The web is all about conversions and users. Long gone are days when one measured earning potential of website by earnings, total visitor count and home page pagerank alone. These metrics are simple and easy to understand. Sadly, they do not give real useful information.

Earnings are not necessarily the most informative metric of the website. Some websites do not earn money directly. The same amount of money earned might suggest good or bad website performance depending on investments done, visitor count, market or advertisement type used.

It is even more difficult for websites whose income sources are advertisements or which advertise main business indirectly (for example, using branding). The conversion might be long process and you see increase in sales or conversions, but it is hard to estimate the performance of content.

However, you have to analyze the content. There are information that can be extracted from both statistics and user-generated content related to the original content. These things might not correlate!

For example, we post articles in our local fashion magazine and publish excerpts in facebook pages. Most viewed content not necessary is most commented one! Why it is so ?

1. Content that appeals to main auditorium of website is more engaged. Content that is related to auditorium is most interesting.
2. Shocking content would be more viewed one. They are interesting for broader spectrum of people.
3. Shocking content has more viral potential as it might be redistributed by non-members. That is why single-time visitors are useful as well.

Is engagement more important that visitors? For membership sites, definitely. You grow your crowd and your influence in them. However, a single non-related re-share of content might increase your site visibility further than in-door engagement. Thus in many cases you have to vary your content enough to attract more diverse crowd to your site.

Recently I got new dell XPS 16 with I7 processor. I am really happy with it ( I guess a post comming soon), however I want address a problem I had to solve.

You see, each time I scroll or type something, my PC froze for couple secs each 10-20 sec apart. The drivers were ok, windows 7 install is fresh as well. So I could not pinpoint the problem. I ruled out hardware malfunction as there is no custom hardware (except blueray and more ram) in this Dell XPS model. Speaking about the Blueray/dvd writer, the freezes might have affected writing process as the single dvd I wrote was unreadable.

Lastly, I found the problem. My laptop came with Mcafee preinstalled. Even if I had no plans on buying it, I havent removed 14 day trial at once. Well, that was the mistake. Apparently, Mcafee was behind PC freezes all along.

I am not planing to leave my dell unprotected though. I will go with ESET smart security probably, as I have good experience with it. Its detection rate is better, and I expect my PC to be more responsive than with Mcafee. There are other good software around too, like Kaspersky, Avira, Avast.

I had received my brand new Google nexus one finally! As it is not available here, I had to buy it through ebay and send it by post. I had additional week to wait because of slow postal service here – they had to send information to customs and so on. I haven’t replaced my last phone for 2 years or so, thus it was a quite big change.

Nexus one box included the phone itself, 110v charger, usb/htc connection cable (can be used for charging as well), headphones and case for carrying. The phone is shipped with 4G sdcard.

The first impression – it rocks. I am not a big fan of Iphone and nexus one is just my kind of phone: good design, I can easily operate it in one hand (most of the time), very fast and lots of applications. The camera is very good as well. Additionally, the Android os will get multi-touch support as well soon, which will be quite nice add-on for galleries and browser.

Additionally, I like the contact management in my google account. This saved a lot of time – I exported my contacts to vcf in my old phone, uploaded to PC and imported to my google contacts. As an additional bonus, Android offers nice integration of contacts from various sources : google addressbook, facebook, etc.

There are still some glitches that should be fixed:

a) Sometimes touchscreen is not sensitive/wont work, especially on edges. After couple of tries it starts working again. Annoying, though.

b) There are major issues with bluetooth connections – it pairs, but fails to connect with some equipment, including handsfree in my car. I’ll have to read about it more and maybe I’ll get it to work. Maybe there will be an update by android team.

c) There is not a big choice for some niche applications, like GPS ones. But Copilot looks promising (if they got good Lithuanian maps for Android).

d) Sound quality is slightly worse than my old K800i.

Now I just need to wait for OS update to get multi-touch and I will be really happy .

Antivirus Soft

Antivirus Soft is a rename of rogue Antivirus live. The crooks had not bothered to change much, the most significant change is in name only. Antivirus soft uses same means to reproduce : fake websites, malicious ads in social networking sites or good old fake codecs and movies.

After the download, your PC will stop executing other programs becouse they are “infected”. Usually, it is not true as single infection is Antivirus Soft  itself. They expect you to agree paying for it and funding these scammers.

The Antivirus Soft removal process is quite similar to antivirus live :

1. Reboot into safe mode

2. Remove proxy server from IE settings.

3. Search your user directory for file ending with sysguard.exe. Delete it. If you cant, press ctrl+shift+esc and stop process with same name and repeat deletion.

4. Reboot and scan with spyware doctor to make sure you got everything out.

I recommend having an anti-malware with real time protection running all the time to avoid problems like this.

Slow PC Fighter is a registry cleaner from same family as Spam Fighter or Virus Fighter. Registry cleaners allow fixing errors and inconsistencies in PC’s registry making PC boot and operate a bit faster. Many of them are made by security companies.

Slow PC Fighter website claims that running Slow PCFighter will increase PC speed up to 40%. That might be true on really badly supervised PC, but I would not expect such things on each PC.

Slow PCFighter free scanner installation was quite quick and easy. The download is around one megabyte. What impressed me, it recognized my Windows as 64 bit one and installed correct version of application itself.

The scan is was quite quick and found around 2000 errors, mostly missing files or empty registry keys. It had not shown any false positives, which is good.

The free version of SLOW PC Fighter removes 25 registry errors, which is quite little compared to errors it found.

Verdict: I would definitely give it a try to see if there are lots of errors in the PC. It might be useful and safe to have this product if you hate reinstalling windows like I do. The downside is that you would have to purchase full version as free scanner is not too useful except for trying the product out.

You can download Slow PCFighter here.

First, I must state here that I am affiliate of couple security products that have little to do with this post on itself. This rambling is about people motivation and truthfulness.

Spending time in some forums and social boards I met couple types of people that give professional advice there: people that were in same situation, contractors and affiliates or products. The most of people would argue that the last group is most annoying and they can not discern between contractor and other two groups. However, I would like to slightly disagree.

First, a security contractor is a person that is on payroll by specific security software or service company and gets static amount of money for his job and/or bonus on how well company is doing. An affiliate is a person that works for oneself and gets money from specific amount of product sales. Quite often affiliate has more than single products he offers. So, what is the practical difference? Here are some myths:

Myth no 1. Contractor’s quality of advice is often better as many of them have better knowledge in the field.

Partly true, most of contractors work in the field. However, it is not true for hired marketers compared to security experts that refuse to work on contract bases and earn additional income from sale.

Myth no 2. Contractors have stable income, so they do not need to force each sale

Not true. If contractor does lousy job, he will lose his income (contract) completely. Doing good job might yield a bonus. If an affiliate does lousy job, his profits will diminish. However, lot of affiliates try selling as much as possible because they seek profit.

Myth no 3. A contractor does not need to use sneaky tactics at promoting product

Completely not true. Contractor has additional benefit at using sneaky tactics because they can pretend being former customers and there is hardly anything that would prove it otherwise. They do not need to use tracking codes, they do not need to disclose anything. They spamming techniques might reach borderline.

Myth no 4. An affiliate will not promote best product because he is out for profit

That is again not true as you can’t promote BAD product for long. Additionally, affiliate has a huge benefit of being able to choose what product to promote and what not. A truly good affiliate is not forced to promote a product using false comparison tables, spam or by accusing competitions business model.

Sure, there are all kinds of affiliates and contractors. However I would check such things as:

1. Accusing other reputable products being bad because option x is paid one
2. Leaving user without a choice when choosing product
3. Calling other marketers spam because they promote different product than they do
4. Calling others a scam because they do same things and are paid by performance
5. Avoiding giving free information and pushing a product
6. Forcing user to pay for free things to boost sales of product without giving them to try it
7. Making a set of disclosure rules others (affiliates) have to follow to be legitimate but not following them themselves.

I got a lot of examples of such behavior. And sadly it will remain that way in the market.

And there is one thing I have to disclose – I was a contractor of security company for a short while too (No, it was not Malwarebytes, but the experience would be the same I guess). I did not liked the experience, because my freedom to promote right product in each situation was reduced. Now I can give suggestions of any product I think is good for the customer. Even if I get 0 cents from it. That is freedom I have working for myself and not being a contractor.

And if you think it would be if I would work in different company, that promotes “best” “free” product? Well, think again. I will have less freedom and less choices.

Now I do not say that being contractor is evil. Being contractor and not disclosing it when suggesting a product is evil, though. Much more evil than being affiliate, which is easily seen in most cases. Calling other legitimate products malware is evil when you are paid by competitors. Calling others spammers when you do the same is evil.

This week I had a really interesting problem to tackle: one simple script of mine behaved not as expected. And it took me couple hours of analysis for a simple ~30 line script to find the cause.

The script on itself its quite simple one – we have 2 numbers and 2 dates, one of them is in the past, another is in the future. We need to calculate current value from current date and 4 other values. To complicate the problem, we have to randomize things a bit by adding something (always positive value compared to last one) up to the current value so we do not get a straight line from starting point to the finish. There are some other conditions that impact calculation.

Ending coordinates are constant during whole execution of the script. Starting coordinates would be constant if we had no randomization as well. So, we store starting coordinates in separate .php file that is loaded in main script. Then new values are calculated, checked if they are not out of bounds and written down as new starting values to the same config file.

Testing provided no problem with the script, however in work environment sometimes counter went back in time. And no one could find the issue. The added value was always positive. The configuration file was saved. There was single configuration file used and no other programs overwrote it. Everything seemed ok and script worked incorrectly sometimes.

The problem was server load and disk space. During high loads on server, script execution was not atomic as expected, and file writes were slow too. So when 2 scripts executed at the same time, include file might be empty. Thus script would recalculate next value without having the data about previous “randomness” and it would be smaller than it should be.

The moral is that I should have expected similar problems. It is easy to forget concurrent environment of the web when programming or analyzing simple scripts.

I have to distribute a mailing list of circa 150 000 email clients and wondered what alternatives I have to in-house system. This has lead to some research of various options for mailing customers.

First there are 3 types of software I might use: web-based services, server based newsletter/mass mailing applications and PC software.

web-based mass mailing services are quite expensive for bigger lists. For example, icontact.com offers plans costing $699.00 for 100 000 users per month. Aweber.com is about the same (at least for smaller plans). It would be a good choice for a smaller permanent list.

Also I can’t tell how well web-based services would perform under my constraints. I need Lithuanian encoding, handling weird email addresses of One.lt – popular Lithuanian social network with emails that uses its own email engine. And it has its own spams filter as well.

Another choice would be installable php scripts that would offer mass-mailing or newsletter handling. A clear choice would be phplists – a free php script for that. It looked very promising at first, however I met couple problems. First, it is not as user friendly as you would expect from distributed php software. I had to change lots of things in php scripts manually, even disabling test mode or changing encoding. That is not acceptable. Second, its import scripts suck. I have not managed to import mailing list properly even after I removed couple checks. Overall, its interface is lacking and I would not recommend this software for no-techie.

I have tested PC software as well, for example SendBlaster. It was quite promising except the way how it handles international encodings. I have received empty letter in my spam box.

So, the question remains open : should I try to make something working from phplists, search for its alternatives or use our in-house mailing system.

Antivirus live is a rogue antispyware application on the same platform like cyber security and system security. It infects system by drive-by-downloads, shareware or infected websites. The difference is that Antivirus live uses a bit more complex way to protect its executables against removal and removal software.

First of all, Antivirus live enables proxy server in the common browsers. The server either goes through Trojan process on localhost or through infected websites. This allows manipulation of search results and inserting various popups into web pages. This hinders downloading of anti-spyware applications as well.

Second, Antivirus Live processes disable launching of other, non-white listed executables. Thus it is harder to get rid of antivirus live while process is active.

To get rid of Antivirus Live, you have to disable its processes. There are couple ways to do so : First, start task manager right after logging in into windows (while Trojan has not launched). Keep pressing ctrl+shift+esc . Then stop all processes that end with sysguard or other processes that should not be there. Second way is using safe mode (press F8 on boot up). If it fails, download process explorer from Microsoft (you might have to rename it to .pif ) and try using it.

Second step of Antivirus Live removal procedure is fixing your browser. For this simply disable proxy server and empty hosts file on your PC. Overall, it is good idea to disable add-ons of unknown companies as well.

The last step is removal of infected files. Although you can search for them on hard disk (files ending with sysguard.exe), the better approach is to download and install good Anti-spyware application. Personally, I recommend Spyware Doctor for Antivirus Live removal and keeping your computer protected from similar parasites in the future. Other good choices include superantispyware and malwarebytes.

Typically, all popular wordpress themes come with html comments to mark endings of div block. This is required for theme developers as it is much easier to see where particular block ends.

However, I do not like leaving code like that in production site. Although some claim that HTML comments have no effect in SEO, it might have effect in keyword discovery process. Additionally, they might have effect for various security plugins, that filter and block content containing bad words.  Third, I think it is bad to leave debug information in production sites.

The biggest problem of these is that Wordpress theme frameworks like Hybrid uses these as well. So you will have to clean up frameworks source each time you upgrade your framework. That is not the best approach.

However, You can implement this by creating couple filters in your childs (or custom) theme  functions.php file:

function custom_callback($buffer) {

$buffer=preg_replace('/<!--(.*)-->/Ui',' ',$buffer);

return $buffer;

}

This will clean the code from comments when user is not logged in (for search engines and visitors).

Sometimes friends and clients complain about competing sites that should not be there:

• No obvious optimization
• Content is crappy, mentions term once and in very different context
• Few or no links
• Design is old and ugly

However, such site is in the first page and sometimes quite high in results. So, what are the reasons for this?

Personally, I have seen a blog that ranked really well under one porn term with single mention in blog post. It had nothing to do with porn industry though.

Sure, we do not know Google algorithm, but my guess is disambiguation of search results plays major role in niche markets. Quite often the key phrase is not enough to determine searcher’s intent and search engine has to provide alternate meanings for the term. Sure, in many cases the Nr1 is site that performs best in terms of SEO, but there is room for different sites as well.

Let’s discuss an example. A person searches for “online poker” – a quite competitive term. In the first page we will see poker rooms, poker information portal, poker forum, some news sites and images. It is not because forum sites and poker rooms are at the same level in terms of SEO. We get these results because Google cannot determine which result is most relevant for us:

• We might want to play online poker in top rooms (highest possibility for the term).
• We might want to read reviews of these rooms
• We might want to discuss about online poker
• We might want to read some related news, etc.
• We might want some local results as well.

Sure, we will not see poor sites under this query in top places. Online Poker is too competitive. However, some of the sites might appear out of nowhere even under this term.

So, what can we conclude from this?

1. Copying top sites is not the fastest way to front page. Unique approach is.
2. The longer the query the more SEO work has an impact.
3. Behavioral analysis and local data will have an impact on what results you get as well. They matter. Guess what sites target users need, and not what they use now.

Thats all today

Last month I took over support of one project that inspired this post. It is a website with couple static pages, news and galleries that was created with Joomla. The problem was that site owners could not support it. They are not computer savvy and the internal structure of admin panel is way too complex for them to understand.

Funny enough, I would have gone to completely opposite direction with that site design. Based on site requirements, I would install Wordpress and code additional functionality. Wordpress handles many things better than Joomla:

• Image upload and resize to sane sizes
• Article/news organization
• Simpler admin interface

And a lot of clients do not need anything more – they do not want to resize media prior uploading, or searching for missing plugins to do that resize on upload time. Also, content and organization is tragic in Joomla, and it is really difficult to comprehend for person that does not work with such systems daily.

Now Joomla has its own uses and I would not create complex sites on wordpress. However, how often developers think about customer needs instead of their development speed and “Power” of the application? Many of us want to show off with powerful options, lots of customizability as we cannot brag about nice code inside to the customer. Often it is not what customer needs.

Thus it is important to write down requirements of project before putting everything on most powerful CMS you know. Think what user wants to see and make it easy for user to navigate through admin panel to do the tasks he needs.

Recently, I had simple but interesting problem on wordpress where I could not find ready automatic solution: thumbnail generation based on image ratio. I use wordpress as CMS for image-heavy site.

For example, I want that 3 sized images:

1. For landscape pictures I need 202×133 thumbnails
2. For square (or alike) images I need 156×142 thumbnails
3. For portrait images I need 120×162 thumbnails

The exact size of thumbnails matters, as I want to put these images in nice picture frames, with no spacing around. So obviously, I need a cropper that should work automatically.

Wordpress itself does not provide that function. Thus I started looking for plugin as basis for such cropper. I have chosen scissors – a very nice wordpress plugin I can recommend for others. It allows user to control resizing and cropping images on upload, also it provides additional options for resizing/cropping images automatically.

However, how to make this plugin crop images depending on ratio automatically? Well, we need to hack into its source.

All modifications done are in scissors.php, scissors_resize_auto($metadata) function. We work with medium image size, as scissors does not work with thumbnails itself (we could implement this as well).

Step 1. Configuration.

We need to configure scissors to use adaptive image resize for medium sized images, or it will not pass through the function. Obviously, we can’t use inputs to define image size for all 3 cases without more serious coding, so we stop configuring there and hack into source.

Step 2. Determining image ratio.

Image ratio can be calculated at this: $ratio = $srcW/$srcH; , where $srcW is width and $srcH is height of original image. If $ratio is bigger than 1, image is landscape, in other case it is portrait. For this case we assume that ratio between 1 and 1.3 means square image, though we could use other steps.

if ($size=='medium') {
if ($ratio>1.3) {
$maxW=202;
$maxH=133;
} else if ($ratio>=1){
$maxW=156;
$maxH=142;
} else {
$maxW=120;
$maxH=162;
}
$dstH=$maxH;
$dstW=$maxW;
…..

So, we now have the image size to use and the image would be resized to exact size required. However, the image would be screwed when original image ratio would not match resized image ratio. We need to crop image as well as resize it.

Step 3. Croping the image to proper ratio.

Luckily, imagecopyresampled that is used to resize image can crop it during same operation as well. For this, we need to calculate area we need to crop in original image. First, let us initialize some variables:


$startx=0;
$starty=0;
$endy=$srcH;
$endx=$srcW;


Then,


if ($dstW/$dstH<$ratio) {
$endx=round($srcH*$dstW/$dstH);
$startx=round(($srcW-$endx)/2);
} else {
$endy=round($srcW*$dstH/$dstW);
$starty=round(($srcH-$endy)/2);
}

The only thing left is changing imagecopyresampled request to


imagecopyresampled($dst, $src, 0, 0, $startx, $starty, $dstW, $dstH, $endx, $endy)

Which crops required area from center of original image and resizes it.

That’s it. The end product is still in development and will be launched this week.

1. Your server and domain
   1. First thing I would check is the spammy IP list. Is your IP address blacklisted? It happens, especially on shared hosting. Good place to start searching is http://www.mxtoolbox.com/blacklists.aspx . I would use a dedicated IP if I plan to do mass mailing.
   2. Do your IP address resolves back and how? If it has IP address in reverse domain address, they think it is a DSL – assigned IP and not a hosting one, so it is assumed that this is SPAM. If IP resolves back to your domain, it is a good sign.
   3. SPF record is highly advisable. Not all incoming mail servers use SPF record; however it never hurts to have one.
2. Your email message headers. Forging headers is bad idea. Your headers should be informative and correct, including message ID. It is important how you write your email address there as well, you should always use real name with email address where possible. Same is applicable for recipient email address as well. Prove that you know them.
3. Avoid spam words or keep their density low. The message should have enough text; however it should not be too big. Also, avoid excessive capitalization and spacing.
4. You should include information why they are getting this message, also your contact information, as well unsubscribe information (if applicable). You do not have to write that your message is not spam – only spammers do that.
5. You should use well-formed html if you have to use it. No hidden text, tracking images or similar – they are usually blocked by anti-spam programs. Also you should include text version of email.
6. Avoid using spam – mailers. The anti-spam programs know about them and how to recognize most of them. This is quite sure way to be flagged as spam.
7. Monitor your returning email box. See what messages got undelivered and bounced back. See if it is your problem or the recipient problem.
8. Upon registration, ask your visitors to add your email to their address book and use same email for communication with them. Address book is the best way to pass spam filters.
9. Some mail servers do not like too many emails from single sender at any point. Try to space out the sending of your newsletters.
10. Avoid sending too many messages to people that can’t read them – full message boxes, blocked, etc.
11. Check your web application if it can’t be used to send spam for real. This might be a case for “send to a friend” forms or similar which allow information input. This is quite serious security issue as you might get blacklisted.

Overall, the most important factor is monitoring back all information you get back from emails you send, especially the “negative” one : bounced emails, sending errors and similar. There are lots of information in bounced messages that you should read and evaluate.

Security Tool is a rogue antivirus scam, using generic name for disguise. Together with Cyber Security, they are hitting computers hard and forcing users into buying their “full” versions to remove non-existing virus infections. Typically, Security tool states that one’s PC is infected with Spyware.IEMonster or similar parasites, however, the real infections are very different.

The main problem with Security tool and alike is that they prohibit most of downloads and render computer unusable. However, there is a way to remove it.

Step 1.

Check if you can access your Task Manager and Regedit. Task manager can be accessed by pressing ctrl+alt+del and choosing it from menu. regedit is accessed by simply running it.

If you can not access task manager, but you can access regedit, search for TaskMgr entry in registry (using regedit) and delete it. This should reenable task manager.

Alternatively, you can download process explorer (you might need to rename it to iexplorer.exe or iexplorer.bat for launching) . Also, you might need to download it to another PC and bring it using USB drive

Step 2.

If you can launch process explorer or task manager, do it. If not, go to Step 3.

Now you need to kill the processes blocking downloads. Typically, it is run under your username, and not under system user. Search for processes named with random numbers or unknown applications. And stop them. Note down the process names ( you will need these in step 4).

Step 3.

Now you need to check if there are additional blocks to visit other websites. This includes : disabling all proxy servers on your internet explorer or firefox browser, checking your hosts files ( it should be nearly empty, no known sites except localhost).

Step 4.

You have a choice : Search for Security Tool files in Security tool removal instructions or download anti-spyware like spyware doctor, and execute scan and removal.

If you choose manual removal, delete the files you have stopped in step 2 ( with random numbers in name). Also, modify registry and delete all keys mentioning these names.

Step 5.

Reboot and check if everything is ok. If not, repeat steps 2-4 And scan with antispyware you havent scanned. Superantispyware would be my choice nr2, but malwarebytes anti-malware will work too.

Thats it.

I have a very mixed feelings about one issue in anti-spyware community. That is how products are marketed as free. During the years as I work in the industry, there were a large amount of products marketed as free despite the fact that their important features are paid ones. Typically, this was the remover itself. However, some tools has changed the scene.

One of these tools is Malwarebytes anti-malware. It provides free detection and removal for parasites in database, and its paid feature is real-time protection module. So, what is the problem with it?

The problem is how this tool is positioned for end user. You are told that Malware bytes Antimalware provides the best free protection, however it is not so. Protection it is not same as removal. Protection from computer parasites depend on capabilities of real-time protection module. But few promoting this tool mentions this. Some of the experts can’t even see the difference in these statements.

However, Malwarebytes anti-malware is a free good program for SOLVING infections, and in most cases this is one of the first tools I install on infected PCs. It has quite good detection ratio, and quite often was enough to solve the problem. Then again, there are quite a few cases when I had to install spyware doctor or other program to finish off remains.

That brings me to another issue I do not like about Malwarebytes anti-malware: its naming conventions. Most of trojan parasites are hidden under simple name of Trojan.downloader so users can not find more information on what infected their PC at other anti-virus and anti-spyware vendors. Some might argue that this information is not important. I disagree, as other vendors might provide better, more in-depth information about particular parasite.

Thus I would stick to other anti-spywares like  super anti-spyware or Spyware doctor for reliable protection, and keep malwarebytes as a just in case tool only.