Skip to main content

Why I won't be an affiliate for your company

Posted in

I receive a few advertising offers on my websites every month and most simply want to buy a banner/link for whatever reason - traffic, sales, branding, seo, etc. Honestly I don't care about their intention as long as it doesn't ruin my user experience.

The worst offers are people trying to get me to signup for their affiliate program.

Here is an example:

Hi,

I am Harish from Allo.com; we develop cost-effective next generation high quality VOIP products, such as Digital Telephony Cards, PBX Systems, Next Generation IP Phones and Analog Telephone Adapters…

We are interested in advertising our products on [my site redacted].

Please let me know who I should talk to.

Regards,

What's wrong with this offer?

It's deceitful.

This looks like a normal advertising request to buy a banner/link. It's not. How do I know it's an affiliate offer?

Microsoft Office: Now with ads and reduced functionality?

Posted in

Seriously? Now my downloaded software is going to spew ads at me and provide a crappier product?

Thank god for Libre Office.

Writing Clean Code

Posted in

Great video about writing clean code (which sadly cannot be embedded): http://vimeo.com/12643301

I thought I was doing an ok job but it really shined light on some things I could do to improve my code.

Funny thing is, I could have gone there but didn't think I would be writing that much code in the future at the time. It was 15 minutes away in Malmo!

Natural Language Processing (Comic)

A stressful day trying to work with NLP leads to things like this.

Natural Language Processing Comic by Kevin Ohashi

Dear Afternic

You are still emailing me lost passwords in plaintext. This just isn't acceptable.

I contacted you, worked my way through your support team until the manager I spoke to who was supposed to be connected to the dev team asked me what email client I used and said maybe it was outlook that was revealing my password. My email client (oh, I don't even use outlook) was allegedly cracking the passwords or something. I am not even sure what they were trying to say or imply. Whatever it was, it's ridiculous.

I only noticed this because I reactivated an old account because I thought listing with you guys would be a good idea to complement listing on sedo since you were also free now. I want to be your customer. I also want you to treat my information with respect and keeping my password secure is something I simply cannot compromise on. Please fix this issue so we can get back to selling domain names, because I simply won't do business with you until you do.

At least one major domain company is NOT SECURE

This is a warning to at least one major domain company. I will be naming names Monday (April 25th) unless it gets fixed. This type of behavior puts customer information at risk and has been hacked before.

YOUR PASSWORDS AREN'T SECURELY STORED

They store passwords in plaintext or a system where they can get back to plaintext (which for all intents and purposes are the same).

What does that mean? It means instead of data being stored in the following format:

accountName | 5f4dcc3b5aa765d61d8327deb882cf99

It gets stored like this:

accountName | password

How do I know if my password is securely stored (as a customer)?

There is no way to tell for sure it isn't stored as plaintext. However, the most common giveaway is trying the password recovery system. If they email you your original password, they are storing it in plaintext. If they force you to generate a new password, they most likely are storing it in a hashed form and have to generate a new hash on your new password because neither of you knows your old password.

Why does this matter?

If they were ever broken into, your passwords are exposed and the attacker can simply read them. If they are encrypted, the attacker would have to decrypt them first, which takes an incredible amount of time (assuming they use Salt). Thus making it exceptionally difficult if not practically impossible to do anything with a hashed password.

Huh? what? I am lost...
Ok, here is a simple explanation of how logins work:

User visits website.

User types in account and password.

In a PLAINTEXT system, the computer matches user entered account:password combo with an account:password combo in a user database.

In an encrypted (secure) system, the computer hashes the password using an algorithm (such as MD5) to produce a hash ('password' after md5 encrypt becomes '5f4dcc3b5aa765d61d8327deb882cf99'). The computer then matches the hash to a stored hash in the database, if the hashes match, it is the correct password. Only your password will generate the same hash, but nobody with access to the database will ever know what your password is because it's stored as a hash.

UPDATE: I am not going to recommend MD5 after further reading, there are apparently stronger algorithms such as bcrypt and SHA-2 which will keep passwords more secure than MD5.

If you have any questions - as a company or as a customer - feel free to contact me and ask.

24,000 Domains Article Postmortem: Traffic, Revenue, Business Models

I published a post listing 24,000 available brandable domain names that anyone could register a couple days ago.

It was far more successful than I ever imagined receiving over 17,000 page views. Ranking 3rd on HackerNews frontpage and 2nd in a major subreddit with over 30,000 subscribers.

I wanted to go through the entire setup of the article, the marketing, the goals, the traffic, the results and conclusion.

The Other 24,000 Available Brandables .COM Domains - Full List

This is a continuation from this article.

My pickups were:
Hipeo.com
Docey.com
Blisu.com
Bliro.com
Releq.com
MuteU.com
Ocane.com
Smizi.com

There is a lot Japanese sounding names in there which I liked but didn't take. Enjoy!

Update 7:09 pm: Request for an affiliate link. So I picked my favorite consumer facing registrar NameCheap.

DISCLAIMER: these domains were checked against the zone file, NOT the registry. Some names ARE TAKEN but for whatever reason did not have name servers when the zone file was downloaded. Possible causes: somewhere in the delete cycle or simply no name servers registered.

Domain Registrar and Customer Interests are NOT Aligned

This is in response to this article.

I think the original article hits some really important points about lock-ins and timeliness for most types of customers. However, the article misses the biggest reason why it's so hard to find a good registrar.

Registrar and Customer interests are NOT aligned.

We agree that the registrar business is a commodity for most people and treated as such. This causes a race to the bottom in pricing, service and other aspects. The problem this has created is: how do registrars earn more money?

Screwing domain registrants and keeping/selling/monetizing their domain names.

A incomplete list of the ways registrars do/have screw(ed) over domain registrants:

  • Automatically parking domains on their own PPC, creating the potential for legal issues for the owner and collecting any income made.
  • Creating barriers to domain transfers such as 'faulty' email systems (looking at you eNom - over 4 years and you still claim it's on my end, yet every transfer in from the same email address works perfectly)
  • Keeping domains that expire for themselves
  • Selling off expired domains without them going through the delete process (Pre-Release)
  • Marking up Redemption Grace Period renewals (often hundreds of dollars)
  • Spamming (hi intrustdomains.com)
  • Upselling useless products/services (godaddy is the worst offender)
  • No incentive to create good user interfaces once you've registered domains
  • Non-existent support (looking at shell registrars used for drop catching)
  • Domain Tasting
  • Exposing whois queries
  • Frontrunning (buying a domain as you go through the registration process before you actually purchase)

Registrars watched others make money in the domain name business but saw razor thin margins. The biggest problem in my opinion is expired domain names. They make pennies for each domain I register but can potentially make thousands for each domain I expire through pre-release partnerships and drop catching (mostly pre-release these days).

With those sort of incentives, it becomes obvious why there are no (or few) good registrars. It takes a special level of commitment and someone who truly cares about creating a service that's good for their customers.

Name.com Registration Agreement Shenanigans

Just read an article by Nathan Hammond complaining about their registration agreement.

Apparently they automatically park the domains, waive all liability and then don't share any of the PPC profit with their customers. The article emphasizes the race to the bottom we're seeing in this industry from service providers (with a few exceptions of course).

The interests of the registrars and their customers just simply aligned anymore. This type of behavior won't end until it's fixed.

Syndicate content