駭客公然上網販售原始碼
CNET新聞專區:Robert Lemos 15/07/2004
一群自稱駭客的組織在網路上開店,明目張膽賣起據稱內含機密軟體原始碼的檔案,還準備接受顧客訂貨。
該組織稱為原始碼俱樂部(Source Code Club;SCC),提供據信是偷來的軟體原始碼,包括Enterasys Networks舊版的Dragon入侵偵測系統,以及Napster的用戶端及伺服器端軟體,開價分別是1.6萬美元和1萬美元。
為證明手中的確握有原始碼,該組織在網路上公告一份檔案清單,並聲稱會用電子郵件手法和加密技術隱匿買賣雙方的身分資料。
「企業可以安心跟我們做生意,因為一切與顧客有關的資料都會加密,而且成交之後,會把所有加密的紀錄銷毀,」自稱為Larry Hobbles的發言人在答覆電子郵件查詢的回函中寫道。
SCC提供的Napster軟體似乎擷取自這個檔案共享服務的原始版,而不是現已合法的音樂服務,Napster智慧財產權所有者Roxio公司表示。
安全公司Enterasys則回應,已向聯邦調查局(FBI)報案,目前正查證SCC所言是否屬實。該公司表示,檢視SCC網上公告的軟體清單後斷定,倘若檔案真的遭竊,駭客應該不是入侵Enterasys的網路取得,可能是偷走儲存檔案的媒體。
該公司並指出,網路上張貼出售的Dragon原始碼,已是落後兩代的產品。
招牌軟體原始碼外流或遭竊的公司,不只Enterasys和Roxio兩家而已。今年5月,思科(Cisco)發現網路設備軟體的原始碼被竊賊貼上網路。今年稍早,微軟Windows 2000和 Windows NT4作業系統的一部分程式碼,也開始在網路上流傳。上周,微軟程式設計師被檢方起訴,罪名是在跳槽到微軟前,竊走前雇主搜尋引擎公司AltaVista的程式碼。
原始碼俱樂部則在網站上聲明,可賣的貨不只Enterasys的原始碼而已,還接受顧客指定下單。
該組織說:「若你要的是財星100大企業的原始碼,我們極可能已經有貨了。如果你要找的貨還沒到,只要付一筆錢,我們會考慮幫你把指定的資料找到。我們的團隊會需要多達兩個月的時間完成任務。」
原始碼俱樂部還打算永續經營。該組織網站宣稱,一旦網站遭執法機關查封,就會另起爐灶,並且在軟體安全郵寄名單上宣傳。這可能讓主管當局查不勝查。
該俱樂部說:「儘管本網站可能關閉,但只會是暫時性的。SCC會長期營運,必要時會重現江湖。」(唐慧文)
fr.: http://taiwan.cnet.com/news/software/0,2000064574,20090891,00.htm
How to Write Email Messages That Get Better Results
Internet marketer, Ewen Chia.
Would you be interested in getting 10 times better results from your current e-mail marketing campaigns? While the above is a hypothetical figure, it sure got your attention didn't it?! Though most successful marketers use email marketing as an income generator, only the ultra successful are truly maximizing their profits with it. What sets them apart? And more importantly, how can you create profit-pulling solo emails that put thousands more into your bank account fast? It's not rocket science. You've basically got to get your readers excited and give them a reason to respond quickly. There IS a simple formula to achieve this. It's nothing revolutionary, in fact it's the same ormula for writing good copy. If you want to experience increased sales from all of your email promotions, start writing your solos based on the age-old formula known as...AIDA!
The basics of copywriting must be applied anywhere words are used to gather responses, especially in your emails. Here's a quick look at how you can structure your messages using AIDA as a guide:
(A) Attention
Create subject lines that get your emails opened. Think of this as the headline of your ad, as any good copywriter would tell you. Grab the attention of your readers by using curosity, fear, happiness, etc.
For example: "Have you heard about...?"
Heard about what? They'll want to find out.
Extend such attention-grabbers to the first sentence or paragraph of your message body to encourage further reading.
(I) Interest
Once you've got their attention, it's time to get them interested in your message. An easy way to do this is to simply highlight or 'create a problem' they may be experiencing. This puts them on alert and piques their interest.
For instance, you could highlight the pains of how getting hundreds of spams daily could affect their businesses, and how there are no good solutions in sight.
(D) Desire
The desire section of your message is where you introduce your proposed solution to the problem stated. Fact is, people need solutions to problems. To be an ultra successful email marketer, your job is simply to give them what they want!
(A) Action
Getting your readers to take positive action and act on your message is probably the most important part of your entire campaign. But a high response rate is only possible if you've created the flow of attention, interest and desire successfully.
To encourage immediate action, you should tie in a specific deadline or give 'scarcity' to the solution you're offering. For example, offer a 40 percent discount for the next two days only. Let them know that if they miss this deadline, the discount will end and they will ultimately have to pay a higher price for the same solution.
Use the AIDA formula today in all of your email campaigns. You'll love the phenomenal results and extra profits from doing so.
Ewen Chia is a successful information publisher and Internet marketer. Learn how you can instantly get more traffic, sales and increase your profits by visiting his web sites: http://www.Marketing-Make-Money.com, http://www.InstantMarketingSecrets.com, and http://www.MarketingEbookReview.com
fr.: WebAdvantage eMarketing Newsletter
Making Your eBay Store Search-Savvy
By Beth Cox
June 30, 2004
Anyone with much experience as an eBay seller will tell you that driving traffic to your eBay store is crucial to success -- largely because the listing fees are so drastically reduced from what one has to pay for an auction or a Buy It Now listing.
Everyone should be linking from their regular listings to their eBay stores, of course. But what if you want to draw customers from outside eBay?
Well, it's a no-brainer to put your store URL in all your outgoing e-mails, and on your business cards and paper correspondence. You should also point to your eBay store through your regular Web site, if you have one. I've been doing that for quite a while and we get a few customers that way.
But we want a lot more eyeballs looking at our products on eBay, and one of the best ways to drive traffic, of course, is through search engines.
Like a lot of small eBay business people, I know a great deal about our products, but I don't pretend to be an Internet search engine marketing expert. We have a little Google ad campaign for our main Web site (Google makes it amazingly easy with AdWords), and we sometimes run a keyword campaign on eBay itself to direct people searching for orchids to our listings.
eBay knows that its sellers need assistance, and has been making serious efforts to make it easier for search engines to read the content of eBay stores and display those URLs in search results. The auction giant recently changed the default structure of URLs for eBay stores to make them easier to get picked up by outside search engines.
And it's working. I've noticed that when I do general searches on Google and Yahoo!, eBay store listings for our little orchid business are showing up more and more frequently.
Ironically, eBay's own search engine generally does not pick up Stores results, although in April, eBay rolled out a modification that allows Stores results to appear if there are fewer than 10 regular eBay listings returned from a keyword search. For those of us with lots of competition (which is the case for most eBay sellers, I'd guess) that really doesn't help much, though.
When I ran a Yahoo! search for "cattleya orchid," one of the paid listings was from eBay itself, and a click directed me to an eBay page that displayed the results for the same search terms on eBay. eBay has a similar arrangement with Froogle. I thought those were a nice touch, although the pointers are to auction and Buy It Now listings, not to eBay Stores listings.
As a result, it's still tough to ensure that your Store items are listed in the major engines.
Taking it to the next level
eBay also allows its store operators, most of whom are PowerSellers, to export their inventory in a file and send to those search engines that accept data feeds. That capability seems likely to reap the most rewards -- at some point. But when I decided to take eBay up on its offer to create a file of our eBay Store listings for distribution to the search engines, I ran into some stumbling blocks.
Initially, the process of creating a data feed is easy, and eBay provides simple directions:
1. On the Manage Your Store page, click on the "Export listings" link.
2. Click "Make a file of my Store Inventory listings available," then Save Settings.
Within 12 hours, eBay will create the file and post it to a URL based on your Store's URL, and will be available for anyone (or any search engine) to download.
But after that, it gets a little harder. That's because, as eBay tells you, it "is then up to you to make arrangements with third-party partners to download the file from the URL. eBay is NOT responsible for coordinating how the file will be used with a third party."
eBay's Help file on the process can be found here, but unfortunately, I found it distinctly unhelpful.
So, here I am with a nice URL for all our store listings, but I kind of need a search engine for a dance partner (better yet, a half-dozen) and there's no real good information on which search engines accept the file.
I tried Google's shopping search engine, Froogle, but their support for picking up eBay Store URLs is questionable. Their FAQ says they don't accept data feeds from affiliate marketing sites, and it's unclear what how they consider an eBay Store. (Google itself often picks up our store listings, however. When I searched for "paph" -- a kind of orchid -- one of our store listings was the 45th result.)
When I searched Froogle for our company name, I found bunches of our individual eBay auction and Buy It Now listings, but none of our Store listings. I learned long ago to put a link to our eBay store in each listing, so anyone who finds us via a listing that shows up on Froogle is really only two clicks away from our store.
The problem is, I want the customers who are searching for more generic terms, like "orchid" or "cattleya."
When I asked Froogle about eBay store feeds, a spokesman said only that "we don't provide specifics on the feeds of Froogle merchants."
You might think eBay would go the next step and offer a list of search engines that accept their store URL data feeds, but no. So I sent eBay customer support an e-mail, asking for a list of the search engines that accept the XML files.
I was pleasantly surprised to get a response in less than 24 hours. But I wasn't really happy with the answer, which amounted to a reiteration that it remains up to me to make arrangements with third-party partners.
"eBay is not responsible for coordinating how the file will be used with a third party," the e-mail read. "Unfortunately we do not have a list of product search engines that may use this."
I asked Chris Sherman, associate editor at SearchEngineWatch.com (in my opinion, it's the place to start if you want to learn more about search) for his take, and he said he's not sure which of the shopping search engines would accept the eBay data file.
"They all have their own formats and guidelines, so it's likely the eBay feed would have to be tailored for submission to another service," he said. "That said, some of the shopping engines will crawl XML files, so even though it's not a pure feed submission, content in an eBay file might get picked up by some of them."
You can find a list of major shopping search engines here, including links to BizRate, Shopping.com, DealTime, Yahoo! Shopping, Froogle, MSN Shopping, mySimon, NexTag, Kelkoo, PriceGrabber.com and others.
Clearly, this is a complex subject, and few people I talked with seemed to have good answers. Indeed, consensus among many knowledgeable online auction watchers was that the situation is pretty much uncharted territory.
Said one, "... as for eBay's XML file, I think it's not of any use to anyone, but was a diversion for eBay Store owners who wanted to submit to Froogle."
That said, eBay has at least responded publicly to concerns about utilizing the search engines. On recent post said eBay is beginning to experiment with submitting some Stores listings to Froogle and is encouraging individual eBayers "to follow up with them."
The last line of the post reads: "Thank you very much for your patience as we work through this!"
fr.: http://se-daily.blogspot.com/2004_07_11_se-daily_archive.html#108985875044079703
Ad Agencies & Search Engine Marketing Firms Beginning to Play Together
By Shari Thurow, Guest Writer
July 8, 2004
Advertising agencies are spending more on search engine marketing, with one in five marketers buying in excess of 1,000 keywords, according to Jupiter Research.
A special report from the Search Engine Strategies 2004 Conference, March 1-4, New York City.
"A lot of brand name products, consumer package goods, automotive, financial services those are the sorts of verticals we are seeing moving into this space," said Jupiter Research Senior Analyst Gary Stein, kicking off the Search Engines and Ad Agencies panel. "With them come agencies that are already attached to them as well as a specific set of needs. Percent of ad agencies and interactive agencies providing search engine marketing say 46% are claiming to provide 'full' and better than a third outsource to search engine marketing specific agencies either totally or in part."
However, many search engines that sell paid listings, as well as search engine marketing (SEM) firms, feel that ad agencies have yet to fully tap into one of the best ways to gain qualified traffic. Many SEM firms feel that agencies understand media buys but still do not comprehend the search industry as a whole. In contrast, many agencies feel they have a better grasp of search engine marketing than SEM firms give them credit for.
This session addressed the topic from two perspectives: the ad agency and the SEM firm.
The ad agency perspective
"An advertiser has 3 choices," stated Kevin Ryan, Director of Market Development at Wahlstrom Interactive. "They can staff up. They can hire an search engine optimization (SEO) firm. Or they can force their agency to adopt."
Jason Shulman, Senior VP of Business Development at Carat Interactive, had to make that decision. "Do we staff up, hire an SEM or just ignore it," he said. "Challenged with building a search practice for ourselves, that probably tells you what we decided to do�we decided to build our own."
Shulman felt that the search industry is a confusing landscape. "I still think that is the case that people, by and large, don't know the difference between paid inclusion and an XML feed and a cost per click engines and natural search," he said. "We try not to frame it in that way. Technology tends to confuse the higher up marketing people. But over time they can understand it and that is what they look to an agency for - understanding."
In fact, one of the legitimate criticisms ad agencies have about SEM firms is the use technical jargon. "SEMs tend to hoard technical knowledge and use technical jargon to protect their turf," said Dana Todd, Executive VP of Sitelab International. She also felt that many SEM firms are short-sighted, not looking at the big picture of branding and marketing goals.
Another common pitfall Ryan sees is lack of client stewardship. "Client stewardship leads into the secondary, which is quibbling over budgetary real estate," Ryan said. "Everyone wants a piece of the pie. On top of that, everybody is fighting for a piece of the interactive pie. What you end up with is a huge frappe of anger."
"Agencies live in a fee environment or commission environment," Ryan continued. "Search engine firms largely build their fee structure on value-added or flat fees. People often refer to search engine marketing as the 'Wild, Wild West.'"
By the time the SEM firm marks up a click and the agency marks up a click, the return on advertising spend is difficult to achieve, said Todd. Additionally, hiring an SEM can be too expensive for the value provided.
"At the end of the day, the people I talk to want one vendor," concluded Shulman. They don't want to be talking to a ton of vendors."
The SEM firm perspective
One of the biggest criticisms that SEM firms have about ad agencies is the lack to technical knowledge. With optimization, particularly with large database-driven sites, technical expertise is a must.
"When talking about search and organic search in particular to a bunch of ad folks, you see the eyes glaze over and their heads kind of nod," said Chris Copeland, Partner and Managing Director at Outrider. "It is not a pretty picture. They don't understand it."
"SEM isn't just media buying," said Todd. SEM includes advertising as well as optimization.
"Some online agencies do not consider SEO as advertising," said Ryan. "It is often viewed as an afterthought or a necessary evil." With SEM firms, optimization and pay-per-click (PPC) advertising are an integral part of the online marketing mix.
"Agencies require a great deal of hand-holding and support, from sales to implementation," Todd continued. It can result in high project management costs to SEM firms.
So what is the solution? Are ad agencies and SEM firms destined to be at odds with one another? Todd felt that ad agencies need to evolve -- they need to understand the intricacies of both optimization and advertising. She also felt that SEMs need to stop operating in a vacuum. "If you want the ad agency money," she said, "you have to play the agency game."
Ultimately, she said, both agencies and SEM firms need to work together for the benefit of their customers.
Shari Thurow is the Marketing Director at Grantastic Designs, Inc. and the author of the book Search Engine Visibility. She has been designing and promoting web sites since 1995 for businesses in a wide range of fields.
fr.: http://searchenginewatch.com/searchday/article.php/3378131
Local and Regional Search: A Primer
BY Kevin Lee | July 9, 2004
With Overture's recent launch of local search listing targeting, Google's enhancement of local search targeting, and renewed interest in Internet Yellow Pages (IYPs), local search marketing is heating up. Is local search just for local businesses? How do local search providers differ? Should national marketers use local search as part of their campaigns?
These questions require in-depth exploration, much more than I can cover in one column. But because local search is new to many readers, it makes sense to do an overview of the local search space.
Each major player in local search approaches the opportunity differently. Although some differences may seem trivial, they can influence both campaign strategy and execution. Many types of local search advertising deserve dedicated columns, and I plan to get to these soon. In the meantime, this overview will point you in the right direction if you must put a local campaign together sooner rather than later.
IYPs have had a local search solution for years. Unlike the current crop of search media, IYPs started out selling search result inventory much the way they sold print display adverting. The advertiser pays a fixed cost per month on an annual contract. In the case of SuperPages.com (Verizon's IYP), that cost was billed to your monthly phone bill. Costs were determined by ad size, format, elements included, categories included, geographies covered, and a tier. The higher the tier, the higher the listing appeared in the results. Other IYPs launched with similar plans. Many placements and plans included small graphic elements or logos. Recently, many IYPs embraced the auction-style pay-per-click (PPC) search listings. A sample of major players includes:
Verizon SuperPages. SuperPages listings are purchased from Verizon and powered by customized FindWhat.com technology. The tiered results are syndicated to other portals, including MSN, but the PPC listings are not.
Switchboard.com. Switchboard.com (recently acquired by InfoSpace) sells listings directly by category. It's partnered with Google to show relevant ads to searchers. However, my tests indicate the Google ads shown aren't locally targeted based on search query but instead are national directories for the category searched.
Yahoo! Yellow Pages. The Yahoo Yellow Pages uses a tiered approach. Monthly fees are based on the tier and category. Yahoo's yellow pages don't (yet) use Overture's local targeting or paid placement results.
YellowPages.com. This service sells listings directly by category and is partnered with ePilot.com (Interchange Corporation) to show relevant ads to searchers.
YP.com. Like Switchboard.com, it sells listings directly by category and is partnered with Google to show relevant ads to searchers. I did see more instances of geotargeted Google results at YP.com.
CitySearch is like an IYP, but it's organized around content and editorial. Text listings are sold directly on a pay-for-performance basis. Overture results (standard, nongeotargeted) are also displayed.
I covered Google's local search in an earlier column. Since then, Google has improved IP-based targeting and has empowered marketers to go beyond designated-market-area- (DMA-) and state-level targeting to polygon-level targeting. Marketers can draw a polygon around the area they want included.
The thing to remember about Google's local targeting system is it pits local ads against national ads in search results. The IP-level targeting uses the current searcher's location to determine if local ads should have an opportunity to compete for position and attention.
Overture's local search advertising solution is more recent, having launched June 28, 2004. Displayed within Yahoo results for searches deemed to have local search intent, the new Overture listings allow a searcher to voluntarily select a local area for refined results. Once the searcher has selected a locality, sponsored listings returned by Overture are a mix of local and national advertisers. If the locally targeted ad listing is clicked (selected), the searcher is presented with a map page indicating the business's location. The map also includes a link to the advertiser's Web site.
The premise is the searcher is interested in a local result. So a phone number, address, and map are all that are needed to meet the searcher's needs. Remember, though, the payment event for the marketer is the first click, the one that delivers the searcher to the local map/address/phone page, which includes only a modest hotlink to the advertiser's Web site. This setup may appeal to local merchants who don't expect to consummate business on their Web sites. But many major national marketers prefer to send traffic to their national sites before showing store locators or other local content.
Local results integrated into search results is just beginning. I'll cover the rapidly evolving segment with more examples and case studies in coming months.
fr.: http://www.clickz.com/experts/search/strat/article.php/3378501
How to get your RSS feed listed in the Yahoo! search engine
(July 6 2004) Sometimes the Yahoo! search engine will add a link to a relevant RSS feed beside a regular search listing -- provided, of course -- that the site has its own RSS feed.
An RSS feed is a text file (XML) that can be used to list the latest news headlines from that site, together with relevant links and descriptions. There are newsreaders and software that can read these files and present the information in a readable way.
Yahoo! has been including links to RSS-feeds for some time. However, it has not been including links to all relevant RSS-feeds, even if the sites have one.
Now there is an easy way for you to get your RSS feed listed in Yahoo! - for free!
Loren at the Search Engine Journal has made the following discovery:
If you are a registered Yahoo! user, it is easy to add your RSS feed to your My Yahoo! page. This will make the Yahoo! search engine aware of the RSS feed and - presto - it will appear in a Yahoo! search.
Go to your My Yahoo! home page (if you don't have one, you may register for free).
Go to the end of that page, and click on the "Choose Content" button.
On the new page, under "My Yahoo! Essentials", tick off "RSS Headlines (BETA), and click on the link.
In the pop-up window that then appears, type or paste the address of the RSS feed. Click on the Search button.
Click Add in the next window.
The headlines from the RSS feed now appears on your My Yahoo! page. Moreover, Yahoo! has become aware of the feed, and will include it in its search engine database.
It is a fair guess that Yahoo! will follow the links included in the RSS feed when spidering your site, which means that the search engine will find new pages more easily.
For more information on the use of RSS feeds, see XML.com and Webreference.com. See also Syndic8.com, which has more detailed info on the Pandia RSS feed.
Pandia's RSS-feed -- which presents the headlines found in our Searchworld search engine news column -- can be found at www.pandia.com/searchworld/pandia.rss. The RSS feed can also be syndicated through NewsIsFree.
fr.: http://www.pandia.com/sw-2004/31-rss.html
Affiliate Marketing and SEM Revisited
BY Fredrick Marckini | July 12, 2004
Several months ago, I discussed affiliate marketing and search. I interviewed a number of rather large, successful merchants about how their affiliates were using search marketing methods and challenges they face in governing those initiatives, especially their affiliate's paid search engine marketing (SEM) bidding activities.
In preparation for a keynote at the Affiliate Summit a couple weeks ago, I conducted new interviews to see how these issues had evolved and what new ones are cropping up.
In the first round of interviews, I discovered all my initial assumptions were wrong. My position was if you ran an affiliate marketing program, you should prohibit your affiliate network from engaging in any paid search advertising. It would drive up bid prices. You'd end up competing with yourself, effectively, for a finite number of paid search positions on a finite universe of keywords. What I learned convinced me I was wrong. To review, the merchants I interviewed taught me three things:
Affiliates extend your paid search advertising budget.
Competing with affiliates on the same keywords is valuable because they help you dominate the page.
If your affiliates are restricted from paid search advertising, they'll simply switch teams and bid for the same keywords on behalf of your competition.
The new round of interviews reconfirmed these positions. Yet some merchants identified new areas of disagreement and highlighted one important new trend.
Should You Allow Your Affiliates to Bid On Your Trademarked Terms?
One merchant strictly forbids his affiliates from bidding on his company's actual name. His position is multiple advertisements in search results all lead to sites other than the "official" company Web site, which creates a bad user experience. He noted, "When a customers searches for our company name, they want to find us, not a Web site that leads to us. It's all about the user experience."
Other merchants simply set bid limits on their company name and branded terms, allowing their affiliates to fight it out below a certain bid threshold. This ensures the trademark holder will always appear in the top listing. This may be a strategy worth exploring for companies concerned about the user experience and their affiliates' interests.
A final position worth noting: One merchant's strategy was to bid only on trademarked terms because of the higher conversion rates while ceding all unbranded terms to its affiliates. It didn't restrict its affiliates from bidding on trademarked terms but seemed to believe bidding effectively on the unbranded keyword real estate was too costly.
This position carries much risk for the merchant. The merchant's gaining no experience with this much larger universe of keywords. If the affiliates that are best at bidding on these keywords switch to a competitor's network, the merchant could suddenly find itself scurrying for a solution. It'd be forced to pick up the ball and run with it, facing a significant learning curve that could cost much money and time.
Should You Share Keyword Bidding Intelligence With Your Affiliates?
Last time, every merchant emphatically replied "no." Their worry was affiliates often work both sides of the fence. They may terminate with you and work for your competition. You wouldn't want to share precious your search advertising "secret sauce" for the eventual benefit of competitors, would you?
In this round of interviews, most merchants still agree with this position, with one exception. One very wily merchant made this statement:
We asked Commission Junction who their best paid-search-marketing affiliates were. We approached the top three and offered them our list of our top-100 highest converting keywords as a way of luring them into our affiliate program. It worked. All three are now our affiliates.
This merchant made a very strategic decision that wasn't without risk. The gamble paid off. If it maintains solid relationships with these three super-search-affiliates, the decision will pay dividends for years to come.
Affiliates Leveraging Natural SEM
During round one of interviews, very little was said about natural SEM. During the more recent interviews, natural search marketing was a notably more important topic.
The merchants reported natural search was staging a comeback, in a somewhat unexpected way. What's new is how key affiliates leverage natural search. These two responses from merchants were of particular interest:
Our affiliates who are making the greatest gains are those most invested in attaining natural search rankings.
Some of our affiliates are moving out of the affiliate role and becoming full-blown content sites... When your affiliates focus on natural search, it leads them to become more of a content destination and a better affiliate.
The merchants reported several long-time affiliates had grown their affiliate sites to a point at which they really became branded content destinations. These affiliates were leveraging pages of keyword-rich text and working their natural SEM campaigns effectively, attaining top rankings in the natural search results. The merchants reported they now benefit from this increased traffic, and the increasingly qualified click-throughs, their affiliates' natural SEM efforts produce.
fr.: http://www.clickz.com/experts/search/results/article.php/3379031
Edmunds.com Tests Paid Search to Drive Traffic: Discover Their Results
CHALLENGE: Edmunds.com, like most content sites, stayed away from paid search because it was almost impossible to justify whether the resulting traffic would be worth the money.
After all, they weren't an eretailer selling directly. They were an information publisher monetizing traffic in a wide variety of ways from generating sales leads for car dealerships and insurance brokers to selling CPM ads to major automotive brands.
Back in 2001-2002, they invested in overall optimization work to have the site show up well in organic listings (those which are not the paid ads.) As a result, Edmunds.com pages showed up just under 10 million times per month in search results pages.
While 10 million may sound like a lot, VP Marketing Seth Berkowitz was increasingly frustrated.
"The way SEO works wasn't conducive to monetization. The critical make/model pages, such as GMC Yukon, where 40-50% of our income comes from didn't rank very well. We weren't even in the top 30 results. For example, if you were searching for information about Honda Accord, SEO dropped you into our article about Honda Accord instead of our pricing funnel."
While fielding sales pitches from account reps from Overture and Google, Berkowitz also learned the total search universe of consumers seeking car-related information online was as much as five or six times the amount of traffic he was getting.
So, there was enormous room to grow if only he could get up paid listings.
CAMPAIGN: Before testing paid search ads, the marketing and site team first invested in a sophisticated site metrics back-end. Reviewing basic Web logs would no longer be enough. They needed to be able to track and value traffic by source in a highly specific manner, including:
a. Which search term a visitor came from
b. Cost per click
c. Dollar value per visitor based on number and types of
pages viewed, CPM ad clicks, sales leads generated for
site partners, and likelihood of returning to the site
in future
d. Segmented group results for time of day, day of
month, overall type of source, overall value
Once the new metrics software was installed and working well, the team carefully moved into paid search tests starting in February 2003.
Step #1. Test a few high-value paid search ads
Berkowitz decided to test search the same way he'd test postal mailing lists for a new direct mail campaign. He began at the most potentially valuable selects, and then slowly widened the scope from there to include more and more segments until the campaign hit the edges of profitability.
In this case, he chose the 50 most-valuable Edmunds.com pages -- all of which were make/model pricing start pages. Consumers searching for those pages were most likely to be actively researching an intended car purchase, and thus red-hot sales leads for Edmund.com's partners and advertisers.
Berkowitz included common permutations on the 50 make/models, such as typos and search terms. So the resulting campaign ended up being about 1,000 search ads in total, all targeting the 50 pages.
He invested $70,000 the first month, watched results like a hawk and then carefully expanded and optimized the list of terms over the next 18 months.
To keep costs under control, he gave his search team a specific guideline of what each search term was worth to the site, telling them to try for a cost per click within 10% over or under that price. He also specifically did not require the top ranking (which can often cost more than it's worth.) As long as the site showed up in the top three listings, that was fine.
Step #2. Hire experts to run the ongoing campaign
With a rapidly growing number of search terms to manage, Berkowitz knew handling paid search couldn't be anyone's part-time job. He got cost estimates from leading search campaign management firms and also researched salaries for highly qualified in-house staff.
The in-house versus outsourced decision was based strictly on math. Berkowitz says the quotes he received from outsourced firms equaled 10-15% of resulting site income. For the amount of paid search Edmunds.com was planning to do, it would be cheaper to take the project in-house.
This doesn't mean in-house staff were cheap. "We went out and aggressively headhunted for the right people. I wouldn't compromise in this area. It takes time to train someone for this and it's core to our business. You have to be prepared to pay for experience. Unless you can afford to pay for strong staff, outsource it."
Step #3. Test landing page variations to maximize income
Aside from testing specific terms, Berkowitz's team also tested varying landing pages to see which site pages would result in more overall income.
Typically, visitors who come to the home page of their own accord move through a fairly predictable path as they navigate the site. First they pick a make/model, then pick the sort of trim they'd like their car to have, and then after reviewing prices, pick a dealer.
The search team tested landing search clicks in a variety of places along that path. Would they prefer to pick their trim and then click to see a price? Would they prefer to see dealer info immediately? Would they prefer more general information?
RESULTS: "It's had a multi-million dollar impact on our business. We probably would have gotten into paid search earlier had we known that," says Berkowitz.
"We now find ourselves in the top three of automotive advertisers online with more than 50 million monthly impressions together on Overture and Google. Paid search does have a ceiling, and it took us about a year to get to full maturity."
The site's monthly paid search budget is now roughly around $400,000-$500,000, not including staffing.
More results data:
-> Visitors clearly have a different value to the site depending on how they discover it. "The highest performing bucket is paid search; but the problem is paid search visits are episodic and less likely to return to the site."
Visitors who bookmark the site or type in the URL directly are slightly less valuable on their initial visit, but they are more likely to visit frequently.
The least valuable visitors are produced by SEO. "SEO isn't all that directed; we can't pick the URL we land you in." So according to Berkowitz's estimates visitors who find the site from organic search are only 55-60% as valuable as those who find the site from paid search.
-> Although Edmunds.com's traffic from most search terms is fairly steady, they've discovered value per click can dramatically shift depending on time of year and day of month.
"Traffic doesn't move that much, but quality moves around. The return on investment is completely different depending on what's going on in the automotive marketplace. In May there were very strong incentives, the market responded to that. In June incentives were withdrawn and interest rates went up. People were still looking at cars on our site, but they don't execute the same way."
Also, days at the end of the month, when most dealerships tend to run the heaviest TV advertising promoting specials, tend to result in Edmunds.com traffic that's ready to purchase.
-> Overture & Google are less and less different. "Our experience has been that Overture users performed better and were slightly more qualified, but Overture is slightly more expensive. The gap with Google is closing though."
Berkowitz strongly recommends other publishers use both instead of considering Google versus Overture as an either/or proposition. Otherwise you won't reach the total universe you need to get the traffic you deserve.
-> Berkowitz currently has two full-time staff handing search in-house. He notes that due to the intensely competitive hiring marketplace for experienced staff, he has to worry about his own team being hired away, and is constantly on the lookout for possible replacement hires.
-> Landing page tests showed that consumers want a valuable result from their very first page. So, instead of starting visitors at a quiz page asking what trim they want on their car, Edmunds.com drops them into the results page showing the price for the model using the most popular trim.
From there visitors can either go back up the funnel to choose different trim, or they can go click directly onto a partner or sponsor's link to take action on the vehicle they desire.
-> 15-20% of Google ad traffic for Edmunds.com now comes from the contextual advertising AdSense ads as opposed to search results ads. This is growing.
-> Berkowitz notes overall average costs per click are rising, despite the broader pool of sites carrying search ads. The competition for top search terms is intense and not likely to slow anytime soon.
With this in mind, he's carefully limited bids for more general terms such as "Cars" which can cost a great deal but produce too much unqualified traffic. Instead, his team is aggressive only with niche terms that are proven to result in consumers ready to purchase from partners and sponsors.
Currently the team runs paid ads under 60,000 terms, and growing.
Useful links related to this story:
Overture
http://www.overture.com
Omniture - the metrics software Edmunds.com relied on to measure their traffic
http://www.omniture.com
Edmunds
http://www.edmunds.com
fr.: http://www.contentbiz.com/sample.cfm?contentID=2760
Growing a Successful Search Marketing Business
By Anne Kennedy, Guest Writer
July 13, 2004
Building a search marketing company holds the promise of both meaningful profits and a lot of fun -- but it takes hard work and some savvy business sense to be truly successful.
If you're stressed out over running a business in our super heated search engine marketing industry, you are not alone, according to three who have successfully nurtured their firms into comparatively substantial size and prominence -- in an industry category that did not exist 10 years ago.
Cheryle Pingel of Range Online Media, John Lustina of Intrapromote and Fredrick Marckini of iProspect took time off from running search engine marketing companies to speak freely about what it takes to make an SEM company thrive.
And thrive they do. Pingel's Range Online Media is located in Texas and New York and employs 23. Intrapromote is headquartered in Cleveland and has 25 employees. Arguably SEO's oldest firm, iProspect is based in Watertown, Massachusetts and has grown to nearly 70 employees.
The panel, aptly titled "Coping with Growth: What's Keeping You Up at Night?" was part of a well-attended day-long track premiering at Search Engine Strategies in New York City to explore the business of SEM from owners' perspectives. Jupiter Research's Chris Elwell guided the exposition with several searching questions of his own. If you missed it, the track is slated for next month's Search Engine Strategies in San Jose, with insights from a new round of industry leaders.
"I feel like I've found my tribe," grinned iProspect founder Fredrick Marckini. "In all my years of speaking on SEO, this is the first time in the history of iProspect that I have been invited to speak about growing a business instead of on how to attain top rankings in search engines."
Good people are the key to success
Clearly top of mind is attracting and retaining talented people. "Turn over is outrageously expensive," said Marckini, who pointed out that in a service business, your primary company assets walk out the door each night to go home to their families.
"We never require employees to move to Cleveland," quipped Lustina. "Since 1999 only one employee has left Intrapromote. "Ask yourself: is this a company I would like to work for?" he said. "The industry is growing and so is poaching."
Lifting up one truth "Employees quit managers, not companies," Marckini described his company's rigorous hiring process that includes seven interviews, based on "striver" characteristics iProspect has identified as indications of a successful employee in a particular role. "Every time we deviate from our hiring process we regret it," he remarked.
"It's almost scary how human beings have become commodities," added Pingel. With more money getting thrown around, there's a lot more at stake. "Is there still joy in this industry?" she wondered.
Growing pains are universal
Growth pressures rank high in the sleep deprivation sweeps, too. Lustina pondered the commitment to the same level of growth. "One of the things that forces you to grow is the very nature of sites adding new pages -- in other words keeping up with clients' growth." "Growth is imperative," added Pingel. "If you do your job well and clients are pleased, you'll get new business." Further, commented Marckini, "if you don't grow, there is no opportunity for your staff to advance in their careers which could cause them to leave to seek better opportunities."
Managing and growing in the shifting sands of still-evolving acquisitions increases challenges for business owners. Besides the lack of competition among media vendors caused by consolidation, Pingel worried about vertical integration, citing Avenue A-Go Toast, and Yahoo's acquisition of Inktomi "One day our suppliers become our competitors; how do we as a company fit into that landscape?" she asked.
Unexpected challenges
Each of the three panelists named the most difficult challenge they faced in growing their business.
Marckini: How hard it was to transition from the "you da man" solo stage of your business to letting go of the burden to employees and finally delegating, "in essence, you get to a point where you think, 'if this team cannot pick up the ball and run with it we don't deserve to be a company.' You don't help people by lowering expectations, you help them by raising the bar and demonstrating that you believe they can meet the higher expectation."
Lustina: Human resources, especially interviewing and hiring. "It's taxing but worth it because the right person brings solutions to our company."
Pingel: Becoming so involved in lives on clients. "We want to make them look good and help them get promoted in their companies."
fr.: http://searchenginewatch.com/searchday/article.php/3379881
One Way Link Building Secures Long Term Ranking Results
By Daria Goetsch - July 08, 2004
One-way link building is a great way to improve your link popularity and ranking in the search engines. One-way links are more difficult to obtain than traditional reciprocal links, but pay off in securing solid long-term search engine ranking results.
Why Are One-Way Links Helpful?
Link building in general is an important part of making sure your site ranks well in the search engines. Google and many of the other search engines include link popularity as part of the way they evaluate the web pages they include in the search engine databases. Links are seen as a positive "vote" towards the quality of the web page. Each individual page acquires link popularity based on the pages that link to it. Google and Yahoo both have toolbars showing the page rank of pages you visit, so you can use these tools to get a good estimate of your pages' link popularity. It is not necessary to get totally caught up in the minutia of which types of links from which types of pages are the most important. The bottom line is this: acquiring links pointing back to your website, particularly links from sites covering the same or related topics as your site, is helpful in the overall scheme of search engine ranking.
The big "plus" of one-way links is that you don't have to worry about linking back to a "bad neighborhood". If your site has links pointing back to sites that serve as "link farms" or "free-for-all" sites, you may not gain, and could actually lose page rank. These sites are rarely focused, and tend to have links to and from all different sorts of sites. Since there is no particular topical emphasis here, it is clear to Google and the other search engines that the sole purpose of these sites is to artificially increase the number of links pointing to your site. Since there is no value added for the search engine's users, they in turn give no value to these links.
Another advantage to these focused, one-way links is that they will tend to stay in place. A website that features a link to your site probably does so because that site's owner thinks that their visitors will benefit from the content your site has to offer. Rather than simply trying to manipulate search results, they want to add to the experience of their visitors; you benefit from having a long term link in place. Sites featuring reciprocal links may simply drop your link when it no longer suits their linking strategy.
How Do I Obtain Natural Links?
Building good content helps interest your visitors and keeps them on your website. By becoming an authority on your topic, you will attract more visitors. When another website in essence "votes" for the quality of your website by placing a link pointing back to it, you are obtaining natural linking. The more you can build upon helpful articles, FAQs and white papers, etc., the better reason for visitors to link back to your website because of the quality content.
One-Way Linking Sources
There are a number of ways to get links from other sites back to yours. The most important principle to keep in mind is that you will get the most links when you offer something significant to link to. Think of what you can provide that people will want to link to:
Natural links given from topic-related websites that like your website
Providing free content, such as access to articles, e-books, FAQ's and white papers
Directory links, listed under the category related to your topic
Business directory links, listed under the category related to your topic
Blogs, submitted to a blog directory and archived online
Business associations, listed under the category related to your topic
Newsletter text ads promoting your business, archived online at topic-related websites
Original articles, submitted to and archived online at topic-related websites
Original press releases, submitted to and archived online at topic-related websites
Original newsletters, submitted to and archived online at topic-related websites
White papers, submitted to and archived online at topic-related websites
E-books, submitted to and archived online at topic-related websites
Free software tools provided with required link back to website
For each of these types of content, you will want to have an active link pointing back to your site. Of course, when creating your own original content, always archive your own work on your website to build your content and increase your own link popularity by growing the number of pages on your website.
The extra value of one-way links is the fact that you are also promoting your website from the listing as well as the active link. Articles, newsletters, white papers, directory and business association links may bring in traffic from visitors who are interested in the description of your website listing.
How Do I Know The Links Are Valid?
To gain the most benefit from your links, the link back to your web page should be one that can be followed by the search engine robots. Plain old text links and image links usually can be followed by the search engine robots. More exotic types of links, like JavaScript links, cannot typically be followed by the search engine robots. When you provide suggested linking code, the simpler the better. Don't be afraid to suggest linking formats to owners of sites that link to you. The types of links that serve your purposes best will generally provide their visitors with the best experience as well.
Check to see if the page where the link will be located can be found in the search engine results. You can search via the entire website or by individual page. Different search engines use different syntax in looking for individual pages and links; refer to the advanced search function for each search engine for details.
Google Search Example:
Shows indexing of all pages listed in website
site:www.websitedomainname.com
Shows indexing of a specific web page in website
info:www.websitedomainname.com/pagename.html
If the page is listed in the search engine results, this means the page has been indexed by the search engine robots. This means the web page is valid for indexing and that your link will be picked up as well.
Research And Quality Content Equal Success
One-way link building means hard work and long term determination to achieve good link popularity. By improving the quality of your website, you improve the chance to obtain good quality natural links. Spend a set amount of time each week to seek out quality one-way links to achieve your goal. By using this long-term game plan you will be able to safely build links for optimum link popularity success.
fr.: http://www.searchengineguide.com/goetsch/2004/0708_dg1.html
微軟公佈更多Windows重大瑕疵
CNET新聞中心:Ed Freuenheim and Ina Fried 14/07/2004
微軟公司13日公佈視窗系統7項新發現的安全漏洞,包括兩項被列為「緊急」(critical)的重大弱點。
另一方面,微軟已開始提供工具,清理受到Download.Ject影響的系統。微軟之前曾推出預防該影響的組態變更,但並未釋出修補程式。
電腦安全公司賽門鐵克說,新視窗系統的弱點包含「高風險」的威脅。該公司的聲明指出:「這些新公佈的弱點可被遠端利用,發動阻斷式攻擊,並可能造成機密資料遺失。」「賽門鐵克強烈建議使用者立刻針對這些弱點採取修補措施。」
這些新發現的瑕疵只是微軟和其使用者所經歷的眾多安全問題的一小部分,微軟已經承諾將更重視其軟體的安全防護。
13日公佈的安全漏洞中,有兩項被微軟列為最嚴重的等級。該公司對「重大」的定義是:被利用之後,無須使用者採取任何行動,便能散佈繁殖網路蠕蟲的弱點。
第一個重大問題,來自「Task Scheduler」中一個不受檢查的緩衝器,這是記憶體中用來接受外部資料的程式。不受檢查的緩衝器未含有確定資料安全性的指令。
微軟表示,如果有管理特權的使用者開機,成功利用這項弱點的攻擊者就能完全掌控被侵襲的系統,包括安裝程式、刪除資料或創造享有最高權限的帳號。微軟說,系統權限較低的使用者受到攻擊的風險較高權限的使用者低。
賽門鐵克指出,在以網路為基礎的攻擊情境中,攻擊者必須設立一個網站,內含利用這項弱點的網頁。攻擊者還必須想辦法讓可能的受害者造訪這個網站,通常是誘使他們點下通往網站的鏈結。
微軟說第二個重大弱點與「HTML Help」和「ShowHelp」有關。如果具有管理特權的使用者開機,成功利用這些弱點的攻擊者也能完全掌控被侵襲的系統。
微軟表示,另外4項安全漏洞屬第二等級的「重要」瑕疵,最後一項的嚴重度是「普通」。
微軟副總Mike Nash在多倫多的全球夥伴會議中,宣布Download.Ject的修補工具。該公司也表示,已經提前達成訓練50萬個顧客和夥伴如何為他們的系統提供最佳防護的目標。微軟特別指出,使用微軟自動更新功能的人,已較10個月前多出五倍。
Nash在多倫多受訪時表示,微軟已將安全投資擴及許多領域。他說:「如果有萬無一失的方法,我們願意投資。」Nash同時負責微軟的安全事業與科技小組。
Nash說,既然沒有,微軟只好從幾個方面努力 – 讓消費者和公司客戶更容易更新軟體、改進微軟的程式碼,並開發辨識和保護未修補機器的的軟體。在此同時,Nash承認他們對撰寫惡意程式的人,還有一段距離要追趕。他說:「我們兩邊都在進步。」(陳智文)
fr.: http://taiwan.cnet.com/news/software/0,2000064574,20090846,00.htm
Google買下相片管理公司
CNET新聞專區:Dinesh C. Sharma 14/07/2004
Google週二宣布買下加州Pasadena市的Picasa數位照片管理廠商。
Picasa曾在今年五月宣布與Google旗下的Blogger服務結盟,希望能在Blogger網站中強化數位相片出版功能。但之後雙方就沒有近一步宣布任何技術整合細節。Google表示原Picasa客戶的服務並不會受到影響。
Google沒有公布雙方交易的財務細節。
多嘉新創公司都已經開始提供由Napster所帶領出來的p2p數位照片檔案共享服務。數位照片共享公司如Picasa則認為以共享方式比較容易進行邊修,並作大量照片的流通。
Google是在去年跨入網誌(blogging)業務,當時該公司收購了網誌公司Pyra Labs,現在Google則希望藉著Picasa再度刺激Blogger市場。
「Picasa可讓用戶輕鬆管理共享數位照片,該技術將可與Google作搭配,進一步實現整合全球資訊的目標,」Google產品副總裁Jonathan Rosenberg新聞稿中表示。(陳奭璁)
fr.: http://taiwan.cnet.com/news/ce/0,2000062982,20090841,00.htm
IE使用率下降--會引爆趨勢嗎?
CNET新聞專區:Jim Hu 14/07/2004
微軟Internet Explorer長久來已成為網頁瀏覽器的霸主,但最新研究顯示,IE的使用率出現下滑跡象,是記憶所及首見的情況。
市場分析公司WebSideStory的最新數據顯示,過去一個月來,IE市占率持續下降。美國網友用IE瀏覽網頁的比率從6月4日的95.48%,降到7月9日的94.16%,降幅超過1個百分點。
WebSideStory的分析師把IE使用率滑落歸咎於6月間發現的一連串安全漏洞,加上其他瀏覽器逐漸受歡迎,例如Opera、蘋果電腦的Safari、Mozilla基金會提供的開放原始碼瀏覽器FireFox等。
WebSideStory分析師Geoff Johnston說:「問題是,這是不是一股大趨勢的開端,或者已有數百萬人在等時機換掉微軟?」
儘管WebSideStory承認,FireFox的人氣上升,是根據間接證據和非正式查訪所得,但IE最近使用率退步仍是值得關切的問題。進一步的資料顯示,同時期Mozilla瀏覽器的市占率從3.54%升高到4.59%,成長1個百分點左右。此數把任何以Mozilla「Gecko」技術打造的瀏覽軟體都算在內。
整體而言,使用率掉1%並不嚴重,但這卻是WebSideStory自1999年開始追蹤瀏覽器市占率以來,IE市占率第一次顯現下降趨勢。
Mozilla陣營的開發者宣稱,WebSideStory最新的統計數字進一步證明網際網路使用者開始搭上FireFox列車。自從最新版FireFox 0.9.1瀏覽器兩周前推出後,從Mozilla.org網站直接下載的人次已達到100萬次。
Mozilla發言人Bart Decrem說,此數還不包括自聯盟網站或Mozilla社群外圍的其他來源下載的次數,意味實際的總下載人數可能更可觀。
市占率攀升,對Mozilla而言,可謂扳回一城。1998年創立時,Mozilla只是微軟手下敗將網景(Netscape)的一支,其宗旨是提供開發者一種改良網景原始碼的方法,以便與IE爭霸。但創立兩年後,Mozilla逐漸淡出舞台,反映網景母公司AOL內部正逢多事之秋。
AOL最後終於資助Mozilla,讓這個單位自立門戶,成為獨立的組織。之後,Mozilla便推出一系列的產品,例如FireFox和電子郵件用戶端軟體Thunderbird。Mozilla也接受諾基亞(Nokia)贊助,發展手機用的瀏覽器,稱為「Minimo」。
但Johnston不認為最新數據顯示IE已踏上一路走下坡的不歸路。他認為,最近使用率下降,可能局限於某些痛恨IE者,尚未蔓延到網頁瀏覽器的主流用戶群,畢竟棄用IE可能造成諸多不便。
「人們只是想避開痛苦,」Johnston說:「假如不是為了既有的情緒因素而棄用IE,他們不會那麼快就換。」
微軟發言人則表示:「微軟與顧客一樣關切安全性的問題,但我們尚未見到Internet Explorer使用率明顯轉變的現象。」(唐慧文)
fr.: http://taiwan.cnet.com/news/software/0,2000064574,20090848,00.htm
SAP Business One將引進台灣
記者鍾翠玲/台北報導 13/07/2004
SAP適用於小型企業的商務軟體Business One最快在年底將在台上市。
SAP預計在今年下半相繼推出Business One(SAP簡稱為B1)繁體中文版的測試版及正式版,藉此進入年營收3-5億台幣,或是員工數在100人以下的小型企業市場。
SAP為全球最大企業資源管理(ERP)軟體供應商,主要以金字塔頂端的大型企業為客戶層。但隨著ERP在全球大型企業市場趨近飽和,SAP近年開始將客戶層向下擴展。SAP先後推出中型及小型企業產品,分別名為All-in-one及Business One,簡稱為A1與B1。
B1和SAP企業級軟體R3完全沒有血緣關係,是SAP為了小型企業而開發的全新套裝軟體。SAP台灣區策略聯盟副總經理張一中表示,和R3甚至A1不同的是,B1將是一個完全不需要導入顧問的套裝軟體。他以自身經驗指出,大約二個小時即安裝完成,經過數小時訓練後,隔天就能使用。
這套軟體包括ERP、客戶關係管理(CRM)、甚至還包括一套嵌入式資料庫。之前在中國大陸銷售,定價八萬人民幣,約合台幣三十多萬。而這個數目甚至已比台灣本地ERP公司,如鼎新大型ERP產品Tiptop都要便宜,直逼天心、正航等小型套裝軟體的等級。
相較之下,即使是歷經ERP成長趨緩的現在,R3與中型企業的A1分別還是在數千萬及五百萬的價格左右。由於B1鎖定的客戶層是SAP過去完全不熟悉的領域,因此即使B1已前後在歐美及大陸上市,但之前一直未引進台灣。
張一中指出,邁入中小型企業市場已是所有ERP大廠不可避免的趨勢。雖然現在來自中小企業的營收則僅佔這家ERP大廠「微乎其微」的比例,但根據SAP的全球目標,來自這個客戶層的營收,到2008年將佔到總營收的20%。張一中補充,在台灣,在今年前二季的新增客戶數中,已有超過70%的比例是中型企業。
B1在中國大陸銷售相當成功,一年下來,已有一百多家企業使用。而澳洲也有60-70%的營收來自中小企業。
台灣方面,張一中指出,將會需要建立和過去不同的經銷體系。但他表示,B1的定價與經銷商數目將會在年底陸續確定。
fr.: http://taiwan.cnet.com/news/software/0,2000064574,20090821,00.htm
Google選擇那斯達克掛牌上市
CNET新聞專區:綜合外電 13/07/2004
Google星期一向美國證券與交易委員會提交的一份文件顯示,該公司將選擇在那斯達克股票市場掛牌上市。
這份文件終結了Google到底會選擇那斯達克還是紐約證券交易所上市的猜測。
證券交易所不僅可以向上市公司收取手續費,還可以借助這些掛牌公司增加自己的名譽,那斯達克一直就以科技公司上市背景而著稱,但過去幾年遭遇了不景氣,現在吸引到了Google在這裡上市交易,將有助於改善這種局面。
紐約證券交易所星期一發表聲明表示:「Google是一家擁有良好管理團隊的出色公司,我們希望他們的首次公開上市一切順利。」那斯達克方面還沒有對此發表意見。
Google 4月29日向證券與交易委員會申請,希望在今年完成27億美元的上市計畫,它先後放棄了摩根史坦利以及波士頓瑞士第一信貸作為自己的承銷商。5月,Google指定了另外26家銀行作為其股票的承銷商,其中包括高盛、J.P. Morgan Chase以及Lehman Brothers,據悉,美林銀行已經被Google剔除在承銷商行列以外。
Google計畫通過公開拍賣的方式出售自己的股票,這樣做的目的是為了照顧小股東的利益。一般來說,首次公開募股(IPO)一般由機構投資者運作,其股票價格也由他們預定,Google的IPO將讓感興趣的投資者對它的股票進行競價,出價高者獲得股票的購買權。
Google的正式上市日期沒有定下來,投資者如果要購買Google的股票,需要在承銷商開立帳戶。(李海)
fr.: http://taiwan.cnet.com/news/software/0,2000064574,20090803,00.htm
MSNBC.com開始獲利
CNET新聞專區:Jim Hu 13/07/2004
MSNBC.com週一表示該公司成立八年來終於在上一季首度步入獲利,該網站不願透露獲利數字,僅表示過去一年來營收已達4500萬美元,創下歷年新高。它同時表示過去一年來,超過70家公司在該網站的廣告支出達10萬美元。
MSNBC.com適於1996年由微軟與奇異旗下的NBC共同出資成立,微軟當時跨入線上內容試圖衝高網路業務,比如旗下的IE瀏覽器與MSN ISP等。不過微軟目前幾乎以全部撤出內容製作業務,轉而著重在網路服務上。(陳奭璁)
fr.: http://taiwan.cnet.com/news/software/0,2000064574,20090802,00.htm
Google考慮支援RSS標準
CNET新聞專區:Stefanie Olsen & Evan Hansen 10/06/2004
可靠消息來源透露,Google的若干服務考慮重新支持RSS全球資訊網出版規格,這使得煙硝味愈來愈濃的網路出版(Web publishing)標準戰爭出現轉圜跡象。
RSS的英文全稱是Really Simple Syndication(實在簡單聯合供稿),讓線上出版者自動把網頁內容傳給訂閱戶,賦予讀者一種強大的工具,同時從眾多來源匯整新聞標題。隨著使用者增多,RSS儼然已成為改變全球資訊網出版型態的新興技術標準。
但去年夏季,RSS的批評者團結起來推出另一種標準,稱為Atom,以挑戰RSS。Google的網誌(Blogger)服務去年4月捨棄支援RSS,轉為支持Atom,其他許多網站和個人網誌也跟進,讓網路出版標準進一步分裂成互相對峙的兩大陣營。
但CNET News.com收到的電子郵件顯示,Google產品副總裁Jonathan Rosenberg在5月22日的電子郵件中,指示部屬撰寫一份歸納RSS相關技術細節的摘要報告,包括「如何製作、如何使用,在何種平台/裝置上執行,和關於不同平台(RSS 1.0版與2.0版以及Atom)的資訊」。
這顯示Google可能回心轉意,對新網誌訂戶和Google Groups提供RSS支援。該服務的測試版目前支援Atom,不支援RSS。截至6月4日為止,Google尚未針對此問題做出決定。Google發言人不予置評。
若Google決定對RSS和Atom一視同仁,都予以支持,可能有助於維持Google的中立立場,以緩和這兩大陣營之間的激烈衝突。
在這場標準戰役中,Google扮演舉足輕重的角色,因為Google身為Blogger的擁有者,在網路社群和網路出版圈發揮愈來愈大的影響力。Google預定今年發行27億美元的股票,最近把Blogger重新改版,推出簡化的功能,讓網路新手也能用普通的帳號記網路日誌。Google也醞釀推出一系列社群服務,包括電子郵件討論群組(Google Groups 2)、免費網路電子郵件信箱和個人化搜尋工具等,未來都可能採用線上聯合出版的格式。
這種匯整新聞的技術已獲主流媒體採用,如最近幾周來,時代雜誌(Time)、路透新聞社(Reuters)、Variety.com和Smartmoney.com已開始支援RSS,以這種規格把新聞標題傳給新聞匯整者和個人。今年1月,支援Atom的雅虎也開始測試RSS新聞匯整提供服務,首度讓訪客建置個人化的MyYahoo網頁,自動從個人選取的來源匯整新聞。包括微軟、蘋果和昇陽等電腦公司,也支援RSS。
目前的RSS有兩種版本:分別是RDF Site Summary和Rich Site Summary。
這種技術愈來愈受重視,因為基本上可讓網友以想要的方式取得想要的資訊,不必在全球資訊網上漫天搜索,只需設立一個網頁,即可從眾多網站集結新聞標題,再點閱自己想看的。出版商也能借助此技術衝高網站的到訪人次,有助提高廣告收益。
但若網路出版商各擁山頭,分別支持不同的技術標準,迫使消費者必須安裝不同的新聞閱讀軟體,恐重蹈當年兩大錄影帶規格Beta與VHS惡鬥似的標準大戰,妨礙網路出版的發展。
RSS在1990年代末期由網景(Netscape)工程師團隊發展出來,網景RSS團隊解散後,最後由Dave Winer的網誌軟體公司Userland控制此技術,並於去年把該規格交由哈佛大學柏克曼網際網路與社會中心,供外界申請授權使用。批評者指控RSS全由Winer一人掌控,憤而在去年5月推出Atom與之抗衡。
Winer本人則大力鼓吹把兩種敵對的規格合而為一,唯恐Google的市場優勢會造成網路出版標準更大的分裂。他表示,他再三呼籲Google支持RSS,以平息標準之爭,卻始終未得到回應。
「RSS 2.0規格是目前使用最普及的規格。事情一度看起來有合併的徵兆,卻又開始分裂,大致皆因Google而起,」Winer說:「RSS值得Google尊重,但卻尚未得到尊重。」(唐慧文)
fr.: http://taiwan.cnet.com/news/software/0,2000064574,20090084,00.htm
下一代網路協定的成長陣痛
CNET新聞專區:Marguerite Reardon 2004/07/05
Juniper Networks的路由軟體出現漏洞,顯示下一代網路(網際網路協定第6版,簡稱IPv6)的廣泛應用,仍有漫漫長路要走。
美國電腦緊急情況應對小組(U.S. Computer Emergency Readiness Team)和電腦安全顧問公司Secunia,上週三(31日)針對Juniper今年2月24日到6月20日間構建,使用IPv6的M系列及T系列路由器發出警訊。
IPv6是新版的網路協定,可擴展相連的電腦和網路上其他設備的特殊位址。
造成安全漏洞的問題是所謂的「記憶體溢漏」(memory leak),攻擊者可利用這項弱點發動阻絕服務攻擊(denial-of-service)。當IPv6送出較平時佔據更多記憶體空間的封包時,這些記憶溢漏情況便出現。由於記憶體滿載,路由器的速度減緩,而最後當記憶體耗盡時,路由器便當機再自行啟動,可能造成重要服務中斷,或大幅減緩網路速度。
已經在Juniper支援網站註冊的客戶,可直接前往該站取得解決問題的資訊。使用者也可關閉路由器封包轉送引擎中的IPv6。
Juniper公司表示,2004年6月20日以後構建的所有Junos軟體,都包含修正程式。這些軟體都經過修正,釋放被原版IPv6封包佔據的記憶體。專家指出,這項漏洞不會在網路上產生太大衝擊,因為目前全球僅有少數網路使用IPv6。
許多人表示,目前廣泛使用的IPv4,沒有足夠的位址空間,支援未來數年網路可能增加的數百萬個設備。
行動電信和新的消費IP服務,如經由網路協定傳送的聲音和隨選影片,將增加需要IP位址的設備數量。亞洲和歐洲將率先受到影響,因為這些地區對相關新科技的接受度正迅速成長,分析師不預期美國網路會在短期內發生位址短缺的問題。
Secunia科技長Thomas Kristensen說:「IPv6仍處在非常早期的應用階段,自然會出現有待解決的問題。」他指出,IPv4過去也曾出現同一種問題。
日本NTT公司的子公司Verio是唯一在北美地區推出IPv6產品的電信業者。Verio自2003年12月便使用Juniper的路由器,提供大型企業客戶相關服務,該公司上個月才擴大這類業務。
除了Verio之外,北美地區另一個IPv6主要使用者是美國國防部。2003年6月,美國國防部下令各機關在2008年以前轉換成IPv6,並曾協助開發Moonv6網路,作為服務商和設備製造商測試IPv6科技的平台。
Burton Group研究經理帕斯摩表示:「國防部對IPv6已經傳出異聲。但除此之外,美國消費者市場對這項科技可謂零需求。Verio提供相關服務,但須多企業顧客對IPv6似乎沒興趣。」
fr.: http://taiwan.cnet.com/enterprise/topic/0,2000062938,20090629,00.htm
當標準少了統一標準怎麼辦?
David Becker,鐘瑩譯 2004/07/08
業界向技術標準靠攏之際,越來越多使用者深思其難處。五花八門的技術多半由World Wide Web Consortium(W3C)等標準機構掌舵,確保不同系統可以相容互通。
不過運算時一些常見的規格往往偏離標準作業流程,形成「實質標準」(de facto standards)林立的模糊地帶,這些實質標準摻雜了民主理念也加入公司的考量。
由是之故,五花八門的技術考驗著大家長期以來對於標準流程所抱持的看法。
幾個常見的例子(包括微軟Office與Adobe的文件格式、Flash Web的動畫、RSS的網路日誌blogging)點出版權(專屬)軟體與開放出版模式不斷在變動的戰場。開放軟體有其理想,但標準無法互通的現實往往成為飽受抨擊的致命傷,和行動迅速、控管有方的專屬軟體一比,審核開放軟體的標準機構行動慢,加上程式設計師唯恐作品被標準機構委員會篡改得面目全非,兩者的優劣立見。
然而軟體供應商發現,未送交任何標準組織審核的軟體,只要是率先第一個上市或廣受市場歡迎,依然可能成為業界偏好的應用軟體。
當代電腦運算中最廣為使用的標準之一──XML(可延伸標示語言)的共同發明人Time Bray說:「市面存在許多實質標準,其中不乏表現稱職者。」Tim Bray目前是昇陽微系統的軟體指導大師。
Bray以網路程式設計語言Perl為例,稱它是非常成功的實質標準。他說:「Perl屬於直譯式語言,定義靠使用者界定,但迄未構成問題。」
研究公司RedMonk的分析師Stephen O'Grady說,對企業而言,進入正規標準化作業的最大障礙之一是擔心被官僚作業扼殺,動彈不得。他說:「軟體製造商一再跟我們抱怨,和標準機構打交道,對方總是慢吞吞。標準機構委員會做出結論需要時間,求一致觀點也需要時間。」
微軟預設值
多年來,實質標準最普遍也最讓人頭痛的問題之一出現於微軟Office所用的文件格式。Word的.dot檔、Excel的xls檔等格式屬微軟版權所有,換言之,非微軟應用軟體可能無法開啟這些文件,或無法照自己意思顯示文件。
封閉的文件格式無法與其他應用軟體相容,這一向是微軟主導軟體市場的一大利器,研究公司Illuminata研究員Gordon Haff如是說。「相容性問題毋庸置疑是微軟成功拉攏客戶、讓客戶不會琵琶別抱的主因。」
微軟2003年推出新版Office時,正視大家對相容問題的疑慮,做了一些更動,包括儲存檔案時,多了其他應用軟體普遍承認的XML格式。微軟接下來又推出版權保護的XML方言(或schemas),主要用於輔助Office應用程式,由於免權利金,希望能刺激其他軟體撰寫人提供支援。
微軟智財權與權利金部門負責人David Kaefer說,公布schema可有效解決政府與客戶對於相容性問題、文件存檔問題的重視與關切。
歐洲聯盟(EU)最近公佈的報告讚揚微軟出版Schema之舉,並建議微軟進一步採取行動,諸如將Office的XML schema送交有公信力的標準機構,確保程式與文件格式彼此相容。
具影響力的開放碼程式設計師Bruce Perens同意,標準機構監督審核是統一標準的重要步驟。他說:「開放標準(open standards)的核心在於公平、不偏不倚、每個人都可以安裝執行。說到這些,微軟的產品多半不及格。若我們有一套遊戲規則倒也不錯。」
Kaefer提出異議,認為微軟已承諾撰寫免權利金的schema,將程式送交標準機構不但不會有任何實質利多,還會大幅影響與格式相關的創新。
他說:「在這點上求標準化作業並無太多好處。對一些已經相當成熟的技術而言,念玆在玆的是『創新是否會因此受到侷限?』。」
O'Grady說,在歐盟緊盯微軟的一舉一動之際,出版XML schema可能足以保護微軟,讓它擺脫制式規定,免於被逼迫開放格式,尤其是大家熟悉的.doc或.xls等格式。
Adobe的方式
實質標準的另一典型例子是Adobe的PDF(可攜式文件格式),這格式廣為電子文件使用。Adobe至今仍擁有這套始於1990初期的規格,而且曾考慮送交標準局審核。不過免費的PDF流通程度之廣,如今市面已出現數百種Adobe之外用以製造PDF文件的工具,有些甚至內建於蘋果Macintosh作業系統與Openoffice.org的程式設計套裝軟體。
就連講求標準的純粹派(standards purists)Perens與Bray都說,現階段將PDF送交標準機構審核,實質好處少之又少。
Bray說:「有版權保護的PDF已受市場如此肯定,此時送交標準機構求規格統一,老實說看不出會有什麼好處。」
Adobe的全球標準部門主任Melonie Warfel說,Adobe加入不少標準機構,包括發明資料庫與廣告專用的PDF開放碼標準的特別團體在內。不過PDF主要的規格依舊掌握在Adobe的手裡,所以Adobe能快速做出調整,滿足新的需求,例如最近新加了條碼功能。
Warfel說:「若透過標準機構研擬標準規格,大概要花上一輩子,這麼一來,我們擔心會趕不上推陳出新的技術。」
不過Adobe泰半能實現開放標準的目標,靠的是公開PDF規格,允許其他軟體製造商隨心所欲使用原始碼。
Flash遭凍結
碰到Macromedia與其非常普遍的Flash動畫格式,標準圖就變得有些模糊不清。Macromedia從1990年代晚期開始,免費公開Flash規格,希望藉此鼓勵大家擁抱Flash,這招相當成功,逾95%的可上網PC安裝了Flash 用戶端軟體。
但Macromedia拒絕將規格交給標準機構,所以目前市面的Flash工具仍舊由Macromedia應用軟體稱霸。
O'Grady說:「比較Flash與PDF後發現,Adobe開放格式的做法顯然比Macromedia略勝一籌,因為它成功開發了一群圍繞PDF格式打轉的社群。反觀Flash,直到現在才開始比較像商業工具,用戶對Flash格式的用法也還在熟悉階段。」
Bray說,他對「Flash有複雜的感情。它在網路上的確好用,不過它雖為Macromedia所擁有,卻沒替Macromedia賺進大把銀子,這事讓我頗不放心,不知Macromedia是否會長期撥出心力努力照顧它?」
類似的擔心讓外界對Flash的好感慢慢退燒,代之而起的是SVG,新崛起的圖片標準,已獲得W3C的背書。W3C是支持HTML等網路標準的主要標準機構。
Perens說:「我想Macromedia多少錯失了良機,網路瀏覽器到後來一定會內建SVG plug-in,到時候Flash就會被邊緣化。」
Macromedia工具與平台組的總經理David Mendels說,在合理的範圍內,該公司支持開放標準,包括廣泛支援XML、SOAP、甚至SVG等格式。有了Flash做後盾,Macromedia可做到開放標準的目標,又不用通過標準局那關。
Mendels說:「我不認為有一套辦法可以適用於目前我們成堆的程式與工具。我們在1990年代承諾過,不會讓Flash只是個小眾、無法和其他工具相容的多變軟體,至今我們一直信守承諾。我認為公司已成功讓Flash成為廣被支援的開放標準。」
他接著說:「一些人堅信,一切都應該是開放碼程式,不然就應該送交標準機構審核,但我不認為事該如此…我的態度是,解決用戶碰到的問題才是重點,至於靠什麼解決?只要是合理的工具,用什麼都沒關係。」
Blog 寸步難行
網路日誌(Blog)越來越受歡迎,但也衍生新的問題。RSS(really simple syndication)規格可讓用戶易於張貼以及瀏覽各種blog,從即時新聞乃至個人冥想應有盡有。RSS係由Dave Winner撰寫,目前由哈佛法學院的一個專案負責管理,管理單位採用相當開放的「創意化大眾」(creative commons)授權。
Winer表示,他考慮過是否把RSS送交標準局審核,不過他擔心這麼做,RSS「真正簡單」的部份可能被熱心過度的設計師改得面目全非。
他說:「不少這類標準機構不會只收到現成做好的程式後,二話不說就批准它,一定要動手加些東西才讓它過關。」
Winer不願把RSS交到標準機構,並堅持讓規格維持原汁原味,不得變更之舉,已招致若干日誌同好批評,後者希望張貼日誌的格式能夠更花俏。由是之故,Google漸受歡迎,有些人則向還未定案的「Atom」格式靠攏,Atom格式有意在出爐後送交標準局審核。
Bray表示,不該將Atom視為RSS的主要對手。他說:「認為RSS與Atom之間戰火已起是愚不可及的想法。RSS已非常普及,並會繼續滿足大眾的需求。Atom這個新軟體會是一些應用程式的好幫手,例如有些人希望文件的結構能更為嚴謹,Atom就能派上用場。」
再怎麼說,Bary還是希望RSS能夠成為開放的標準。他說:「在此之前將RSS送交標準局不是明智之舉,不過大家現在已成熟到可以訂下遊戲規則。」
RSS引發的辯論凸顯長期以來圍繞標準的爭議。把廣受歡迎的技術交到標準局,經歷冗長有時又痛苦的標準化作業,到底有什麼好處?最終目的無非是希望提供一套標準,讓消費者購買的商品能和其他商品相容。
Bray說:「總之要確保技術彼此互通相容,最好的辦法就是遵守一套開放的標準作業。我認為標準化應該是可行的作業,若新技術不願意被標準化,它應該提出證明。」
O'Grady說,標準機構的作業方式的確讓人反對有理,不過目前可用的替代做法少之又少。他說:「我們聽了太多對標準機構的抱怨,但尚未聽到更好的解決之道。若標準無法統一,最後受害的還是大家。」
fr.: http://taiwan.cnet.com/enterprise/topic/0,2000062938,20090672,00.htm
反網路釣魚技術出籠
記者鍾翠玲/台北報導 2004/07/02
網路釣魚(Phishing)為禍日益嚴重,資訊安全廠商紛紛推出反制產品及服務。
因應網路釣魚自去年來受害者節節升高,成為繼反垃圾郵件之後安全軟體公司的新焦點,趨勢科技、Websense也相繼推出反釣魚產品。
網路釣魚一詞來自釣魚(fishing),是誘騙手法的一種。它往往是冒充知名公司,特別是銀行寄來的電子郵件,誘騙不知情的使用者連上假造的網站,要他們輸入使用者名稱、密碼,或是銀行帳號等機密資訊。最早和網路釣魚相關的事件,是去年11月出現的Mimail.J變種病蟲,偽裝成由Paypal網站寄出的訊息,表示收件者的帳戶將在5個工作天後失效,為了確保用戶持續使用Paypal的線上付款服務,要求用戶在特定的Paypal畫面中,填入信用卡號等個人機密資訊以更新個人資訊,才能重新啟動帳戶。
趨勢科技將推出Interscan Web Security Suite (IWSS) 2.0,包含名為PhishTrap的反釣魚技術。趨勢科技表示,這個產品是一種閘道型產品,依據趨勢科技的詐編網站特徵資料庫來過濾電子郵件。使用者會定期接到位於菲律賓的趨勢科技實驗室(Trend Labs)小組所更新的資料。
趨勢科技表示,這個產品目前只提供給企業用戶,但內含的反網路釣魚技術,將會包含在預定今年11月推出的PC-cillin 2005。
而以防堵網站存取起家的Websense,也將釣魚或惡意網站列入防堵項目之一。Websense過去主要是被企業用來防止員工於上班時間連上色情、賭博或犯罪等各類不法網站,各種分類共擁有數百萬筆網站URL資料。
Websense技術顧問林皇興指出,現在Websense的資料庫加入「phishing and fraud」及「惡意程式」。Websense運用名為WebCatcher技術,及透過誘補系統聯網(honeynet)來蒐集假冒知名網站的詐欺網站,以及包含可能下載木馬程式或間諜程式等惡意程式的網站名單。而訂閱Websense資料庫服務的客戶可以定期獲得更新,而在員工企圖連上這些網站時,就會被攔阻下來。
另外,剛被賽門鐵克併購的反垃圾郵件公司Brightmail,也提供類似的服務。Brightamail的反詐欺服務透過和eBay、AT&T、EarthLink等九大ISP合作,創造出達二百多萬筆的詐欺電子郵件地址。不過需要ISP與企業都是簽約客戶,才能執行這項服務。
Brightmail技術顧問林俊宏指出,這個服務目前有eBay、PayPal(已被eBay併購)及花旗銀行等客戶使用。
fr.: http://taiwan.cnet.com/enterprise/topic/0,2000062938,20090589,00.htm
IE對手發展ActiveX替代技術
CNET新聞專區:Paul Festa 2004/07/06
微軟的競爭對手已團結起來,聯手發展在網頁瀏覽器執行應用軟體的新方式,以取代安全問題亮起紅燈的ActiveX技術。
微軟的對手陣營希望加強外掛程式(plug-ins)的功能,以媲美Internet Explorer瀏覽器運用微軟ActiveX技術所提供的功能。這麼一來,網頁外掛程式,如Macromedia動畫軟體Flash這類第三方公司製作的應用程式,未來的發展可能受到影響。
瀏覽軟體供應者Mozilla基金會、Opera軟體和蘋果電腦公司6月30日宣布,已和外掛程式供應商昇陽電腦公司、奧多比公司(Adobe Systems)和Macromedia結盟,將共同研究如何在非微軟瀏覽器環境下執行外掛程式。
目前ActiveX技術讓外掛程式直接與網頁上的內容互動,形成強大的影音播放工具,但也導致惡名昭彰的安全問題。使用ActiveX,音樂網站可透過微軟Windows媒體播放程式播放曲目,Flash廣告影片也可把總價傳回付款網頁。
儘管功能強大,微軟ActiveX技術的安全性長久來為人所詬病。
除微軟IE外,其他的瀏覽器長期以來一直倚賴NPAPI(網景外掛應用程式設計介面)來啟動外掛程式。Mozilla基金會希望,藉更新NPAPI,能直接解決瀏覽器的安全顧慮。
Mozilla基金會是個開放原始碼組織,接續發展網景(Netscape)被America Online併購前所製作的Netscape Communications瀏覽器程式碼。去年AOL讓那個開放原始碼組織獨立成非營利性的基金會,並與微軟建立新的瀏覽器合作關係。
「現在的選擇有缺口,若你不願成為微軟ActiveX陣營的一分子,別無選擇,」Mozilla基金會會長Mitchell Baker說:「這情形持續好一陣子,似乎難以解決,但我們決定動員各方人馬來解決此問題,不只是為Mozilla而做,也為其餘的瀏覽器和外掛程式提供者而做。」
Mozilla的NPAPI更新計畫依循全球資訊網聯盟(W3C)建議的一套標準,稱為文件物件模型(Document Object Model;DOM)。DOM用來讓JavaScript這類的描述程式語言(scripting languages)與網頁的元件直接互動。
Baker說,基金會打算在未來數周內,開始以新的NPAPI構築Mozilla程式碼,然後進入測試階段。此技術必須取得外掛程式提供者的支援,否則無用武之地。Baker說,這波升級沒有時間表。
描述語言程式設計愛好者盛讚這項聯盟計畫。
Scripting News負責人Dave Winer說:「Mozilla、Opera和其他瀏覽器提供者共襄盛舉,這太好了。能見到全球資訊網平台持續進步,實在是大好的消息。」(唐慧文)
fr.: http://taiwan.cnet.com/enterprise/topic/0,2000062938,20090645,00.htm
IE瀏覽器又遭發現新漏洞
CNET新聞專區:Robert Lemos 2004/07/08
電腦系學生發現,微軟新發布的Internet Explorer瀏覽器修補程式仍不牢靠,有心人士只要拐個彎,照樣能在上網瀏覽網頁的使用者電腦上作怪。
微軟上周五(2日)發布修補程式,用來修補一種瑕疵,以免駭客利用該瑕疵與另外兩種已知的安全漏洞,經由瀏覽器入侵使用者的個人電腦。但一名安全研究員本周找到IE瀏覽器的另一瑕疵,可讓駭客達到相同的目的,就連微軟最新的修補程式也防堵不了。
在網路上張貼破解程式的荷蘭電腦系學生Jelmer Kuperus說:「微軟只選擇解決一部分的問題,他們理應知道會冒出這種問題才對。」
這是短短一個月內,微軟必須第三度和公開抖出IE安全問題的研究員鬥智。6月初,Kuperus發現某個網站利用之前未曝光的IE弱點,加上最近微軟已修補過的一個漏洞,在受害者的電腦上安裝廣告軟體(adware)。緊接著,上周安全研究人員又發現另一個比較輕微、微軟已修補過的老毛病,又在新版瀏覽軟體上重現。
針對新發現的瑕疵,微軟坦承不諱,並表示近日內會發布更多的修補程程式。
「本公司正著手準備一系列的IE安全更新程式,數周內會發布,將提供用戶額外的保護,」微軟發言人對CNET News.com說:「本公司也將繼續積極調查這些報導。」
最新發現的瑕疵其實並不新,早在今年1月就有安全人員提出來討論,Kuperus說。起初,這個問題被視為微不足道,但實際上卻很嚴重,因為駭客可能把它拿來與6月間發現的其他兩種弱點合而運用,便能輕易擅闖安裝IE瀏覽器的Windows電腦。
「我們今天所見的駭客攻擊,都是利用多重的弱點,每一種都迴避IE某個特定的安全功能,」Kuperus說:「個別來說,這些問題通常多半無害,但合起來卻構成重大威脅。」
這三種先後發現的弱點,都出自於一套元件和描述功能程式庫,稱為ActiveX。比較早發現的瑕疵隱含在ADODB.Stream之中,新發現的瑕疵則潛伏於Application.Shell元件。
IE冒出的瑕疵不勝枚舉,導致有的安全專家索性建議使用者改用別的瀏覽器。就連美國電腦緊急應變小組官員,也建議安全管理員考慮改用非微軟瀏覽器。
微軟則建議使用者上微軟網站查閱最新的資訊。 (唐慧文)
fr.: http://taiwan.cnet.com/enterprise/topic/0,2000062938,20090709,00.htm
Mozilla瀏覽器也有安全漏洞
CNET新聞專區:John Borland 09/07/2004
開放原始碼的Mozilla基金會證實,最新版Mozilla瀏覽器有一安全弱點,理論上駭客可能藉此讓電腦當機,或執行來路不明的程式。
該基金會在周三(7日)透過郵寄名單公告這項瑕疵,附帶修補程式的下載網站連結。受影響軟體的更新版,包括Mozilla、Firefox和Thunderbird的瀏覽軟體,皆已對外發布。
程式開發者表示,新發現的瑕疵只影響Windows作業系統的使用者,安裝麥金塔或Linux作業系統的電腦不受波及。
過去幾周來,Internet Explorer瀏覽器傳出一連串的安全瑕疵問題,讓微軟疲於因應。一些安全研究員開始建議憂心忡忡的使用者停用IE,改用別的瀏覽器。不料就在此時,Mozilla的瀏覽器也驚傳安全瑕疵。
微軟建議用IE瀏覽全球資訊網的使用者密切注意最新的安全警訊,並且到微軟的「保護你的PC」網站查閱最新的訊息。
Mozilla開發人員表示,Firefox網頁瀏覽器未來的版本會加入自動更新通知功能,以便加速告知使用者關於安全修補程式的訊息。(唐慧文)
fr.: http://taiwan.cnet.com/news/software/0,2000064574,20090746,00.htm
付費搜尋成長趨緩
CNET新聞專區:Jim Hu 09/07/2004
協助許多網路公司轉虧為盈的付費搜尋(paid search)服務,過去兩年來財源滾滾,但最近已顯露業績成長趨緩的跡象。
分析師和業者駁斥所謂市場萎縮的說法,認為付費搜尋不過遭遇「小孩轉大人」的尷尬期罷了。
美國科技研究公司股票分析師Mary Mahaney在8日發布的研究報告中寫道:「也許搜尋市場歷經2002年和2003年的爆發性成長後,如今已來到成熟期的初步階段。」
這股趨勢最明顯的初步徵兆,是雅虎(Yahoo)表示本季盈餘大概只能達到華爾街的預期。雅虎子公司Overture Services經營市場規模最大的付費搜尋服務,客戶包括美國有線電視新聞網(CNN)和微軟的MSN在內,因此該公司的財報被視為付費搜尋市場榮枯的風向球。
另一大重量級業者是Google,知名合作夥伴包括America Online和Ask Jeeves。Google準備今年發行股票上市,該公司超過九成的營收仰賴付費搜尋服務。
在7日舉行的法人說明會上,雅虎主管承認,第二季付費搜尋的查詢量和訂價在原地踏步。此話一出,華爾街大吃一驚,雅虎股價在盤後交易暴跌12%,次日股價才小幅回升。
付費搜尋市場仍在成長,只是成長速度不像前一季那麼急速奔馳。根據Mahaney的研究報告,Overture的銷售額比去年同期成長39%,但成長幅度比第一季的45%遜色。
Piper Jaffray股票分析師Safa Rashtchy說:「雅虎是以階梯函數的步調成長。總會經過一段成長鈍化期。不可能連續兩季以第一季的水準大躍進。」
商業搜尋業務靠的是量,查詢量愈大,收入愈豐。Overture和Google的付費搜尋服務讓廣告主競價標購關鍵字廣告刊登,然後每當網路使用者點選連結,便酌收一筆費用。這種作法賺進大量廣告收入,讓許多與Overture和Google結盟的網站公司財務鹹魚翻身,如原先步履蹣跚的雅虎、America Online和MSN都因此恢復生氣。這項業務對雅虎營收的貢獻良多,促使雅虎去年索性以16.3億美元併購Overture。
付費搜尋業務仍蒸蒸日上,但分析師擔心按點閱次數平均計算的訂價已經到頂了。一旦Google今年稍後發行股票上市,並按規定逐季公布盈餘數字,外界會更懂得如何衡量付費搜尋。
「去年,季節性因素只是小問題,但現在已變成一大顧慮,」Schwab Soundview Capital Markets股票分析師Jordan Rohan說。
話雖如此,華爾街分析師抱持樂觀的態度。分析師指出,成長趨緩的現實,讓外界正視付費搜尋市場的瓶頸,不再樂昏了頭,何嘗不是好事。就像傳統廣告市場一樣,付費搜尋市場有晴空萬里的日子,自然也有淒風苦雨之時。
持平而論,雅虎在付費搜尋以外的領域仍呈現強勁成長的跡象。如會費收入從上一季的8,800萬美元增加到1.04億美元,業績低迷甚久的HotJobs部門也顯露復甦徵兆。
雅虎執行長Terry Semel 7日接受訪問時說:「我們十分欣慰。我們一點也不訝異。訂價持穩,一切狀況良好。」(唐慧文)
fr.: http://taiwan.cnet.com/news/software/0,2000064574,20090747,00.htm
微軟員工被控偷竊搜尋引擎原始碼
CNET新聞專區:綜合外電 12/07/2004
美國執法當局9日表示,全球最大軟體商微軟公司的一名員工,因涉嫌於兩年前偷竊AltaVista搜尋引擎的原始碼,已於上週被捕。該名員工目前負責微軟搜尋軟體開發的工作。
根據美國聯邦調查局(FBI)遞交北加州地方法院的起訴書,曾任職於AltaVista的Laurent Chavet,被控在2002年離開該網路搜尋公司後但尚未受雇於微軟期間,擅自闖入該公司的電腦。
位於加州桑尼維爾的AltaVista先被線上搜尋廣告商Overture Services收購,但兩家公司去年皆被納入雅虎旗下。
微軟正努力加強其網路搜尋技術,並在MSN部門下設置一團隊,負責開發演算搜尋科技,以對抗全球搜尋服務霸主Google。西雅圖郵報9日報導,法國籍的Chavet在MSN的搜尋團隊工作。
微軟公司發言人Tami Begasse證實,29歲的Chavet的確是該公司員工,但拒絕透露他隸屬哪一個部門,或微軟是否曾進行內部調查。Begasse說:「我們有信心目前的政策和程序,能夠完善保護我們的原始碼。」
美國聯邦助理檢察官,兼北加州電腦攻擊與智慧財產單位首長Chris Sonderby,不願評論當局是否針對Chavet曾在微軟使用任何AltaVista的科技進行調查。Sonderby說:「這項起訴與微軟無關。」
因收購Overture而成為AltaVista業主的雅虎公司,拒絕對此事發表評論。
起訴書指出,Chavet涉嫌於2002年3月和2002年6月進入AltaVista的電腦系統,當時他已經離職。西雅圖法院上週舉行此案的聽證後,Chavet以1萬美元交保候傳,他將於7月20日在舊金山法院出庭應訊。(陳智文)
fr.: http://taiwan.cnet.com/news/software/0,2000064574,20090783,00.htm
昇陽力推Java品牌有硬仗
CNET新聞專區:Stephen Shankland 12/07/20
昇陽期望靠著一支新的電視節目來推升Java軟體的知名度。
此一為時30分鐘的節目稱為「Mobile Entertainment World」(行動娛樂世界),是由昇陽聯合電話服務商共同贊助,昇陽品牌經驗與社群行銷副總裁Ingrid van den Hoogen表示。這是昇陽計畫以上億美元專案來推廣Java品牌的動作之一。
不過昇陽要讓普羅大眾認識Java冒著蒸汽咖啡杯背後所代表的意義可能還有一段長路要走。
許多人可能都聽過Java名稱,「但真正懂的Java在幹嘛的卻不多。」舊金山品牌公司Prophet助理合夥人Greg Sieck表示。「如何讓消費者瞭解Java裝置的功能效益才是真正的困難點。」
昇陽在1995年推出Java,但目前的品牌計畫還執行不到一半,van den Hoogen表示,若Java品牌是一本十個章節的書本,現在不過進行到第四或第五章而已。「我們預計明年開始會有更多動作,」她指的明年是將從7/1日生效的會計年度。雖然她不願透露行銷預算數目,但該行銷計畫在一年前推出時,時任昇陽軟軟部門主管的Jonathan Schwartz曾表示會有上億美元的行銷經費。
Java的承諾
Java軟體號稱可讓單一程式執行於好幾種不同的電腦,比如Windows、Mac OS 或Linux。它雖然未能如同昇陽原先預期一舉取代Windows,但卻在行動電話與伺服器電腦上廣為採用。
Java現象並非僅靠昇陽撐起,還有其他商業合作夥伴,如手機製造商Motorola與Nokia,伺服器軟體銷售商IBM與BEA。許多情況,甚至是這些合作夥伴更加賣力在推動Java,而非昇陽。
Sieck認為Java品牌計畫可能有兩個動機,一是創造Java消費需求,好讓合作夥伴有支援的誘因;第二則是扭轉昇陽以非伺服器製造商,而是同時也是軟體公司了。
不過品牌行銷活動也不是每次都能成功,即使連微軟這樣知名廠商都可失敗的時候,比如之前為了與Java對壘而推出的.Net便因名稱造成太多混淆,使得微軟不得不撤回將產品通通掛上.Net的計畫。
「.Net當時用在許多產品上,」RedMonk分析師James Governor表示,「微軟後來發現這樣做也不是個好辦法。」
昇陽在Java消費領域最大的成功可說在行動電話市場上,它的軟體可用來購買、下載並執行遊戲。昇陽表示Java手機已有3.5億支的出貨量,但在這塊市場上,跟客戶扯得上關係的卻是諸如Vodafone與Nokia這類合作夥伴,而非昇陽。
廣告公司Lindsay, Stone & Briggs品牌策略副總裁Fritz Grutzner表示,昇陽要建立子品牌時不免於這些合作夥伴產生競爭關係。
Sony Ericsson便銷售了多款Java手機,並透過開發比賽等各種活動來提倡Java程式開發。但在目前,手機客戶多半還是著重在實用功能上,而非Java品牌,Sony Ericsson的開發計畫通訊經理Mimmis Olsson表示。
「多數客戶其實並不是很在乎這個技術,」Olsson表示,「他們比較感興趣的是應用面,也就是手機可拿來作什麼用途。」
Sony Ericsson沒打算在手機上貼上Java品牌,不過受合約限制,Java程式在執行時還是會先秀出Java影像,該公司的開發計畫主管Mikael Nerde說。
未來難關
Java推動品牌最明顯的兩個例子發生在2003年,當時昇陽將旗下的軟體套餐命名為Java Enterprise System(JES),而以Linux為基礎的桌上型作業系統則稱為Java Desktop System(JDS)。JES大量使用Java,而JDS也有類似的規劃,van den Hoogen表示,但他指出JES也打亂了其他Java伺服器軟體商的功能,因此昇陽後來又祭出Java Powered計畫,好讓合作夥伴可以更容易打出Java品牌。
「我們接到不少電話反應,所以才推出Java Powered計畫,」van den Hoogen表示。
之前的Java品牌計畫(100% Pure Java)由於認證規定過於昂貴嚴苛而流於失敗,她說,「能通過的沒幾個,且價格又相當昂貴,」van den Hoogen說。
不管如何,Van den Hoogen並不認為Java伺服器軟體大廠BEA會將該公司的WebLogic產品改名為Java WebLogic,「他們畢竟有自己的品牌考量。」她說。
BEA不願對此表示意見。
另一個難題則是在行動手機領域上,由於硬體與Java標準眾多,使得Java號稱「write once, run anywhere」的承諾有可能功虧一簣。昇陽在這裡有一套更嚴格的認證程式稱為Java Verified。多家行動手機服務廠商,包括Orange、Vodafone與T-Mobile都要求所提供的軟體下載必須通過此一認證,她表示。
就如同Linux的企鵝Tux標誌一樣,昇陽也有自己的吉祥物稱為Duke,雖然Duke的知名度似乎遠不及Java的咖啡杯標誌,但昇陽希望能有所改變,「我們正試圖讓它更出名些。」van den Hoogen表示。
或許這也顯示Duke所肩負的Java任務還沒有廣為人知,昇陽執行長Scott McNealy成把這隻無眼無嘴的動物稱為「臼齒仔」(molar)。(陳奭璁)
fr.: http://taiwan.cnet.com/news/software/0,2000064574,20090787,00.htm
