Smackdown!

Breaking News: Google Borks the Earth

Posted on August 23rd, 2010 at 4:22 pm by Michael VanDeMar

Want to explore the entire planet from your computer? Normally all anyone wanting to do so would have to do would be to trot on over to Google Earth, download and install their application, and off globe trotting they could go. Today, unfortunately, those who do not already have the program installed are apparently out of luck. It looks like today one of the brighter Google engineers working for one of the world’s leading tech companies has somehow broken not just one of the download links for the application, but all of them. Read the rest of this entry »

Posted in Google, coding, lackofmeds, nerdiness, search engines | 3 Comments »

I Finally Figured Out Who Jason Calacanis Reminds Me Of

Posted on August 17th, 2010 at 8:32 am by Michael VanDeMar

In all of the discussions and posts about Jason Calacanis, whenever and wherever he replied to people calling him on his bullshit, it always had the same tired familiar ring to it. His statements have that tone that all scam artists and con men have utilized throughout the ages, professing their innocence despite the preponderance of evidence against them. Finally it hit me who it is that he sounds like when he is trying to defend his spammy sites… Read the rest of this entry »

Posted in Social Media, blogthropology, nerdiness, scams | 2 Comments »

zOMG! Jason Calacanis Lied Again?? Shocker!

Posted on June 21st, 2010 at 7:45 am by Michael VanDeMar

Last Thursday, in response to Matt Cutts stating that he needed more than “arbitrary inurl searches” to sway him (which was in turn in response to a Hacker News submission about Mahalo and the plethora of keyword rich domains they were apparently building out) I wrote a post explaining in some detail how the latest Mahalo spam is in fact spam. I demonstrated in the post how Jason had developed a linkfarm which was being used as a link source back to Mahalo.com. It wasn’t just that the individual sites were all linking back to the mother site, which would in fact be normal, but also that the pages were linking back to specific pages within the main site, pages that in many cases had few, if any, links going to them aside from the ones from this linkfarm.

Each time it happens Matt’s defense of Mahalo spamming Google just gets more perplexing. In this latest round he started by saying that his job was not to have knee jerk reactions, as if Mahalo hadn’t already established a pattern of spamming over a long period of time, and that Matt is pretending he hadn’t already had a talk with Jason and told him that if he didn’t raise the bar with his site that Google would take action on Mahalo. From there it got even weirder – Matt looked at the linkfarm and basically told me that a) he didn’t care as long as it wasn’t passing link juice, and b) he’s the only one who could tell if that was the case.

I could have sworn that it was if you were caught trying to spam you were penalized, and you couldn’t get the penalty removed unless you promised not to do it again. Now, where did I get such a crazy and wild idea? Oh yeah, I remember now… Read the rest of this entry »

Posted in Cuttisms, Google, SEO, blogthropology, lackofmeds, scams, search engines | 20 Comments »

Need Help Understanding The Latest Mahalo Spam?

Posted on June 17th, 2010 at 7:30 am by Michael VanDeMar

On Tuesday of this week someone posted the following question to the Hacker News website: How long has Mahalo been using keyword domains like this? The link in the story points to a search in Google, [inurl:tip_guidelines mahalo]. The results of this query show a list of somewhere between 180 and 270 sites (Google doesn’t show all of them, just the first 184 or so) all belonging to Mahalo.com, all keyword rich domains, all using the Mahalo Answers platform, and all covering material that Mahalo.com already covers. I am sure most of you are familiar with that fact that Google labels sites that have little or no content and are designed to drive affiliate conversions as Thin Affiliate sites:

These sites usually have no original content and may be cookie-cutter sites or templates with no unique content. – Google Webmasters Tools Help, on sites Google does not like

These sites that Mahalo has started churning out, all that were apparently created just this year, would appear to be the AdSense version of the classic “thin affiliate” website.

I showed Matt Cutts the link to the search itself, and asked if he thought that the list of sites Read the rest of this entry »

Posted in Cuttisms, Google, SEO, blogthropology, lackofmeds, scams | 76 Comments »

Dear Matt Cutts, What’s Your Take On Addon Domains?

Posted on June 15th, 2010 at 2:58 pm by Michael VanDeMar

Today Matt Cutts answered a question from “Land Lubber”, Colorado. Land Lubber asks:

What’s your take on “addon domains”? Does Google penalize someone for having one or more addon domains on their main website, (or if they’re self hosting)? e.g. 2, 5, or 10 all coming from the same IP address, would that be bad? – Land Lubber, CO

Matt responded with the following: Read the rest of this entry »

Posted in Cuttisms, Google, SEO, blogthropology, nerdiness | 11 Comments »

Rackspace Hacked Clients, Check Your Databases: Wordpress “wp_optimize” Backdoor In wp_options Table

Posted on June 14th, 2010 at 8:16 pm by Michael VanDeMar

Just finished cleaning up a hacked client whose website is hosted on Rackspace Cloud hosting. It is the second one within the past few weeks, although the first one was actually hosting on Laughing Squid, which happens to use Rackspace Cloud. I had discovered that there were a large number of people all on the same IP as my client a couple of weeks ago who all got hacked, but I was having trouble determining if it was an issue with Laughing Squid or an issue with Rackspace Cloud itself, so I didn’t blog about it until I could research it more. I wish now that I had, because maybe then it would not have spread so widely. As it is, it is the same Wordpress attack that Unmask Parasites blogged about earlier today.

It looks like the culprit might have been a security hole in phpmyadmin. Hopefully this will turn out to be what was wrong, Read the rest of this entry »

Posted in Wordpress, blogthropology, coding, how-to, nerdiness | 12 Comments »

Was The Google Mayday Update A Complete Failure Then?

Posted on June 11th, 2010 at 10:52 am by Michael VanDeMar

Earlier this week at SMX Advanced Seattle, during the You&A With Matt Cutts, the topic of the latest Google update, dubbed Mayday by webmaster last month, happened to come up. According to Ryan Jones’ live blogging account of the SMX Keynote the update had nothing to do with the web spam team. It was an algorithmic change that was intended to “make long tail results more useful”. Matt made statements in effect telling webmasters who might have been affected by MayDay that they should look at their content and see how usefulness or unique content could be added to those pages. This indicates that the point of the Mayday update was to filter out or penalize results that are not unique content, or that are simply autogenerated results.

Matt made similar statements when he was interviewed by WebProNews and the topic came up: Read the rest of this entry »

Posted in Cuttisms, Google, SEO, blogthropology, lackofmeds, search engines | 29 Comments »

Wordpress Hacking, Matt Mullenweg, And Some Screwed Up Priorities

Posted on June 1st, 2010 at 7:45 am by Michael VanDeMar

I clean Wordpress installations for people who have been hacked. I can help fix non-Wordpress sites as well, but since often times the way people find me is through the guide I wrote on how to fix Wordpress after you’ve been hacked it turns out that’s what they need me to do for them a fair bit of the time. I have a process that I go through, and a specific set of things that I look for on every Wordpress installation that I work on to make sure that it is indeed hacked, and to determine how bad the damage is. Different intrusions can leave various symptoms and clues as to how the hacker got in, and knowing this can be helpful in diagnosing the situation.

One of the hacks that has been around for a few years Read the rest of this entry »

Posted in WTF, Wordpress, bad research, blogthropology, lackofmeds, priorities, scams | 16 Comments »

My Mom Needed Me To Let The Plumber In While She Was At Work (True Story)

Posted on May 31st, 2010 at 9:54 pm by Michael VanDeMar

I work from my house and keep odd hours, so when a family member needs some sort of worker let into their house during the day I am often asked if I am available to do it. I don’t mind, we all live fairly close together, and it’s not that much of a hassle on most days. Tonight my mom called and asked me if I could let someone in to her place tomorrow to look at her tub, because it’s clogged. She’s tried Drano twice, poured boiling hot water in it, and even tried plunging it, all to no avail. I told her it would be no problem for me to let someone in.

A little while later I went into my own bathroom, and while in there happened to glance at my own tub… Read the rest of this entry »

Posted in On The Ball-ness, blogthropology, how-to, lackofmeds | 6 Comments »

GoDaddy’s Suggestion For The Cause Of Their Hacks And Their Community Blog – Can You Smell The Irony?

Posted on May 14th, 2010 at 3:52 pm by Michael VanDeMar

Yesterday I blogged about the hacking situation with GoDaddy hosting and a customer service call I had with them concerning some evidence I had found. While it is true that as this has progressed GoDaddy has widened their scope in investigating what the underlying cause of these hacks are, initially they claimed that the issue was with their customers running outdated versions of Wordpress. While being wrong about something like that is usually not that big of a deal, in this particular instance it proved to be beyond irksome, since a large portion of their customer base were told that it was their own fault that their sites got hacked (even in cases where the customer was up to date), and that GoDaddy was in no way to blame:

WordPress is a-ok. Go Daddy is rock solid. Neither were ‘hacked,’ as some have speculated.

After an extensive investigation, we can report there was a small group of customers negatively impacted. What happened? Those users had outdated versions of the popular blogging software, set up in a particular way. – Alicia from GoDaddy

From what I have read around the web customers were being told that it was not GoDaddy’s responsibility to fix the sites, that they only offered “limited support” in situations like this, leaving people with only the option of restoring from a backup (which would often not help even in outdated Wordpress hack situations, since hacks can go undetected for months) or hiring outside help to clean things up.

You can see on the support page they have set up, What’s Up with Go Daddy, WordPress, PHP Exploits and Malware? that they still claim that outdated scripts are part of the problem. Going to that page and viewing the source reveals something almost unbelievable:

(click to enlarge)

That’s right, in a classic “do as I say, not as I do” twist it seems that GoDaddy is in fact running an older version of Wordpress (Wordpress MU, based on the version number, which has the same security holes as regular Wordpress) for their community blog that they are using to tell people to upgrade their Wordpress versions.

To be fair, simply having an older version of Wordpress does not mean that it is automatically insecure… the security fixes in the more recent versions may be minor and the known vulnerabilities might have been manually patched. I can’t know without actually digging deeper and looking if in fact the installation was vulnerable.

Then again… neither can GoDaddy in the case of their customers.

Posted in Social Media, WTF, Wordpress, blogthropology, coding, customer service, lackofmeds, nerdiness, web design | 7 Comments »