not a position you want to be in. A good way to perform due diligence is to research the domain ownership trail with DomainTools.com whois history searches.

    Lastly, a note about domain investors. These investors don’t always “buy domains at hopefully a cheap price and then when a market exists for that name, they then sell it for a much higher price.” In the case of p2p.com the $160,000 price tag wouldn’t really qualify for the label of “cheap”.

    Ostrofsky and many others like him buy domains and eventually build out sites/businesses. As an example, Ostrofsky has been involved in Blinds.com, Cufflinks.com and other online businesses. Some domain investors choose to use pay per click landing pages to monetize their domains while others build out full fledged sites. Domain investors are akin to real estate developers. It’s important to point out that while it may appear that p2p.com doesn’t look like it has “a site” on it, the domain likely receives a decent amount of traffic and the current owner’s domain parking page likely earns a decent sum from that traffic.

  • http://www.dangrossman.info Dan Grossman

    Ouch. This was a pretty hard episode to listen to.

    “Well, speaking of Bing by the way, I just noticed when I was researching this story, their front page of Bing.com, it used to be just a search box and a pretty picture. It seems like they’ve started to put mouse overs on those pretty pictures.”

    That’s not new, those mouse overs have been there since day 1 and long before. They were there on Live.com before the Bing rebranding.

    “… which I guess would be taking your credit card details and storing them on the merchant’s server”

    It’s not a big no-no because of the chance you’re hacked and you might have to pay for resulting fraudulent transactions. That’s the least of your worries. The moment your server is hacked and someone has potential access to stored credit card information, and Visa/MasterCard find out it happens and you weren’t PCIDSS compliant, instant $500,000 fine just for starters. Half a million bucks before you even start worrying about the cost of cleaning up after yourself.

    You simply don’t store credit card information, ever. Very few companies are big enough to afford to meet all the requirements to be able to do so. So if you don’t even know what those requirements are, you’re not one of them.

    “So, does anyone know if people still use Yahoo! Mail?”

    Come on, Stephan…

  • http://www.dangrossman.info Dan Grossman
  • http://www.dangrossman.info Dan Grossman

    Don’t think I’m all hate for criticizing a few things, I just mentioned this podcast for reference in a forum thread about password security :)

  • http://badice.com/ Hartmann

    Dan,

    My comment about Yahoo! Mail was in jest. I know that people use it, but I never get e-mail from a Yahoo! address, except for spam.

    Thanks for the comments though! Hope the next episode does better and keeps you coming back.

    Stephan

  • http://www.danstephenson.ca Iceman90

    Great show as always gentlemen!