Archive for the 'Web' Category

Dropbox Referrals with Google Adwords

Published on November 2, 2011 in Web. 1 Comment Tags: , , , .

I read a tweet from someone a while back about how they used Google Adwords to max out their Dropbox referral disk space. I thought this was a clever hack and decided to try it for myself. I made a new Adwords account and entered a coupon code from Dreamhost for $75 in free Adwords money.

I ran into a few issues with my first ads. They were running okay in the beginning, but were getting shot down in the review process for trademark issues. I couldn’t figure out why this was the case, since I had seen multiple blog posts describing how to set up the ads with no mention of trademark issues. I tried a few tweaks, and removed “Mac” from the copy of my ads, thinking that the word might have triggered the trademark issue.

The first set of ads without “Mac” in them ended up getting approved, and I was on the fast track to Dropbox space gluttony. Here’s a screenshot of what my campaign looked like (until I stopped it because I maxed out on referrals):

Things looked like smooth sailing and I think I only used something like $20 worth of credit (though I could’ve easily optimized for spend, I kinda wanted to finish more quickly, so I set my cpcs aggressively). I was gonna change the ads and open it up for friends to get referral space, too.

Then yesterday, with no warning, I got an email that my account had been suspended. There wasn’t really any good explanation for this. When I look at my account, it says:

Your Google AdWords account has been permanently suspended for repeated violation of AdWords or Landing Page and Site policies in this or a related account.

and

Your Google AdWords account has been permanently suspended because your billing information in this or a related account could not be verified.

I’m not sure I could come up with a more vague message. So far, Google Adwords email support has been of no use at all. I first got an email saying they were “escalating” the matter, which probably just means they didn’t get around to it within 24 hours so they had to send something, then I got a generic form email saying that:

After reviewing your account, it has come to our attention that your Google AdWords accounts do not comply with our Terms and Conditions. As a result, your account, and any related accounts you may have created, have been suspended, and your ads will no longer run on Google.

Well no shit, that really doesn’t tell me anything new! The best tidbit of the email was that:

- For privacy reasons, AdWords Support is unable to provide any additional information regarding this account.

You know, in case I find something out about myself that I didn’t know… It’s my account!

If I did something wrong to get banned, I sure would like to know why. Since I don’t, I feel like I’m in the customer support limbo that is synonymous with “Google Support” which is already an oxymoron of sorts.

Anyway, TL;DR I used Adwords to max out my Dropbox referrals like many have before, got the banhammer from Google and now their customer support is atrocious (as expected).

Banana Republic (and Gap, etc.) Stores Passwords in Plain Text

Published on July 14, 2011 in Web. 2 Comments Tags: .

I was sitting on the subway when I got a random email from Banana Republic that contained my password in plain text. Besides the fact that I hadn’t requested it (lots of Hung Truongs think that they’re me @ gmail), I was surprised because any company that even slightly values security does not store passwords in plain text. It is quite jarring to see a password show up on my iPhone’s home screen. Here’s the email in case anyone needs proof:

The fact that BR stores passwords in plain text means that they’re probably a very nice target for a quick hack (and if they’ve got bad practices in password storage, they probably have holes elsewhere as well). Unlike the Gawker password leak, which had hashed passwords (though they could still be eventually brute-forced), the BR passwords aren’t even obfuscated (or if they are, it’s in an easily reversible way).

If you have a Banana Republic, Gap, Old Navy, Piperlime or Athela account, I highly suggest you change your password to something unique that you don’t use for any other sites (um, just like all your passwords… I totally have different passwords and two-factor security for everything).

I’d also suggest you contact Banana Republic and tell them that their security policies suck. Maybe they’ll fix it if enough people complain. That’d be sad if it took a huge hack and user info disclosure to change their ways.

The Internet Is For… Downtime.

Published on April 25, 2011 in MapsKrieg and Web. 2 Comments Tags: , .

These last few weeks have been really, really bad for the internet. I mean, in general. What with Media Temple going down due to their nameservers, Amazon EC2 going down, and also the Playstation Network refusing to let me log in… You’d think there was a cyberattack going on or something.

My websites did not manage to dodge all of the bullets either. A few sites were down from the Media Temple thing. I also inadvertently broke a few sites here and there. After the Media Temple downtime, I wanted to try updating a few Ruby Gems to get Passenger Phusion working. Unfortunately my rails apps hadn’t been updated in forever, so updating things broke backwards compatibility. I’ve been working on getting Anime Nano back to full capacity on the newest version of Rails. I think the whole experience was a bit stressful, but probably ended up being good in the long run.

I was also surprised to see Mapskrieg going down late last week. Apparently I hadn’t verified the domain for Google Apps and Google decided to close my account. The one that was serving Mapskrieg via App Engine. This was really annoying since all of the “act now or we’ll delete your account” emails were classified as spam in gmail and I am pretty sure I had verified the account previously. If Google doesn’t want my money then screw them. I figure I can actually serve the site for cheaper than App Engine since a few other apps live on the same server. The App Engine thing was a fun experiment but there are still too many limitations in the datastore to base a real app on it. Specifically, datastore writes cost way too much and indexes take way too much overhead in disk space (which you eventually need to pay for).

So now I’m back to running most sites on Media Temple, though I may diversify in case Media Temple continues to have downtime issues. It was a stressful few days, but at least I got to practice my sysadmin skills a bit and update my server in the process.

Google, Bing, and SERP Copying: Additional Evidence?

Published on April 6, 2011 in Web. 5 Comments Tags: , , .

In the beginning of February this year there was some mild uproar about Google setting up an elaborate sting operation against Bing to prove that Bing was copying search results pages directly from Google using the Bing Toolbar. I personally thought it was a bit childish of Google to do this. All’s fair in gathering user-generated data, right?

Fast forward to a few weeks ago. I put some code on Mapskrieg that would auto-detect a mobile device using the useragent string and show a mobile friendly site. I thought this was clever, but apparently Google thought it was cloaking. Oops! My bad. I took a hit on my Google search rankings. Once I fixed the issue my hits from Google have been coming back up slowly.

I looked at Google Analytics to see how the organic search referrals had changed, and I noticed something interesting. Not only had the referrals from Google gone down, the ones from Yahoo and Bing did as well. Perhaps Yahoo and Bing noticed the “cloaking” behavior, too (Yahoo is just using Bing results in their SERPs now). If so, then Bing was a bit slower than Google. See the charts below:

I started getting punished by Google around the 15th of March. Bing seems to have taken a few days to lower my rankings (and thus the # of clicks). My website’s recovery from punishment shows a similar upward trend, even though the site was no longer “cloaking” for about a week before that recovery. This suggests (at least, to me) that Bing really is copying Google’s search results pages. Otherwise they have a very similar method of cloaking detection, a similar policy for punishment, and a similar timeline for reducing the punishment for cloaking… At this point I feel that there are too many coincidences for this to be mere chance.

I was previously on Bing’s side because I figured that the Google data was just one data point out of many that they use. This example makes it seem like Google’s data is THE data point, or at least a major, major part of their “algorithm.”

Having stated all of this, my experience is only a sample size of 1, but I’m sure other webmasters have similar data sitting around. I’d be interested in seeing if there’s more evidence for Google’s stance. If I were Google, I’d be analyzing data from Google Analytics on other websites to see if they agree (I have a feeling they’re allowed to use this data anonymously).

Full Disclosure (because why not?): I used to work for Microsoft AdCenter, but I haven’t been involved with their operations for over a year now. I have a can of Bing soda water on my shelf but I mostly use Google (unless I want to use Bing ironically).

Edit: I’ve gotten some really great comments from Hacker News. I thought I’d paraphrase a few and write my comments on them. If you want to see the actual comments, go directly to my submission.

Comment: How could Bing get SERP info from just the toolbar?
My response: 1) My site drops from many SERP listings, Bing Toolbar stops getting click info for my site so the listings drop from Bing as well.

Comment: It might not be cloaking punishment. It could just be an outside factor, like people generally searching for the site’s keywords less or a competitor coming in and being better.
My response: The traffic to Mapskrieg is pretty darn regular and this was a significant drop for both search engines. Through trial and error the only thing that changed my rankings back was fixing the user agent thing.

Comment: Google suggested that the changes to SERPs took months to propagate and this data only took about a day.
My response: Okay, that’s a good point!

The response from Hacker News has been great and really made me think more about the issue. I’m not sure if Bing really is copying from Google, but I thought this was a worthwhile data point to look at. Maybe someone else has some data they’d like to share as well.

Instapaper Friendly – WordPress Plugin

Published on February 3, 2011 in Code and Web. 0 Comments Tags: .

While I was testing Instascriber , I noticed that the way that Instapaper was grabbing the content of my blog was a little off. The Instapaper for Publishers page describes how you can give Instapaper a hint on what your actual content is. I looked for a WordPress plugin that does this but didn’t see anything, so I figured I’d do it myself.

Up to this point I had never made a WordPress plugin, so I had go figure that out first. It’s relatively simple and there’s a lot of good documentation out there. I just needed to hook into the “the_content” API hook and alter the content so it had a div surrounding it. The scary part is mostly that WordPress seems to give you a hella lot of control. So you could seriously eff things up with a simple plugin.

With this being my first plugin, I’m not completely sure it’s been written the right way (kinda like when you make an edit on Wikipedia for the first time). Nevertheless, I’m making the plugin available. So let me know if there’s something glaringly wrong with it. It’s fairly simple, so I’m not sure exactly what could go wrong.

I made a special page for the plugin to live at, so get it at Instascriber Friendly – WordPress Plugin. You can also download it through the internal WordPress plugin search (look for ‘instapaper friendly’).

Books

Hung Truong's book recommendations, reviews, favorite quotes, book clubs, book trivia, book lists

Capitalism!