DirectNIC has been my registrar of choice for years; all of my current domains are registered with them, and several of our clients use them as well.
DirectNIC's offices are in the heart of New Orleans, down the street from the Superdome. They have remained online and almost completely operational through Katrina and its aftermath (apart from their free web hosting service, restored today) due to the almost literally heroic efforts of their data center staff.
DirectNIC's Crisis Manager, Michael Barnett, has been updating his blog during the disaster, including photos and a webcam feed.
If you want a reliable hosting company, these folks have certainly proven that they'll do whatever it takes to keep their data center online.
Saturday, September 03, 2005
Sunday, May 29, 2005
Why is my PIX PDM Broken?
If you manage a Cisco PIX firewall, you may have recently run into a problem accessing the PDM (PIX Device Manager) browser-based management interface. Cisco's PDM is a Java-based tool for managing your firewall; there are a handful of things that can't be done via its graphical interface, but for the most part, many users will seldom have any reason to use anything else for configuration and management. The VPN wizard, in particular, is vastly easier to use than the dozen or so lines of arcane commands required to implement the same thing from the command line.
A couple of my clients recently had issues accessing the PDM from Windows XP and Server 2003. After authenticating successfully in both the browser and the Java window, they were presented with an empty window instead of the PDM - and a message in the status bar claiming
Both clients concluded - not unreasonably - that there was some kind of authentication problem with the PIX, and that they were locked out.
In fact, the problem was not with the PIX, but with Java itself. Sun's most recent updates to the JRE (Java Runtime Environment) made changes to the behavior allowed for signed code - and caused consternation for developers and end users by breaking quite a few applets.
Installing the "release 8" update for the 1.4.2 plugin, or the "release 2" update for the 1.5.0 plugin prevented access to the PDM - and no adjustment to the security settings in Internet Explorer or Firefox could fix the issue (both Windows and Linux platforms suffer from this problem.) Applets which behaved like the PDM - launching code which performs security-restricted functions from an HTML button - were now 'broken by design' under the new stricter security model.
Those who had upgraded their Java plugin from an earlier (working) release could uninstall the latest version, and once again access the PDM. But for a new workstation or server, the latest load of Java was broken 'out of the box,' and there wasn't anything to go back to. And unless the affected user tried a Google search on the full status bar error message, there were very few clues on the nature of the problem - or the fix.
There is, in fact, a Cisco Field Notice, dated May 16th, on this issue - but unless you perform a very specific Google search, you'll probably miss it.
Cisco does offer a product alert service which will e-mail you notices like this one when they are published, but you have to have an account with Cisco CCO - which generally means, if you're an end user, that you're carrying a SMARTnet service contract on at least one piece of Cisco equipment.
Those who don't have a SMARTnet contract on their PIX not only probably missed the alert, but also cannot implement the official fix, which is a downloadable update - 3.0(3) or 4.1(2) - to the PDM. The workaround is to uninstall the latest copy of the JRE, and download and install release 1 of the Java 1.5.0 plugin.
And, perhaps, consider springing for a SMARTnet contract on at least one of your Cisco products. It doesn't take many of these kinds of headaches for it to pay for itself.
A couple of my clients recently had issues accessing the PDM from Windows XP and Server 2003. After authenticating successfully in both the browser and the Java window, they were presented with an empty window instead of the PDM - and a message in the status bar claiming
java.security.AccessControlException: access denied.Both clients concluded - not unreasonably - that there was some kind of authentication problem with the PIX, and that they were locked out.
In fact, the problem was not with the PIX, but with Java itself. Sun's most recent updates to the JRE (Java Runtime Environment) made changes to the behavior allowed for signed code - and caused consternation for developers and end users by breaking quite a few applets.
Installing the "release 8" update for the 1.4.2 plugin, or the "release 2" update for the 1.5.0 plugin prevented access to the PDM - and no adjustment to the security settings in Internet Explorer or Firefox could fix the issue (both Windows and Linux platforms suffer from this problem.) Applets which behaved like the PDM - launching code which performs security-restricted functions from an HTML button - were now 'broken by design' under the new stricter security model.
Those who had upgraded their Java plugin from an earlier (working) release could uninstall the latest version, and once again access the PDM. But for a new workstation or server, the latest load of Java was broken 'out of the box,' and there wasn't anything to go back to. And unless the affected user tried a Google search on the full status bar error message, there were very few clues on the nature of the problem - or the fix.
There is, in fact, a Cisco Field Notice, dated May 16th, on this issue - but unless you perform a very specific Google search, you'll probably miss it.
I almost never use a vendor's own search tool to explore a support knowledge base. Microsoft's Knowledge Base, in particular, was long notorious for the obscurity of the keywords assigned to articles. More than once, I couldn't re-locate a KB (or Q article, if you're old skool) that I knew was there, which was immensely frustrating. I finally started using site-specific Google searches: specifying a search by site:microsoft.com server 2003 dns firewall allowed me to find information that eluded the built-in tool. Microsoft, by the way, claims to have made significant improvements to the way their site search engine works. Is it better? I don't know - they trained me not to use it by returning poor results for years. Google is my friend.
Cisco does offer a product alert service which will e-mail you notices like this one when they are published, but you have to have an account with Cisco CCO - which generally means, if you're an end user, that you're carrying a SMARTnet service contract on at least one piece of Cisco equipment.
Those who don't have a SMARTnet contract on their PIX not only probably missed the alert, but also cannot implement the official fix, which is a downloadable update - 3.0(3) or 4.1(2) - to the PDM. The workaround is to uninstall the latest copy of the JRE, and download and install release 1 of the Java 1.5.0 plugin.
And, perhaps, consider springing for a SMARTnet contract on at least one of your Cisco products. It doesn't take many of these kinds of headaches for it to pay for itself.
Saturday, May 28, 2005
Outlook's Compelling Autocomplete Illusion
Working with someone who had been issued a brand-new laptop last week made me consider something interesting about Microsoft Outlook - the autocomplete feature works so unobtrusively, and so well, that most users believe that it's doing something that it isn't - and can't.
Autocomplete kicks in when you begin typing in the To:, Cc:, or Bcc: fields of a message. The first character of a name or e-mail address pops up a menu of matching recipients; additional typed characters can disambiguate the list to a single entry (as soon as you've typed enough to distinguish it from all the other names and addresses.) An essentially identical feature fills out commonly used form fields in most web browsers.
It works well, and saves time and typing - especially for those of us whose number of e-mails sent per day exceeds our word-per-minute typing speed!
I've found that most users - including some very computer-savvy people - think that Outlook actually searches their address book in real time as they type. It doesn't. Instead, the first time you type in an address or name, it's added to Outlook's Nickname file. Outlook searches the file each time you begin typing an address, and creates a menu of suggestions from all the matching entries. For those who have been using Outlook for a long time, there are often so many entries that Outlook appears to be searching their entire address book, and the users don't realize (or remember) that an address doesn't autocomplete until it's been used the first time.
The rude awakening generally comes after an upgrade, or a move to a new computer. If the user's Windows profile doesn't follow them to the new computer, they'll complain that Outlook is 'broken' - because it isn't filling in all their addresses anymore. An explanation of how the feature really works - and the implication that they'll have to use each address again before it will autocomplete for them - is generally not well received.
"WHY CAN'T IT WORK LIKE THAT?"
The autocomplete feature is useful because it is near instantaneous - if it took so long to pop up suggestions that it slowed down our typing, it would cease to be a feature, and become an annoyance.
That's why it can't really search your address book in real time. I have a few hundred entries in my Contacts list; my wife easily has three times as many as I do. A reasonably fast computer, with plenty of RAM, could probably deal with my list. I doubt that it could do an acceptable job with my wife's list - unless it cached the entire list in RAM. But not everyone has a 'reasonably fast' computer - and so a significant number of Microsoft's customers would experience performance issues.
And consider another class of Microsoft's customers - exceptionally large enterprises like Boeing. Boeing has somewhere around 160,000 users on a Microsoft Exchange-based e-mail system. Imagine each user's copy of Outlook crunching through close to 200,000 possible recipients and aliases, across the network, all day long. Not only would this make the autocomplete process as slow as molasses, but it would also increase the load on the network, and really increase the load on the domain controllers.
The good news is that, with a little planning, you can move the Nickname file to a new computer. In Outlook 97, 98, and 2000, it was a .nick file; in Outlook 2002 and later, it's .NK2. Ensuring that these files get backed up, and are moved to the user's new computer, will prevent irritated users with 'broken' copies of Outlook.
SOMETIMES YOU WANT IT TO GO AWAY
On the other hand, after an e-mail migration changes the format of most or all of the addresses in an organization, or if someone moves to a new company but retains their laptop, most or all of the autocomplete entries can become invalid. You can reset the autocomplete cache (by renaming the file) to remove all the entries; the Exchange Profile Update Tool (Exprofre.exe) can do this on a wholesale basis if you are migrating hundreds or thousands of users.
It is also possible to remove individual stale or corrupted entries for Outlook 97, 98, and 2000, using the nickname.exe and ol2knick.exe tools. I'm unaware of a similar tool for Outlook 2002 and later - if you are, I'd love to hear about it.
Autocomplete kicks in when you begin typing in the To:, Cc:, or Bcc: fields of a message. The first character of a name or e-mail address pops up a menu of matching recipients; additional typed characters can disambiguate the list to a single entry (as soon as you've typed enough to distinguish it from all the other names and addresses.) An essentially identical feature fills out commonly used form fields in most web browsers.
It works well, and saves time and typing - especially for those of us whose number of e-mails sent per day exceeds our word-per-minute typing speed!
I've found that most users - including some very computer-savvy people - think that Outlook actually searches their address book in real time as they type. It doesn't. Instead, the first time you type in an address or name, it's added to Outlook's Nickname file. Outlook searches the file each time you begin typing an address, and creates a menu of suggestions from all the matching entries. For those who have been using Outlook for a long time, there are often so many entries that Outlook appears to be searching their entire address book, and the users don't realize (or remember) that an address doesn't autocomplete until it's been used the first time.
The rude awakening generally comes after an upgrade, or a move to a new computer. If the user's Windows profile doesn't follow them to the new computer, they'll complain that Outlook is 'broken' - because it isn't filling in all their addresses anymore. An explanation of how the feature really works - and the implication that they'll have to use each address again before it will autocomplete for them - is generally not well received.
"WHY CAN'T IT WORK LIKE THAT?"
The autocomplete feature is useful because it is near instantaneous - if it took so long to pop up suggestions that it slowed down our typing, it would cease to be a feature, and become an annoyance.
That's why it can't really search your address book in real time. I have a few hundred entries in my Contacts list; my wife easily has three times as many as I do. A reasonably fast computer, with plenty of RAM, could probably deal with my list. I doubt that it could do an acceptable job with my wife's list - unless it cached the entire list in RAM. But not everyone has a 'reasonably fast' computer - and so a significant number of Microsoft's customers would experience performance issues.
And consider another class of Microsoft's customers - exceptionally large enterprises like Boeing. Boeing has somewhere around 160,000 users on a Microsoft Exchange-based e-mail system. Imagine each user's copy of Outlook crunching through close to 200,000 possible recipients and aliases, across the network, all day long. Not only would this make the autocomplete process as slow as molasses, but it would also increase the load on the network, and really increase the load on the domain controllers.
The good news is that, with a little planning, you can move the Nickname file to a new computer. In Outlook 97, 98, and 2000, it was a .nick file; in Outlook 2002 and later, it's .NK2. Ensuring that these files get backed up, and are moved to the user's new computer, will prevent irritated users with 'broken' copies of Outlook.
SOMETIMES YOU WANT IT TO GO AWAY
On the other hand, after an e-mail migration changes the format of most or all of the addresses in an organization, or if someone moves to a new company but retains their laptop, most or all of the autocomplete entries can become invalid. You can reset the autocomplete cache (by renaming the file) to remove all the entries; the Exchange Profile Update Tool (Exprofre.exe) can do this on a wholesale basis if you are migrating hundreds or thousands of users.
It is also possible to remove individual stale or corrupted entries for Outlook 97, 98, and 2000, using the nickname.exe and ol2knick.exe tools. I'm unaware of a similar tool for Outlook 2002 and later - if you are, I'd love to hear about it.
Thursday, March 10, 2005
More AutoLink Outrage!
Walt Mossberg at the Wall Street Journal doesn't like the AutoLink feature of Google's new toolbar, either.
And his article bears more than a passing resemblance to Scott Granneman's column. Almost as if one of them is paraphrasing the other. Or they're both getting their ideas from someone else. Hmmm.
Again, what the outrage comes down to (even in some posts on Fark!) is that web pages that these folks either design, or write content for, might somehow acquire links to somewhere else. Like a competitor.
Never mind that the links appear because the reader asked for them. They're still clinging to the idea that they have the right to control what you and I can do with their content after it's been downloaded to our own computers.
The arguments all seem to boil down to this:
First, if Google gets away with this, then Microsoft, or someone else, will bring back Smart Tags, which will rewrite pages automatically, without any user intervention at all, and we'll all slide down a slippery slope where web publishers won't have any control of their content at all...
Just how do they suppose I arrived at this hypothetical web site in the first place?
I'll tell you how I would have gotten there - either the company was known to me, and I am specifically interested in their products, services, or content (Apple, Sunfire, eBay, Slashdot) - in which case, I'm already where I want to be, and I'm not interested in following links elsewhere...
Or, I arrived there by following a link from a search engine! (In my case, almost certainly Google.) I've already seen ads and links to competitors! The Web - especially if you're shopping for commodity items - makes comparison shopping quick, easy, and reasonably foolproof. With Froogle, Pricewatch, MySimon, and similar sites, I can rapidly determine who has the item I want in stock, and the cost. When I'm purchasing a book, I'll always search for the ISBN on B&N, Amazon, Bookpool, Half.com - you'd be an idiot not to, when it's so quick and easy. It's faster than driving to even one store.
So I'm just flabbergasted by the the idea that all these various pundits think that a tool that adds links to a web page is going to destroy Web commerce as we know it. Here's a hint for you e-commerce merchants out there - if your e-commerce site depends upon your customers being ignorant of your competition, you are doomed.
(Here's an idea - why don't you add links to your competitors yourself? If you don't have lower prices, better customer service, faster shipping, a better selection, an easier-to-use site, unique items, or more than one of these things, why would anyone choose to buy from you? Have some chutzpa - your customers will comparison shop; tell them you know they're smart enough to do it, and tell them why they'll discover that you're the best choice. If you can't tell them that, then as far as I am concerned, your business model consists of attracting ignorant customers, and ripping them off.)
Google's AutoLink simply makes it easier for me to perform certain actions that I already do. If Google happens to make some money while providing this service, good for them! A service like AutoLink is only a threat if you believe that the majority of your audience is too stupid to comparison shop.
AutoLink is, after all, in beta - like Google News. Google just added customizability to the Google News page - why wouldn't they do the same for AutoLink?
Here's what I forsee: you'll be able to add your own preferences for maps, booksellers, etc. to AutoLink, and you'll be able to choose which ones you'd like to follow. There will be one or more sponsored links, but they'll be clearly and unobtrusively differentiated from your custom links - much like sponsored links already are on Google's search pages. Google's business model is based solidly on a foundation of providing useful and powerful services to the Web user. Why would this be any different?
What about the slippery slope - first AutoLink, then the next thing you know, Internet Explorer is rewriting everything? It won't happen, and the reason is right in the last sentence in Walt Mossberg's article: "Users wouldn't benefit if the Web became a sea of uncertainty, where anybody could alter every Web page."
Users wouldn't benefit.
Do you know what users do when they stop seeing something as a benefit? They stop using it. Whether it's the Google Toolbar, Internet Explorer, or AOL - when something makes the user experience worse, the users leave. The "slippery slope" is self correcting, because as soon as a tool, or site, or service stops serving the user (read that as customer, e-commerce types) they'll turn you into road kill as they run to the competition.
THE REAL SLIPPERY SLOPE
Mossberg, Granneman, Danny Sullivan, and the rest are filled with righteous indignation, anger, and fear that someone might be able to alter their web pages - that they will lose control of their content. Walt Mossberg claims to "take a back seat to nobody in favoring user convenience," but then turns around in the very next sentence and claims that there is a "right of Web publishers to control the content and appearance of their own sites."
I agree with that - but I also happen to believe that that right stops when the content enters my computer. At that point, I should be able to view it, augment it, and annotate it in any way that I wish. I can't figure out what makes these folks enthusiastic about controlling what I can do on my own computer! That's the slippery slope!
Wouldn't it be unreasonable for me to prevent you from translating my blog articles to another language? Or from resizing the type to make it easier to read? Or resizing the window? Or to prevent you from having your computer read the article to you, because you're visually impaired? What if the things that I do to prevent copying and pasting, or reformatting the page, or to prevent AutoLink from working, also happen to prevent translation, or accessibility for the visually impaired? Is that just too bad? Is it all about me?
Apparently Danny Sullivan thinks so:
Well, no, actually - they're not your users, Danny. You don't own them. Which means they can also simply stop coming to your site, if you prevent them from doing what they want. It's colossal arrogance, and bad business, to believe otherwise.
If you try to control "your" users, and restrict what they can save, or link to, or enhance, or translate, you might discover that they aren't your users any more. Ask the RIAA.
And his article bears more than a passing resemblance to Scott Granneman's column. Almost as if one of them is paraphrasing the other. Or they're both getting their ideas from someone else. Hmmm.
Again, what the outrage comes down to (even in some posts on Fark!) is that web pages that these folks either design, or write content for, might somehow acquire links to somewhere else. Like a competitor.
Never mind that the links appear because the reader asked for them. They're still clinging to the idea that they have the right to control what you and I can do with their content after it's been downloaded to our own computers.
The arguments all seem to boil down to this:
First, if Google gets away with this, then Microsoft, or someone else, will bring back Smart Tags, which will rewrite pages automatically, without any user intervention at all, and we'll all slide down a slippery slope where web publishers won't have any control of their content at all...
If the principle behind AutoLink were to take hold, there would be nothing to stop Microsoft from adding a feature to Internet Explorer that would replace the ads on a Google search-results page with ads sold by Microsoft's MSN service.And second, and this is the important part, the average web user (that's you and me, folks) is too stupid to figure out what's going on. They won't know where the links came from. And apparently, we'll just click on any old link and follow it.
I take a back seat to nobody in favoring user convenience, but, as with most things in life, every principle must be balanced against others. In this case, that balancing principle is the right of Web publishers to control the content and appearance of their own sites. Users wouldn't benefit if the Web became a sea of uncertainty, where anybody could alter every Web page.Let's look at what seems to be the favorite scenario, here - I'll be on someone's web site, which is designed to sell me products and/or services, and AutoLink, SmartTags, EvilSneakyLinkTags, or what have you, will display links to competitors. The horror!
Just how do they suppose I arrived at this hypothetical web site in the first place?
I'll tell you how I would have gotten there - either the company was known to me, and I am specifically interested in their products, services, or content (Apple, Sunfire, eBay, Slashdot) - in which case, I'm already where I want to be, and I'm not interested in following links elsewhere...
Or, I arrived there by following a link from a search engine! (In my case, almost certainly Google.) I've already seen ads and links to competitors! The Web - especially if you're shopping for commodity items - makes comparison shopping quick, easy, and reasonably foolproof. With Froogle, Pricewatch, MySimon, and similar sites, I can rapidly determine who has the item I want in stock, and the cost. When I'm purchasing a book, I'll always search for the ISBN on B&N, Amazon, Bookpool, Half.com - you'd be an idiot not to, when it's so quick and easy. It's faster than driving to even one store.
So I'm just flabbergasted by the the idea that all these various pundits think that a tool that adds links to a web page is going to destroy Web commerce as we know it. Here's a hint for you e-commerce merchants out there - if your e-commerce site depends upon your customers being ignorant of your competition, you are doomed.
(Here's an idea - why don't you add links to your competitors yourself? If you don't have lower prices, better customer service, faster shipping, a better selection, an easier-to-use site, unique items, or more than one of these things, why would anyone choose to buy from you? Have some chutzpa - your customers will comparison shop; tell them you know they're smart enough to do it, and tell them why they'll discover that you're the best choice. If you can't tell them that, then as far as I am concerned, your business model consists of attracting ignorant customers, and ripping them off.)
Google's AutoLink simply makes it easier for me to perform certain actions that I already do. If Google happens to make some money while providing this service, good for them! A service like AutoLink is only a threat if you believe that the majority of your audience is too stupid to comparison shop.
AutoLink is, after all, in beta - like Google News. Google just added customizability to the Google News page - why wouldn't they do the same for AutoLink?
Here's what I forsee: you'll be able to add your own preferences for maps, booksellers, etc. to AutoLink, and you'll be able to choose which ones you'd like to follow. There will be one or more sponsored links, but they'll be clearly and unobtrusively differentiated from your custom links - much like sponsored links already are on Google's search pages. Google's business model is based solidly on a foundation of providing useful and powerful services to the Web user. Why would this be any different?
What about the slippery slope - first AutoLink, then the next thing you know, Internet Explorer is rewriting everything? It won't happen, and the reason is right in the last sentence in Walt Mossberg's article: "Users wouldn't benefit if the Web became a sea of uncertainty, where anybody could alter every Web page."
Users wouldn't benefit.
Do you know what users do when they stop seeing something as a benefit? They stop using it. Whether it's the Google Toolbar, Internet Explorer, or AOL - when something makes the user experience worse, the users leave. The "slippery slope" is self correcting, because as soon as a tool, or site, or service stops serving the user (read that as customer, e-commerce types) they'll turn you into road kill as they run to the competition.
THE REAL SLIPPERY SLOPE
Mossberg, Granneman, Danny Sullivan, and the rest are filled with righteous indignation, anger, and fear that someone might be able to alter their web pages - that they will lose control of their content. Walt Mossberg claims to "take a back seat to nobody in favoring user convenience," but then turns around in the very next sentence and claims that there is a "right of Web publishers to control the content and appearance of their own sites."
I agree with that - but I also happen to believe that that right stops when the content enters my computer. At that point, I should be able to view it, augment it, and annotate it in any way that I wish. I can't figure out what makes these folks enthusiastic about controlling what I can do on my own computer! That's the slippery slope!
Wouldn't it be unreasonable for me to prevent you from translating my blog articles to another language? Or from resizing the type to make it easier to read? Or resizing the window? Or to prevent you from having your computer read the article to you, because you're visually impaired? What if the things that I do to prevent copying and pasting, or reformatting the page, or to prevent AutoLink from working, also happen to prevent translation, or accessibility for the visually impaired? Is that just too bad? Is it all about me?
Apparently Danny Sullivan thinks so:
They may be Google's users, but they are also my users as a publisher as well. If my visitors are upset that my site prevents them from using Google AutoLink, they can tell and lobby me directly. I don't need Google deciding for me what my users want on my web site.Did you get that? They're his users - and if he wants to screw up their experience, that's their problem. They'll just have to complain about it.
Well, no, actually - they're not your users, Danny. You don't own them. Which means they can also simply stop coming to your site, if you prevent them from doing what they want. It's colossal arrogance, and bad business, to believe otherwise.
If you try to control "your" users, and restrict what they can save, or link to, or enhance, or translate, you might discover that they aren't your users any more. Ask the RIAA.
Wednesday, March 09, 2005
Google Autolink and Hypocrisy
Scott Granneman has published a couple of articles on Security Focus regarding Google; a great search engine can also serve as a great exploit and hacking engine, if you put some thought into it (or you know where to look.)
I recommend giving them a read - although I take exception to a couple of things in the latest column. As a kind of lead-in to his assertion that Google's post-IPO motto is now, "Don't be evil ... mostly. Kinda. Pretty much. Maybe," he brings up the old red herring that Google's cookie isn't set to expire until 2038. (I couldn't care less. If it bothers you, clear your cookies from time to time. And replace your tin foil hat, while you're at it.)
But what's really bugging Scott is a new feature in the Google Toolbar 3.0 beta called AutoLink.
The problem, as Scott sees it, is that the hyperlinks that appear in his columns are as much a part of the article as anything else:
But is that really what's going on? It seems to me that you could also say that it's Google providing a service - the toolbar, after all, doesn't care what page you're on - and any potential revenue stream from that service is, legitimately, going to Google.
To be fair, Scott points out both of these things in his column. But then he goes on to say
And it's fine for him to view content which is intended to be supported by advertising revenue while deliberately blocking the ads, but it's not okay for me to use a tool to add content to his page that's beneficial to me?
I think Mr. Granneman has been infected by the same idea about Digital Rights Management (DRM) that the RIAA has been trying to enforce - the idea that a creator of a work should have some control about how that work is used by the consumer.
It's something like an author complaining that I should not be allowed to highlight passages in her book, or write notes in the margin - after all, if she'd thought those things were needed, she would have added them herself. And besides, the pen and marker companies are making money because I'm marking up her book!
Well, it's not her book. It's her work; her content. It's my book, and I can mark it up as I wish. I can bend the corners, draw a mustache on the author's portrait on the flyleaf, and make the table of contents into paper boats - I don't care what the author wants. This is my own personal copy of the book, and what I do with it doesn't affect anyone else's copy. It's all about me.
Are you with me so far? When you or I view a web page, the content may have come from the web server, but the data has been copied to our computers. It's in RAM, and possibly on the hard disk as well. It's our own personal copy. If I choose to mark it up for my own convenience, that's my business - not the author's. Don't try to tell me what I may or may not do on my own computer.
Scott even cheerfully points out that there's code that web sites can use to disable AutoLink. Gee, thanks for enhancing my user experience. I'm sure he'll be just as enthusiastic when the advertisers write code which gets around his adblocker.
So, who is the hypocrite here? Google? I don't think so.
I recommend giving them a read - although I take exception to a couple of things in the latest column. As a kind of lead-in to his assertion that Google's post-IPO motto is now, "Don't be evil ... mostly. Kinda. Pretty much. Maybe," he brings up the old red herring that Google's cookie isn't set to expire until 2038. (I couldn't care less. If it bothers you, clear your cookies from time to time. And replace your tin foil hat, while you're at it.)
But what's really bugging Scott is a new feature in the Google Toolbar 3.0 beta called AutoLink.
The AutoLink feature adds links to the page you're viewing if it recognizes certain types of information on the page. For example, the online review of a great new restaurant has the business address but no map. You could go to a map site and type in the restaurant's street, city, and ZIP code -- but why bother? Clicking the Toolbar's AutoLink button will automatically link you to a map. AutoLink also recognizes package shipping numbers, car VIN numbers, and book ISBN numbers. (from Google Toolbar Help)Sounds pretty useful, right? The Google Toolbar already rocks - though I'd be more excited about the new features myself if there was an official version for Mozilla Firefox, which has been my primary browser for a couple of months now. There is an unofficial version for Firefox - the Googlebar extension. Couldn't live without it.
The problem, as Scott sees it, is that the hyperlinks that appear in his columns are as much a part of the article as anything else:
I work hard in these columns to pick interesting, informative links that back up my statements, provide detail where I must be terse, or entertain with a sarcastic comment on my text. It's as much part of my writing as the words I use. In fact, in 2005, I would go so far as to say that for any writer using the web as a platform, links are in fact part of his or her writing.Fair enough, I guess - I try to fill my blog articles with useful, relevant links as well. But the AutoLink feature will put links on our pages that we didn't add ourselves - that's what it's designed to do, after all.
When Google changes the links on this web page, Google changes my writing, without any input from me, and for commercial gain that certainly doesn't benefit me, or SecurityFocus, the publisher of my columns.Ahh - now we come to the real issue. Someone might be making money from his column, and it isn't him.
But is that really what's going on? It seems to me that you could also say that it's Google providing a service - the toolbar, after all, doesn't care what page you're on - and any potential revenue stream from that service is, legitimately, going to Google.
If I was an online bookstore, the fact that my ISBNs turned into links to a competitor like Amazon would make my blood boil. In essence, Google - and selected partner companies - benefit commercially from my work, and I see nothing for it. Alternately, on my web site, I provide a lot of stuff under a Creative Commons license, but AutoLink ignores it and commercializes things I do not wish commercialized.Almost. The logic is soooo seductive. But hold on just a minute here:
...I'm a enormous, grateful fan of the Adblock extension, which allows me to remove advertisements and other annoyances from web sites.Well, then - here's my take. AutoLink doesn't do its magic unless the user explicitly clicks the button in the toolbar - that is, it works only when, and because, the user wants it to. It also doesn't alter any existing links; it only adds new ones.
[...]
I've been thinking about it, and I'm going to keep Adblock for now, since its operation is completely dependent upon my actions - nothing gets blocked unless I explicitly enter a URL to block - and since I'm removing annoyances, not augmenting content. In between Adblock, which seems OK to me, and AutoLink, which isn't, is BetterSearch. BetterSearch does change the Google results page, but it's not changing the original content. Instead, it clearly adds an enhancement. However, this does beg the question: at what point does enhancement cross the line? Frankly, it's a notion that's still up for debate, and I'm interested in your take.
To be fair, Scott points out both of these things in his column. But then he goes on to say
...once AutoLink is pressed, the viewer will not be able to tell which links are put there by the page's author and which are put there by AutoLink. Granted, holding your mouse over the link and waiting for a tooltip to open will indicate that the link comes from Google, but I'm not sure how many users are going to do that. In fact, given the state of most web user's knowledge, I have serious doubts that they'd even understand what the tooltip's text meant in the first place.Let me get this straight - the readers of his column, which has an emphasis on computer security and privacy, are apparently too dumb to figure out which links are his originals, and which ones were added by AutoLink, even though they had to press a button to get the additional links?
And it's fine for him to view content which is intended to be supported by advertising revenue while deliberately blocking the ads, but it's not okay for me to use a tool to add content to his page that's beneficial to me?
I think Mr. Granneman has been infected by the same idea about Digital Rights Management (DRM) that the RIAA has been trying to enforce - the idea that a creator of a work should have some control about how that work is used by the consumer.
It's something like an author complaining that I should not be allowed to highlight passages in her book, or write notes in the margin - after all, if she'd thought those things were needed, she would have added them herself. And besides, the pen and marker companies are making money because I'm marking up her book!
Well, it's not her book. It's her work; her content. It's my book, and I can mark it up as I wish. I can bend the corners, draw a mustache on the author's portrait on the flyleaf, and make the table of contents into paper boats - I don't care what the author wants. This is my own personal copy of the book, and what I do with it doesn't affect anyone else's copy. It's all about me.
Are you with me so far? When you or I view a web page, the content may have come from the web server, but the data has been copied to our computers. It's in RAM, and possibly on the hard disk as well. It's our own personal copy. If I choose to mark it up for my own convenience, that's my business - not the author's. Don't try to tell me what I may or may not do on my own computer.
Scott even cheerfully points out that there's code that web sites can use to disable AutoLink. Gee, thanks for enhancing my user experience. I'm sure he'll be just as enthusiastic when the advertisers write code which gets around his adblocker.
So, who is the hypocrite here? Google? I don't think so.
Tuesday, January 25, 2005
Analyst-shmanalyst!
I followed a link on Google News this afternoon, and immediately thought of PJ's recent rant about analysts on her Groklaw site:
The target of PJ's rant was Yankee Group analyst Laura DiDio.
I discovered today that I've got a similar opinion of fellow Yankee Group analyst Mike Goodman.
A blurb on CIO Today entitled "ITunes Dominance in Peril" suggests that - even though Apple has sold over 250 million songs through the iTunes service since its launch, is now selling over a million songs per day, and is responsible for 70% of online music sales - its "days of...overwhelming dominance may be numbered."
And why might that be? According to Mike, it's because they have "shown no interest in the up-and-coming subscription business model for online music."
EXPLAIN THAT AGAIN?
The 'subscription model' is what is used by the current incarnation of Napster: your music is tied to one to three PCs (it's "portable" if you happen to have a laptop), you can't burn CDs or transfer music to a portable player, and if you stop making your subscription payments, all 'your' music goes poof. Bye!
You can, of course, pay extra to have permanent copies of your music. Thanks, but that's what I wanted in the first place.
Mr. Goodman is excited about the 'Janus' digital rights managment technology in Microsoft's newest version of Windows Media Player - which enables 'tethered downloads,' so that music services can "tie individual downloads to a monthly subscription." (I'm sure Microsoft picked 'Janus' to evoke the Roman god of doorways and openings - but the fact that he is depicted as literally being two-faced lends an unintentional ironic overtone to the technology.)
Sorry, but I can't follow your logic, Mike.
First of all, let's talk about being tethered. Do you want to be tethered? I don't. If I've purchased music, I want to be able to play it on my stereo, in my portable music player, and on my computer. I want to be able to burn CDs for my cars. And most importantly, I sure as heck don't want it all to expire.
What happens, for example, to all the playlists and music you're 'leasing' from Napster if they get sued into oblivion again? I'll tell you - the same thing that happened to all the DIVX discs that people bought from Circuit City when they finally pulled the plug. They will become inaccessible and worthless.
I am absolutely astounded at the industry pundits who have forgotten the lesson of DIVX:
There is nothing about being tethered that serves the consumer. "You can fool some of the people some of the time," but in the long run, it's doomed to fail. I sure can't see any compelling reason to choose a service with tethering over iTunes.
And for the life of me, I can't see how tethering technology will impact iPod sales at all. Where is the advantage to the consumer in using a tethered format? If I have to pay extra to download my subscribed tracks from my tethered service to my portable player, then I'm spending more than I would have if I had simply bought them from iTunes in the first place.
If all I'm after is personalized streaming radio, I can get that for free from Last.fm. (Although they'd appreciate a donation.)
And if the selling point is that it's cheaper - well, Apple hasn't been selling truckloads of iPods on cost anyway.
And like it or not, it's still pretty darned easy to download endless gigabytes of MP3s without paying for them at all. I can't tell you how - or if - the music industry will solve that one, but I can tell you that it's not going to be by expecting consumers to adopt a format which is specifically designed to artificially limit their choices.
So, why does Mike Goodman claim that a new DRM scheme is going to topple Apple's dominance? Well, if I were being cynical like Groklaw's PJ, I'd claim that it's because the tech analysts have stumbled into an incredible racket, where they can say damned near anything they want, even if it is entirely devoid of logic, and still make big bucks and get published in USA Today.
If I was being cynical like me, on the other hand, I'd say that it's because tech analysts, by and large, don't get paid to accurately predict the future.
They get paid to tell industry executives what they want to hear - and to provide excuses for those same executives when their mind-bogglingly stupid marketing decisions go down in flames. If you're sufficiently devoid of scruples, it is a heck of a racket.
I have decided what I want to be when I grow up. I want to be a tech analyst.
No, don't bother to try to talk me out of it. My mind is made up. It's the only job I have ever heard of where you can have huge gaps in your knowledge, get random but truly vital facts utterly wrong, say the opposite of what is observably true, and nobody sues you. They don't even fire you. They don't even notice. No one says a word. In fact, they actually pay you good money, and the next time they want to know something, they forget you got it all wrong the last time and ask you for your opinion all over again.
Being a fortune teller might be just as easy. In fact, I met one once, by chance, and she confided in me what she did for a living and confessed, just between us girls, that she just made stuff up. But I think analysts get paid more, and I believe they get retirement benefits too. And of course it's steadier work.
The target of PJ's rant was Yankee Group analyst Laura DiDio.
I discovered today that I've got a similar opinion of fellow Yankee Group analyst Mike Goodman.
A blurb on CIO Today entitled "ITunes Dominance in Peril" suggests that - even though Apple has sold over 250 million songs through the iTunes service since its launch, is now selling over a million songs per day, and is responsible for 70% of online music sales - its "days of...overwhelming dominance may be numbered."
And why might that be? According to Mike, it's because they have "shown no interest in the up-and-coming subscription business model for online music."
EXPLAIN THAT AGAIN?
The 'subscription model' is what is used by the current incarnation of Napster: your music is tied to one to three PCs (it's "portable" if you happen to have a laptop), you can't burn CDs or transfer music to a portable player, and if you stop making your subscription payments, all 'your' music goes poof. Bye!
You can, of course, pay extra to have permanent copies of your music. Thanks, but that's what I wanted in the first place.
Mr. Goodman is excited about the 'Janus' digital rights managment technology in Microsoft's newest version of Windows Media Player - which enables 'tethered downloads,' so that music services can "tie individual downloads to a monthly subscription." (I'm sure Microsoft picked 'Janus' to evoke the Roman god of doorways and openings - but the fact that he is depicted as literally being two-faced lends an unintentional ironic overtone to the technology.)
"Apple certainly has the option of jumping onto the tethered download bandwagon, Goodman noted. But it has given no indication of doing so. That decision may cost it a drop in the sales of its immensely popular iPod music players from an 80-90 percent market share down to 50-60 percent, Goodman predicted."
Sorry, but I can't follow your logic, Mike.
First of all, let's talk about being tethered. Do you want to be tethered? I don't. If I've purchased music, I want to be able to play it on my stereo, in my portable music player, and on my computer. I want to be able to burn CDs for my cars. And most importantly, I sure as heck don't want it all to expire.
What happens, for example, to all the playlists and music you're 'leasing' from Napster if they get sued into oblivion again? I'll tell you - the same thing that happened to all the DIVX discs that people bought from Circuit City when they finally pulled the plug. They will become inaccessible and worthless.
I am absolutely astounded at the industry pundits who have forgotten the lesson of DIVX:
Building a product with artificial limitations that are intended to allow you to charge the same consumer over and over for same product, and expecting it to compete against services that don't, is a stupid idea.
There is nothing about being tethered that serves the consumer. "You can fool some of the people some of the time," but in the long run, it's doomed to fail. I sure can't see any compelling reason to choose a service with tethering over iTunes.
And for the life of me, I can't see how tethering technology will impact iPod sales at all. Where is the advantage to the consumer in using a tethered format? If I have to pay extra to download my subscribed tracks from my tethered service to my portable player, then I'm spending more than I would have if I had simply bought them from iTunes in the first place.
If all I'm after is personalized streaming radio, I can get that for free from Last.fm. (Although they'd appreciate a donation.)
And if the selling point is that it's cheaper - well, Apple hasn't been selling truckloads of iPods on cost anyway.
And like it or not, it's still pretty darned easy to download endless gigabytes of MP3s without paying for them at all. I can't tell you how - or if - the music industry will solve that one, but I can tell you that it's not going to be by expecting consumers to adopt a format which is specifically designed to artificially limit their choices.
So, why does Mike Goodman claim that a new DRM scheme is going to topple Apple's dominance? Well, if I were being cynical like Groklaw's PJ, I'd claim that it's because the tech analysts have stumbled into an incredible racket, where they can say damned near anything they want, even if it is entirely devoid of logic, and still make big bucks and get published in USA Today.
If I was being cynical like me, on the other hand, I'd say that it's because tech analysts, by and large, don't get paid to accurately predict the future.
They get paid to tell industry executives what they want to hear - and to provide excuses for those same executives when their mind-bogglingly stupid marketing decisions go down in flames. If you're sufficiently devoid of scruples, it is a heck of a racket.
Monday, January 24, 2005
Last.fm
A recent Slashdot post reminded me of LAUNCHcast - and introduced me to Last.fm.
Back when my wife Phaedra first discovered Launch.com (I'm guessing it was in 1999) we both thought it was exactly the sort of innovative and flat-out cool thing that the Internet should be all about.
LAUNCHcast used a Flash-based interface to play streaming 'Internet radio.' In and of itself, this wasn't all that impressive. The audio stream wasn't very high-fidelity, in particular.
But the collaborative environment was the killer feature. You could rate songs, on a ten-point scale from 'never play again' to 'favorite'. The LAUNCH system would gradually learn your music preferences, and tune your streaming radio to play more of your highly rated songs. But it would also let you find other users with similar listening preferences, and subscribe to their stations - adding their choices to your own, and allowing you to discover new (or old!) music. You could also add your friends - allowing them to influence your station as well.
Suddenly, I was discovering and enjoying new music like I did back in high school and college. Yeah baby!
Let me pause for a moment to point something out: I'm 38 years old. I went to high school and college in the '80s. I grew up listening to Led Zeppelin, The Who, Yes, Genesis, Emerson Lake & Palmer, ELO - and got the full effect of 80s post-punk synth-pop new-wave hair-metal right in the middle of my teen-angst years. Peter Gabriel, Eurythmics, New Order, Prince, The Cars, U2, Ozzy, Def Leppard - bring em on! And MTV played music videos! Lots of 'em!
WMMS in Cleveland was a highly influential and eclectic station, and we could listen to it all day. (Now it's just one more Clearchannel station.)
We also had our own high school radio station - which is today, two decades later, basically devoid of meaningful student participation - despite the fact that it's still located on the high school campus. Shame on you, Kenston High!
Radio today is homogenized, soulless, and gutless - and it's not for me. It certainly isn't something I can use to discover new music!
So Phaedra and I each spent a lot of time listening to LAUNCHcast, evangelizing it to our friends, and tweaking our stations. I had close to five thousand songs rated in my profile - making me a 'fanatic.'
But it was too good to last.
ENTER THE RIAA
Because you could choose to listen to just your own LAUNCHcast station (without any other influencing stations) and choose to play only highly rated songs, it was possible to construct a LAUNCHcast station which would play a given song at a predictable time. Never mind that no one in their right mind would actually want to go through the trouble to do it - remember, this wasn't high quality audio, and Napster was providing a readily available method for copying specific songs, if that was what you wanted - all the RIAA cared about was that you could.
The RIAA sued LAUNCH in May of 2001 because the sevice was too interactive, and, they claimed, violated the level of licensing that LAUNCH had negotiated. This was my first clue that the RIAA didn't get it. I could understand the outrage over Napster, but LAUNCHcast radio was a licensed service which had substantially increased my music purchases (you could buy a song or album on LAUNCH by clicking on the Now Playing image) - I was actively buying music after almost a decade of commercial-radio-influenced apathy. I didn't see any reason that wouldn't continue.
That is, until the RIAA shut them down. Passionate e-mails to Hilary Rosen (then the president of the RIAA) went unanswered.
LAUNCH re-emerged after being purchased by Yahoo! But in order to use the new service, you had to create a new account! All the hours of rating music, artists, and albums by the old LAUNCH fanatics were gone. Your friends were gone. And Yahoo! filled my station with ads, and then encouraged me to buy a subscription to get rid of 'em again. There was also a limit on how many songs I could skip without a paid subscription. Phaedra bought one. I said "Screw 'em."
(I learned, from another Slashdot poster, that the same sort of thing had happened when LAUNCH was started from the ashes of Firefly.com. Microsoft bought Firefly to acquire the technology which would become Passport, and then let Firefly die. None of the ratings database that the old members had painstakingly created survived. What a missed opportunity for Microsoft!)
THIRD VERSE, SAME AS THE FIRST?
So now there's Last.fm. It's essentially the same idea as the old Firefly and LAUNCH services - you rate streaming music, the system learns your tastes, and once you've rated enough music, you acquire neighbors who influence your profile station.
It's still officially in beta, and there are a number of issues. (As I write this, a banner at the top of the home page reads: "Radio recommendation service restarting. You may experience 'random radio' for a while...") There aren't that many users yet, so you might not find a good match in the beginning. (Before you have your own profile, you can search for other stations by entering up to three artists. I entered Peter Gabriel, Annie Lennox, and The Prodigy. There were no matches. Uh-oh.) There's quite a bit of available music, but you might find that some of your favorite songs, albums or artists aren't available yet. Response to the 'Skip' button is slow, and the current track doesn't always update promptly - or at all. It might take a day or two of dedicated listening and rating before you have your own profile radio.
So, does it suck? No, it rocks! LAUNCH had a lot of the same problems, and it I put up with them because, ultimately, it still worked. Last.fm works.
Audioscrobbler
What helps make Last.fm better is a family of plug-ins called Audioscrobbler. Rather than the occasionally flaky Flash-based LAUNCH control panel, Audioscrobbler plugs into your favorite media player - WinAmp, iTunes, XMMS - and there are versions for Windows, Mac OS, UNIX & Linux, and even Amiga! And not only does Audioscrobbler record your preferences when you're listening to Last.fm, but it also rates songs while you're listening to your own collection. Cool!
I'm using iTunes, largely because my wife has been actively importing our CD collection into iTunes on our old G4 Mac - making our music library accessible from any of the computers in the house. (She's been making compilation CDs for the car, but I think she's also planning ahead for her inevitable iPod purchase.)
I hope Last.fm avoids the fate of Firefly and LAUNCHcast. I'm loving it so far. If you sign up, give my station a listen.
Back when my wife Phaedra first discovered Launch.com (I'm guessing it was in 1999) we both thought it was exactly the sort of innovative and flat-out cool thing that the Internet should be all about.
LAUNCHcast used a Flash-based interface to play streaming 'Internet radio.' In and of itself, this wasn't all that impressive. The audio stream wasn't very high-fidelity, in particular.
But the collaborative environment was the killer feature. You could rate songs, on a ten-point scale from 'never play again' to 'favorite'. The LAUNCH system would gradually learn your music preferences, and tune your streaming radio to play more of your highly rated songs. But it would also let you find other users with similar listening preferences, and subscribe to their stations - adding their choices to your own, and allowing you to discover new (or old!) music. You could also add your friends - allowing them to influence your station as well.
Suddenly, I was discovering and enjoying new music like I did back in high school and college. Yeah baby!
Let me pause for a moment to point something out: I'm 38 years old. I went to high school and college in the '80s. I grew up listening to Led Zeppelin, The Who, Yes, Genesis, Emerson Lake & Palmer, ELO - and got the full effect of 80s post-punk synth-pop new-wave hair-metal right in the middle of my teen-angst years. Peter Gabriel, Eurythmics, New Order, Prince, The Cars, U2, Ozzy, Def Leppard - bring em on! And MTV played music videos! Lots of 'em!
WMMS in Cleveland was a highly influential and eclectic station, and we could listen to it all day. (Now it's just one more Clearchannel station.)
We also had our own high school radio station - which is today, two decades later, basically devoid of meaningful student participation - despite the fact that it's still located on the high school campus. Shame on you, Kenston High!
Radio today is homogenized, soulless, and gutless - and it's not for me. It certainly isn't something I can use to discover new music!
So Phaedra and I each spent a lot of time listening to LAUNCHcast, evangelizing it to our friends, and tweaking our stations. I had close to five thousand songs rated in my profile - making me a 'fanatic.'
But it was too good to last.
ENTER THE RIAA
Because you could choose to listen to just your own LAUNCHcast station (without any other influencing stations) and choose to play only highly rated songs, it was possible to construct a LAUNCHcast station which would play a given song at a predictable time. Never mind that no one in their right mind would actually want to go through the trouble to do it - remember, this wasn't high quality audio, and Napster was providing a readily available method for copying specific songs, if that was what you wanted - all the RIAA cared about was that you could.
The RIAA sued LAUNCH in May of 2001 because the sevice was too interactive, and, they claimed, violated the level of licensing that LAUNCH had negotiated. This was my first clue that the RIAA didn't get it. I could understand the outrage over Napster, but LAUNCHcast radio was a licensed service which had substantially increased my music purchases (you could buy a song or album on LAUNCH by clicking on the Now Playing image) - I was actively buying music after almost a decade of commercial-radio-influenced apathy. I didn't see any reason that wouldn't continue.
That is, until the RIAA shut them down. Passionate e-mails to Hilary Rosen (then the president of the RIAA) went unanswered.
LAUNCH re-emerged after being purchased by Yahoo! But in order to use the new service, you had to create a new account! All the hours of rating music, artists, and albums by the old LAUNCH fanatics were gone. Your friends were gone. And Yahoo! filled my station with ads, and then encouraged me to buy a subscription to get rid of 'em again. There was also a limit on how many songs I could skip without a paid subscription. Phaedra bought one. I said "Screw 'em."
(I learned, from another Slashdot poster, that the same sort of thing had happened when LAUNCH was started from the ashes of Firefly.com. Microsoft bought Firefly to acquire the technology which would become Passport, and then let Firefly die. None of the ratings database that the old members had painstakingly created survived. What a missed opportunity for Microsoft!)
THIRD VERSE, SAME AS THE FIRST?
So now there's Last.fm. It's essentially the same idea as the old Firefly and LAUNCH services - you rate streaming music, the system learns your tastes, and once you've rated enough music, you acquire neighbors who influence your profile station.
It's still officially in beta, and there are a number of issues. (As I write this, a banner at the top of the home page reads: "Radio recommendation service restarting. You may experience 'random radio' for a while...") There aren't that many users yet, so you might not find a good match in the beginning. (Before you have your own profile, you can search for other stations by entering up to three artists. I entered Peter Gabriel, Annie Lennox, and The Prodigy. There were no matches. Uh-oh.) There's quite a bit of available music, but you might find that some of your favorite songs, albums or artists aren't available yet. Response to the 'Skip' button is slow, and the current track doesn't always update promptly - or at all. It might take a day or two of dedicated listening and rating before you have your own profile radio.
So, does it suck? No, it rocks! LAUNCH had a lot of the same problems, and it I put up with them because, ultimately, it still worked. Last.fm works.
Audioscrobbler
What helps make Last.fm better is a family of plug-ins called Audioscrobbler. Rather than the occasionally flaky Flash-based LAUNCH control panel, Audioscrobbler plugs into your favorite media player - WinAmp, iTunes, XMMS - and there are versions for Windows, Mac OS, UNIX & Linux, and even Amiga! And not only does Audioscrobbler record your preferences when you're listening to Last.fm, but it also rates songs while you're listening to your own collection. Cool!
I'm using iTunes, largely because my wife has been actively importing our CD collection into iTunes on our old G4 Mac - making our music library accessible from any of the computers in the house. (She's been making compilation CDs for the car, but I think she's also planning ahead for her inevitable iPod purchase.)
I hope Last.fm avoids the fate of Firefly and LAUNCHcast. I'm loving it so far. If you sign up, give my station a listen.
Sunday, January 23, 2005
Who's Responsible for Your Domain Name?
How much value do you attach to your domain name? Many companies seem to treat theirs as if it is only worth the $20 or so they might have spent to register it in the first place.
"Now wait a minute," you might be saying, "we know that it's an extremely valuable business asset." I'm sure you do. So who's responsible for it?
Hint: "My ISP handles all that stuff" is a bad answer.
Two years ago, I got a frantic call from one of my clients - a small insurance firm. They weren't getting any e-mail. A brief investigation soon revealed why - their domain had expired.
Typically, when your domain is in danger of expiring, your registrar will send you numerous e-mails, and probably a letter or two. After all, if your domain expires, they won't collect your renewal fee.
In this case, however, the domain had originally been registered by their previous consultant, and his e-mail address was associated with all the contact information for the domain. He had subsequently shut down his business - so e-mails to him went nowhere. The insurance company had also moved to a new office - so the physical address associated with the registration was wrong. The phone and fax numbers had changed. Even the credit card that had been used to pay for the registration had been cancelled. There had simply been no way for the registrar to contact my client - and no one at the client had realized the need to update the information. They are not a technology company - that's the sort of thing they relied on their 'computer guy' to handle. When their previous consultant left, the domain registration had 'fallen off the radar.'
The lesson I learned was that I could never assume that a new client had anyone who was responsible for their domain, and my 'best practices' for new clients now includes a domain audit.
Among the things that I recommend:
WHERE DO YOU START?
If no one seems to know who your registrar is, you should be able to look it up using the WHOIS tool at Whois Source. (Any registrar will have a WHOIS tool; I like this one because it will also display the former registration records for recently expired domains.) You can verify your records, and the expiration date of your registration.
James Ponder has written a fantastic online tool for all kinds of DNS diagnostics; you can use it to verify your SOA, MX and A records, and perform general troubleshooting on name resolution for your domain.
If you're curious about the inner workings of DNS, DNS and Bind by Paul Albitz and Cricket Liu is generally considered to be the reference. You should have a decent grasp of networking in general - and the TCP/IP protocol suite in particular - before you dive in.
Make sure someone's responsible for your domain name now, instead of after someone asks, "Where did our web site go?"
"Now wait a minute," you might be saying, "we know that it's an extremely valuable business asset." I'm sure you do. So who's responsible for it?
Hint: "My ISP handles all that stuff" is a bad answer.
Two years ago, I got a frantic call from one of my clients - a small insurance firm. They weren't getting any e-mail. A brief investigation soon revealed why - their domain had expired.
Typically, when your domain is in danger of expiring, your registrar will send you numerous e-mails, and probably a letter or two. After all, if your domain expires, they won't collect your renewal fee.
In this case, however, the domain had originally been registered by their previous consultant, and his e-mail address was associated with all the contact information for the domain. He had subsequently shut down his business - so e-mails to him went nowhere. The insurance company had also moved to a new office - so the physical address associated with the registration was wrong. The phone and fax numbers had changed. Even the credit card that had been used to pay for the registration had been cancelled. There had simply been no way for the registrar to contact my client - and no one at the client had realized the need to update the information. They are not a technology company - that's the sort of thing they relied on their 'computer guy' to handle. When their previous consultant left, the domain registration had 'fallen off the radar.'
The lesson I learned was that I could never assume that a new client had anyone who was responsible for their domain, and my 'best practices' for new clients now includes a domain audit.
Among the things that I recommend:
- Domain registrations include several contacts: at a minimum, there will be an Administrative contact and a Technical contact. It is not uncommon to have a Billing contact as well, and there may also be a separate Registrant for the domain. All the contacts should not be the same person! At a minimum, the Administrative contact and Technical contact should be different, and at least one of them should have a contact e-mail address that is not in the registered domain. (If the domain is offline, or there are transfer issues, it may not be possible to reliably send e-mail to addresses within that domain.)
- Your company's network documentation file or binder (you do have one, right?) should list the registrar, the contact information, and the expiration date for the domain. A specific individual should be responsible for domain renewal, and should have a reminder (whether it's an Outlook appointment, a reminder in their contact manager, or a physical 'tickle' file) to renew the domain before it expires. Do not rely on the registrar to contact you. They should, but if something can go wrong, it will. The same responsible person should update the records at the registrar if your company's phone number or address changes. Some pretty substantial companies, who should know better, have failed to renew their domains in time - with embarrasing or amusing results, depending on your point of view.
- Find out whether your registrar will allow you to lock your domain records (most will; many will have already done it for you) in order to prevent unauthorized transfers or changes to your records.
- Your documentation should also list the public DNS servers responsible for your domain (which might also be maintained by the registrar, or by your ISP, by a third party, or by your company itself - depending on the nature of your business, and the extent of your Internet presence.)
- The first entry in a DNS zone file is the SOA, or Start of Authority record, and it includes the e-mail address of the 'responsible' administrator for the domain. Make sure that this is a valid address (at a company where I just completed an e-mail migration, it wasn't) and that the mailbox associated with that address is monitored. This is often a postmaster, hostmaster, or root address, so that it doesn't need to be updated, even if the person who holds that role in the organization changes.
- Keep a copy of the DNS zone file itself, including the names and IP addresses of web servers and mail servers. If you ever have to reconstruct a DNS record from nothing (for example, after a botched transfer to a new ISP or DNS hosting company) this can mean the difference between getting back on the Internet in minutes or hours, rather than days.
- And if you're moving from one ISP to another, or changing registrars, have the process managed by a consultant or engineer who understands how DNS works - and who has successfully run migrations for other organizations. Ask for references.
Done correctly, a move shouldn't even be noticable. But a botched move can result in a domain effectively vanishing from the Internet, and due to the nature of the DNS caching process, it may be impossible to completely correct for 24 hours or more. One former client - against my advice - chose to allow their new ISP to manage the move from their old one. Twice.
Each time, they dropped off the Internet for more than a day. And when all of your revenue is generated from your web site, discovering that your home page now says "Future home of..." is cause for panic.
Partly as a result of their experiences, I now avoid telling an organization's old ISP anything about a move until everything - web site, e-mail, DNS records - is up and running at the new one.
WHERE DO YOU START?
If no one seems to know who your registrar is, you should be able to look it up using the WHOIS tool at Whois Source. (Any registrar will have a WHOIS tool; I like this one because it will also display the former registration records for recently expired domains.) You can verify your records, and the expiration date of your registration.
James Ponder has written a fantastic online tool for all kinds of DNS diagnostics; you can use it to verify your SOA, MX and A records, and perform general troubleshooting on name resolution for your domain.
If you're curious about the inner workings of DNS, DNS and Bind by Paul Albitz and Cricket Liu is generally considered to be the reference. You should have a decent grasp of networking in general - and the TCP/IP protocol suite in particular - before you dive in.
Make sure someone's responsible for your domain name now, instead of after someone asks, "Where did our web site go?"
Subscribe to:
Posts (Atom)